last executing test programs:

1m4.883021722s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

53.423422326s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

53.07915965s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

41.592207011s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

40.487310931s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

31.949058828s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

31.472515022s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

22.147734019s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

19.863174806s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

15.955986245s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

7.890366694s ago: executing program 2 (id=623):
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x10, 0x1412, 0x1}, 0x10}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000800)={0x6})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0)
r4 = accept(r0, &(0x7f00000002c0)=@nfc, &(0x7f00000001c0)=0x80)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000340)={'ip6_vti0\x00', 0x3})
getpeername$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000140)=0x1c)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0xa4}, {0x6}]}, 0x10)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000280), 0x4)
shutdown(r0, 0x1)

6.095638549s ago: executing program 1 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r2=>0x0})
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000000)=""/30, &(0x7f0000000080)=0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

4.063577158s ago: executing program 4 (id=1994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x8, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r7=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r5, 0x200, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x120}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xe34}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x3c}}, 0x28000800)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x2c, r3, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0xb4, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x6a}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x31}, @NL80211_ATTR_SSID={0x15, 0x34, @random="96f955d2021b6435dff1618de4b0df0d5e"}, @NL80211_ATTR_PMKID={0x14, 0x55, "2e1372af8a8f5ee35c1defc016c07759"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}, @NL80211_ATTR_PMKID={0x14, 0x55, "97665e9a6c5d1aabb523b606c7b6c91c"}, @NL80211_ATTR_SSID={0x1b, 0x34, @random="626e6268f2630ed10a9c66390827e36b3c955c044b19e7"}, @NL80211_ATTR_PMKID={0x14, 0x55, "d8752e137d95d5a959591f8e11f2d308"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0xb4}}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x8, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r2) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'netdevsim0\x00'}) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, r5, 0x200, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x120}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xe34}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x3c}}, 0x28000800) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x2c, r3, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x2c}}, 0x0) (async)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0xb4, 0x0, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x6a}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x31}, @NL80211_ATTR_SSID={0x15, 0x34, @random="96f955d2021b6435dff1618de4b0df0d5e"}, @NL80211_ATTR_PMKID={0x14, 0x55, "2e1372af8a8f5ee35c1defc016c07759"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}, @NL80211_ATTR_PMKID={0x14, 0x55, "97665e9a6c5d1aabb523b606c7b6c91c"}, @NL80211_ATTR_SSID={0x1b, 0x34, @random="626e6268f2630ed10a9c66390827e36b3c955c044b19e7"}, @NL80211_ATTR_PMKID={0x14, 0x55, "d8752e137d95d5a959591f8e11f2d308"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0xb4}}, 0x20000000) (async)

3.735911277s ago: executing program 4 (id=1998):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x90, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x43, 0xe, {{{}, {}, @device_b, @broadcast}, 0x0, @default, 0x1800, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x3}, @void, @void, @void, @val={0x25, 0x3, {0x0, 0x0, 0x5}}, @val={0x2a, 0x1, {0x0, 0x1, 0x1}}, @void, @void, @void, @void, @val={0x76, 0x6}}}, @NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x8004}, 0x300000000000000)

3.487449511s ago: executing program 4 (id=2001):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'ip6tnl0\x00', 0xfffffffffffffffc})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000540)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000000100000000099eb000000000056000700000014000000000000000000000002000003000000080000"], 0x48}, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
bind$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'bridge_slave_1\x00'})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r7, 0x65, 0x4, &(0x7f0000000080), &(0x7f0000000040)=0x108c9db88b374686)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000001000500050007000000000008000900000000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000229bd7000fbdbdf25060000008b1b0b1a545e000000000000050004007800000005000d00000000000c001600000000000000000006001c0004000000"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180009000000000000000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000500), r4)
sendmsg$IEEE802154_ASSOCIATE_RESP(r4, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000900)={0x14, r9, 0x1, 0x2}, 0x14}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100000000000c000300020000000000000008000500", @ANYRES32=r11, @ANYBLOB], 0x50}, 0x1, 0xba01, 0x0, 0x8830}, 0x0)

2.791353383s ago: executing program 4 (id=2003):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="4400000010e01fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\r\x00\x00\x00\x007'], 0x44}}, 0x0)

