last executing test programs:

1m11.245177036s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

1m1.280339155s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

52.387148838s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

41.356787252s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

27.188604994s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

14.589086188s ago: executing program 3 (id=62):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x4, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x2}]}, @fwd={0x2}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000b80)=""/230, 0x3c, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0xa1721e0264044177}, 0xc)

4.446637698s ago: executing program 1 (id=742):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="53dd5418e99c5b37d78c2e5a2a5d95e394ae4d0445dae36bb6017c4a0bca000340006a00e573766c610000000000", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB], 0x44}}, 0x0)

4.046719618s ago: executing program 1 (id=746):
r0 = socket$inet6(0xa, 0x1, 0x8010800000000084)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000800073012d000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x8)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000600)=[{&(0x7f00000000c0)='/', 0x1}], 0x1}}, {{&(0x7f0000000400)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000d00)='[', 0x4d0}], 0x21}}], 0x2, 0x4008040)
r1 = accept4$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x10, 0x80800)
getsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000001c0)={0x0, @private, @broadcast}, &(0x7f0000000200)=0xc)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r4, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d63a303170b5b4eaa887f511d2"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000080}, 0x4044080)

3.814712242s ago: executing program 1 (id=749):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x3, 0xc, &(0x7f0000000e00)=ANY=[@ANYRES8=r6], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001800)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x10, 0x6}, {}, {0x7, 0x3}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_FD={0x8, 0x6, r7}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.639621549s ago: executing program 2 (id=752):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x4, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f0000000380)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xad}]}, &(0x7f0000000440)='GPL\x00', 0x7, 0x54, &(0x7f0000000480)=""/84, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000005b80)=@newlink={0x44, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x4000010)
sendmsg$nl_route_sched_retired(r5, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@delqdisc={0x7c, 0x25, 0x800, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xf, 0xa}, {0x1, 0x3}, {0x9, 0x9}}, [@q_dsmark={{0xb}, {0x8, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x38, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x511}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x14}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x12}]}}]}, 0x7c}}, 0x4000010)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x25dfdbff, {}, [@IFLA_MASTER={0x8, 0xa, r8}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r9)
sendmsg$NL80211_CMD_NOTIFY_RADAR(r9, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000680)={0x48, r11, 0xe00, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2f86, 0x6c}}}}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x38f}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x15}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000340)={'batadv0\x00', <r12=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x4c}}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r13, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x30, 0x3, 0x8, 0x5, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x8040}, 0x48050)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
close(0x3)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

3.443893048s ago: executing program 1 (id=754):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0xc0080c5)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x4004850)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x76, &(0x7f00000002c0)=ANY=[@ANYBLOB="aa"], 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000000)={@link_local, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0x32, 0x14, 0x4068, 0x0, 0xd2, 0x89, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}}}, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x20000001)
socket$inet(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@ipv4_newrule={0x1c, 0x20, 0x301}, 0x1c}}, 0x0)

3.176677649s ago: executing program 2 (id=757):
unshare(0x68040200)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x40000)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000440)={'hsr0\x00', 0x101})
setsockopt$inet6_group_source_req(r2, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
sendto$x25(r0, 0x0, 0x0, 0x800, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
write$tun(0xffffffffffffffff, 0x0, 0xffe)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r1)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x20040810)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus640\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r5 = accept4(r4, 0x0, 0x0, 0x800)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=@delqdisc={0x4c8, 0x25, 0x100, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0x3, 0xfff5}, {0x7, 0x8}, {0x3, 0xffe0}}, [@TCA_STAB={0x160, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xf0, 0x7, 0xe, 0x2, 0x7fff, 0x9, 0x9}}, {0x16, 0x2, [0x7fff, 0x2, 0x3, 0xfffd, 0xdd8, 0x1, 0x1, 0xfff7, 0x0]}}, {{0x1c, 0x1, {0x5, 0xff, 0x7ff, 0x1, 0x1, 0x200, 0x5, 0x2}}, {0x8, 0x2, [0x4, 0x9]}}, {{0x1c, 0x1, {0x52, 0x4, 0x7, 0x7524, 0x1, 0x3560, 0x800002, 0x2}}, {0x8, 0x2, [0x8, 0x3b]}}, {{0x1c, 0x1, {0x0, 0x8, 0x7, 0xcf, 0x1, 0x4, 0x3, 0x2}}, {0x8, 0x2, [0x0, 0x4]}}, {{0x1c, 0x1, {0x9, 0x7e, 0xa12, 0x8, 0x0, 0x80, 0x516, 0x1}}, {0x6, 0x2, [0x9]}}, {{0x1c, 0x1, {0x4, 0x8, 0xe5a, 0x0, 0x0, 0x4, 0x0, 0x2}}, {0x8, 0x2, [0xd52, 0x4]}}, {{0x1c, 0x1, {0xfb, 0xec, 0x9, 0x4, 0x2, 0x8, 0x5, 0x5}}, {0xe, 0x2, [0x200, 0x7ff, 0x3ed, 0xe1b1, 0xf]}}, {{0x1c, 0x1, {0x4, 0x47, 0xa9c1, 0xa9d5, 0x0, 0x2, 0x53, 0x1}}, {0x6, 0x2, [0x9]}}, {{0x1c, 0x1, {0x4, 0x2, 0x9a, 0x92, 0x1, 0x3, 0x8, 0x1}}, {0x6, 0x2, [0x4]}}]}, @TCA_STAB={0x164, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x0, 0x8000, 0x8, 0x1, 0x3e2, 0x5, 0x3}}, {0xa, 0x2, [0x7, 0xe, 0x9]}}, {{0x1c, 0x1, {0x0, 0x5, 0x3, 0x4, 0x1, 0xda41, 0x1, 0x2}}, {0x8, 0x2, [0x1, 0x7f]}}, {{0x1c, 0x1, {0xe, 0x91, 0x7, 0x84, 0x2, 0x9a8, 0x0, 0x4}}, {0xc, 0x2, [0xe, 0x0, 0xa, 0x8]}}, {{0x1c, 0x1, {0x6, 0x9, 0x4ff, 0x71, 0x3, 0x1, 0x7, 0x5}}, {0xe, 0x2, [0x0, 0x2, 0x3, 0x7, 0x8]}}, {{0x1c, 0x1, {0x8b, 0x3, 0x6, 0x800087f, 0x0, 0xfffff000, 0x6, 0x5}}, {0xe, 0x2, [0x90, 0x2, 0x2, 0x7ff, 0x4]}}, {{0x1c, 0x1, {0x4, 0x8, 0x7, 0x48000, 0x0, 0x3, 0x4, 0x3}}, {0xa, 0x2, [0x200, 0x0, 0x6]}}, {{0x1c, 0x1, {0xa, 0x43, 0x0, 0x9, 0x2, 0xa, 0x4}}, {0x4}}, {{0x1c, 0x1, {0x7, 0x7, 0x4, 0x0, 0x0, 0x3, 0x3, 0x5}}, {0xe, 0x2, [0x0, 0x3, 0xfffe, 0x1ff, 0x70]}}, {{0x1c, 0x1, {0x9, 0x6, 0xfff8, 0x8, 0x0, 0x8, 0x6}}, {0x4}}]}, @TCA_RATE={0x6, 0x5, {0xf0, 0xfd}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xb}, @TCA_STAB={0x1b4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x53, 0x8, 0x8000, 0xff, 0x1, 0x7ff, 0x5, 0x5}}, {0xe, 0x2, [0x3, 0x401, 0x5, 0x3, 0x2]}}, {{0x1c, 0x1, {0x0, 0x3, 0x5, 0x2, 0x2, 0x100, 0x1000, 0x5}}, {0xe, 0x2, [0x8, 0xc, 0x3, 0xc, 0x340]}}, {{0x1c, 0x1, {0x4, 0x3, 0x7, 0x3ff, 0x0, 0x3, 0x140000, 0x1}}, {0x6, 0x2, [0x40]}}, {{0x1c, 0x1, {0x7, 0xf, 0x8001, 0x0, 0x2, 0x4, 0x7, 0x6}}, {0x10, 0x2, [0x5, 0x1, 0x5be, 0x10, 0x3, 0x8]}}, {{0x1c, 0x1, {0x43, 0x5, 0x6, 0x8cc9, 0x2, 0x1, 0x7fffffff, 0x3}}, {0xa, 0x2, [0x3, 0x0, 0x1]}}, {{0x1c, 0x1, {0x8, 0x0, 0x4, 0x81, 0x2, 0x2, 0x8, 0x4}}, {0xc, 0x2, [0xd, 0xe0, 0x1, 0xff]}}, {{0x1c, 0x1, {0xf, 0x6, 0x8001, 0x9, 0x1, 0x10, 0x1, 0x7}}, {0x12, 0x2, [0x2580, 0x0, 0x7, 0x4d8, 0x1, 0xffff, 0x4]}}, {{0x1c, 0x1, {0x6, 0xa, 0x9, 0xffffff2e, 0x0, 0x7, 0x5, 0x5}}, {0xe, 0x2, [0x7fff, 0x4, 0x9a, 0x0, 0x2]}}, {{0x1c, 0x1, {0x6, 0x54, 0x7f, 0x1, 0x0, 0x7, 0x7, 0x5}}, {0xe, 0x2, [0x3, 0x8, 0x4, 0x3, 0x9]}}, {{0x1c, 0x1, {0x40, 0xfa, 0x4918, 0x3, 0x0, 0xffffffff, 0x712b, 0x8}}, {0x14, 0x2, [0x3, 0x3, 0x4, 0x1, 0xca73, 0x0, 0x401, 0x8]}}]}, @qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5, 0xb52d}}}, @TCA_EGRESS_BLOCK={0x8}]}, 0x4c8}, 0x1, 0x0, 0x0, 0x20040050}, 0x0)
sendto$packet(r6, &(0x7f0000000580)="44c394f305916c4516999da288a8", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @local}, 0x14)
sendto$inet6(r5, &(0x7f0000000280)="625e4bc431896083fd715a3aff81dfb42f9ba756d3baf3c2929f1bb273fa59db3aed7f332b5c816216ed4310cd1ef491f527f60401b75e4905f4dc5da655fdc315", 0xffffffffffffff3c, 0x24824, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0x0, @broadcast}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x5})

3.15121154s ago: executing program 4 (id=758):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
close(0x3)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.917181754s ago: executing program 4 (id=759):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={0x48, r2, 0x1, 0x703d26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x29, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7}, @device_b, @device_b, @from_mac, {0x2, 0x4}, @value=@ver_80211n={0x0, 0x464, 0x2, 0x3, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x2, 0x31, @val={0x10, 0x1, 0x6d}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) (fail_nth: 4)

2.326709605s ago: executing program 4 (id=760):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)
write(r0, &(0x7f0000000040)="49000000010001", 0x7)

2.243075287s ago: executing program 0 (id=761):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x3}}, @typedef={0x4, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x4e, 0x0, 0x4, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r2, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d63a303170b5b4eaa887f511d2"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000080}, 0x4044080)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r1)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0xb8, r4, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5086}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x1ea}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

2.071754182s ago: executing program 4 (id=762):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x42, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
unshare(0x20000400)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x2022)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001580)={0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f00000001c0)="192510", 0x3}], 0x1}, 0x4000014)
ioctl$sock_SIOCINQ(r6, 0x541b, &(0x7f00000000c0))
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
getsockname$l2tp(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.890040664s ago: executing program 0 (id=763):
r0 = socket(0x2a, 0x3, 0x8)
recvmsg$kcm(r0, &(0x7f0000000540)={&(0x7f0000000000)=@ethernet={0x0, @multicast}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000080)=""/110, 0x6e}, {&(0x7f0000000100)=""/205, 0xcd}, {&(0x7f0000000200)=""/111, 0x6f}, {&(0x7f0000000280)=""/17, 0x11}, {&(0x7f00000002c0)=""/78, 0x4e}, {&(0x7f0000000340)=""/88, 0x58}], 0x6, &(0x7f0000000440)=""/218, 0xda}, 0x2002)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000002ac0)={&(0x7f0000000580)=@nfc_llcp, 0x80, &(0x7f00000029c0)=[{&(0x7f0000000600)=""/111, 0x6f}, {&(0x7f0000000680)=""/92, 0x5c}, {&(0x7f0000000700)=""/193, 0xc1}, {&(0x7f0000000800)=""/233, 0xe9}, {&(0x7f0000000900)=""/103, 0x67}, {&(0x7f0000000980)=""/20, 0x14}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/4096, 0x1000}], 0x8, &(0x7f0000002a40)=""/127, 0x7f}, 0x10102)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002b40), r0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000002cc0)={'gretap0\x00', &(0x7f0000002b80)={'erspan0\x00', <r2=>0x0, 0x10, 0x7800, 0x4, 0x2, {{0x41, 0x4, 0x0, 0x2b, 0x104, 0x68, 0x0, 0xb, 0x2f, 0x0, @multicast1, @empty, {[@timestamp_prespec={0x44, 0x2c, 0xf5, 0x3, 0x4, [{@rand_addr=0x64010101, 0x1}, {@broadcast, 0xff}, {@dev={0xac, 0x14, 0x14, 0xd}, 0x8}, {@broadcast, 0xfffffffe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x100}]}, @rr={0x7, 0x7, 0xbd, [@multicast2]}, @cipso={0x86, 0x73, 0xffffffffffffffff, [{0x2, 0x5, "5eba87"}, {0x2, 0xf, "7acb01a36ccebc102c7bb6b3bf"}, {0x7, 0x12, "12b5023a3277a3a634489bac702c34c5"}, {0x6, 0x9, "c4bb7f959978cf"}, {0x1, 0xc, "a7e5f9781a169cfcb5a0"}, {0x6, 0x10, "bb7fab3617cbe19b6a398bf7a57f"}, {0x3, 0x4, "a68c"}, {0x5, 0x9, "4c8ac88e67f81c"}, {0x2, 0xb, "ea4245af1dcba7a597"}, {0x6, 0xa, "2a3cc6124d11691f"}]}, @timestamp_prespec={0x44, 0x1c, 0xf3, 0x3, 0x5, [{@empty, 0x80000000}, {@loopback, 0x4}, {@loopback, 0x7}]}, @timestamp_addr={0x44, 0x2c, 0xce, 0x1, 0x6, [{@multicast2, 0xa}, {@broadcast, 0x6}, {@private=0xa010101, 0x89b}, {@empty, 0xffffffff}, {@multicast1, 0xad6}]}]}}}}})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000033c0)={&(0x7f0000002b00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003380)={&(0x7f0000002d00)={0x664, r1, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_FEATURES_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xc2, 0x4, "2be1b29ce0b30e6d5409d202a33902e089ebf8db9685da3e3af2396df1800c49d431c53da224b0037be95dd1a215b1b495055e93574b0255d9ff25b82d4e2fe70d192488b69ad45217d4b6ad1a3d27053db8ec94fa59a58475cceba087ecaa4e6b390341675831fb6987496d18ed4bf4f5d9489916e2161afe31e742fcf2cd4069bf5c1b504ccb1a57171f879113abee00cd5b4d37e185c87e6b18ef2a5cc8149ea024bca6754404e182e5a7b2fd4bd7810b9c135c74e3810d4684a5ec6c"}]}, @ETHTOOL_A_FEATURES_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEATURES_WANTED={0x164, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8c, 0x3, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb8000000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, '+@+]{+\'+#**/\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xaa}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\\\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '{-&\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0xd2, 0x5, "970f130de489aa49600fec0beee2d98854ebc9b406b07a08c567e44dac4fcea07ecc74702141679fcd5d386fb7200c793d46f9653017fd3dbe70f9941f7e30fdcbb9aead21f3f3dc1de666aa86e8d1bbe911d96819cd9a6ce63640c3620c1f73d019edf5254461d7ebcd8105dc773410b8bd3ee7c1806867a47e2d7177235d10d7d7c35b1f4a3ade75001162772f36971cd836c2e29eaca4f9648234ae8569f34be4f2bab19d33e0ba297bee25ec53c4421adef1496bd29116e20e9f95110963f4e79a8b5492b277e908ca02d42f"}]}, @ETHTOOL_A_FEATURES_WANTED={0x284, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x64, 0x5, "d0679ed59cdcbae7a12f124f009433c3a5bdb9ae3c0288cae9d49f03b253f9bc606a8a7bb17f03b7109e3c4db8facaab6b98a30a52f88ab5da0c06da25f36aa67b6039d60839f1a7db7cdd5ff4b04764139fc5d274cd39b86ef7d13935e008c4"}, @ETHTOOL_A_BITSET_BITS={0x20, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffff6c4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0x11c, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x4}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffa}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '+\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '!\\&\x9a##%\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '\\(,@.&\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '+&,[$,\xbc}\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '\\%{,^]\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '}\x00'}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '@]\xb1\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '^[\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x14, 0x2, '***-%,\\,\xf3<+$[$/\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '\\,,%[-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '{/*\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffff7f}]}]}, @ETHTOOL_A_BITSET_VALUE={0xdf, 0x4, "74d6da8a21583d7d96b8060e0b372c76076410a3b835d7e10b73ee090d0bc10b81495246db7721cf358e5277c90d8f67c97dca9354161e005b0bcb0d0cf1ab5e75804f6b4432e1b4b3ea3473f56d16d5243ed0585f5b25fd929c57af98f7c041d50cda517a0bf8bd06600b6f52725326a839e874845d9563611b81728eb819e74d09a694e9078096581744102ec87b76767850178edb1f3d945e630b087aebecc18a3757aa929342daa05dfbe0ebee4ecd5d77c16a5e4a14e01493166b9fa61c70596312c6f3cb9df97aa06b1043076350c5b9e46d6e79bdbe82c7"}]}, @ETHTOOL_A_FEATURES_WANTED={0xdc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x24, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '$#),]\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ',\x00'}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x45, 0x5, "9f51667276c3fbd2c25f51a37c00fd125b9a818a20214b9639ac26bb58354f4ad9038b5b2752a92e100557e2a4ee9844b4da2e0e662f43f4b664aa7912987f6f5a"}, @ETHTOOL_A_BITSET_BITS={0x64, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xdb1}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',;\x00'}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '}\xe7\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\'\x8c$@\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '.}#'}]}]}]}]}, 0x664}}, 0x40001)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000003480)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000003400), &(0x7f0000003440)}, 0x20)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000034c0)=0xffffffffffffffff, 0x4)
r5 = bpf$TOKEN_CREATE(0x24, &(0x7f0000003580)={0x0, r0}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000003500)=@base={0x5, 0x55, 0x5, 0x0, 0x10401, r3, 0x0, '\x00', r2, r4, 0x4, 0x5, 0x1, 0x0, @void, @value, @value=r5}, 0x50)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f00000036c0)={&(0x7f00000035c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000003680)={&(0x7f0000003600)={0x50, r1, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10000000}, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000003700)={0x8, {0x2, 0x3, 0x5, 0x2, 0xa}})
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000003740)=[@in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, '\x00', 0x37}, 0x9}, @in6={0xa, 0x4e23, 0xb403, @empty, 0x7}, @in6={0xa, 0x4e21, 0x6, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x7}, @in6={0xa, 0x4e20, 0x4f, @mcast2, 0x7}], 0x70)
connect$bt_l2cap(r0, &(0x7f00000037c0)={0x1f, 0xfea1, @any, 0x2b6, 0x2}, 0xe)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000003800)={0x4, "d88b9b"}, 0x6)
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000003840))
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000003980)={&(0x7f0000003880)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000003940)={&(0x7f00000038c0)={0x50, r1, 0x300, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x51}, 0x4041841)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000003ac0)={&(0x7f00000039c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000003a80)={&(0x7f0000003a00)={0x54, 0x0, 0x2, 0x70bd26, 0x25dfdbfd, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1800000000}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, 'wlan1\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8041}, 0x4010)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000003b00)={<r7=>0x0, 0xdd, "8b335d78dd565965616a7cbe33e4e57908b75d1de2a5a0d8576973c080384b0937733f4d86fa1f797a464ab2cee287ff9ea80253aee3d5af212e4a2d15a67dd8519185d981ee8e019fb310b11d51df1f0e8cf836570b15fef45ba75578ad8fd425f1ded8725e5119153cb68af2957b4cfd56ae6ac843ac03080827952d06490548ba472ab327aa24b6012b4101cefb1d66c9c779eb50f73acdc09ce8683693b0fa0d8c4b8aed5a214ec6d8d7cbe9a4d257e4858eb12cc708c9f0e3d63754306c1a14bc297662dc4dfe173b242eb08100b07cc06b63fe0c72dc3dd8721d"}, &(0x7f0000003c00)=0xe5)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000003c40)={r7, 0xa5fbb9fe, 0x20}, 0xc)
syz_genetlink_get_family_id$nbd(&(0x7f0000003c80), r6)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000003cc0)='cpuset.effective_mems\x00', 0x0, 0x0)
sendmsg$OSF_MSG_REMOVE(r8, &(0x7f0000004240)={&(0x7f0000003d00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000004200)={&(0x7f0000003d40)={0x4bc, 0x1, 0x5, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}, [{{0x254, 0x1, {{0x3, 0x40}, 0x5, 0x0, 0x2, 0xd0, 0x1e, 'syz1\x00', "33266ac53ea06094afa50f986aea25c3c3fd08e882da567c74c3e16bc7cc6cfd", "3d166a8916e5fe2e1a21bb7b77b9e1097a807d79a0b1cbe856a1be83ea09010e", [{0x40, 0xfffa, {0x0, 0x400}}, {0xffff, 0xd, {0x3, 0x7}}, {0x7, 0x0, {0x2, 0x4}}, {0x80, 0xadd3, {0x3, 0x10001}}, {0x5, 0x7, {0x2, 0x4}}, {0x2, 0x6, {0x1, 0x2}}, {0x80, 0x6, {0x2, 0x3}}, {0x7f, 0x7, {0x3, 0x2}}, {0x2bd, 0x7f97, {0x1, 0x9}}, {0x3ff, 0xe654, {0x3, 0x1}}, {0x2, 0x0, {0x3, 0x9}}, {0x3fe5, 0x22ca, {0x3, 0xfffffffb}}, {0xe0a5, 0x1, {0x1, 0x3ff}}, {0x200, 0x800, {0x1, 0x1}}, {0x8, 0x8, {0x2, 0xaad1}}, {0x6, 0x5, {0x2, 0x1}}, {0xc71a, 0x1, {0x2, 0x400}}, {0x0, 0x2, {0x3, 0x8}}, {0x1, 0x3, {0x0, 0x2}}, {0x8667, 0x2}, {0x2, 0x80, {0x6, 0x7fffffff}}, {0x3, 0x5, {0x1, 0xfffffc00}}, {0x8, 0x980c, {0x3, 0x80000000}}, {0x6, 0x6, {0x0, 0xf88}}, {0x6, 0xf, {0x0, 0x4}}, {0x3, 0x1, {0x2, 0xfffffffb}}, {0x2, 0xcb, {0x1, 0xfffffffe}}, {0x101, 0x9, {0x1, 0x2}}, {0xfc, 0x7f, {0x0, 0x2}}, {0x7, 0x2, {0x2, 0x1}}, {0xfffd, 0x9, {0x3, 0xfffffff7}}, {0x5, 0xfeff, {0x1, 0xc673}}, {0x401, 0x3ff, {0x2, 0x2}}, {0x32, 0xd9}, {0x0, 0x380, {0x1, 0x7}}, {0x9, 0x3, {0x0, 0x8}}, {0x0, 0xe7c, {0x1, 0x1}}, {0xd5c5, 0x4, {0x2, 0x2}}, {0xfff, 0x2, {0x2, 0x2}}, {0x95, 0x4, {0x1, 0x7ff}}]}}}, {{0x254, 0x1, {{0x1, 0x9}, 0x7, 0x1, 0xa, 0x7, 0x19, 'syz1\x00', "64b0de560a32e017b8d7b0e7e1c61b7b5d4423c927ba28578a54fdc28e8b2ca3", "74d3f64050e83f582b3377d1b102a5f1aa294dc98dd5b83b74780029995face1", [{0x100, 0x1d8, {0x2, 0xab6}}, {0x2, 0x4000, {0x3, 0x2}}, {0x75a, 0x0, {0x2, 0xfffffffa}}, {0x9, 0x8, {0x2, 0x200}}, {0xff, 0x6, {0x3, 0x4}}, {0x8001, 0x9, {0x1, 0x9}}, {0x1, 0x7ff, {0x3, 0x4}}, {0x8, 0x0, {0x2, 0x6e6}}, {0xd, 0x0, {0x3, 0x8}}, {0x5, 0x6, {0x0, 0x6}}, {0x8, 0x0, {0x3, 0x7}}, {0xad3, 0x9, {0x3, 0x2}}, {0x3, 0x8, {0x1, 0x8a}}, {0xee, 0x4, {0x1, 0x9}}, {0x7, 0x0, {0x0, 0x9}}, {0x6, 0x9d, {0x2, 0x80}}, {0x0, 0x6, {0x2, 0x5}}, {0x200, 0x5, {0x2, 0x9}}, {0x3, 0x12be, {0x2, 0xa}}, {0x3, 0x1, {0x2, 0x3}}, {0x4, 0xc5, {0x1, 0x5}}, {0x6, 0x4, {0x1, 0xa02b139}}, {0xf694, 0x0, {0x2, 0x2}}, {0x6196, 0x6, {0x1, 0x8}}, {0x3, 0x7fff, {0x2, 0x4}}, {0x400, 0xe3, {0x0, 0x8}}, {0x5, 0xfff7, {0x0, 0x10001}}, {0x4, 0x9, {0x2, 0x5}}, {0x9, 0x36e, {0x1, 0x8001}}, {0x7, 0x2, {0x0, 0x1}}, {0x33, 0xff, {0x2, 0x7}}, {0x7, 0x1, {0x0, 0xad5}}, {0x7, 0x4, {0x0, 0x2cb}}, {0x1ff, 0x4, {0x0, 0x800}}, {0x9, 0xfc01, {0x1, 0x9}}, {0xe409, 0x5, {0x3, 0x101}}, {0x92, 0x0, {0x3, 0x2}}, {0xe4, 0x4, {0x2, 0x893}}, {0x72cc, 0x0, {0x1, 0x8}}, {0x3, 0x5, {0x0, 0xa}}]}}}]}, 0x4bc}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000000)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004280))
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netlink(r0, &(0x7f00000042c0)={0x10, 0x0, 0xba, 0x10}, 0xc)