2.725164604s ago: executing program 4 (id=2004):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000440)={0x30, r2, 0xb97534d5fe9704cf, 0x1000000, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x30}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0xdb}]}]}, 0x30}}, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x9, 0x1000, &(0x7f0000001e40)=""/4096, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$key(r6, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x2, 0x400000000000003, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x1}}, @sadb_lifetime={0x4, 0x4, 0xc84a}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_address={0x5, 0x7, 0x0, 0x0, 0x0, @in6={0xa, 0x4e23, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}}]}, 0xd8}}, 0x84)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000440)={0x30, r2, 0xb97534d5fe9704cf, 0x1000000, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x30}}, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5}, @NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR={0x8, 0x15, 0xdb}]}]}, 0x30}}, 0x0) (async)
socket$key(0xf, 0x3, 0x2) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x9, 0x1000, &(0x7f0000001e40)=""/4096, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
sendmsg$key(r6, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)={0x2, 0x400000000000003, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x1}}, @sadb_lifetime={0x4, 0x4, 0xc84a}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_address={0x5, 0x7, 0x0, 0x0, 0x0, @in6={0xa, 0x4e23, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}}]}, 0xd8}}, 0x84) (async)

2.37564512s ago: executing program 4 (id=2007):
socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0xa, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x50800)
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x1, 0x5)
write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="58102b674e3ede88fef0c76682d00e0a67487bba2e16ff4c5fd069eec855088b7d702aa39c84b60826fdd5cb5067e178cc7f9acff83eaa933be77d06ba6008e2e244115897aec973aaa88ff97212d14713343f31"], 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'syzkaller1\x00', &(0x7f00000000c0)=@ethtool_ts_info})
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r4, 0x84, 0x4, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r6, 0x8983, &(0x7f0000000700)={0x6, 'veth1_to_batadv\x00', {0x2}})
r7 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080), 0x12)
openat$cgroup_procs(r8, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0xfff, 0x7, 0x800, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="12000000", @ANYRES32=0x0, @ANYBLOB], 0x48)

1.315463712s ago: executing program 0 (id=2008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x2, &(0x7f0000000580)={0x14, 0x0, 0x0, 0x0, 0x404000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x5c, 0x2, 0x6, 0x401, 0x0, 0x2000000, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)

1.250387567s ago: executing program 0 (id=2009):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x8448b7dc4279a53b, 0x0, &(0x7f0000000140)) (async)
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x100}, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) (async)
epoll_create1(0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
close(r9)
socket$key(0xf, 0x3, 0x2) (async)
setsockopt$sock_int(r9, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r9, &(0x7f0000000080)={0xa002a008})

1.113760699s ago: executing program 0 (id=2010):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x5}}, 0x10)
bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000600)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000cc0)=ANY=[@ANYBLOB="61125100000000006113910000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07007706000020010000170200000ee60000bf250000000000003d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000003c0)=0x1003)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r5)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000280), r5)
sendmsg$NLBL_MGMT_C_VERSION(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000940)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="030f000000000000000008000020150001"], 0x2c}}, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, r6, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x840)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000080)=0x2)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)
close(r0)

827.686559ms ago: executing program 0 (id=2011):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="180200000007000000000003000000008500000027000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

715.985133ms ago: executing program 0 (id=2014):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="4400000010001fffe000"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\r\x00\x00\x00\x007'], 0x44}}, 0x0)

670.524271ms ago: executing program 0 (id=2015):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=<r1=>0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000400000008001e"], 0x4c}}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r3, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r6, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e20}, 0x15)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
vmsplice(r7, &(0x7f00000000c0)=[{&(0x7f0000000200)='=', 0x1}], 0x1, 0x0)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r8, 0x84, 0x4, &(0x7f0000000800), &(0x7f0000000840)=0x4)
bind$alg(r7, &(0x7f0000001180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800a5aa85000000a5000000950000000000000003159ffff8bb74f87987946c6eb540813ce9cdd27580f6e7818f9c10053493c703f1113898438ef597fa2f29e9a112705d99b7bd8558ef12f35703e51b0b24f5fa62880864e2bf584a6326d26f01d0be04be68ff26"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
connect$unix(r6, &(0x7f0000000580)=@abs={0x1, 0x0, 0x4e20}, 0x15)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
accept(r4, &(0x7f0000001240)=@ethernet={0x0, @multicast}, &(0x7f00000012c0)=0x80)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r9, 0x29, 0x1, &(0x7f0000001200), 0x4)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000180)={0x0, 0x7}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x200000dc, &(0x7f0000000240)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa9610c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa1900000000000000000000e2ffffffddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20000000409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb79637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0adc7e77dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9af0012ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357baad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff16c45ba4a125a5a8a0000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca135ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444653fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a46005332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d366047999c825dbc4bea375529699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c2723d70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524ea2f93229106c871d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd405b8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b74ac5f894b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d6674885914abbf8830abeea2a46342e6a7378173cb2df5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb49ef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38aec0d12aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b68448692686ac80d81a89f9c29e27686fd96885205bc21a80b6704c45e42b3656dfdcd9b3048b04752ccf24103e2375ca712f6ed38b06c96bf3da324700"/2640, @ANYRES32=r3, @ANYRESDEC=r1, @ANYRES64=r2, @ANYRES32=r2], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

513.592848ms ago: executing program 3 (id=2016):
r0 = socket(0x2, 0x1, 0x0) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket(0x10, 0x803, 0x0) (rerun: 64)
sendmsg$BATADV_CMD_GET_MESH(r1, 0x0, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) (async, rerun: 32)
r2 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x0, @local}, 0x10) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000040)="415b7ac700000000", 0x8)
recvmsg(0xffffffffffffffff, &(0x7f000000b680)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000004c0)=""/7, 0x7}], 0x1}, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10000002}}, 0x2e) (async)
r6 = socket$inet6_udp(0xa, 0x2, 0x0) (async, rerun: 32)
r7 = socket$pppl2tp(0x18, 0x1, 0x1) (rerun: 32)
connect$pppl2tp(r7, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x3f00, r6, {0x2, 0x0, @loopback}, 0x4}}, 0x2e) (async, rerun: 64)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0xa, 0x5, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r9, &(0x7f0000000300), 0x20000000}, 0x20) (async)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) (async, rerun: 64)
r10 = socket$kcm(0x2, 0xa, 0x2) (rerun: 64)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
write$tun(r8, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500c00108005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) (async)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a000000000000040000000000000000000000000000080000000000000000000000000000b085da05d603888318a0cce400000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000fdffffffff00000000000000000000e4ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000000000000000000000000000000000000000000000000000000000000000eeff3f000000008fc7660c490587b3ab213098a6767c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f8f0000000000000000dbd5a834b3ab2a0cc27081310000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440a05000004beb6495d2de65a6c00000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000f18a0afe993500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000008c7f8f0000000010000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000ff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c00000000000000000000000000000000ecffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000afe96d981b6f119c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000844caab24e79bd260000000000000000000000000000000000000000005080000000000000000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08)

371.998167ms ago: executing program 3 (id=2017):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff000000006110b2000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff000000006110b2000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet6(0xa, 0x2, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711206000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=<r2=>0x0)
sendmsg$AUDIT_SET(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x3c, 0x3e9, 0x800, 0x70bd2c, 0x25dfdbfd, {0x32, 0x0, 0x2, r2, 0x7fff, 0x6, 0xf, 0x7, 0x0, 0x0, 0xfffffff9}, ["", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008801}, 0x2000c000)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x80000006}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000000000000290000000300"], 0x18}}], 0x1, 0x0) (async)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x80000006}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000000000000290000000300"], 0x18}}], 0x1, 0x0)