1.765453774s ago: executing program 0 (id=764):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f00000001c0)=0x2, 0x0}, 0x20)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001680)=ANY=[], 0x44}, 0x1, 0x2000000000000000}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)=@delqdisc={0x19c, 0x25, 0x10, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x9, 0xf}, {0xfff3, 0x9}, {0xfda2dfc685dcd9e2, 0xfff3}}, [@TCA_STAB={0x178, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xd, 0xff, 0x0, 0x1, 0x1000, 0x8, 0x4}}, {0xc, 0x2, [0x9, 0x4, 0x1, 0x3]}}, {{0x1c, 0x1, {0x8e, 0x60, 0x0, 0x8, 0x1, 0x2, 0x7, 0x3}}, {0xa, 0x2, [0x8000, 0x2, 0xff]}}, {{0x1c, 0x1, {0x0, 0x39, 0x1, 0x6, 0x1, 0x1000, 0x2f14, 0x5}}, {0xe, 0x2, [0x8, 0x3, 0x400, 0x6, 0x2960]}}, {{0x1c, 0x1, {0xd, 0x40, 0x0, 0x3, 0x2, 0x9, 0x9, 0x2}}, {0x8, 0x2, [0x8, 0xe8]}}, {{0x1c, 0x1, {0x6, 0x2, 0x4d, 0x920, 0x2, 0xffff, 0xf1, 0x4}}, {0xc, 0x2, [0x5eb5, 0x6, 0x8, 0x2]}}, {{0x1c, 0x1, {0x5, 0x0, 0x8, 0x6, 0x0, 0xffff, 0x89, 0x4}}, {0xc, 0x2, [0x3, 0x7, 0xfff, 0x0]}}, {{0x1c, 0x1, {0x1, 0x2, 0x0, 0xf648, 0x1, 0x4, 0x81, 0x4}}, {0xc, 0x2, [0x3ff, 0x3ba0, 0x3, 0x7]}}, {{0x1c, 0x1, {0x1, 0xd, 0xa, 0xa, 0x2, 0x3, 0x8, 0x8}}, {0x14, 0x2, [0x2a25, 0x16a, 0xeee, 0x7f, 0x7, 0x8, 0x2, 0x2]}}, {{0x1c, 0x1, {0xa, 0x9, 0x2, 0x4, 0x1, 0x6, 0x2, 0x5}}, {0xe, 0x2, [0x9, 0x4, 0x6, 0x5, 0x58e]}}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x20004085}, 0x20000800)

1.571861116s ago: executing program 0 (id=765):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_IIF={0x8, 0x6, 0x3}}]}, 0x30}}, 0x4000050)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f00000000c0))
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'gretap0\x00', &(0x7f00000000c0)={'sit0\x00', <r2=>0x0, 0x9a8acbb42760d756, 0x0, 0x1000, 0x1, {{0x2f, 0x4, 0x3, 0x9, 0xbc, 0x67, 0x0, 0x1, 0x2f, 0x0, @private=0xa010100, @local, {[@cipso={0x86, 0x3e, 0xffffffffffffffff, [{0x1, 0x12, "df34c7e87e1ea6f47a28222650d91e45"}, {0x5, 0xf, "156decc39090f3efb802db4d7a"}, {0x7, 0x12, "e763aacef16b790962ea7866b481e364"}, {0x0, 0x5, "a19652"}]}, @timestamp={0x44, 0x8, 0x6, 0x0, 0xf, [0x1]}, @timestamp_prespec={0x44, 0x2c, 0x26, 0x3, 0x0, [{@broadcast, 0x80000000}, {@loopback, 0x4}, {@empty}, {@empty, 0x8}, {@remote, 0x4}]}, @cipso={0x86, 0x33, 0x2, [{0x2, 0x3, '#'}, {0x6, 0xa, "1c0467a377cd024c"}, {0x5, 0x9, "2191c8f06722f8"}, {0x6, 0x7, "decc644dbe"}, {0x2, 0x10, "9d2e041f47ff2426be5c604f9216"}]}, @noop]}}}}})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=@ipv4_newroute={0x5c, 0x18, 0x100, 0x70bd2b, 0x25dfdbfd, {0x2, 0x20, 0x80, 0x14, 0x0, 0x4, 0xc8, 0x4, 0x2c00}, [@RTA_MULTIPATH={0xc, 0x9, {0x8, 0x10, 0x1, r2}}, @RTA_SPORT={0x6, 0x1c, 0x4e21}, @RTA_SRC={0x8, 0x2, @multicast2}, @RTA_FLOW={0x8}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_PREFSRC={0x8, 0x7, @private=0xa010101}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_TTL={0x5, 0x2, 0xfe}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x8040)

1.330276875s ago: executing program 1 (id=766):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2002b000103000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r4 = socket(0x10, 0x803, 0x0) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r2) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="05000000000007dcdf252e00000008000300", @ANYRES32=r9, @ANYBLOB="0a00340002020202020200001000490001ac0f00"], 0x38}, 0x1, 0x0, 0x0, 0x8894}, 0x800) (async)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r4, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x1c, r5, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c0c0}, 0x20000041) (async)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0}) (async)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r12, &(0x7f0000000380)}, 0x20)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x1a, &(0x7f0000000980)=0x3, 0x4) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r11, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x14, 0x2, [@TCA_BASIC_EMATCHES={0x10, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}}, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="300000f5ffffffff8300ea000000ffffebd76066b13cc1eb7715000000001c00000000000000000000000000000000bcd2b119b2278993a190842acffaf26f00ce39039937884cec544ba97bde90dee1337571", @ANYRES32=0x0], 0x30}], 0x1, 0x0)
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f00000009c0), 0x161c40, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r1}, 0x8)
ioctl$PPPIOCSDEBUG(r13, 0x40047440, &(0x7f0000000940)=0x4) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x8}, 0x18) (async)
pipe(&(0x7f0000000200)) (async)
r14 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x5, 0x3}}, @type_tag={0xc, 0x0, 0x0, 0x12, 0x3}, @int={0x4, 0x0, 0x0, 0x1, 0x0, 0x7c, 0x0, 0x46}, @int={0xb, 0x0, 0x0, 0x1, 0x0, 0x10, 0x0, 0x64, 0x5}]}}, &(0x7f0000000580)=""/254, 0x5e, 0xfe, 0x0, 0x7ff, 0x10000, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000007c0)={r14, 0x20, &(0x7f0000000780)={&(0x7f00000006c0)=""/29, 0x1d, 0x0, &(0x7f0000000700)=""/118, 0x76}}, 0x10)

1.329805405s ago: executing program 0 (id=767):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000000c0)={<r1=>0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x6, 0x1, 0x6, 0x6, 0xc8, 0x101, 0x77}, &(0x7f0000000040)=0x9c)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000180)={r1}, 0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={0x48, r4, 0x1, 0x703d26, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x29, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7}, @device_b, @device_b, @from_mac, {0x2, 0x4}, @value=@ver_80211n={0x0, 0x464, 0x2, 0x3, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x2, 0x31, @val={0x10, 0x1, 0x6d}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