312.501586ms ago: executing program 3 (id=2018):
unshare(0x4a000e00)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x490, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xa7c, r0}, 0x38)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0xcc, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x38, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @empty}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x180}]}, @CTA_NAT_V6_MINIP={0x14, 0x4, @loopback}]}]}, 0xcc}}, 0x0)
listen(r1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYRESOCT=r2], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r1}, 0x20)
sendmmsg$inet6(r1, &(0x7f0000002180)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000740)="03", 0x1}], 0x1}}], 0x1, 0x0)
sendmmsg$inet6(r1, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000009c0)='.', 0x1}], 0x1}}], 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c40000001900010000000000000000e8ab1414bb00000000000000000000000000000080000000000000000a00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0010000100000000000000"], 0xc4}}, 0x0)
recvmsg$can_bcm(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000540)=""/183, 0xb7}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000780)=""/159, 0x9f}, {&(0x7f0000000840)=""/129, 0x81}], 0x4, &(0x7f0000000a00)=""/247, 0xf7}, 0x2000)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001400674c0065000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT], 0xb8}, 0x1, 0x0, 0x0, 0x17}, 0x42800)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@ipmr_delroute={0x2c, 0x19, 0x5, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5}, [@RTA_TABLE={0x8}, @RTA_MARK={0x8, 0xf}]}, 0x2c}}, 0x0)

133.235302ms ago: executing program 3 (id=2019):
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(0xffffffffffffffff, 0x111, 0x4, 0x1, 0x4) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)

23.862219ms ago: executing program 3 (id=2020):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xa, <r0=>0x0}, 0x8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @local, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.stat\x00', 0x0, 0x0)
getsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f00000002c0), &(0x7f00000003c0)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000000114e00000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x401, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x93}, @IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)
setsockopt$packet_fanout_data(r4, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x10)
close(r4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x6c}}, 0x0)
r6 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4000, @loopback}, 0x10)
connect$inet(r6, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000580)={{0x84, @initdev={0xac, 0x1e, 0x4, 0x0}, 0x4e23, 0x3, 'lc\x00', 0x2, 0x81, 0x1019}, {@local, 0x4e20, 0x4, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

0s ago: executing program 3 (id=2021):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0xfffffffffffffe82, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r3}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x58, &(0x7f00000008c0)}, 0x65)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xf, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xba}, @generic={0xa7}, @initr0, @exit]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x5}, @IFLA_BOND_TLB_DYNAMIC_LB={0x5}]}}}]}, 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

 port 6081 - 0
[  236.166050][T11635] netlink: 'syz.4.1616': attribute type 32 has an invalid length.
[  236.176335][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1616'.
[  236.185536][T11635] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  236.221745][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1616'.
[  236.232030][T11635] 
: renamed from bond0
[  236.936985][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.111634][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.169909][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.255240][   T11] bridge_slave_1: left allmulticast mode
[  237.261367][   T11] bridge_slave_1: left promiscuous mode
[  237.267581][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.279821][   T11] bridge_slave_0: left allmulticast mode
[  237.285471][   T11] bridge_slave_0: left promiscuous mode
[  237.291318][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.492977][T11642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1618'.
[  237.817953][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  237.828529][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  237.836998][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  237.837143][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.857909][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  237.871665][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  237.879623][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  237.879924][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.913366][   T11] bond0 (unregistering): Released all slaves
[  238.020522][T11647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1618'.
[  238.091050][T11659] netlink: 'syz.3.1623': attribute type 11 has an invalid length.
[  238.100134][T11659] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1623'.
[  238.202327][T11659] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1623'.
[  238.284154][T11665] IPv6: sit4: Disabled Multicast RS
[  238.322777][T11670] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1626'.
[  238.413131][   T11] hsr_slave_0: left promiscuous mode
[  238.446915][   T11] hsr_slave_1: left promiscuous mode
[  238.453110][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.466901][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.487448][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.500975][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.529943][   T11] veth1_macvtap: left promiscuous mode
[  238.535582][   T11] veth0_macvtap: left promiscuous mode
[  238.541540][   T11] veth1_vlan: left promiscuous mode
[  238.547165][   T11] veth0_vlan: left promiscuous mode
[  239.016665][   T11] team0 (unregistering): Port device team_slave_1 removed
[  239.056289][   T11] team0 (unregistering): Port device team_slave_0 removed
[  239.606975][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  239.623507][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  239.634396][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  239.657079][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  239.665059][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  239.666913][T11686] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  239.680756][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  239.684584][T11689] __nla_validate_parse: 1 callbacks suppressed
[  239.684601][T11689] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1631'.
[  239.892459][T11703] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1634'.
[  239.943134][T11651] chnl_net:caif_netlink_parms(): no params data found
[  239.943526][   T54] Bluetooth: hci2: command tx timeout
[  239.992407][T11706] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1635'.
[  240.105864][T11716] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1637'.
[  240.209842][T11651] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.231430][T11651] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.250506][T11651] bridge_slave_0: entered allmulticast mode
[  240.259775][T11651] bridge_slave_0: entered promiscuous mode
[  240.404739][T11651] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.428109][T11651] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.456280][T11651] bridge_slave_1: entered allmulticast mode
[  240.470296][T11651] bridge_slave_1: entered promiscuous mode
[  240.577812][T11651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.616054][T11651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.709053][T11651] team0: Port device team_slave_0 added
[  240.758644][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.781263][T11651] team0: Port device team_slave_1 added
[  240.798835][T11691] chnl_net:caif_netlink_parms(): no params data found
[  240.833081][T11651] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.843454][T11651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.870943][T11651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.888525][T11651] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.896335][T11651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.927077][T11651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  240.971579][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.038259][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.093381][T11651] hsr_slave_0: entered promiscuous mode
[  241.124919][T11651] hsr_slave_1: entered promiscuous mode
[  241.206329][T11775] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1649'.
[  241.229481][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.231616][T11773] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1649'.
[  241.272390][T11777] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1650'.
[  241.285068][T11691] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.305260][T11691] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.318096][T11691] bridge_slave_0: entered allmulticast mode
[  241.325448][T11691] bridge_slave_0: entered promiscuous mode
[  241.348908][T11691] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.358653][T11691] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.365905][T11691] bridge_slave_1: entered allmulticast mode
[  241.387896][T11691] bridge_slave_1: entered promiscuous mode
[  241.459914][T11691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.489670][T11691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.562897][T11691] team0: Port device team_slave_0 added
[  241.634607][T11691] team0: Port device team_slave_1 added
[  241.645171][   T11] bridge_slave_1: left allmulticast mode
[  241.662926][   T11] bridge_slave_1: left promiscuous mode
[  241.676815][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.685560][   T11] bridge_slave_0: left allmulticast mode
[  241.694596][   T11] bridge_slave_0: left promiscuous mode
[  241.701078][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.733412][T11786] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1654'.
[  241.792786][   T54] Bluetooth: hci4: command tx timeout
[  242.029211][   T54] Bluetooth: hci2: command tx timeout
[  242.050810][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.064189][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.075411][   T11] bond0 (unregistering): Released all slaves
[  242.100016][T11791] geneve3: entered promiscuous mode