1.137388762s ago: executing program 2 (id=768):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)={0x2c, r2, 0x1, 0x70bd27, 0x4, {0x5}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0x4)
socket$netlink(0x10, 0x3, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@ifindex, 0xd68b2fdf84861d1, 0x0, 0x0, &(0x7f0000000040)=[0x0], 0x1, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0}, 0x40)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x6, 0x9, 0xfffffffb, 0x18006, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x0, 0x0, @value, @void, @value}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3f8f26283bcd93e80cacc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1522ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7b544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff310601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7affffffff7177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a00000000000000159596ac570c4b889106f937d56b2346c818917b727bf5e2741068ec000000000000000000ec84"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r8, 0xe0, &(0x7f0000000480)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r9}, 0x4)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000200)={@map=r7, r5, 0x2d, 0x24, 0x0, @void, @void, @void, @value=r9, r6}, 0x20)
close(0x3)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1.101283147s ago: executing program 0 (id=769):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$BTRFS_IOC_RM_DEV(r2, 0x5000940b, &(0x7f0000000c00)={{r0}, "99caec32ce107bf763a784c5558cc2205b8c91f7dee938e84d130002ba000c455aa439308591aa44ca78e7d424528622fd8c73473a395f10940c4c82e52adfd4f7b7717e9610a1241f710d61146b9ae08fd90dfed49cba6b1516a26885f75e99e61c8ab387101c66cce9c13839ea7299efacd5ed1446ca9d59a7ec86404ea00deabce9a0d09ec1a6ecf2dd2df6b5016125e98addc11a856878b1597eab772ff2c43c131530e092187c9b83806313b57d8ec4aadb4be11a5a4e5da51ed94af7637a57be4548195b9116705867fc7f775ec1d42c78a25689362b565a59a67ee8c21729bd674723ceaefff2c119e5429e6093415a52451722a96302f75b356f616230d41a0aa8381bd6a358ccbe0dccc7fecde26b3479e0a3edb087230a6833e2f4511fa3d892ef0dc76ade9cf9a3dd57551ac7cc07b9a65dd286984f8830321476421b21dc5fc97f58ea43f9e0d1b8fbde4c0d302c921b0286cb6616fc7214a268a09863c7902a0f64ee0948e7b95ab43f9d8b1a6259341c272d81d038828b072a5a30fbd41e86b204eef700d5a07b40303346f77b096e9541cb7904725da8affd26b14f0cb7347c0d18a6c765064f41665231fb27bce380c01f4e2aa4af4814f02974cca50503bacac1bbcdba3c3c675b759fd8b2ef61f5733e37ab826479e33536cb3a2f11e03766b374ebcacb9d8c550c563bb5c93a873789dc83b5a2b8c4d60e6657ecb4bca9f03d76fb004e896b78004df90651c340fb60820d4bf92e2d13556c80a605534b0c9be4f9e88a389ffc86c9e9ed857914217a2c8d30088e4f08c7ed72bf728cb797bd86be2dff0c21654430eb7eac2b4ac9249fc7ff23dc5595a93840fe3d0d12662e4f2c6c883434fdf4329042b1c8135c78ef0b02e7c5a00fe3d7bca0f30378e7a01556f58a08ae05b6cd78360e7e9746113b79e6007f5038e7a5c48d8bab93b5b3d8db19def7883ed633af23a8729f9223bb0e4d5c65e82782dde58238d8494ca9e087638f22e2049dfe61e0ebd0a11371ae420e09dc4951175f3fa851b007e1651c64a13766db081ec0a8fc499648b0170cf29741fb8f51911f6c6c955b5303d30c5ce6c95835529ab941a3cece16f74de395d54b45ede5cfbe924220ac55566bb9ea09ca718cefe781e523fc8f8a7763f63ea06673fab72543313111542714133b457273a6eee24a2140b7d795351a99b5e2f39c606e52395e3b93b7c701ee21f05ed5cceada2377146db9dee0fac3ed525a959f6b29851d970a2231be8f7d3a14e9afe03e1bbad7b0df754650d5fe80ef9e86289f7ff020d7aad8008dd681890a1b4b9ffc5e9c4517d256a88d315e1bcad54d2d806029d63afb3f4eb7d78e9b6ba2c8a711a486b29d3f3eb755ff77ce7a1909ef964c3d3599d380679dd48f0b7284e289490c7d970eda4916e6f2d35b698ec14ae66301b96dcd6031c5a46057df71f9e68361e2828c47284f151c7252fdb10b2fde485ec6665e47a78898d8b21b9ed111b2a16385a77081a31520938e173b4e83aea6c3bb22b1f60334f63eeb4fc00a3ef2c8060e61f8fa6b988bb1f097f1e82a377dfc48a10ef5748085739195b5307d08d86f9f33658c57f7c262702f3b5803fafd308ff7bb730d2aed95a8e63ae4cd3f67af4f06858f9b46df09aac745f13d3046e2a849705102fde793853e1d9d924904c3210c5657034b57fb21510a3f27f49108d485160f63bbf460ae48365e81627d555b677dac0861144f7ea76e898e4820885d6f3d32422f3c9f8d2470a4129d9b020baed0e1fefee3e6cb85598562da82f4225c9c65f4aa9ba6ab36836cb9d3253a35699176d2d057c71b652cce5eceaae3bf680f7f019962c653d961412d11e3e65d28474917489c0a86f529a7ad5a04b8c2c450c132abf785b0f3b873b45fb7c584641efa8d4be50e4adee60205ce435a267acd8e56be9c5fbe4c7dba40608a17b68a44dcc38a78d356266a01766aeda82d32758539ac4e2e1b5b3906ca90e9e5b2741ab80297a1508be787a057c7f68df3813797e3c35af345ef3ab8982b129004e90147e7381881486732bafe019c3e225ca00e1e043979eb8027d6290218081d423ff5f05e7fe1b209ded6c9aae79bed6589ae6b98df4e6367574fc8a903f7393ce58383172ebc8f2bab9943918ebcdab586d06fd5806cf1e7d0f881c077c70cf4b345f32608b7708183b1ed1afcfc7430a9df2ea95ff332be2ed4e003545c80ffa6c6d4011031416ce351d8794e187f31a8aee6ecd8a77d0bd7b3f1bad79cc69c0e66a8247e52ef3eb503591861713251c44fc031ac3cedbcd7cc8566b0c6e76ea31ca37331ef5d6f58ad9989bf517d14d2ec655c632aeef5f77bb317cd72509eb3199b5a40dc4557aabcb57154a507636b1eecf8d58da04cf1c59320ce05eeec7ba3306f754a8a36d864f015285b3213de75c76caba916fe98b0c2d7713c7188e9f705e167a9a827d92bd12732a700d8b54c1fddf427c8eceeab15315a37a172f525f54aa28916a858947f0f8cab40a98ee7816aabb3fbacc93ee34855afc9310c891bc6d0a1befc26f8ec12c84b4d22041701e787b700a6df05136b6f5763f2ddb14142f8dd9ba148bc1d008cb2ccbe31e8f611a19d55b210f5ee747c5ac64f13a7adc9d3a32dd690398d73affaf86301031144ca2a8972ab6fd67e5296dac4c8972017f8c8a21a8b369b2f4a702ef7eda4b6063a84c8beb185be7c6f1c79c55eea340167ea1f189ca5d6b8d09037a060e6c493dff0cffeca5e1c6c36d809265df96ad206206b864ef693d77bf580bb7ad262ccce339708f119c47a2cdee677f0a1003f4002d081ff0f1baf809f6ee70e23a3540f8205e12ea4bbbb0ce51c1b90b7e3c12e800f4f8d46730cbe4db8d90ad9e94f3ee7795060f1c092a0919542f0751f9aecf41b2e66c8407f86780c693f2b8e553fbc22e5d350fb051be58e8c18f47580c839c0de7ca9b0fa065cbceca1484a20905c44f2f0106620f8c6eeb142b40025ce30c9014b54867c3157104c20827c2d36c48afece11fa043bbbefaca8f52919fc3bab0c239889d37bc7c784a3f6417f0b2b86d0ef6b3aef8ccb6fd5bec2a6c6377bf0ab1089ff0d94ef4e217444d60ca9e4f5f7cb8e60ad54972c4507090a43e5cf2e840124777ddd692ace761d2a160ef4dd4253d45d439d626323d81e4593bb2ba3efb58aa384cbaaf3b86355fe636a2ff7c7fcb326e922d03d2200a97de33054d9af9de3160f601448883a7db0b94ececc001420664211ad3a337c3a485e9ac81e52b55006e9edd2a473b8b8e2cb4403f2b3de289fb1bbf800f560440cf5fee7e4fb10a4772eac1cbe43d838d26aa89026ae8a92da0a31a8ceb2119693ecaaa7049d866f20f3cc396f7c98c41facd9cadc933f2f9cdb2cfa881cd63c494dcff5c0b0f6bb24c35088def3c3a9dcb0d1fde28a123703f82adeb9a536e4383a5da6cdce8c0c6cc7a1588aa1beb4d447648d2d01a0fefd7b685b3e61c9210ea9b0d6bb853059010fa84dfa2e48184dd56e6f42daf3d8a3c914b82df265963523deb00f6879ee03a8b4cc5a51c88e247f1784ea5475740712a0446f51a29857654d8a47946dd26bf77959709e08c53d5dd40053a40eba504de8693aa681a44fb6dab9551bf6a7f7e2379169b406df07179232d1106b7acb33c8d44a9515b8f822ce1484f1c2fad820502adf0e1904991c7804c912a0cc5f8413c9384efabcf900eab7dfb3f4fe9e9958ea81d98bfae6d1d323f7658f4701c084617b60f2b85e0ca0f4f8435b7fae22533863c7486491890af1da9301f1c040a8de15f7e7392aa5ea92dc5e33c2310a54e7ca5aee8005c996a198bddff22d648d9009cc56bfdaa3772e8e7955277b2ed278a85ee4454f456e3bd489972b5e3dcb97f9a32372324a11197b66727cab1e90dc3cd1e8a716414e6581fed4b3de907324a218146e555bfb0830fade74829b02ef66e39679a5004a43811323cd80bf8ea59f78a71309232d028554c885372db61238b0c4abba5dabb7fca8ef54eb95459bb541d24c73c3433521869b0efe96debb8cadea141c6252c6db81a4e9e3faf08e4cdfb897e8c97151b367f6b6dcbf985b5172cbaa7648cfb6b8f4d45b40b046921efe13d359819af275acb59530ef9229d53319d483a20f92a7d76cfb306a1a542ec40c555a9071eeedeb37791f6d5c6721ed2fb9a3d336104167f10ecd63b22399dbf1826caf709a3f1f2dffe5f99dfd0da290756bb36d54c1cda8f103a7285b947e9a2d931e3a2febcb45bbeeafc5aa8abc4dff230347f3a48d9d7675d5fc4a8172b621e173e71c340d0b407a80e9fec560cce9b6bae82909d0f9dbf0eaf740502f05a52355d605c8b26d25dd290c89d3e890f5e977926fdd792d6b4e4ce6e4059e47f9cf990eba1f7596f3fc9f629fed7ed0f7cc8a472e8a97fba2219edb4e0d2f4641796aed9a5a495410e05d53612d54a4f5f5bccac4f5c1214603c429d302d3161b61500225d2ae9bcc3d7841b04724de1bebebb36b02e12681c9f8c3ddbeeaec11f751b6948469d1441b8194fa6248c8a571d2943a018db897fd333794b51caa29ba8d8b16c435658fa7264e34fc24d6d75440d268ffce672fc06a5b195dff5aef810ba766981c4c571456e08c22dde32cb79d1015c2edbc06fb978ddaa171f678a50d952451d850cf81c9bdc6a46ff3bbeb781580da130038a50810f3ca1b20a68c2de876a35ef8740ac3629f9f347554eb9190ab8f5fdecc62a8c0052cf75ac23ffa900dd54ff6d889df2823b6ee455d3a1efe8fb9f42875846fc404b702ec2553c7937729680b7e3e238d4232a4a9eb42c4ad6fae7e17d5cf6e03f2d9d468ad1822bf4f19bd465974bad76283c67fd1790d07fecdc20286628214f7f11a7051de2f21d5f29df02418a7b4508aa9fe0874491792152953b53e0b10e1d91bdfb16ee22447a1f7449457968e890781c720718a44430a9991a540eeb96c330ff82f58ee324815b564971f5393304c77d4de92919e4e3e04177dc22faa0e512e323ebc288cfe01fa66dc7358feafc8d02b994bdb1ed68b43e61e3334ec56a295f15f6a5c1255a00813e63243051e955b918b5af982a9444b50fb1c331ef71e3a62097326c07c76d41bcc7b27524bc279f77dc687ed359b72c66bae8529a9966c1027d0223a329dc435a3f56d6e896584eba2df3bf19c482244fc683564de723749cc4119c976221ba3f4fedcf7d7da6aca5125aa919cc9462995a55b9edc00cac04e6a88c7277364b5fe26c4220175c1113ddc265dab6cee4012c3f4f5c180d1eb787361e372dc69393312926c3d357e10d46d39a61a09c23e47598169915c1e9d287073af17f2a565cf1e829e0090112be31a0c5a35293c372d90e330521b3888cb2f492523b8104833ff56290d571ad3a31050638d8cb991630faaedb4cc72fae627d7f1e30cf0d28e448168e87a796d46a03dc412230737d3508d5c631df04b1297015f1ac690a36451fcbf41d4026619a6833c836933da17630902f4bdb8f29c8b5cab3f0dec4148346b4cce198928fb9fe6a314469dfddaab066038a5852b77d0c8b294fb40974fc0cbd40312e88c345ed1c458d600e7059dbee224ce352c0a4bb6b866ecbf1fb275cd7e55cb4528fb6c6917811b9cd93a6eeac9d90462e764046f9e8614786c7e355136276529bc2d3d21d092f0f33e09a2158446119d2c29f72c89c0d84f1bb30130e3ed57dbef163678727cd9f52cc8523279901a016209123ce14d"})
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r4}, 0x45)
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
close(0x3)

1.038835101s ago: executing program 4 (id=770):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0xe00, &(0x7f0000000000)={&(0x7f0000000d00)={0x48, r2, 0x1, 0x703d26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x29, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7}, @device_b, @device_b, @from_mac, {0x2, 0x4}, @value=@ver_80211n={0x0, 0x464, 0x2, 0x3, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x2, 0x31, @val={0x10, 0x1, 0x6d}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

946.481962ms ago: executing program 2 (id=771):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={0x48, r2, 0x1, 0x703d26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x29, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7}, @device_b, @device_b, @from_mac, {0x2, 0x4}, @value=@ver_80211n={0x0, 0x464, 0x2, 0x3, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1}}, 0x0, 0x2, 0x31, @val={0x10, 0x1, 0x6d}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) (fail_nth: 5)

919.007516ms ago: executing program 4 (id=772):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000001c0)='Y', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r0, 0x0)
shutdown(r0, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = socket(0x22, 0x2, 0x23)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x1, 0x7, 0x2261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00'], 0x4c}, 0x1, 0xba01}, 0x0)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f0000000200)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, 'veth1_to_batadv\x00'}}, 0x1e)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000040)={'team0\x00', {0x2, 0x4e21, @loopback}})

654.164053ms ago: executing program 2 (id=773):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
close(0x3)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (fail_nth: 4)

95.025949ms ago: executing program 1 (id=774):
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="09000000090000ac510000004000e6ff41"], 0x48)
pipe(0xfffffffffffffffe)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write(r0, &(0x7f0000000080)="d83e", 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f00000012c0)=ANY=[@ANYBLOB="b4000000000000007910970000000000c300000000000000950000000080000068b157e8e8f18886cced1f393f93896c8c7a416cd25e70c9a481de974bbd7eb3334de5cda59bc2d2fadc58841b100ae47a0da171b287f672fd9ee58b00"/108], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x7300, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x30, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x30, r6, 0x5, 0x70bd2f, 0x25dfdc00, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x200040c4}, 0x2a040)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, r4, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d63a303170b5b4eaa887f511d2"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000080}, 0x4044080)

0s ago: executing program 2 (id=775):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=@raw=[@call={0x85, 0x0, 0x0, 0x19}, @exit], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r3 = accept4(r2, 0x0, 0x0, 0x0)
close(r3)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
accept4(r1, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000440)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000100)="90", 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16=r4], 0x1000f)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0xfc, 0x30, 0xb, 0x0, 0x0, {}, [{0xe8, 0x1, [@m_ct={0xe4, 0x1, 0x0, 0x0, {{0x7}, {0x56}, {0xbb, 0x6, "d6546ebca225e82247baafa082184b36a5f329393cb6a9b42e585e7c0e98081b783938a0fb467ca88e810f9c9c08c948c7ed23fdc329ddf8d69a78576291dcff4a9347721a9e7ec683eeee0fffddbdc1166cf1cc85a859437339904413c7039a3b9404eb3748db35335a8a1daa0a829aff40f2472b15d794be8756dfb7efeafbb6bb2e9ef8f76d8870c8d9cd63ab8ccbd0a7c2eaef1a893900d090513f396ad7858d9e0aa2ee55c7f3c08db49121695c12beb5b8df0000"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20020000}, 0x0)

kernel console output (not intermixed with test programs):