[  242.105406][T11791] geneve3: entered allmulticast mode
[  242.143340][T11792] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  242.224661][T11691] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.234134][T11691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.265335][T11691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.391892][T11691] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.410548][T11691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.443184][T11691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.575921][T11810] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1661'.
[  242.633037][T11811] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1662'.
[  242.692461][   T11] hsr_slave_0: left promiscuous mode
[  242.719959][   T11] hsr_slave_1: left promiscuous mode
[  242.732138][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.744225][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.754982][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.764577][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.831696][   T11] veth1_macvtap: left promiscuous mode
[  242.845557][   T11] veth0_macvtap: left promiscuous mode
[  242.856586][   T11] veth1_vlan: left promiscuous mode
[  242.865554][   T11] veth0_vlan: left promiscuous mode
[  243.415648][   T11] team0 (unregistering): Port device team_slave_1 removed
[  243.457252][   T11] team0 (unregistering): Port device team_slave_0 removed
[  243.835186][T11691] hsr_slave_0: entered promiscuous mode
[  243.842054][T11691] hsr_slave_1: entered promiscuous mode
[  243.852299][T11691] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.857078][   T54] Bluetooth: hci4: command tx timeout
[  243.866171][T11691] Cannot create hsr debugfs directory
[  243.878769][T11818] netlink: 'syz.4.1664': attribute type 1 has an invalid length.
[  244.059111][T11855] sctp: [Deprecated]: syz.0.1671 (pid 11855) Use of int in maxseg socket option.
[  244.059111][T11855] Use struct sctp_assoc_value instead
[  244.105032][   T54] Bluetooth: hci2: command tx timeout
[  244.238762][T11651] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  244.310511][T11651] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  244.333388][T11651] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  244.356214][T11867] netlink: 'syz.0.1676': attribute type 39 has an invalid length.
[  244.412601][T11651] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  244.573865][T11651] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.611654][T11651] 8021q: adding VLAN 0 to HW filter on device team0
[  244.629427][ T6644] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.636565][ T6644] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.661026][ T6637] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.668195][ T6637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.876281][T11691] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  244.893847][T11691] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  244.916352][T11691] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  244.940212][T11691] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  245.079527][T11651] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.160641][T11691] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.215729][T11651] veth0_vlan: entered promiscuous mode
[  245.252031][T11691] 8021q: adding VLAN 0 to HW filter on device team0
[  245.283039][ T6637] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.290271][ T6637] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.329380][T11651] veth1_vlan: entered promiscuous mode
[  245.338822][ T6637] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.345958][ T6637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.428256][T11651] veth0_macvtap: entered promiscuous mode
[  245.463164][T11651] veth1_macvtap: entered promiscuous mode
[  245.503586][T11651] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.533700][T11651] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.560104][T11651] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.581197][T11651] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.599260][T11651] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.608187][T11651] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.757960][ T6637] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.765831][ T6637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.811494][ T6615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.834563][ T6615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.839851][T11691] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.937170][   T54] Bluetooth: hci4: command tx timeout
[  245.978268][T11936] __nla_validate_parse: 3 callbacks suppressed
[  245.978286][T11936] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1685'.
[  246.004096][T11691] veth0_vlan: entered promiscuous mode
[  246.044703][T11936] netlink: 'syz.0.1685': attribute type 11 has an invalid length.
[  246.109398][T11691] veth1_vlan: entered promiscuous mode
[  246.125872][T11936] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1685'.
[  246.225782][T11691] veth0_macvtap: entered promiscuous mode
[  246.235715][T11691] veth1_macvtap: entered promiscuous mode
[  246.250807][T11691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  246.261818][T11691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.273095][T11691] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.286122][T11691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  246.296744][T11691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.308077][T11691] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.324157][T11691] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.334698][T11691] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.345621][T11691] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.363049][T11691] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.486333][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.497615][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.575701][ T6615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.605924][ T6615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.636194][T11965] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1691'.
[  246.654386][T11961] netlink: 'syz.0.1690': attribute type 11 has an invalid length.
[  246.687723][T11965] pim6reg1: entered allmulticast mode
[  247.048677][T11987] bridge0: port 1(gretap0) entered blocking state
[  247.057937][T11987] bridge0: port 1(gretap0) entered disabled state
[  247.064753][T11987] gretap0: entered allmulticast mode
[  247.480950][ T6615] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.906966][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  247.916086][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  247.924966][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  247.933267][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  247.941537][ T5152] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  247.950689][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  248.064763][T12011] chnl_net:caif_netlink_parms(): no params data found
[  248.137762][T12011] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.144931][T12011] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.152505][T12011] bridge_slave_0: entered allmulticast mode