1_vlan: entered promiscuous mode
[  126.116871][ T6679] veth0_macvtap: entered promiscuous mode
[  126.132354][ T6679] veth1_macvtap: entered promiscuous mode
[  126.180756][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.223875][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.257981][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[  126.267060][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.267085][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.267097][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.267112][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.267138][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.267152][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.269024][ T6679] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.313070][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[  126.355547][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.392960][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.405744][ T6870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[  126.417994][ T6863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[  126.430233][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.464991][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.489852][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.522193][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.586171][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.614116][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.662727][ T6679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.686675][ T5856] Bluetooth: hci3: command tx timeout
[  126.765371][ T6679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.799601][ T6679] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.074987][ T6865] netlink: 136 bytes leftover after parsing attributes in process `syz.1.230'.
[  127.096251][ T6865] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  127.180907][ T6891] xt_bpf: check failed: parse error
[  127.205525][ T6679] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.215912][ T6679] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.235319][ T6679] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.292616][ T6679] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.361247][ T6892] pimreg0: tun_chr_ioctl cmd 35108
[  127.656214][ T6906] netlink: 'syz.0.241': attribute type 10 has an invalid length.
[  127.719820][ T6906] 8021q: adding VLAN 0 to HW filter on device team0
[  127.751435][ T6906] bond0: (slave team0): Enslaving as an active interface with an up link
[  127.801341][ T6910] netlink: 'syz.4.242': attribute type 1 has an invalid length.
[  127.909988][ T6912] bond2: (slave gre1): The slave device specified does not support setting the MAC address
[  127.920791][ T6912] bond2: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  127.930683][ T6912] bond2: (slave gre1): Opening slave failed
[  127.945935][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.955657][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.038773][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.066293][ T6916] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  128.086515][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.870115][ T5855] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  129.879488][ T5855] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  129.888663][ T5855] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  129.911725][ T5855] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  129.919698][ T5855] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  129.938249][ T6975] netlink: 16 bytes leftover after parsing attributes in process `syz.4.264'.
[  129.959014][ T6975] netlink: 12 bytes leftover after parsing attributes in process `syz.4.264'.
[  130.185421][ T6981] xt_policy: output policy not valid in PREROUTING and INPUT
[  130.278303][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.4.268'.
[  130.453251][ T6995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.269'.
[  130.469681][ T6995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.269'.
[  130.480708][ T6991] bpq0: entered promiscuous mode
[  130.787367][ T6972] chnl_net:caif_netlink_parms(): no params data found
[  131.242646][ T6972] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.262661][ T6972] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.271183][ T6972] bridge_slave_0: entered allmulticast mode
[  131.279259][ T6972] bridge_slave_0: entered promiscuous mode
[  131.294554][ T7028] geneve2: entered promiscuous mode
[  131.300754][ T7028] geneve2: entered allmulticast mode
[  131.308057][ T7026] Cannot find set identified by id 0 to match
[  131.318597][ T6972] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.333387][ T6972] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.342674][ T6972] bridge_slave_1: entered allmulticast mode
[  131.351135][ T6972] bridge_slave_1: entered promiscuous mode
[  131.367278][ T7026] pim6reg: entered allmulticast mode
[  131.473828][ T6972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.515574][ T6972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.746853][ T6972] team0: Port device team_slave_0 added
[  131.781380][ T6972] team0: Port device team_slave_1 added
[  131.966102][ T5855] Bluetooth: hci3: command tx timeout
[  132.079762][ T6972] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.106526][ T6972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.162784][ T6972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.309803][ T6972] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.319979][ T6972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.347707][ T6972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.541292][ T6972] hsr_slave_0: entered promiscuous mode
[  132.559149][ T6972] hsr_slave_1: entered promiscuous mode
[  132.566430][ T6972] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.594392][ T6972] Cannot create hsr debugfs directory
[  132.767697][ T7075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.297'.
[  132.854580][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  132.870215][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  133.071621][ T6972] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.218862][ T6972] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.332554][ T6972] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.498059][ T6972] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.669316][ T7102] warning: `syz.2.309' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  133.801781][ T7105] netlink: 96 bytes leftover after parsing attributes in process `syz.2.309'.
[  133.843996][ T7104] netlink: 96 bytes leftover after parsing attributes in process `syz.2.309'.
[  133.971862][ T7114] netlink: 96 bytes leftover after parsing attributes in process `syz.0.313'.
[  134.039107][ T6972] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  134.046102][ T5855] Bluetooth: hci3: command tx timeout
[  134.083188][ T6972] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  134.166735][ T6972] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  134.205661][ T6972] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  134.417081][ T7129] netlink: 16 bytes leftover after parsing attributes in process `syz.2.319'.
[  134.525850][ T6972] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.571970][ T6972] 8021q: adding VLAN 0 to HW filter on device team0
[  134.589252][ T7134] xt_socket: unknown flags 0x8
[  134.608851][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.616115][ T6016] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.624518][ T5834] IPVS: starting estimator thread 0...
[  134.638853][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.646108][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.740877][ T7139] IPVS: using max 26 ests per chain, 62400 per kthread
[  134.771268][ T7141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  135.109961][ T7155] netlink: 96 bytes leftover after parsing attributes in process `syz.4.326'.
[  135.144415][ T6972] 8021q: adding VLAN 0 to HW filter on device batadv0
[  135.291855][ T6972] veth0_vlan: entered promiscuous mode
[  135.314173][ T6972] veth1_vlan: entered promiscuous mode
[  135.434908][ T6972] veth0_macvtap: entered promiscuous mode
[  135.472185][ T6972] veth1_macvtap: entered promiscuous mode
[  135.496062][ T7163] netlink: 36 bytes leftover after parsing attributes in process `syz.0.330'.
[  135.554554][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.607513][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.617822][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.630967][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.646730][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.667781][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.678568][ T7173] netlink: 8 bytes leftover after parsing attributes in process `syz.0.330'.
[  135.685075][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.706986][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.721279][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.734424][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.748944][ T6972] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.785893][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.797032][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.807622][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.820269][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.830565][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.844028][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.863659][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.883858][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.894806][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.913948][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.924496][ T6972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.996629][ T6972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.009044][ T6972] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.028460][ T7181] netlink: 64 bytes leftover after parsing attributes in process `syz.1.334'.
[  136.044136][ T6972] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.057055][ T6972] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.066494][ T6972] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.075369][ T6972] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.126270][ T5855] Bluetooth: hci3: command tx timeout
[  136.394575][ T6016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.417231][ T6016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.509403][ T6016] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.528223][ T6016] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.798326][ T7197] netlink: 32 bytes leftover after parsing attributes in process `syz.0.342'.
[  137.355426][ T7212] netlink: 'syz.2.343': attribute type 5 has an invalid length.
[  138.647139][ T7238] __nla_validate_parse: 3 callbacks suppressed
[  138.647160][ T7238] netlink: 20 bytes leftover after parsing attributes in process `syz.0.357'.
[  138.683997][ T7238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'.
[  138.752594][ T7243] Bluetooth: MGMT ver 1.23
[  138.759115][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'.
[  138.838289][ T7243] 8021q: adding VLAN 0 to HW filter on device team1
[  138.932584][ T7247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.360'.
[  138.973652][ T7247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.360'.
[  139.091625][ T7253] netlink: 96 bytes leftover after parsing attributes in process `syz.2.363'.
[  139.120915][ T7247] syz.1.360 (7247) used greatest stack depth: 17560 bytes left
[  139.203065][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  139.217567][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  139.226480][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  139.240836][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  139.250937][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  139.391312][ T7262] FAULT_INJECTION: forcing a failure.
[  139.391312][ T7262] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  139.442697][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.2.365 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  139.442728][ T7262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  139.442745][ T7262] Call Trace:
[  139.442754][ T7262]  <TASK>
[  139.442763][ T7262]  dump_stack_lvl+0x241/0x360
[  139.442818][ T7262]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.442848][ T7262]  ? __pfx__printk+0x10/0x10
[  139.442892][ T7262]  should_fail_ex+0x424/0x570
[  139.442920][ T7262]  _copy_from_user+0x2d/0xb0
[  139.442951][ T7262]  copy_msghdr_from_user+0xb3/0x580
[  139.442986][ T7262]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  139.443011][ T7262]  ? __fget_files+0x2a/0x420
[  139.443034][ T7262]  ? __fget_files+0x2a/0x420
[  139.443064][ T7262]  __sys_sendmsg+0x20a/0x360
[  139.443092][ T7262]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.443174][ T7262]  ? do_syscall_64+0xb6/0x230
[  139.443204][ T7262]  do_syscall_64+0xf3/0x230
[  139.443230][ T7262]  ? clear_bhb_loop+0x45/0xa0
[  139.443255][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.443275][ T7262] RIP: 0033:0x7f093198d169
[  139.443312][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.443328][ T7262] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.443359][ T7262] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  139.443374][ T7262] RDX: 0000000004040840 RSI: 00002000000012c0 RDI: 0000000000000004
[  139.443388][ T7262] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  139.443401][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.443418][ T7262] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  139.443451][ T7262]  </TASK>
[  139.949805][ T7274] netlink: 'syz.0.369': attribute type 1 has an invalid length.
[  140.000563][ T7274] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.023562][ T7280] gretap1: entered promiscuous mode
[  140.037855][ T7280] bond1: (slave gretap1): making interface the new active one
[  140.047887][ T7280] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  140.194408][ T7255] chnl_net:caif_netlink_parms(): no params data found
[  140.263271][ T7287] netlink: 96 bytes leftover after parsing attributes in process `syz.0.375'.
[  140.679918][ T7255] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.719521][ T7255] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.740191][ T7304] FAULT_INJECTION: forcing a failure.
[  140.740191][ T7304] name failslab, interval 1, probability 0, space 0, times 1
[  140.745063][ T7255] bridge_slave_0: entered allmulticast mode
[  140.811986][ T7304] CPU: 0 UID: 0 PID: 7304 Comm: syz.0.381 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  140.812016][ T7304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  140.812029][ T7304] Call Trace:
[  140.812037][ T7304]  <TASK>
[  140.812045][ T7304]  dump_stack_lvl+0x241/0x360
[  140.812083][ T7304]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.812130][ T7304]  ? __pfx__printk+0x10/0x10
[  140.812163][ T7304]  ? __pfx___might_resched+0x10/0x10
[  140.812191][ T7304]  should_fail_ex+0x424/0x570
[  140.812216][ T7304]  should_failslab+0xac/0x100
[  140.812245][ T7304]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  140.812273][ T7304]  ? __alloc_skb+0x1c2/0x480
[  140.812297][ T7304]  __alloc_skb+0x1c2/0x480
[  140.812322][ T7304]  ? __pfx___alloc_skb+0x10/0x10
[  140.812351][ T7304]  netlink_sendmsg+0x638/0xcd0
[  140.812401][ T7304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.812434][ T7304]  ? aa_sock_msg_perm+0x91/0x160
[  140.812468][ T7304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.812495][ T7304]  __sock_sendmsg+0x221/0x270
[  140.812525][ T7304]  ____sys_sendmsg+0x523/0x860
[  140.812556][ T7304]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.812575][ T7304]  ? __fget_files+0x2a/0x420
[  140.812597][ T7304]  ? __fget_files+0x2a/0x420
[  140.812626][ T7304]  __sys_sendmsg+0x271/0x360
[  140.812653][ T7304]  ? __pfx___sys_sendmsg+0x10/0x10
[  140.812730][ T7304]  ? do_syscall_64+0xb6/0x230
[  140.812759][ T7304]  do_syscall_64+0xf3/0x230
[  140.812783][ T7304]  ? clear_bhb_loop+0x45/0xa0
[  140.812806][ T7304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.812825][ T7304] RIP: 0033:0x7feb9598d169
[  140.812843][ T7304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.812859][ T7304] RSP: 002b:00007feb9686e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.812880][ T7304] RAX: ffffffffffffffda RBX: 00007feb95ba5fa0 RCX: 00007feb9598d169
[  140.812895][ T7304] RDX: 0000000004040840 RSI: 00002000000012c0 RDI: 0000000000000004
[  140.812907][ T7304] RBP: 00007feb9686e090 R08: 0000000000000000 R09: 0000000000000000
[  140.812919][ T7304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.812930][ T7304] R13: 0000000000000000 R14: 00007feb95ba5fa0 R15: 00007fff11c9efd8
[  140.812960][ T7304]  </TASK>
[  140.815097][ T7255] bridge_slave_0: entered promiscuous mode
[  141.129878][ T7255] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.140354][ T7255] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.148034][ T7255] bridge_slave_1: entered allmulticast mode
[  141.194893][ T7255] bridge_slave_1: entered promiscuous mode
[  141.289463][ T7321] netlink: 96 bytes leftover after parsing attributes in process `syz.0.388'.
[  141.326603][ T5855] Bluetooth: hci3: command tx timeout
[  141.342744][ T7255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.415328][ T7255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.545473][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'.
[  141.574714][ T7255] team0: Port device team_slave_0 added
[  141.594508][ T7255] team0: Port device team_slave_1 added
[  141.707618][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_0
[  141.716506][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.766404][ T7255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  141.819420][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_1
[  141.852492][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.009202][ T7255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.215244][ T7255] hsr_slave_0: entered promiscuous mode
[  142.231646][ T7255] hsr_slave_1: entered promiscuous mode
[  142.239649][ T7255] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.248424][ T7255] Cannot create hsr debugfs directory
[  142.254341][ T7346] netlink: 64 bytes leftover after parsing attributes in process `syz.4.399'.
[  143.175007][ T7255] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.289757][ T7382] FAULT_INJECTION: forcing a failure.
[  143.289757][ T7382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.319005][ T7382] CPU: 1 UID: 0 PID: 7382 Comm: syz.4.413 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  143.319049][ T7382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  143.319061][ T7382] Call Trace:
[  143.319069][ T7382]  <TASK>
[  143.319077][ T7382]  dump_stack_lvl+0x241/0x360
[  143.319114][ T7382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.319143][ T7382]  ? __pfx__printk+0x10/0x10
[  143.319185][ T7382]  should_fail_ex+0x424/0x570
[  143.319212][ T7382]  _copy_from_iter+0x211/0x1c70
[  143.319246][ T7382]  ? __build_skb_around+0x247/0x3d0
[  143.319282][ T7382]  ? __alloc_skb+0x298/0x480
[  143.319299][ T7382]  ? __pfx__copy_from_iter+0x10/0x10
[  143.319329][ T7382]  ? __pfx___alloc_skb+0x10/0x10
[  143.319350][ T7382]  ? skb_put+0x114/0x1f0
[  143.319373][ T7382]  netlink_sendmsg+0x73c/0xcd0
[  143.319416][ T7382]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.319449][ T7382]  ? aa_sock_msg_perm+0x91/0x160
[  143.319483][ T7382]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.319510][ T7382]  __sock_sendmsg+0x221/0x270
[  143.319539][ T7382]  ____sys_sendmsg+0x523/0x860
[  143.319570][ T7382]  ? __pfx_____sys_sendmsg+0x10/0x10
[  143.319589][ T7382]  ? __fget_files+0x2a/0x420
[  143.319612][ T7382]  ? __fget_files+0x2a/0x420
[  143.319640][ T7382]  __sys_sendmsg+0x271/0x360
[  143.319667][ T7382]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.319746][ T7382]  ? do_syscall_64+0xb6/0x230
[  143.319775][ T7382]  do_syscall_64+0xf3/0x230
[  143.319800][ T7382]  ? clear_bhb_loop+0x45/0xa0
[  143.319824][ T7382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.319843][ T7382] RIP: 0033:0x7f9281f8d169
[  143.319861][ T7382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.319877][ T7382] RSP: 002b:00007f9282d81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.319908][ T7382] RAX: ffffffffffffffda RBX: 00007f92821a5fa0 RCX: 00007f9281f8d169
[  143.319923][ T7382] RDX: 0000000004040840 RSI: 00002000000012c0 RDI: 0000000000000004
[  143.319936][ T7382] RBP: 00007f9282d81090 R08: 0000000000000000 R09: 0000000000000000
[  143.319949][ T7382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.319960][ T7382] R13: 0000000000000000 R14: 00007f92821a5fa0 R15: 00007ffd8ca2cf28
[  143.319992][ T7382]  </TASK>
[  143.612564][ T5855] Bluetooth: hci3: command tx timeout
[  143.700950][ T7255] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.885642][ T7255] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.969360][ T7255] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.084207][ T7398] netlink: 'syz.1.420': attribute type 1 has an invalid length.
[  144.223692][ T7255] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  144.273996][ T7255] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  144.301508][ T7255] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  144.325104][ T7255] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  144.419581][ T7404] __nla_validate_parse: 1 callbacks suppressed
[  144.419601][ T7404] netlink: 20 bytes leftover after parsing attributes in process `syz.1.423'.
[  144.551055][ T7407] netlink: 'syz.0.424': attribute type 4 has an invalid length.
[  144.573329][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  144.583059][ T7409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  144.594708][ T7407] netlink: 'syz.0.424': attribute type 4 has an invalid length.
[  144.632803][ T7255] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.695311][ T7413] netlink: 64 bytes leftover after parsing attributes in process `syz.2.425'.
[  144.771049][ T7417] FAULT_INJECTION: forcing a failure.
[  144.771049][ T7417] name failslab, interval 1, probability 0, space 0, times 0
[  144.818016][ T7255] 8021q: adding VLAN 0 to HW filter on device team0
[  144.837971][ T7417] CPU: 1 UID: 0 PID: 7417 Comm: syz.4.426 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  144.838003][ T7417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  144.838016][ T7417] Call Trace:
[  144.838024][ T7417]  <TASK>
[  144.838032][ T7417]  dump_stack_lvl+0x241/0x360
[  144.838071][ T7417]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.838102][ T7417]  ? __pfx__printk+0x10/0x10
[  144.838137][ T7417]  ? __pfx___might_resched+0x10/0x10
[  144.838171][ T7417]  should_fail_ex+0x424/0x570
[  144.838199][ T7417]  should_failslab+0xac/0x100
[  144.838230][ T7417]  __kmalloc_noprof+0xdf/0x4d0
[  144.838258][ T7417]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  144.838289][ T7417]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  144.838312][ T7417]  ? __kernel_text_address+0xd/0x40
[  144.838337][ T7417]  genl_rcv_msg+0x819/0xf00
[  144.838369][ T7417]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.838388][ T7417]  ? stack_trace_save+0x11a/0x1d0
[  144.838421][ T7417]  ? __pfx_stack_trace_save+0x10/0x10
[  144.838454][ T7417]  ? stack_depot_save_flags+0x44/0x940
[  144.838473][ T7417]  ? stack_trace_snprint+0x71/0xf0
[  144.838529][ T7417]  ? __lock_acquire+0xad5/0xd80
[  144.838552][ T7417]  ? __pfx_netlbl_cipsov4_list+0x10/0x10
[  144.838600][ T7417]  netlink_rcv_skb+0x208/0x480
[  144.838628][ T7417]  ? __pfx_genl_rcv_msg+0x10/0x10
[  144.838651][ T7417]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  144.838702][ T7417]  ? netlink_deliver_tap+0x2e/0x1b0
[  144.838739][ T7417]  genl_rcv+0x28/0x40
[  144.838758][ T7417]  netlink_unicast+0x7f8/0x9a0
[  144.838792][ T7417]  ? __pfx_netlink_unicast+0x10/0x10
[  144.838820][ T7417]  ? skb_put+0x114/0x1f0
[  144.838845][ T7417]  netlink_sendmsg+0x8c3/0xcd0
[  144.838887][ T7417]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.838920][ T7417]  ? aa_sock_msg_perm+0x91/0x160
[  144.838961][ T7417]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.838992][ T7417]  __sock_sendmsg+0x221/0x270
[  144.839022][ T7417]  ____sys_sendmsg+0x523/0x860
[  144.839055][ T7417]  ? __pfx_____sys_sendmsg+0x10/0x10
[  144.839074][ T7417]  ? __fget_files+0x2a/0x420
[  144.839096][ T7417]  ? __fget_files+0x2a/0x420
[  144.839124][ T7417]  __sys_sendmsg+0x271/0x360
[  144.839152][ T7417]  ? __pfx___sys_sendmsg+0x10/0x10
[  144.839235][ T7417]  ? do_syscall_64+0xb6/0x230
[  144.839264][ T7417]  do_syscall_64+0xf3/0x230
[  144.839289][ T7417]  ? clear_bhb_loop+0x45/0xa0
[  144.839313][ T7417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.839331][ T7417] RIP: 0033:0x7f9281f8d169
[  144.839349][ T7417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.839364][ T7417] RSP: 002b:00007f9282d81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.839387][ T7417] RAX: ffffffffffffffda RBX: 00007f92821a5fa0 RCX: 00007f9281f8d169
[  144.839401][ T7417] RDX: 0000000004040840 RSI: 00002000000012c0 RDI: 0000000000000004
[  144.839414][ T7417] RBP: 00007f9282d81090 R08: 0000000000000000 R09: 0000000000000000
[  144.839427][ T7417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.839439][ T7417] R13: 0000000000000000 R14: 00007f92821a5fa0 R15: 00007ffd8ca2cf28
[  144.839471][ T7417]  </TASK>
[  145.154810][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.162032][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.234460][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.241716][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.647693][ T5855] Bluetooth: hci3: command tx timeout
[  146.075548][ T7255] 8021q: adding VLAN 0 to HW filter on device batadv0
[  146.179855][ T7255] veth0_vlan: entered promiscuous mode
[  146.221202][ T7255] veth1_vlan: entered promiscuous mode
[  146.303991][ T7255] veth0_macvtap: entered promiscuous mode
[  146.338020][ T7255] veth1_macvtap: entered promiscuous mode
[  146.365332][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.376298][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.390033][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.401144][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.429567][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.444029][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.462498][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.491636][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.505531][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.516488][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.526876][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.540040][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.552960][ T7255] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.591217][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.603302][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.615353][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.634038][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.644192][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.664955][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.675288][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.709328][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.726911][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.748129][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.764751][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.788664][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.809753][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.823831][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.842756][ T7255] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.850988][ T7461] netlink: 36 bytes leftover after parsing attributes in process `syz.0.438'.
[  146.860162][ T7461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.438'.
[  146.879126][ T7255] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.881406][ T7463] FAULT_INJECTION: forcing a failure.
[  146.881406][ T7463] name failslab, interval 1, probability 0, space 0, times 0
[  146.912181][ T7463] CPU: 0 UID: 0 PID: 7463 Comm: syz.2.439 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  146.912213][ T7463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.912226][ T7463] Call Trace:
[  146.912234][ T7463]  <TASK>
[  146.912243][ T7463]  dump_stack_lvl+0x241/0x360
[  146.912283][ T7463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.912314][ T7463]  ? __pfx__printk+0x10/0x10
[  146.912349][ T7463]  ? __pfx___might_resched+0x10/0x10
[  146.912381][ T7463]  should_fail_ex+0x424/0x570
[  146.912409][ T7463]  should_failslab+0xac/0x100
[  146.912441][ T7463]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  146.912472][ T7463]  ? __alloc_skb+0x1c2/0x480
[  146.912497][ T7463]  __alloc_skb+0x1c2/0x480
[  146.912524][ T7463]  ? __pfx___alloc_skb+0x10/0x10
[  146.912556][ T7463]  netlbl_cipsov4_list+0xf5/0x18f0
[  146.912608][ T7463]  ? __pfx_netlbl_cipsov4_list+0x10/0x10
[  146.912640][ T7463]  ? __nla_parse+0x40/0x60
[  146.912671][ T7463]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  146.912716][ T7463]  genl_rcv_msg+0xb38/0xf00
[  146.912748][ T7463]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.912786][ T7463]  ? stack_trace_save+0x11a/0x1d0
[  146.912819][ T7463]  ? __pfx_stack_trace_save+0x10/0x10
[  146.912850][ T7463]  ? stack_depot_save_flags+0x44/0x940
[  146.912870][ T7463]  ? stack_trace_snprint+0x71/0xf0
[  146.912914][ T7463]  ? __lock_acquire+0xad5/0xd80
[  146.912942][ T7463]  ? __pfx_netlbl_cipsov4_list+0x10/0x10
[  146.912989][ T7463]  netlink_rcv_skb+0x208/0x480
[  146.913019][ T7463]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.913043][ T7463]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  146.913096][ T7463]  ? netlink_deliver_tap+0x2e/0x1b0
[  146.913132][ T7463]  genl_rcv+0x28/0x40
[  146.913158][ T7463]  netlink_unicast+0x7f8/0x9a0
[  146.913194][ T7463]  ? __pfx_netlink_unicast+0x10/0x10
[  146.913222][ T7463]  ? skb_put+0x114/0x1f0
[  146.913247][ T7463]  netlink_sendmsg+0x8c3/0xcd0
[  146.913291][ T7463]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.913331][ T7463]  ? aa_sock_msg_perm+0x91/0x160
[  146.913367][ T7463]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.913393][ T7463]  __sock_sendmsg+0x221/0x270
[  146.913424][ T7463]  ____sys_sendmsg+0x523/0x860
[  146.913456][ T7463]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.913475][ T7463]  ? __fget_files+0x2a/0x420
[  146.913498][ T7463]  ? __fget_files+0x2a/0x420
[  146.913527][ T7463]  __sys_sendmsg+0x271/0x360
[  146.913556][ T7463]  ? __pfx___sys_sendmsg+0x10/0x10
[  146.913639][ T7463]  ? do_syscall_64+0xb6/0x230
[  146.913668][ T7463]  do_syscall_64+0xf3/0x230
[  146.913693][ T7463]  ? clear_bhb_loop+0x45/0xa0
[  146.913717][ T7463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.913738][ T7463] RIP: 0033:0x7f093198d169
[  146.913761][ T7463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.913778][ T7463] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.913800][ T7463] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  146.913815][ T7463] RDX: 0000000004040840 RSI: 00002000000012c0 RDI: 0000000000000004
[  146.913828][ T7463] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  146.913840][ T7463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.913852][ T7463] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  146.913885][ T7463]  </TASK>
[  147.239888][ T7255] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.252061][ T7255] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.261004][ T7255] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.513210][ T7469] IPVS: set_ctl: invalid protocol: 58 127.0.0.1:20001
[  147.658669][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.679290][ T7475] netlink: 132 bytes leftover after parsing attributes in process `syz.2.443'.
[  147.684637][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.726400][ T5855] Bluetooth: hci3: command tx timeout
[  147.766357][ T7470] netlink: 4 bytes leftover after parsing attributes in process `syz.1.441'.
[  147.782539][ T6013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.814913][ T6013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.997650][ T7488] netlink: 'syz.4.448': attribute type 1 has an invalid length.
[  148.084356][ T7492] netlink: 'syz.1.449': attribute type 10 has an invalid length.
[  148.128477][ T7492] 8021q: adding VLAN 0 to HW filter on device team0
[  148.167489][ T7492] team0: entered promiscuous mode
[  148.200106][ T7492] team_slave_0: entered promiscuous mode
[  148.234200][ T7492] team_slave_1: entered promiscuous mode
[  148.252961][ T7492] bond0: (slave team0): Enslaving as an active interface with an up link
[  148.272121][ T7494] netlink: 36 bytes leftover after parsing attributes in process `syz.2.450'.
[  148.289889][ T7498] x_tables: duplicate underflow at hook 4
[  148.313343][ T7494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.450'.
[  148.741275][ T7513] netlink: 'syz.0.457': attribute type 4 has an invalid length.
[  150.062034][ T7535] ipvlan2: entered promiscuous mode
[  150.084926][ T7535] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  150.275859][ T7536] syz.2.463: vmalloc error: size 7200768, failed to allocated page array size 14064, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  150.316251][ T7536] CPU: 0 UID: 0 PID: 7536 Comm: syz.2.463 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  150.316280][ T7536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  150.316291][ T7536] Call Trace:
[  150.316299][ T7536]  <TASK>
[  150.316307][ T7536]  dump_stack_lvl+0x241/0x360
[  150.316343][ T7536]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.316378][ T7536]  ? __pfx__printk+0x10/0x10
[  150.316405][ T7536]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  150.316440][ T7536]  ? __rcu_read_unlock+0xa1/0x110
[  150.316462][ T7536]  warn_alloc+0x27c/0x410
[  150.316488][ T7536]  ? __pfx_warn_alloc+0x10/0x10
[  150.316514][ T7536]  ? fq_pie_init+0x429/0x830
[  150.316538][ T7536]  ? __get_vm_area_node+0x1c8/0x2d0
[  150.316568][ T7536]  ? __get_vm_area_node+0x25c/0x2d0
[  150.316604][ T7536]  __vmalloc_node_range_noprof+0x634/0x1390
[  150.316654][ T7536]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  150.316676][ T7536]  ? __kasan_kmalloc_large+0x1a/0xa0
[  150.316708][ T7536]  ? fq_pie_init+0x429/0x830
[  150.316734][ T7536]  __kvmalloc_node_noprof+0x3b2/0x5a0
[  150.316764][ T7536]  ? fq_pie_init+0x429/0x830
[  150.316787][ T7536]  ? fq_pie_init+0x429/0x830
[  150.316816][ T7536]  fq_pie_init+0x429/0x830
[  150.316844][ T7536]  ? __pfx_fq_pie_init+0x10/0x10
[  150.316868][ T7536]  qdisc_create+0x70b/0xdf0
[  150.316903][ T7536]  tc_modify_qdisc+0x156d/0x2610
[  150.316927][ T7536]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  150.316968][ T7536]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  150.316992][ T7536]  ? __mutex_lock+0xbe3/0x10c0
[  150.317024][ T7536]  ? __mutex_lock+0x5f3/0x10c0
[  150.317075][ T7536]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  150.317102][ T7536]  rtnetlink_rcv_msg+0x7c2/0xd70
[  150.317130][ T7536]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  150.317163][ T7536]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  150.317198][ T7536]  ? ref_tracker_free+0x63e/0x7e0
[  150.317229][ T7536]  netlink_rcv_skb+0x208/0x480
[  150.317257][ T7536]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  150.317293][ T7536]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  150.317357][ T7536]  ? netlink_deliver_tap+0x2e/0x1b0
[  150.317396][ T7536]  ? netlink_deliver_tap+0x2e/0x1b0
[  150.317428][ T7536]  netlink_unicast+0x7f8/0x9a0
[  150.317463][ T7536]  ? __pfx_netlink_unicast+0x10/0x10
[  150.317490][ T7536]  ? skb_put+0x114/0x1f0
[  150.317514][ T7536]  netlink_sendmsg+0x8c3/0xcd0
[  150.317555][ T7536]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.317589][ T7536]  ? aa_sock_msg_perm+0x91/0x160
[  150.317625][ T7536]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.317652][ T7536]  __sock_sendmsg+0x221/0x270
[  150.317681][ T7536]  ____sys_sendmsg+0x523/0x860
[  150.317712][ T7536]  ? __pfx_____sys_sendmsg+0x10/0x10
[  150.317731][ T7536]  ? __fget_files+0x2a/0x420
[  150.317753][ T7536]  ? __fget_files+0x2a/0x420
[  150.317781][ T7536]  __sys_sendmsg+0x271/0x360
[  150.317809][ T7536]  ? __pfx___sys_sendmsg+0x10/0x10
[  150.317843][ T7536]  ? __lock_acquire+0xad5/0xd80
[  150.317909][ T7536]  ? do_syscall_64+0xb6/0x230
[  150.317940][ T7536]  do_syscall_64+0xf3/0x230
[  150.317966][ T7536]  ? clear_bhb_loop+0x45/0xa0
[  150.317990][ T7536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.318010][ T7536] RIP: 0033:0x7f093198d169
[  150.318029][ T7536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.318046][ T7536] RSP: 002b:00007f0932809038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.318069][ T7536] RAX: ffffffffffffffda RBX: 00007f0931ba6080 RCX: 00007f093198d169
[  150.318084][ T7536] RDX: 0000000000068000 RSI: 00002000000000c0 RDI: 0000000000000011
[  150.318098][ T7536] RBP: 00007f0931a0e990 R08: 0000000000000000 R09: 0000000000000000
[  150.318111][ T7536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.318123][ T7536] R13: 0000000000000000 R14: 00007f0931ba6080 R15: 00007ffe30cfef78
[  150.318157][ T7536]  </TASK>
[  150.417670][ T7536] Mem-Info:
[  150.705093][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  150.720937][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  150.726717][ T7536] active_anon:6921 inactive_anon:0 isolated_anon:0
[  150.726717][ T7536]  active_file:1468 inactive_file:38339 isolated_file:0
[  150.726717][ T7536]  unevictable:768 dirty:112 writeback:0
[  150.726717][ T7536]  slab_reclaimable:9988 slab_unreclaimable:106981
[  150.726717][ T7536]  mapped:31676 shmem:3449 pagetables:813
[  150.726717][ T7536]  sec_pagetables:0 bounce:0
[  150.726717][ T7536]  kernel_misc_reclaimable:0
[  150.726717][ T7536]  free:1325873 free_pcp:3636 free_cma:0
[  150.730697][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  150.801533][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  150.805687][ T7536] Node 0 active_anon:28784kB inactive_anon:0kB active_file:5872kB inactive_file:153284kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127804kB dirty:444kB writeback:0kB shmem:13260kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11816kB pagetables:3252kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  150.843173][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  150.843945][ T7536] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  150.893850][ T7536] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  150.926949][ T7536] lowmem_reserve[]: 0 2487 2487 2487 2487
[  150.937450][ T7536] Node 0 DMA32 free:1386880kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:31100kB inactive_anon:0kB active_file:5872kB inactive_file:153192kB unevictable:1536kB writepending:444kB present:3129332kB managed:2547244kB mlocked:0kB bounce:0kB free_pcp:6792kB local_pcp:932kB free_cma:0kB
[  151.043434][ T7536] lowmem_reserve[]: 0 0 0 0 0
[  151.048662][ T7536] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  151.076386][ T7536] lowmem_reserve[]: 0 0 0 0 0
[  151.081942][ T7536] Node 1 Normal free:3906404kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  151.114165][ T7536] lowmem_reserve[]: 0 0 0 0 0
[  151.119363][ T7536] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  151.132446][ T7536] Node 0 DMA32: 1*4kB (E) 4*8kB (UME) 0*16kB 107*32kB (U) 8*64kB (UME) 10*128kB (UME) 5*256kB (UME) 12*512kB (UME) 7*1024kB (UME) 1*2048kB (E) 333*4096kB (UM) = 1385860kB
[  151.152553][ T7536] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  151.164231][ T7536] Node 1 Normal: 217*4kB (UME) 42*8kB (UME) 47*16kB (UME) 216*32kB (UME) 95*64kB (UME) 32*128kB (UM) 11*256kB (UM) 5*512kB (UM) 5*1024kB (UME) 3*2048kB (UE) 945*4096kB (M) = 3906404kB
[  151.185853][ T7536] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.202401][ T7536] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  151.211950][ T7536] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  151.221693][ T7536] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  151.231059][ T7536] 41228 total pagecache pages
[  151.235758][ T7536] 0 pages in swap cache
[  151.239983][ T7536] Free swap  = 124996kB
[  151.244156][ T7536] Total swap = 124996kB
[  151.249158][ T7536] 2097051 pages RAM
[  151.254078][ T7536] 0 pages HighMem/MovableOnly
[  151.260510][ T7536] 428582 pages reserved
[  151.264682][ T7536] 0 pages cma reserved
[  151.271547][ T7538] netlink: 36 bytes leftover after parsing attributes in process `syz.0.465'.
[  151.286032][ T7538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'.
[  151.617881][ T7555] 8021q: adding VLAN 0 to HW filter on device bond1
[  151.625786][ T7555] bridge0: port 3(bond1) entered blocking state
[  151.632997][ T7555] bridge0: port 3(bond1) entered disabled state
[  151.639863][ T7555] bond1: entered allmulticast mode
[  151.648442][ T7555] bond1: entered promiscuous mode
[  151.654406][ T7555] bridge0: port 3(bond1) entered blocking state
[  151.661104][ T7555] bridge0: port 3(bond1) entered forwarding state
[  151.769882][ T6016] bridge0: port 3(bond1) entered disabled state
[  152.140443][ T7582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.478'.
[  152.149524][ T7582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.478'.
[  152.223159][ T7586] netlink: 'syz.2.479': attribute type 1 has an invalid length.
[  152.275368][ T7586] bond2: entered promiscuous mode
[  152.281256][ T7586] 8021q: adding VLAN 0 to HW filter on device bond2
[  152.290328][ T7588] netlink: 3 bytes leftover after parsing attributes in process `syz.2.479'.
[  152.299897][ T7587] netlink: 36 bytes leftover after parsing attributes in process `syz.1.477'.
[  152.379870][ T7588] batadv1: entered promiscuous mode
[  152.399633][ T7588] batadv1: entered allmulticast mode
[  152.414947][ T7588] 8021q: adding VLAN 0 to HW filter on device batadv1
[  152.441110][ T7588] bond2: (slave batadv1): making interface the new active one
[  152.454321][ T7588] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  152.632343][ T7547] chnl_net:caif_netlink_parms(): no params data found
[  152.689993][ T7598] netlink: 'syz.2.482': attribute type 2 has an invalid length.
[  152.850060][ T7598] k›*·]‘: entered promiscuous mode
[  152.926314][ T5856] Bluetooth: hci3: command tx timeout
[  153.226865][ T7623] netlink: 36 bytes leftover after parsing attributes in process `syz.0.490'.
[  153.261131][ T7547] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.296185][ T7547] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.303593][ T7547] bridge_slave_0: entered allmulticast mode
[  153.360723][ T7547] bridge_slave_0: entered promiscuous mode
[  153.422072][ T7547] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.459777][ T7547] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.467931][ T7547] bridge_slave_1: entered allmulticast mode
[  153.475938][ T7547] bridge_slave_1: entered promiscuous mode
[  153.688020][ T7649] Cannot find add_set index 0 as target
[  153.711453][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.2.498'.
[  153.742647][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.2.498'.
[  153.879856][ T7547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.135701][ T7655] bridge1: entered allmulticast mode
[  154.179231][ T7547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.270255][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.500'.
[  154.362383][ T7547] team0: Port device team_slave_0 added
[  154.384924][ T7547] team0: Port device team_slave_1 added
[  154.555897][ T7665] netlink: 'syz.4.503': attribute type 6 has an invalid length.
[  154.596353][ T7547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.603525][ T7547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.662259][ T7547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.684511][ T7547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.702515][ T7547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.728963][ T7547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.988008][ T7547] hsr_slave_0: entered promiscuous mode
[  154.994752][ T7547] hsr_slave_1: entered promiscuous mode
[  155.001981][ T7547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.011273][ T7547] Cannot create hsr debugfs directory
[  155.019072][ T5856] Bluetooth: hci3: command tx timeout
[  155.069151][ T7681] xt_CT: You must specify a L4 protocol and not use inversions on it
[  155.361418][ T7692] tipc: Failed to remove unknown binding: 66,1,1/0:760611593/760611595
[  155.372043][ T7692] tipc: Failed to remove unknown binding: 66,1,1/0:760611593/760611595
[  155.851008][ T7547] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.924742][ T7715] netlink: 'syz.4.514': attribute type 13 has an invalid length.
[  156.013620][ T7715] gretap0: refused to change device tx_queue_len
[  156.029743][ T7715] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  156.131709][ T7547] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.649676][ T7721] __nla_validate_parse: 9 callbacks suppressed
[  156.649699][ T7721] netlink: 132 bytes leftover after parsing attributes in process `syz.2.521'.
[  156.758109][ T7547] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.806815][ T7723] ªªªªªª: renamed from lo (while UP)
[  156.831156][ T7724] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.839896][ T7724] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.862707][ T7745] openvswitch: netlink: Actions may not be safe on all matching packets
[  156.867684][ T7724] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  156.944938][ T7547] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.086242][ T5856] Bluetooth: hci3: command tx timeout
[  157.178837][ T7758] IPv6: addrconf: prefix option has invalid lifetime
[  157.470910][ T7772] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  157.578345][ T7547] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  157.612608][ T7772] netlink: 'syz.1.534': attribute type 30 has an invalid length.
[  157.634891][ T7776] IPVS: Unknown mcast interface: vcan0
[  157.659386][ T7547] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  157.714613][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.536'.
[  157.760559][ T7779] netlink: 4 bytes leftover after parsing attributes in process `syz.0.536'.
[  157.797035][ T7779] netlink: 'syz.0.536': attribute type 18 has an invalid length.
[  157.823681][ T7782] IPVS: length: 163 != 24
[  157.863957][ T7778] xt_CT: No such helper "netbios-ns"
[  157.870766][ T7547] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  157.888305][ T7547] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  158.209619][ T7547] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.237401][ T7547] 8021q: adding VLAN 0 to HW filter on device team0
[  158.252424][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.259645][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.299269][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.306491][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.820674][ T7547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.934810][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.543'.
[  159.115855][ T7547] veth0_vlan: entered promiscuous mode
[  159.166554][ T5856] Bluetooth: hci3: command tx timeout
[  159.225024][ T7815] af_packet: tpacket_rcv: packet too big, clamped from 3954 to 3710. macoff=82
[  159.381729][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.547'.
[  159.393499][ T7828] netlink: 20 bytes leftover after parsing attributes in process `syz.2.549'.
[  159.586826][ T7547] veth1_vlan: entered promiscuous mode
[  159.606202][   T30] audit: type=1800 audit(1744366732.800:2): pid=7820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.547" name="cgroup.controllers" dev="tmpfs" ino=751 res=0 errno=0
[  159.804771][ T7547] veth0_macvtap: entered promiscuous mode
[  159.840105][ T7547] veth1_macvtap: entered promiscuous mode
[  160.039539][ T7848] ieee802154 phy0 wpan0: encryption failed: -22
[  160.186250][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.213795][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.244055][ T7856] netlink: 'syz.4.552': attribute type 1 has an invalid length.
[  160.253011][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.297855][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.357832][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.376862][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.388255][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.400179][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.414080][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.431225][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.442092][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.494013][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.520418][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.541788][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.571662][ T7547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  160.659436][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.679443][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.711104][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.746325][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.780783][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.814988][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.837318][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.852004][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.870857][ T7876] netlink: 'syz.1.558': attribute type 1 has an invalid length.
[  160.878922][ T7876] netlink: 'syz.1.558': attribute type 2 has an invalid length.
[  160.892382][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.904388][ T7878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.560'.
[  160.914049][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.929056][ T7880] netlink: 8 bytes leftover after parsing attributes in process `syz.2.559'.
[  160.965012][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.979058][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.999231][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.014417][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.058079][ T7547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.076125][ T7547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.112494][ T7547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.269255][ T7547] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.308859][ T7547] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.325481][ T7547] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.344666][ T7547] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.889025][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.936022][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.053480][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.086304][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.213510][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'.
[  162.260822][ T7918] netlink: 'syz.4.571': attribute type 12 has an invalid length.
[  162.279026][ T7918] netlink: 132 bytes leftover after parsing attributes in process `syz.4.571'.
[  162.345238][ T7923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'.
[  162.515467][ T7927] netlink: 28 bytes leftover after parsing attributes in process `syz.1.574'.
[  162.632231][ T7927] netlink: 16 bytes leftover after parsing attributes in process `syz.1.574'.
[  163.958705][ T7943] netlink: 'syz.1.578': attribute type 3 has an invalid length.
[  164.002587][ T7947] netlink: 4 bytes leftover after parsing attributes in process `syz.4.580'.
[  164.992587][ T7959] Bluetooth: MGMT ver 1.23
[  165.131248][ T5855] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  165.140087][ T5855] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  165.149734][ T5855] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  165.158098][ T5855] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  165.167011][ T5855] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  165.675353][ T7961] chnl_net:caif_netlink_parms(): no params data found
[  165.995507][ T7961] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.002928][ T7961] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.010562][ T7961] bridge_slave_0: entered allmulticast mode
[  166.024491][ T7961] bridge_slave_0: entered promiscuous mode
[  166.033974][ T7961] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.043645][ T7961] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.051432][ T7961] bridge_slave_1: entered allmulticast mode
[  166.063078][ T7961] bridge_slave_1: entered promiscuous mode
[  166.301489][ T7961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.317764][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.2.593'.
[  166.326781][ T7999] netlink: 'syz.2.593': attribute type 3 has an invalid length.
[  166.357439][ T7999] netlink: 16 bytes leftover after parsing attributes in process `syz.2.593'.
[  166.423512][ T7961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.646592][ T7961] team0: Port device team_slave_0 added
[  166.688984][ T7961] team0: Port device team_slave_1 added
[  166.801453][ T8015] netlink: 'syz.0.600': attribute type 7 has an invalid length.
[  166.965508][ T8020] netlink: 'syz.0.603': attribute type 1 has an invalid length.
[  166.992116][ T8020] netlink: 'syz.0.603': attribute type 11 has an invalid length.
[  167.031783][ T8020] netlink: 224 bytes leftover after parsing attributes in process `syz.0.603'.
[  167.053823][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.092164][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.130326][ T7961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.189274][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.199006][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.246647][ T5855] Bluetooth: hci3: command tx timeout
[  167.285378][ T7961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.533993][ T8042] netlink: 'syz.1.610': attribute type 3 has an invalid length.
[  167.553416][ T8042] netlink: 132 bytes leftover after parsing attributes in process `syz.1.610'.
[  167.610208][ T7961] hsr_slave_0: entered promiscuous mode
[  167.637495][ T7961] hsr_slave_1: entered promiscuous mode
[  167.644018][ T7961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.654148][ T7961] Cannot create hsr debugfs directory
[  167.729137][ T8049] FAULT_INJECTION: forcing a failure.
[  167.729137][ T8049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.755239][ T8049] CPU: 0 UID: 0 PID: 8049 Comm: syz.1.613 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  167.755269][ T8049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  167.755281][ T8049] Call Trace:
[  167.755289][ T8049]  <TASK>
[  167.755297][ T8049]  dump_stack_lvl+0x241/0x360
[  167.755342][ T8049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.755371][ T8049]  ? __pfx__printk+0x10/0x10
[  167.755411][ T8049]  should_fail_ex+0x424/0x570
[  167.755438][ T8049]  _copy_from_iter+0x211/0x1c70
[  167.755472][ T8049]  ? alloc_pages_mpol+0x4e6/0x690
[  167.755506][ T8049]  ? __pfx__copy_from_iter+0x10/0x10
[  167.755538][ T8049]  ? set_page_refcounted+0xa1/0x1e0
[  167.755567][ T8049]  ? alloc_pages_noprof+0x136/0x190
[  167.755591][ T8049]  ? page_copy_sane+0x46/0x260
[  167.755619][ T8049]  copy_page_from_iter+0x7a/0x100
[  167.755649][ T8049]  tun_get_user+0x1f6c/0x47c0
[  167.755683][ T8049]  ? tun_get_user+0x852/0x47c0
[  167.755730][ T8049]  ? aa_file_perm+0x139/0xf60
[  167.755760][ T8049]  ? aa_file_perm+0x3f1/0xf60
[  167.755788][ T8049]  ? __pfx_tun_get_user+0x10/0x10
[  167.755837][ T8049]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  167.755877][ T8049]  ? tun_get+0x1e/0x2f0
[  167.755906][ T8049]  ? tun_get+0x1e/0x2f0
[  167.755934][ T8049]  ? tun_get+0x27d/0x2f0
[  167.755988][ T8049]  tun_chr_write_iter+0x10d/0x1f0
[  167.756022][ T8049]  vfs_write+0x70f/0xd10
[  167.756053][ T8049]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  167.756086][ T8049]  ? __pfx_vfs_write+0x10/0x10
[  167.756114][ T8049]  ? __fget_files+0x2a/0x420
[  167.756136][ T8049]  ? __fget_files+0x2a/0x420
[  167.756165][ T8049]  ksys_write+0x19d/0x2d0
[  167.756192][ T8049]  ? __pfx_ksys_write+0x10/0x10
[  167.756223][ T8049]  ? do_syscall_64+0xb6/0x230
[  167.756253][ T8049]  do_syscall_64+0xf3/0x230
[  167.756279][ T8049]  ? clear_bhb_loop+0x45/0xa0
[  167.756304][ T8049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.756324][ T8049] RIP: 0033:0x7f091078bc1f
[  167.756350][ T8049] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  167.756368][ T8049] RSP: 002b:00007f091158d000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  167.756391][ T8049] RAX: ffffffffffffffda RBX: 00007f09109a5fa0 RCX: 00007f091078bc1f
[  167.756406][ T8049] RDX: 000000000000005e RSI: 0000200000000200 RDI: 00000000000000c8
[  167.756420][ T8049] RBP: 00007f091158d090 R08: 0000000000000000 R09: 0000000000000000
[  167.756432][ T8049] R10: 000000000000005e R11: 0000000000000293 R12: 0000000000000001
[  167.756445][ T8049] R13: 0000000000000000 R14: 00007f09109a5fa0 R15: 00007ffed80692c8
[  167.756477][ T8049]  </TASK>
[  168.031650][ T8045] bond3: entered promiscuous mode
[  168.056425][ T8045] bond3: entered allmulticast mode
[  168.062144][ T8045] 8021q: adding VLAN 0 to HW filter on device bond3
[  168.148623][ T8052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.614'.
[  168.312786][ T8056] netlink: 16 bytes leftover after parsing attributes in process `syz.1.616'.
[  168.330498][ T8057] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  168.541408][ T8063] netlink: 136 bytes leftover after parsing attributes in process `syz.4.615'.
[  168.607631][ T8063] netlink: 'syz.4.615': attribute type 10 has an invalid length.
[  168.626330][ T8063] netlink: 40 bytes leftover after parsing attributes in process `syz.4.615'.
[  168.627310][ T8064] netlink: 'syz.0.618': attribute type 1 has an invalid length.
[  168.657379][ T8064] netlink: 'syz.0.618': attribute type 2 has an invalid length.
[  168.879251][ T7961] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.897960][ T8080] netlink: 36 bytes leftover after parsing attributes in process `syz.2.621'.
[  168.915746][ T8081] netlink: 16 bytes leftover after parsing attributes in process `syz.0.622'.
[  168.926420][ T8081] netlink: ct family unspecified
[  168.931427][ T8081] openvswitch: netlink: Actions may not be safe on all matching packets
[  168.973592][ T7961] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.072473][ T7961] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.328507][ T5855] Bluetooth: hci3: command tx timeout
[  169.429413][ T7961] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.807904][ T8106] Cannot find del_set index 1 as target
[  169.916731][ T8101] netlink: 'syz.1.629': attribute type 6 has an invalid length.
[  170.020504][ T8112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.632'.
[  170.053960][ T7961] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  170.080820][ T7961] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  170.123981][ T8112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.632'.
[  170.212046][ T7961] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  170.264984][ T7961] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  170.603961][ T7961] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.700132][ T7961] 8021q: adding VLAN 0 to HW filter on device team0
[  170.733413][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.740786][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.785762][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.792983][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.868589][ T8136] FAULT_INJECTION: forcing a failure.
[  170.868589][ T8136] name failslab, interval 1, probability 0, space 0, times 0
[  170.881586][ T8136] CPU: 1 UID: 0 PID: 8136 Comm: syz.1.638 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  170.881614][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  170.881626][ T8136] Call Trace:
[  170.881634][ T8136]  <TASK>
[  170.881643][ T8136]  dump_stack_lvl+0x241/0x360
[  170.881680][ T8136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.881709][ T8136]  ? __pfx__printk+0x10/0x10
[  170.881743][ T8136]  ? __lock_acquire+0xad5/0xd80
[  170.881769][ T8136]  should_fail_ex+0x424/0x570
[  170.881796][ T8136]  should_failslab+0xac/0x100
[  170.881826][ T8136]  kmem_cache_alloc_noprof+0x78/0x390
[  170.881854][ T8136]  ? skb_clone+0x20c/0x390
[  170.881874][ T8136]  ? run_filter+0x24/0x260
[  170.881914][ T8136]  skb_clone+0x20c/0x390
[  170.881941][ T8136]  packet_rcv+0x633/0x14b0
[  170.881973][ T8136]  ? __pfx_packet_rcv_fanout+0x10/0x10
[  170.881995][ T8136]  __netif_receive_skb_core+0x38f7/0x4bb0
[  170.882055][ T8136]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  170.882089][ T8136]  ? __pfx___skb_flow_dissect+0x10/0x10
[  170.882111][ T8136]  ? __kernel_text_address+0xd/0x40
[  170.882129][ T8136]  ? unwind_get_return_address+0x4d/0x90
[  170.882156][ T8136]  ? arch_stack_walk+0xff/0x150
[  170.882198][ T8136]  ? stack_trace_save+0x11a/0x1d0
[  170.882249][ T8136]  __netif_receive_skb+0x130/0x670
[  170.882284][ T8136]  ? __pfx___netif_receive_skb+0x10/0x10
[  170.882326][ T8136]  ? netif_receive_skb+0x133/0x890
[  170.882351][ T8136]  ? netif_receive_skb+0x133/0x890
[  170.882378][ T8136]  netif_receive_skb+0x1ea/0x890
[  170.882403][ T8136]  ? tun_rx_batched+0x14b/0x8d0
[  170.882423][ T8136]  ? __pfx_netif_receive_skb+0x10/0x10
[  170.882461][ T8136]  ? tun_rx_batched+0x14b/0x8d0
[  170.882479][ T8136]  tun_rx_batched+0x1a4/0x8d0
[  170.882502][ T8136]  ? __lock_acquire+0xad5/0xd80
[  170.882526][ T8136]  ? __pfx_tun_rx_batched+0x10/0x10
[  170.882561][ T8136]  ? tun_get_user+0x2a99/0x47c0
[  170.882592][ T8136]  ? tun_get_user+0x2a99/0x47c0
[  170.882622][ T8136]  tun_get_user+0x2fec/0x47c0
[  170.882656][ T8136]  ? tun_get_user+0x852/0x47c0
[  170.882705][ T8136]  ? aa_file_perm+0x139/0xf60
[  170.882736][ T8136]  ? aa_file_perm+0x3f1/0xf60
[  170.882765][ T8136]  ? __pfx_tun_get_user+0x10/0x10
[  170.882817][ T8136]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  170.882860][ T8136]  ? tun_get+0x1e/0x2f0
[  170.882891][ T8136]  ? tun_get+0x1e/0x2f0
[  170.882919][ T8136]  ? tun_get+0x27d/0x2f0
[  170.882951][ T8136]  tun_chr_write_iter+0x10d/0x1f0
[  170.882986][ T8136]  vfs_write+0x70f/0xd10
[  170.883018][ T8136]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  170.883050][ T8136]  ? __pfx_vfs_write+0x10/0x10
[  170.883077][ T8136]  ? __fget_files+0x2a/0x420
[  170.883100][ T8136]  ? __fget_files+0x2a/0x420
[  170.883129][ T8136]  ksys_write+0x19d/0x2d0
[  170.883154][ T8136]  ? __pfx_ksys_write+0x10/0x10
[  170.883185][ T8136]  ? do_syscall_64+0xb6/0x230
[  170.883220][ T8136]  do_syscall_64+0xf3/0x230
[  170.883245][ T8136]  ? clear_bhb_loop+0x45/0xa0
[  170.883270][ T8136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.883289][ T8136] RIP: 0033:0x7f091078bc1f
[  170.883308][ T8136] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  170.883325][ T8136] RSP: 002b:00007f091158d000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  170.883347][ T8136] RAX: ffffffffffffffda RBX: 00007f09109a5fa0 RCX: 00007f091078bc1f
[  170.883362][ T8136] RDX: 000000000000005e RSI: 0000200000000200 RDI: 00000000000000c8
[  170.883375][ T8136] RBP: 00007f091158d090 R08: 0000000000000000 R09: 0000000000000000
[  170.883388][ T8136] R10: 000000000000005e R11: 0000000000000293 R12: 0000000000000001
[  170.883401][ T8136] R13: 0000000000000000 R14: 00007f09109a5fa0 R15: 00007ffed80692c8
[  170.883433][ T8136]  </TASK>
[  171.321996][ T8138] netlink: 'syz.2.639': attribute type 33 has an invalid length.
[  171.409437][ T5855] Bluetooth: hci3: command tx timeout
[  171.921393][ T8156] bridge0: port 3(syz_tun) entered blocking state
[  171.928303][ T8156] bridge0: port 3(syz_tun) entered disabled state
[  171.936506][ T8156] syz_tun: entered allmulticast mode
[  171.960878][ T8156] syz_tun: entered promiscuous mode
[  171.979424][ T8156] bridge0: port 3(syz_tun) entered blocking state
[  171.984784][ T8163] netlink: 24 bytes leftover after parsing attributes in process `syz.4.649'.
[  171.986089][ T8156] bridge0: port 3(syz_tun) entered forwarding state
[  172.150687][ T7961] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.262924][ T8171] FAULT_INJECTION: forcing a failure.
[  172.262924][ T8171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.282887][ T7961] veth0_vlan: entered promiscuous mode
[  172.308571][ T8171] CPU: 0 UID: 0 PID: 8171 Comm: syz.1.651 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  172.308603][ T8171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  172.308617][ T8171] Call Trace:
[  172.308625][ T8171]  <TASK>
[  172.308635][ T8171]  dump_stack_lvl+0x241/0x360
[  172.308672][ T8171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.308703][ T8171]  ? __pfx__printk+0x10/0x10
[  172.308746][ T8171]  should_fail_ex+0x424/0x570
[  172.308774][ T8171]  _copy_to_user+0x31/0xb0
[  172.308827][ T8171]  simple_read_from_buffer+0xc4/0x170
[  172.308863][ T8171]  proc_fail_nth_read+0x1ef/0x260
[  172.308890][ T8171]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.308916][ T8171]  ? rw_verify_area+0x246/0x630
[  172.308939][ T8171]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.308963][ T8171]  vfs_read+0x21f/0xb90
[  172.308993][ T8171]  ? __pfx___mutex_lock+0x10/0x10
[  172.309020][ T8171]  ? __pfx_vfs_read+0x10/0x10
[  172.309047][ T8171]  ? __fget_files+0x2a/0x420
[  172.309069][ T8171]  ? __fget_files+0x39d/0x420
[  172.309086][ T8171]  ? __fget_files+0x2a/0x420
[  172.309124][ T8171]  ksys_read+0x19d/0x2d0
[  172.309150][ T8171]  ? __pfx_ksys_read+0x10/0x10
[  172.309181][ T8171]  ? do_syscall_64+0xb6/0x230
[  172.309210][ T8171]  do_syscall_64+0xf3/0x230
[  172.309236][ T8171]  ? clear_bhb_loop+0x45/0xa0
[  172.309262][ T8171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.309280][ T8171] RIP: 0033:0x7f091078bb7c
[  172.309298][ T8171] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  172.309316][ T8171] RSP: 002b:00007f091158d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  172.309339][ T8171] RAX: ffffffffffffffda RBX: 00007f09109a5fa0 RCX: 00007f091078bb7c
[  172.309355][ T8171] RDX: 000000000000000f RSI: 00007f091158d0a0 RDI: 0000000000000004
[  172.309369][ T8171] RBP: 00007f091158d090 R08: 0000000000000000 R09: 0000000000000000
[  172.309382][ T8171] R10: 000000000000005e R11: 0000000000000246 R12: 0000000000000001
[  172.309395][ T8171] R13: 0000000000000000 R14: 00007f09109a5fa0 R15: 00007ffed80692c8
[  172.309429][ T8171]  </TASK>
[  172.313952][ T7961] veth1_vlan: entered promiscuous mode
[  172.582119][ T8181] __nla_validate_parse: 3 callbacks suppressed
[  172.582139][ T8181] netlink: 28 bytes leftover after parsing attributes in process `syz.4.654'.
[  172.659321][ T7961] veth0_macvtap: entered promiscuous mode
[  172.694325][ T7961] veth1_macvtap: entered promiscuous mode
[  172.752930][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.788934][ T8182] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.795998][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.817827][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.828689][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.846987][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.873618][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.893197][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.918640][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.929099][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.940152][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.953223][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.972698][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.994165][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.024238][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.024944][ T8193] netlink: 24 bytes leftover after parsing attributes in process `syz.4.656'.
[  173.040844][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.070634][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.099584][ T8193] Bluetooth: MGMT ver 1.23
[  173.114736][ T7961] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.215133][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.239512][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.280781][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.291887][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.302265][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.320083][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.330624][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.341348][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.351748][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.362482][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.372396][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.383425][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.393395][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.410739][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.425340][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.436627][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.448088][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.464407][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.491622][ T5855] Bluetooth: hci3: command tx timeout
[  173.509217][ T7961] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.523840][ T7961] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.532853][ T7961] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.541606][ T7961] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.551123][ T7961] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.562872][ T8196] FAULT_INJECTION: forcing a failure.
[  173.562872][ T8196] name failslab, interval 1, probability 0, space 0, times 0
[  173.623364][ T8205] netlink: 'syz.0.661': attribute type 10 has an invalid length.
[  173.646434][ T8196] CPU: 0 UID: 0 PID: 8196 Comm: syz.2.659 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  173.646466][ T8196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.646479][ T8196] Call Trace:
[  173.646488][ T8196]  <TASK>
[  173.646497][ T8196]  dump_stack_lvl+0x241/0x360
[  173.646536][ T8196]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.646567][ T8196]  ? __pfx__printk+0x10/0x10
[  173.646602][ T8196]  ? __pfx___might_resched+0x10/0x10
[  173.646634][ T8196]  should_fail_ex+0x424/0x570
[  173.646663][ T8196]  should_failslab+0xac/0x100
[  173.646695][ T8196]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  173.646725][ T8196]  ? __alloc_skb+0x1c2/0x480
[  173.646744][ T8196]  ? __dev_queue_xmit+0x1780/0x3f60
[  173.646773][ T8196]  __alloc_skb+0x1c2/0x480
[  173.646793][ T8196]  ? do_syscall_64+0xf3/0x230
[  173.646823][ T8196]  ? __pfx___alloc_skb+0x10/0x10
[  173.646850][ T8196]  ? netlink_ack_tlv_len+0x6e/0x200
[  173.646883][ T8196]  netlink_ack+0x147/0xa70
[  173.646911][ T8196]  ? __pfx_nl80211_new_key+0x10/0x10
[  173.646960][ T8196]  netlink_rcv_skb+0x296/0x480
[  173.646997][ T8196]  ? __pfx_genl_rcv_msg+0x10/0x10
[  173.647021][ T8196]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  173.647076][ T8196]  ? netlink_deliver_tap+0x2e/0x1b0
[  173.647113][ T8196]  genl_rcv+0x28/0x40
[  173.647133][ T8196]  netlink_unicast+0x7f8/0x9a0
[  173.647170][ T8196]  ? __pfx_netlink_unicast+0x10/0x10
[  173.647200][ T8196]  ? skb_put+0x114/0x1f0
[  173.647226][ T8196]  netlink_sendmsg+0x8c3/0xcd0
[  173.647271][ T8196]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.647309][ T8196]  ? aa_sock_msg_perm+0x91/0x160
[  173.647347][ T8196]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.647375][ T8196]  __sock_sendmsg+0x221/0x270
[  173.647407][ T8196]  ____sys_sendmsg+0x523/0x860
[  173.647440][ T8196]  ? __pfx_____sys_sendmsg+0x10/0x10
[  173.647465][ T8196]  ? __fget_files+0x2a/0x420
[  173.647489][ T8196]  ? __fget_files+0x2a/0x420
[  173.647519][ T8196]  __sys_sendmsg+0x271/0x360
[  173.647549][ T8196]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.647635][ T8196]  ? do_syscall_64+0xb6/0x230
[  173.647664][ T8196]  do_syscall_64+0xf3/0x230
[  173.647691][ T8196]  ? clear_bhb_loop+0x45/0xa0
[  173.647717][ T8196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.647738][ T8196] RIP: 0033:0x7f093198d169
[  173.647757][ T8196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.647775][ T8196] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.647798][ T8196] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  173.647814][ T8196] RDX: 0000000004044080 RSI: 0000200000000280 RDI: 0000000000000004
[  173.647828][ T8196] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  173.647842][ T8196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.647855][ T8196] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  173.647889][ T8196]  </TASK>
[  174.143316][ T8205] veth1_vlan: entered allmulticast mode
[  174.155312][ T8205] team0: Device veth1_vlan failed to register rx_handler
[  174.223856][ T8220] netlink: 40 bytes leftover after parsing attributes in process `syz.4.665'.
[  174.265273][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.356187][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.483109][ T8231] netlink: 'syz.0.666': attribute type 11 has an invalid length.
[  174.503722][ T3014] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.515550][ T8220] netlink: 52 bytes leftover after parsing attributes in process `syz.4.665'.
[  174.532654][ T8220] netlink: 24 bytes leftover after parsing attributes in process `syz.4.665'.
[  174.534446][ T3014] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.415456][ T8254] 8021q: adding VLAN 0 to HW filter on device bond3
[  176.571693][ T8269] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  176.759018][ T8283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.680'.
[  176.917517][ T8266] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.926100][ T8266] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.149247][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  177.158409][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  177.168834][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  177.181932][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  177.191043][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  177.230364][ T8297] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  177.260253][ T8266] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.287779][ T8266] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.424042][ T8266] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.433358][ T8266] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.443926][ T8266] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.454149][ T8266] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.463875][ T8266] geneve2: left promiscuous mode
[  177.470696][ T8266] geneve2: left allmulticast mode
[  177.479512][ T8266] bridge1: left allmulticast mode
[  177.489811][ T8283] 8021q: VLANs not supported on ip6gre0
[  177.728168][ T8307] netlink: 76 bytes leftover after parsing attributes in process `syz.2.686'.
[  177.742894][ T8309] FAULT_INJECTION: forcing a failure.
[  177.742894][ T8309] name failslab, interval 1, probability 0, space 0, times 0
[  177.768700][ T8309] CPU: 0 UID: 0 PID: 8309 Comm: syz.0.687 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  177.768732][ T8309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.768746][ T8309] Call Trace:
[  177.768754][ T8309]  <TASK>
[  177.768763][ T8309]  dump_stack_lvl+0x241/0x360
[  177.768803][ T8309]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.768834][ T8309]  ? __pfx__printk+0x10/0x10
[  177.768871][ T8309]  ? ref_tracker_alloc+0x316/0x4c0
[  177.768898][ T8309]  should_fail_ex+0x424/0x570
[  177.768926][ T8309]  should_failslab+0xac/0x100
[  177.768957][ T8309]  kmem_cache_alloc_noprof+0x78/0x390
[  177.768985][ T8309]  ? skb_clone+0x20c/0x390
[  177.769015][ T8309]  skb_clone+0x20c/0x390
[  177.769043][ T8309]  __netlink_deliver_tap+0x3c4/0x7f0
[  177.769084][ T8309]  ? netlink_deliver_tap+0x2e/0x1b0
[  177.769112][ T8309]  netlink_deliver_tap+0x19d/0x1b0
[  177.769144][ T8309]  netlink_sendskb+0x68/0x140
[  177.769173][ T8309]  netlink_unicast+0x39f/0x9a0
[  177.769197][ T8309]  ? __asan_memcpy+0x40/0x70
[  177.769229][ T8309]  ? __pfx_netlink_unicast+0x10/0x10
[  177.769268][ T8309]  netlink_rcv_skb+0x296/0x480
[  177.769299][ T8309]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.769325][ T8309]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  177.769379][ T8309]  ? netlink_deliver_tap+0x2e/0x1b0
[  177.769417][ T8309]  genl_rcv+0x28/0x40
[  177.769437][ T8309]  netlink_unicast+0x7f8/0x9a0
[  177.769474][ T8309]  ? __pfx_netlink_unicast+0x10/0x10
[  177.769504][ T8309]  ? skb_put+0x114/0x1f0
[  177.769530][ T8309]  netlink_sendmsg+0x8c3/0xcd0
[  177.769583][ T8309]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.769618][ T8309]  ? aa_sock_msg_perm+0x91/0x160
[  177.769655][ T8309]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.769683][ T8309]  __sock_sendmsg+0x221/0x270
[  177.769716][ T8309]  ____sys_sendmsg+0x523/0x860
[  177.769750][ T8309]  ? __pfx_____sys_sendmsg+0x10/0x10
[  177.769770][ T8309]  ? __fget_files+0x2a/0x420
[  177.769794][ T8309]  ? __fget_files+0x2a/0x420
[  177.769823][ T8309]  __sys_sendmsg+0x271/0x360
[  177.769852][ T8309]  ? __pfx___sys_sendmsg+0x10/0x10
[  177.769938][ T8309]  ? do_syscall_64+0xb6/0x230
[  177.769969][ T8309]  do_syscall_64+0xf3/0x230
[  177.769994][ T8309]  ? clear_bhb_loop+0x45/0xa0
[  177.770019][ T8309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.770038][ T8309] RIP: 0033:0x7feb9598d169
[  177.770055][ T8309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.770072][ T8309] RSP: 002b:00007feb9686e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.770094][ T8309] RAX: ffffffffffffffda RBX: 00007feb95ba5fa0 RCX: 00007feb9598d169
[  177.770110][ T8309] RDX: 0000000004044080 RSI: 0000200000000280 RDI: 0000000000000004
[  177.770123][ T8309] RBP: 00007feb9686e090 R08: 0000000000000000 R09: 0000000000000000
[  177.770137][ T8309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.770150][ T8309] R13: 0000000000000000 R14: 00007feb95ba5fa0 R15: 00007fff11c9efd8
[  177.770185][ T8309]  </TASK>
[  178.277427][ T8319] netlink: 12 bytes leftover after parsing attributes in process `syz.4.690'.
[  178.332626][ T8319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.690'.
[  178.388154][ T8298] chnl_net:caif_netlink_parms(): no params data found
[  178.624649][ T8330] netlink: 16 bytes leftover after parsing attributes in process `syz.0.693'.
[  178.846523][ T8298] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.874241][ T8298] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.900717][ T8298] bridge_slave_0: entered allmulticast mode
[  178.938926][ T8298] bridge_slave_0: entered promiscuous mode
[  178.971911][ T8298] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.006680][ T8298] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.021441][ T8298] bridge_slave_1: entered allmulticast mode
[  179.033730][ T8379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.700'.
[  179.044906][ T8298] bridge_slave_1: entered promiscuous mode
[  179.056547][ T8372] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744073709551607)
[  179.068532][ T8379] netlink: 32 bytes leftover after parsing attributes in process `syz.1.700'.
[  179.078125][ T8372] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  179.132123][ T8380] FAULT_INJECTION: forcing a failure.
[  179.132123][ T8380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.169343][ T8380] CPU: 1 UID: 0 PID: 8380 Comm: syz.0.699 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  179.169374][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  179.169387][ T8380] Call Trace:
[  179.169412][ T8380]  <TASK>
[  179.169422][ T8380]  dump_stack_lvl+0x241/0x360
[  179.169462][ T8380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.169493][ T8380]  ? __pfx__printk+0x10/0x10
[  179.169535][ T8380]  should_fail_ex+0x424/0x570
[  179.169564][ T8380]  _copy_to_user+0x31/0xb0
[  179.169598][ T8380]  simple_read_from_buffer+0xc4/0x170
[  179.169634][ T8380]  proc_fail_nth_read+0x1ef/0x260
[  179.169661][ T8380]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  179.169688][ T8380]  ? rw_verify_area+0x246/0x630
[  179.169710][ T8380]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  179.169734][ T8380]  vfs_read+0x21f/0xb90
[  179.169764][ T8380]  ? __pfx___mutex_lock+0x10/0x10
[  179.169792][ T8380]  ? __pfx_vfs_read+0x10/0x10
[  179.169820][ T8380]  ? __fget_files+0x2a/0x420
[  179.169841][ T8380]  ? __fget_files+0x39d/0x420
[  179.169859][ T8380]  ? __fget_files+0x2a/0x420
[  179.169890][ T8380]  ksys_read+0x19d/0x2d0
[  179.169917][ T8380]  ? __pfx_ksys_read+0x10/0x10
[  179.169948][ T8380]  ? do_syscall_64+0xb6/0x230
[  179.169978][ T8380]  do_syscall_64+0xf3/0x230
[  179.170005][ T8380]  ? clear_bhb_loop+0x45/0xa0
[  179.170030][ T8380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.170051][ T8380] RIP: 0033:0x7feb9598bb7c
[  179.170069][ T8380] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  179.170087][ T8380] RSP: 002b:00007feb9686e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  179.170110][ T8380] RAX: ffffffffffffffda RBX: 00007feb95ba5fa0 RCX: 00007feb9598bb7c
[  179.170126][ T8380] RDX: 000000000000000f RSI: 00007feb9686e0a0 RDI: 0000000000000005
[  179.170140][ T8380] RBP: 00007feb9686e090 R08: 0000000000000000 R09: 0000000000000000
[  179.170152][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.170165][ T8380] R13: 0000000000000000 R14: 00007feb95ba5fa0 R15: 00007fff11c9efd8
[  179.170205][ T8380]  </TASK>
[  179.430800][ T5855] Bluetooth: hci3: command tx timeout
[  179.641983][ T8298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.670672][ T8298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.800548][ T8298] team0: Port device team_slave_0 added
[  179.808018][ T8388] netlink: 24 bytes leftover after parsing attributes in process `syz.0.703'.
[  179.914401][ T8298] team0: Port device team_slave_1 added
[  180.033496][ T8298] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.046075][ T8298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.135127][ T8298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.212823][ T8298] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.246048][ T8298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.346032][ T8298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.618315][ T8298] hsr_slave_0: entered promiscuous mode
[  180.651955][ T8298] hsr_slave_1: entered promiscuous mode
[  180.670237][ T8415] Bluetooth: MGMT ver 1.23
[  180.670599][ T8298] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  180.702984][ T8298] Cannot create hsr debugfs directory
[  180.823820][ T8417] netlink: 128 bytes leftover after parsing attributes in process `syz.0.713'.
[  180.843831][ T8417] netlink: 128 bytes leftover after parsing attributes in process `syz.0.713'.
[  180.862199][ T8417] netlink: 82 bytes leftover after parsing attributes in process `syz.0.713'.
[  180.941768][ T8419] netlink: 'syz.2.714': attribute type 1 has an invalid length.
[  181.486811][ T5855] Bluetooth: hci3: command tx timeout
[  181.946701][ T8421] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  181.962438][ T8421] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.586466][ T8421] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.595550][ T8421] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.608442][ T8421] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.617536][ T8421] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.870306][ T8421] delete_channel: no stack
[  183.137837][ T8451] FAULT_INJECTION: forcing a failure.
[  183.137837][ T8451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.147447][ T8446] vlan3: entered allmulticast mode
[  183.153972][ T8451] CPU: 0 UID: 0 PID: 8451 Comm: syz.4.723 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  183.154004][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.154018][ T8451] Call Trace:
[  183.154026][ T8451]  <TASK>
[  183.154036][ T8451]  dump_stack_lvl+0x241/0x360
[  183.154077][ T8451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.154109][ T8451]  ? __pfx__printk+0x10/0x10
[  183.154154][ T8451]  should_fail_ex+0x424/0x570
[  183.154183][ T8451]  _copy_from_user+0x2d/0xb0
[  183.154216][ T8451]  copy_msghdr_from_user+0xb3/0x580
[  183.154252][ T8451]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  183.154278][ T8451]  ? __fget_files+0x2a/0x420
[  183.154303][ T8451]  ? __fget_files+0x2a/0x420
[  183.154334][ T8451]  __sys_sendmsg+0x20a/0x360
[  183.154363][ T8451]  ? __pfx___sys_sendmsg+0x10/0x10
[  183.154448][ T8451]  ? do_syscall_64+0xb6/0x230
[  183.154478][ T8451]  do_syscall_64+0xf3/0x230
[  183.154505][ T8451]  ? clear_bhb_loop+0x45/0xa0
[  183.154532][ T8451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.154552][ T8451] RIP: 0033:0x7f9281f8d169
[  183.154572][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.154591][ T8451] RSP: 002b:00007f9282d81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.154616][ T8451] RAX: ffffffffffffffda RBX: 00007f92821a5fa0 RCX: 00007f9281f8d169
[  183.154633][ T8451] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  183.154648][ T8451] RBP: 00007f9282d81090 R08: 0000000000000000 R09: 0000000000000000
[  183.154661][ T8451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.154674][ T8451] R13: 0000000000000000 R14: 00007f92821a5fa0 R15: 00007ffd8ca2cf28
[  183.154708][ T8451]  </TASK>
[  183.391385][ T8446] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  183.567303][ T5856] Bluetooth: hci3: command tx timeout
[  183.677180][ T8470] FAULT_INJECTION: forcing a failure.
[  183.677180][ T8470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.747930][ T8470] CPU: 1 UID: 0 PID: 8470 Comm: syz.2.729 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  183.747964][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.747978][ T8470] Call Trace:
[  183.747986][ T8470]  <TASK>
[  183.747995][ T8470]  dump_stack_lvl+0x241/0x360
[  183.748034][ T8470]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.748066][ T8470]  ? __pfx__printk+0x10/0x10
[  183.748110][ T8470]  should_fail_ex+0x424/0x570
[  183.748139][ T8470]  _copy_from_user+0x2d/0xb0
[  183.748171][ T8470]  copy_msghdr_from_user+0xb3/0x580
[  183.748207][ T8470]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  183.748233][ T8470]  ? __fget_files+0x2a/0x420
[  183.748258][ T8470]  ? __fget_files+0x2a/0x420
[  183.748288][ T8470]  __sys_sendmmsg+0x361/0x7b0
[  183.748325][ T8470]  ? __pfx___sys_sendmmsg+0x10/0x10
[  183.748389][ T8470]  ? rcu_read_lock_any_held+0xbb/0x160
[  183.748419][ T8470]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  183.748451][ T8470]  ? vfs_write+0xb29/0xd10
[  183.748487][ T8470]  ? ksys_write+0x24e/0x2d0
[  183.748516][ T8470]  ? __mutex_unlock_slowpath+0x229/0x800
[  183.748576][ T8470]  ? ksys_write+0x275/0x2d0
[  183.748614][ T8470]  __x64_sys_sendmmsg+0xa0/0xb0
[  183.748648][ T8470]  do_syscall_64+0xf3/0x230
[  183.748675][ T8470]  ? clear_bhb_loop+0x45/0xa0
[  183.748701][ T8470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.748722][ T8470] RIP: 0033:0x7f093198d169
[  183.748741][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.748760][ T8470] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  183.748784][ T8470] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  183.748800][ T8470] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[  183.748814][ T8470] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  183.748828][ T8470] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[  183.748841][ T8470] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  183.748875][ T8470]  </TASK>
[  184.332411][ T8298] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.464795][ T8298] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.541766][ T8488] FAULT_INJECTION: forcing a failure.
[  184.541766][ T8488] name failslab, interval 1, probability 0, space 0, times 0
[  184.554773][ T8488] CPU: 1 UID: 0 PID: 8488 Comm: syz.0.735 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  184.554803][ T8488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  184.554824][ T8488] Call Trace:
[  184.554833][ T8488]  <TASK>
[  184.554841][ T8488]  dump_stack_lvl+0x241/0x360
[  184.554879][ T8488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.554908][ T8488]  ? __pfx__printk+0x10/0x10
[  184.554940][ T8488]  ? __pfx___might_resched+0x10/0x10
[  184.554970][ T8488]  should_fail_ex+0x424/0x570
[  184.554998][ T8488]  should_failslab+0xac/0x100
[  184.555030][ T8488]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  184.555061][ T8488]  ? __alloc_skb+0x1c2/0x480
[  184.555086][ T8488]  __alloc_skb+0x1c2/0x480
[  184.555111][ T8488]  ? __pfx___alloc_skb+0x10/0x10
[  184.555132][ T8488]  ? netlink_autobind+0xd6/0x2f0
[  184.555158][ T8488]  ? netlink_autobind+0x2b0/0x2f0
[  184.555194][ T8488]  netlink_sendmsg+0x638/0xcd0
[  184.555236][ T8488]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.555269][ T8488]  ? aa_sock_msg_perm+0x91/0x160
[  184.555305][ T8488]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.555332][ T8488]  __sock_sendmsg+0x221/0x270
[  184.555363][ T8488]  ____sys_sendmsg+0x523/0x860
[  184.555393][ T8488]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.555413][ T8488]  ? __fget_files+0x2a/0x420
[  184.555437][ T8488]  ? __fget_files+0x2a/0x420
[  184.555466][ T8488]  __sys_sendmsg+0x271/0x360
[  184.555495][ T8488]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.555576][ T8488]  ? do_syscall_64+0xb6/0x230
[  184.555605][ T8488]  do_syscall_64+0xf3/0x230
[  184.555630][ T8488]  ? clear_bhb_loop+0x45/0xa0
[  184.555656][ T8488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.555677][ T8488] RIP: 0033:0x7feb9598d169
[  184.555700][ T8488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.555719][ T8488] RSP: 002b:00007feb9686e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.555742][ T8488] RAX: ffffffffffffffda RBX: 00007feb95ba5fa0 RCX: 00007feb9598d169
[  184.555758][ T8488] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  184.555771][ T8488] RBP: 00007feb9686e090 R08: 0000000000000000 R09: 0000000000000000
[  184.555784][ T8488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.555797][ T8488] R13: 0000000000000000 R14: 00007feb95ba5fa0 R15: 00007fff11c9efd8
[  184.555837][ T8488]  </TASK>
[  184.830492][ T8298] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.083425][ T8491] xt_socket: unknown flags 0x8
[  185.100623][ T8298] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.155578][ T8500] netlink: 'syz.4.738': attribute type 4 has an invalid length.
[  185.208715][ T8499] __nla_validate_parse: 1 callbacks suppressed
[  185.208737][ T8499] netlink: 36 bytes leftover after parsing attributes in process `syz.1.737'.
[  185.260329][ T8499] netlink: 52 bytes leftover after parsing attributes in process `syz.1.737'.
[  185.517351][ T8513] FAULT_INJECTION: forcing a failure.
[  185.517351][ T8513] name failslab, interval 1, probability 0, space 0, times 0
[  185.524009][ T8515] netlink: 36 bytes leftover after parsing attributes in process `syz.1.742'.
[  185.542523][ T8513] CPU: 1 UID: 0 PID: 8513 Comm: syz.2.741 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  185.542553][ T8513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  185.542566][ T8513] Call Trace:
[  185.542574][ T8513]  <TASK>
[  185.542582][ T8513]  dump_stack_lvl+0x241/0x360
[  185.542620][ T8513]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.542651][ T8513]  ? __pfx__printk+0x10/0x10
[  185.542685][ T8513]  ? __pfx___might_resched+0x10/0x10
[  185.542715][ T8513]  should_fail_ex+0x424/0x570
[  185.542743][ T8513]  should_failslab+0xac/0x100
[  185.542775][ T8513]  __kmalloc_noprof+0xdf/0x4d0
[  185.542803][ T8513]  ? iovec_from_user+0x87/0x240
[  185.542830][ T8513]  ? __lock_acquire+0xad5/0xd80
[  185.542856][ T8513]  iovec_from_user+0x87/0x240
[  185.542890][ T8513]  __import_iovec+0x175/0x830
[  185.542933][ T8513]  import_iovec+0xeb/0x120
[  185.542969][ T8513]  copy_msghdr_from_user+0x3ee/0x580
[  185.543005][ T8513]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  185.543031][ T8513]  ? __fget_files+0x2a/0x420
[  185.543054][ T8513]  ? __fget_files+0x2a/0x420
[  185.543084][ T8513]  __sys_sendmmsg+0x361/0x7b0
[  185.543120][ T8513]  ? __pfx___sys_sendmmsg+0x10/0x10
[  185.543179][ T8513]  ? rcu_read_lock_any_held+0xbb/0x160
[  185.543206][ T8513]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  185.543238][ T8513]  ? vfs_write+0xb29/0xd10
[  185.543273][ T8513]  ? ksys_write+0x24e/0x2d0
[  185.543302][ T8513]  ? __mutex_unlock_slowpath+0x229/0x800
[  185.543361][ T8513]  ? ksys_write+0x275/0x2d0
[  185.543398][ T8513]  __x64_sys_sendmmsg+0xa0/0xb0
[  185.543422][ T8513]  do_syscall_64+0xf3/0x230
[  185.543449][ T8513]  ? clear_bhb_loop+0x45/0xa0
[  185.543474][ T8513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.543501][ T8513] RIP: 0033:0x7f093198d169
[  185.543520][ T8513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.543537][ T8513] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  185.543560][ T8513] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  185.543576][ T8513] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[  185.543591][ T8513] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  185.543604][ T8513] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[  185.543618][ T8513] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  185.543651][ T8513]  </TASK>
[  185.573025][ T8298] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  185.810366][ T5856] Bluetooth: hci3: command tx timeout
[  185.846284][ T8298] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  185.848092][ T8519] netlink: 24 bytes leftover after parsing attributes in process `syz.2.744'.
[  185.880043][ T8298] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  185.923493][ T8298] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  186.108963][ T8298] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.240484][ T8298] 8021q: adding VLAN 0 to HW filter on device team0
[  186.387270][ T8535] netlink: 'syz.4.750': attribute type 1 has an invalid length.
[  186.406966][ T6013] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.414184][ T6013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.542919][ T8541] 8021q: adding VLAN 0 to HW filter on device bond4
[  186.552040][ T8541] bond0: (slave bond4): Enslaving as an active interface with an up link
[  186.577982][ T8538] batadv0: entered promiscuous mode
[  186.584049][ T8538] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  186.620275][ T8538] bond0: (slave macvlan3): Enslaving as an active interface with an up link
[  186.650610][ T6013] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.657831][ T6013] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.888864][ T8554] FAULT_INJECTION: forcing a failure.
[  186.888864][ T8554] name failslab, interval 1, probability 0, space 0, times 0
[  186.937094][ T8554] CPU: 1 UID: 0 PID: 8554 Comm: syz.0.756 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  186.937129][ T8554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  186.937142][ T8554] Call Trace:
[  186.937151][ T8554]  <TASK>
[  186.937160][ T8554]  dump_stack_lvl+0x241/0x360
[  186.937199][ T8554]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.937230][ T8554]  ? __pfx__printk+0x10/0x10
[  186.937266][ T8554]  ? __pfx___might_resched+0x10/0x10
[  186.937297][ T8554]  should_fail_ex+0x424/0x570
[  186.937325][ T8554]  should_failslab+0xac/0x100
[  186.937357][ T8554]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  186.937389][ T8554]  ? __alloc_skb+0x1c2/0x480
[  186.937414][ T8554]  __alloc_skb+0x1c2/0x480
[  186.937440][ T8554]  ? __pfx___alloc_skb+0x10/0x10
[  186.937473][ T8554]  alloc_skb_with_frags+0xc3/0x830
[  186.937513][ T8554]  sock_alloc_send_pskb+0x91c/0xa70
[  186.937568][ T8554]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  186.937601][ T8554]  ? handle_pte_fault+0x3b91/0x61c0
[  186.937633][ T8554]  __ip6_append_data+0x2c4f/0x41b0
[  186.937685][ T8554]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  186.937731][ T8554]  ? ip6_mtu+0x81/0x3f0
[  186.937759][ T8554]  ? __pfx___ip6_append_data+0x10/0x10
[  186.937790][ T8554]  ? ip6_setup_cork+0xaaf/0x11c0
[  186.937826][ T8554]  ip6_make_skb+0x31d/0x440
[  186.937860][ T8554]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  186.937886][ T8554]  ? __pfx_ip6_make_skb+0x10/0x10
[  186.937917][ T8554]  ? ip6_sk_dst_lookup_flow+0x751/0xab0
[  186.937957][ T8554]  ? __pfx_ip6_sk_dst_lookup_flow+0x10/0x10
[  186.937990][ T8554]  ? udpv6_sendmsg+0x1b63/0x3070
[  186.938019][ T8554]  udpv6_sendmsg+0x216b/0x3070
[  186.938057][ T8554]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  186.938096][ T8554]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  186.938130][ T8554]  ? __pfx___might_resched+0x10/0x10
[  186.938176][ T8554]  ? aa_sk_perm+0x96f/0xac0
[  186.938211][ T8554]  ? sock_rps_record_flow+0x1a/0x410
[  186.938233][ T8554]  ? inet_send_prepare+0x21/0x260
[  186.938259][ T8554]  ? inet_send_prepare+0x5a/0x260
[  186.938290][ T8554]  __sock_sendmsg+0xef/0x270
[  186.938323][ T8554]  ____sys_sendmsg+0x523/0x860
[  186.938355][ T8554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.938375][ T8554]  ? __fget_files+0x2a/0x420
[  186.938398][ T8554]  ? __fget_files+0x2a/0x420
[  186.938428][ T8554]  __sys_sendmmsg+0x3a0/0x7b0
[  186.938464][ T8554]  ? __pfx___sys_sendmmsg+0x10/0x10
[  186.938527][ T8554]  ? rcu_read_lock_any_held+0xbb/0x160
[  186.938555][ T8554]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  186.938591][ T8554]  ? vfs_write+0xb29/0xd10
[  186.938621][ T8554]  ? ksys_write+0x24e/0x2d0
[  186.938647][ T8554]  ? __mutex_unlock_slowpath+0x229/0x800
[  186.938704][ T8554]  ? ksys_write+0x275/0x2d0
[  186.938741][ T8554]  __x64_sys_sendmmsg+0xa0/0xb0
[  186.938765][ T8554]  do_syscall_64+0xf3/0x230
[  186.938791][ T8554]  ? clear_bhb_loop+0x45/0xa0
[  186.938817][ T8554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.938837][ T8554] RIP: 0033:0x7feb9598d169
[  186.938856][ T8554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.938875][ T8554] RSP: 002b:00007feb9686e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  186.938899][ T8554] RAX: ffffffffffffffda RBX: 00007feb95ba5fa0 RCX: 00007feb9598d169
[  186.938914][ T8554] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[  186.938929][ T8554] RBP: 00007feb9686e090 R08: 0000000000000000 R09: 0000000000000000
[  186.938943][ T8554] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[  186.938956][ T8554] R13: 0000000000000000 R14: 00007feb95ba5fa0 R15: 00007fff11c9efd8
[  186.938989][ T8554]  </TASK>
[  187.319598][ T8562] FAULT_INJECTION: forcing a failure.
[  187.319598][ T8562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.332785][ T8562] CPU: 1 UID: 0 PID: 8562 Comm: syz.4.759 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  187.332830][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  187.332851][ T8562] Call Trace:
[  187.332865][ T8562]  <TASK>
[  187.332877][ T8562]  dump_stack_lvl+0x241/0x360
[  187.332935][ T8562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.332984][ T8562]  ? __pfx__printk+0x10/0x10
[  187.333066][ T8562]  should_fail_ex+0x424/0x570
[  187.333118][ T8562]  _copy_from_iter+0x211/0x1c70
[  187.333180][ T8562]  ? __build_skb_around+0x247/0x3d0
[  187.333252][ T8562]  ? __alloc_skb+0x298/0x480
[  187.333271][ T8562]  ? __pfx__copy_from_iter+0x10/0x10
[  187.333302][ T8562]  ? __pfx___alloc_skb+0x10/0x10
[  187.333324][ T8562]  ? skb_put+0x114/0x1f0
[  187.333349][ T8562]  netlink_sendmsg+0x73c/0xcd0
[  187.333394][ T8562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.333429][ T8562]  ? aa_sock_msg_perm+0x91/0x160
[  187.333465][ T8562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.333491][ T8562]  __sock_sendmsg+0x221/0x270
[  187.333522][ T8562]  ____sys_sendmsg+0x523/0x860
[  187.333555][ T8562]  ? __pfx_____sys_sendmsg+0x10/0x10
[  187.333574][ T8562]  ? __fget_files+0x2a/0x420
[  187.333598][ T8562]  ? __fget_files+0x2a/0x420
[  187.333628][ T8562]  __sys_sendmsg+0x271/0x360
[  187.333656][ T8562]  ? __pfx___sys_sendmsg+0x10/0x10
[  187.333739][ T8562]  ? do_syscall_64+0xb6/0x230
[  187.333769][ T8562]  do_syscall_64+0xf3/0x230
[  187.333794][ T8562]  ? clear_bhb_loop+0x45/0xa0
[  187.333820][ T8562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.333841][ T8562] RIP: 0033:0x7f9281f8d169
[  187.333860][ T8562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.333878][ T8562] RSP: 002b:00007f9282d81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.333900][ T8562] RAX: ffffffffffffffda RBX: 00007f92821a5fa0 RCX: 00007f9281f8d169
[  187.333916][ T8562] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  187.333930][ T8562] RBP: 00007f9282d81090 R08: 0000000000000000 R09: 0000000000000000
[  187.333943][ T8562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.333956][ T8562] R13: 0000000000000000 R14: 00007f92821a5fa0 R15: 00007ffd8ca2cf28
[  187.333989][ T8562]  </TASK>
[  188.182427][ T8298] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.257230][ T8558] netlink: 12 bytes leftover after parsing attributes in process `syz.2.757'.
[  188.373953][ T5855] Bluetooth: hci3: command 0x0405 tx timeout
[  188.516277][ T8298] veth0_vlan: entered promiscuous mode
[  188.579533][ T8298] veth1_vlan: entered promiscuous mode
[  188.710120][ T8298] veth0_macvtap: entered promiscuous mode
[  188.777565][ T8298] veth1_macvtap: entered promiscuous mode
[  188.998626][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.027896][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.056100][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.075413][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.100670][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.103306][ T8602] FAULT_INJECTION: forcing a failure.
[  189.103306][ T8602] name failslab, interval 1, probability 0, space 0, times 0
[  189.123074][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.136942][ T8602] CPU: 1 UID: 0 PID: 8602 Comm: syz.2.771 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  189.136973][ T8602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  189.136987][ T8602] Call Trace:
[  189.136995][ T8602]  <TASK>
[  189.137003][ T8602]  dump_stack_lvl+0x241/0x360
[  189.137043][ T8602]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.137087][ T8602]  ? __pfx__printk+0x10/0x10
[  189.137121][ T8602]  ? __pfx___might_resched+0x10/0x10
[  189.137155][ T8602]  should_fail_ex+0x424/0x570
[  189.137183][ T8602]  should_failslab+0xac/0x100
[  189.137215][ T8602]  __kmalloc_noprof+0xdf/0x4d0
[  189.137243][ T8602]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  189.137268][ T8602]  ? apparmor_capable+0x13b/0x1b0
[  189.137296][ T8602]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  189.137330][ T8602]  genl_rcv_msg+0x819/0xf00
[  189.137363][ T8602]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.137384][ T8602]  ? stack_trace_save+0x11a/0x1d0
[  189.137418][ T8602]  ? __pfx_stack_trace_save+0x10/0x10
[  189.137451][ T8602]  ? stack_depot_save_flags+0x44/0x940
[  189.137472][ T8602]  ? stack_trace_snprint+0x71/0xf0
[  189.137515][ T8602]  ? __lock_acquire+0xad5/0xd80
[  189.137539][ T8602]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  189.137558][ T8602]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  189.137577][ T8602]  ? __pfx_nl80211_post_doit+0x10/0x10
[  189.137614][ T8602]  netlink_rcv_skb+0x208/0x480
[  189.137646][ T8602]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.137670][ T8602]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.137725][ T8602]  ? netlink_deliver_tap+0x2e/0x1b0
[  189.137762][ T8602]  genl_rcv+0x28/0x40
[  189.137783][ T8602]  netlink_unicast+0x7f8/0x9a0
[  189.137820][ T8602]  ? __pfx_netlink_unicast+0x10/0x10
[  189.137850][ T8602]  ? skb_put+0x114/0x1f0
[  189.137876][ T8602]  netlink_sendmsg+0x8c3/0xcd0
[  189.137921][ T8602]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.137957][ T8602]  ? aa_sock_msg_perm+0x91/0x160
[  189.137993][ T8602]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.138021][ T8602]  __sock_sendmsg+0x221/0x270
[  189.138053][ T8602]  ____sys_sendmsg+0x523/0x860
[  189.138094][ T8602]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.138114][ T8602]  ? __fget_files+0x2a/0x420
[  189.138138][ T8602]  ? __fget_files+0x2a/0x420
[  189.138169][ T8602]  __sys_sendmsg+0x271/0x360
[  189.138197][ T8602]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.138283][ T8602]  ? do_syscall_64+0xb6/0x230
[  189.138313][ T8602]  do_syscall_64+0xf3/0x230
[  189.138340][ T8602]  ? clear_bhb_loop+0x45/0xa0
[  189.138365][ T8602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.138386][ T8602] RIP: 0033:0x7f093198d169
[  189.138405][ T8602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.138423][ T8602] RSP: 002b:00007f093282a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.138445][ T8602] RAX: ffffffffffffffda RBX: 00007f0931ba5fa0 RCX: 00007f093198d169
[  189.138460][ T8602] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  189.138474][ T8602] RBP: 00007f093282a090 R08: 0000000000000000 R09: 0000000000000000
[  189.138487][ T8602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.138500][ T8602] R13: 0000000000000000 R14: 00007f0931ba5fa0 R15: 00007ffe30cfef78
[  189.138534][ T8602]  </TASK>
[  189.144778][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.507733][ T8608] FAULT_INJECTION: forcing a failure.
[  189.507733][ T8608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.521407][ T8608] CPU: 0 UID: 0 PID: 8608 Comm: syz.2.773 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  189.521437][ T8608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  189.521450][ T8608] Call Trace:
[  189.521458][ T8608]  <TASK>
[  189.521466][ T8608]  dump_stack_lvl+0x241/0x360
[  189.521505][ T8608]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.521536][ T8608]  ? __pfx__printk+0x10/0x10
[  189.521578][ T8608]  should_fail_ex+0x424/0x570
[  189.521605][ T8608]  _copy_from_user+0x2d/0xb0
[  189.521637][ T8608]  kstrtouint_from_user+0xce/0x1a0
[  189.521666][ T8608]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  189.521693][ T8608]  ? __lock_acquire+0xad5/0xd80
[  189.521726][ T8608]  proc_fail_nth_write+0xac/0x2d0
[  189.521748][ T8608]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  189.521778][ T8608]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  189.521806][ T8608]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  189.521828][ T8608]  vfs_write+0x2bc/0xd10
[  189.521858][ T8608]  ? fdget_pos+0x247/0x310
[  189.521882][ T8608]  ? __pfx_vfs_write+0x10/0x10
[  189.521907][ T8608]  ? __fget_files+0x2a/0x420
[  189.521927][ T8608]  ? __fget_files+0x39d/0x420
[  189.521944][ T8608]  ? __fget_files+0x2a/0x420
[  189.521975][ T8608]  ksys_write+0x19d/0x2d0
[  189.522001][ T8608]  ? __pfx_ksys_write+0x10/0x10
[  189.522033][ T8608]  ? do_syscall_64+0xb6/0x230
[  189.522064][ T8608]  do_syscall_64+0xf3/0x230
[  189.522090][ T8608]  ? clear_bhb_loop+0x45/0xa0
[  189.522115][ T8608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.522135][ T8608] RIP: 0033:0x7f093198bc1f
[  189.522154][ T8608] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  189.522172][ T8608] RSP: 002b:00007f0932809030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  189.522195][ T8608] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f093198bc1f
[  189.522210][ T8608] RDX: 0000000000000001 RSI: 00007f09328090a0 RDI: 0000000000000003
[  189.522223][ T8608] RBP: 00007f0932809090 R08: 0000000000000000 R09: 0000000000000000
[  189.522237][ T8608] R10: 0000000004001c00 R11: 0000000000000293 R12: 0000000000000001
[  189.522250][ T8608] R13: 0000000000000000 R14: 00007f0931ba6080 R15: 00007ffe30cfef78
[  189.522291][ T8608]  </TASK>
[  189.523051][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.767882][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.778484][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.788431][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.802621][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.813443][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.824615][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.834895][ T8298] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.845440][ T8298] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.857854][ T8298] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.941476][ T8600] delete_channel: no stack
[  189.955817][ T8603] 8021q: VLANs not supported on vcan0
[  189.974532][ T8605] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000198: 0000 [#1] SMP KASAN PTI
[  189.986476][ T8605] KASAN: null-ptr-deref in range [0x0000000000000cc0-0x0000000000000cc7]
[  189.994913][ T8605] CPU: 1 UID: 0 PID: 8605 Comm: syz.4.772 Not tainted 6.14.0-syzkaller-13344-ga9843689e2de #0 PREEMPT(full) 
[  190.006476][ T8605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  190.016555][ T8605] RIP: 0010:addrconf_add_ifaddr+0x23e/0x590
[  190.022474][ T8605] Code: 03 00 00 8b b4 24 c4 00 00 00 48 8b 7c 24 18 e8 98 84 25 ff 49 89 c5 48 8d 98 c5 0c 00 00 48 89 d8 48 c1 e8 03 48 89 44 24 38 <42> 0f b6 04 20 84 c0 0f 85 03 03 00 00 48 89 5c 24 28 0f b6 1b 31
[  190.042107][ T8605] RSP: 0018:ffffc90004707a00 EFLAGS: 00010203
[  190.048205][ T8605] RAX: 0000000000000198 RBX: 0000000000000cc5 RCX: 0000000000080000
[  190.056188][ T8605] RDX: ffffc9000de07000 RSI: 00000000000006b6 RDI: 00000000000006b7
[  190.064165][ T8605] RBP: ffffc90004707b50 R08: ffffffff905fd977 R09: 1ffffffff20bfb2e
[  190.072143][ T8605] R10: dffffc0000000000 R11: fffffbfff20bfb2f R12: dffffc0000000000
[  190.080124][ T8605] R13: 0000000000000000 R14: 0000200000000040 R15: 1ffff920008e0f48
[  190.088099][ T8605] FS:  00007f9282d606c0(0000) GS:ffff888125096000(0000) knlGS:0000000000000000
[  190.097040][ T8605] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.103626][ T8605] CR2: 00007ffed8067da8 CR3: 000000007d1b0000 CR4: 00000000003526f0
[  190.111613][ T8605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  190.119595][ T8605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  190.127573][ T8605] Call Trace:
[  190.130855][ T8605]  <TASK>
[  190.133792][ T8605]  ? __pfx_addrconf_add_ifaddr+0x10/0x10
[  190.139442][ T8605]  ? kasan_quarantine_put+0xdc/0x230
[  190.144741][ T8605]  ? lockdep_hardirqs_on+0x9d/0x150
[  190.149948][ T8605]  inet6_ioctl+0x148/0x280
[  190.154376][ T8605]  ? __pfx_inet6_ioctl+0x10/0x10
[  190.159322][ T8605]  ? tomoyo_path_number_perm+0x684/0x790
[  190.164966][ T8605]  ? tomoyo_path_number_perm+0x215/0x790
[  190.170610][ T8605]  sock_do_ioctl+0x15a/0x490
[  190.175216][ T8605]  ? __pfx_sock_do_ioctl+0x10/0x10
[  190.180429][ T8605]  ? __lock_acquire+0xad5/0xd80
[  190.185313][ T8605]  sock_ioctl+0x644/0x900
[  190.189656][ T8605]  ? __pfx_sock_ioctl+0x10/0x10
[  190.194513][ T8605]  ? __fget_files+0x2a/0x420
[  190.199105][ T8605]  ? __fget_files+0x2a/0x420
[  190.203706][ T8605]  ? __fget_files+0x2a/0x420
[  190.208304][ T8605]  ? __pfx_sock_ioctl+0x10/0x10
[  190.213167][ T8605]  __se_sys_ioctl+0xf1/0x160
[  190.217768][ T8605]  do_syscall_64+0xf3/0x230
[  190.222287][ T8605]  ? clear_bhb_loop+0x45/0xa0
[  190.226978][ T8605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.232967][ T8605] RIP: 0033:0x7f9281f8d169
[  190.237387][ T8605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.257087][ T8605] RSP: 002b:00007f9282d60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.265516][ T8605] RAX: ffffffffffffffda RBX: 00007f92821a6080 RCX: 00007f9281f8d169
[  190.273492][ T8605] RDX: 0000200000000040 RSI: 0000000000008916 RDI: 000000000000000e
[  190.281473][ T8605] RBP: 00007f928200e990 R08: 0000000000000000 R09: 0000000000000000
[  190.289478][ T8605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.297453][ T8605] R13: 0000000000000000 R14: 00007f92821a6080 R15: 00007ffd8ca2cf28
[  190.305435][ T8605]  </TASK>
[  190.308454][ T8605] Modules linked in:
[  190.314201][ T8605] ---[ end trace 0000000000000000 ]---
[  190.344704][ T8605] RIP: 0010:addrconf_add_ifaddr+0x23e/0x590
[  190.352486][ T8605] Code: 03 00 00 8b b4 24 c4 00 00 00 48 8b 7c 24 18 e8 98 84 25 ff 49 89 c5 48 8d 98 c5 0c 00 00 48 89 d8 48 c1 e8 03 48 89 44 24 38 <42> 0f b6 04 20 84 c0 0f 85 03 03 00 00 48 89 5c 24 28 0f b6 1b 31
[  190.373062][ T8605] RSP: 0018:ffffc90004707a00 EFLAGS: 00010203
[  190.379226][ T8605] RAX: 0000000000000198 RBX: 0000000000000cc5 RCX: 0000000000080000
[  190.387851][ T8605] RDX: ffffc9000de07000 RSI: 00000000000006b6 RDI: 00000000000006b7
[  190.398638][ T8605] RBP: ffffc90004707b50 R08: ffffffff905fd977 R09: 1ffffffff20bfb2e
[  190.406778][ T8605] R10: dffffc0000000000 R11: fffffbfff20bfb2f R12: dffffc0000000000
[  190.418389][ T8605] R13: 0000000000000000 R14: 0000200000000040 R15: 1ffff920008e0f48
[  190.427597][ T8605] FS:  00007f9282d606c0(0000) GS:ffff888124f96000(0000) knlGS:0000000000000000
[  190.436688][ T8605] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.443309][ T8605] CR2: 00007f091156bf98 CR3: 000000007d1b0000 CR4: 00000000003526f0
[  190.452089][ T8605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  190.460447][ T8605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  190.468507][ T8605] Kernel panic - not syncing: Fatal exception
[  190.474743][ T8605] Kernel Offset: disabled
[  190.479075][ T8605] Rebooting in 86400 seconds..