[  248.159524][T12011] bridge_slave_0: entered promiscuous mode
[  248.167815][T12011] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.174984][T12011] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.182996][T12011] bridge_slave_1: entered allmulticast mode
[  248.189814][T12011] bridge_slave_1: entered promiscuous mode
[  248.220564][T12011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.232949][T12011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.265817][T12011] team0: Port device team_slave_0 added
[  248.289371][ T6615] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.303944][T12011] team0: Port device team_slave_1 added
[  248.323087][T12011] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.330347][T12011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.357007][T12011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.369637][T12011] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.377319][T12011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.403681][T12011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.436307][T12011] hsr_slave_0: entered promiscuous mode
[  248.442686][T12011] hsr_slave_1: entered promiscuous mode
[  248.448930][T12011] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  248.456499][T12011] Cannot create hsr debugfs directory
[  248.978466][ T6615] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.052126][ T6615] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.123023][ T6615] bridge_slave_1: left allmulticast mode
[  249.130189][ T6615] bridge_slave_1: left promiscuous mode
[  249.135867][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.145782][ T6615] bridge_slave_0: left allmulticast mode
[  249.151932][ T6615] bridge_slave_0: left promiscuous mode
[  249.157684][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.439008][ T5152] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  249.450803][ T5152] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  249.473294][ T5152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  249.482719][ T5152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  249.490462][ T5152] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  249.498133][ T5152] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  249.536496][T12038] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1711'.
[  249.559326][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1710'.
[  249.898824][ T6615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.912476][ T6615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.923491][ T6615] bond0 (unregistering): Released all slaves
[  249.949345][T12032] netlink: 'syz.0.1710': attribute type 1 has an invalid length.
[  249.979194][T12035] 8021q: adding VLAN 0 to HW filter on device bond4
[  250.005252][T12035] bond3: (slave bond4): making interface the new active one
[  250.019363][ T5152] Bluetooth: hci2: command tx timeout
[  250.021096][T12035] bond3: (slave bond4): Enslaving as an active interface with an up link
[  250.053421][T12036] bond3 (unregistering): (slave bond4): Releasing backup interface
[  250.067574][T12036] bond3 (unregistering): Released all slaves
[  250.227165][T12064] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1717'.
[  250.458413][T12070] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1720'.
[  250.651492][ T6615] hsr_slave_0: left promiscuous mode
[  250.663988][ T6615] hsr_slave_1: left promiscuous mode
[  250.674859][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.692037][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.712055][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.732146][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.768088][ T6615] veth1_macvtap: left promiscuous mode
[  250.773656][ T6615] veth0_macvtap: left promiscuous mode
[  250.779284][ T6615] veth1_vlan: left promiscuous mode
[  250.784616][ T6615] veth0_vlan: left promiscuous mode
[  250.809507][T12102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1724'.
[  251.240380][ T6615] team0 (unregistering): Port device team_slave_1 removed
[  251.295717][ T6615] team0 (unregistering): Port device team_slave_0 removed
[  251.536990][ T5152] Bluetooth: hci4: command tx timeout
[  251.855767][T12099] pimreg: entered allmulticast mode
[  251.863584][T12103] pimreg: left allmulticast mode
[  252.046239][T12011] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  252.062240][T12011] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  252.083961][T12011] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  252.098778][ T5152] Bluetooth: hci2: command tx timeout
[  252.116709][T12011] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  252.199668][T12033] chnl_net:caif_netlink_parms(): no params data found
[  252.443570][T12033] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.451292][T12033] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.462714][T12033] bridge_slave_0: entered allmulticast mode
[  252.470597][T12033] bridge_slave_0: entered promiscuous mode
[  252.496058][T12011] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.524952][T12033] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.538744][T12033] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.546102][T12033] bridge_slave_1: entered allmulticast mode
[  252.558276][T12033] bridge_slave_1: entered promiscuous mode
[  252.712935][T12033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  252.751820][T12033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  252.779097][T12011] 8021q: adding VLAN 0 to HW filter on device team0
[  252.866509][ T6615] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.873701][ T6615] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.938964][ T6635] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.975439][T12033] team0: Port device team_slave_0 added
[  252.985980][ T6637] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.993174][ T6637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.016235][T12033] team0: Port device team_slave_1 added
[  253.103911][ T6635] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.135840][T12033] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.152116][T12033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.188249][T12033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.242826][ T6635] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.267543][T12033] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.274846][T12033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.307394][T12033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.308630][T12193] af_packet: tpacket_rcv: packet too big, clamped from 64 to 4294967272. macoff=96
[  253.407802][ T6635] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.438610][T12033] hsr_slave_0: entered promiscuous mode
[  253.453701][T12033] hsr_slave_1: entered promiscuous mode
[  253.481982][T12033] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  253.491621][T12033] Cannot create hsr debugfs directory
[  253.570021][T12203] ip6gretap0: entered promiscuous mode
[  253.604694][T12203] batadv_slave_0: entered promiscuous mode
[  253.616828][ T5152] Bluetooth: hci4: command tx timeout
[  253.623762][T12011] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  253.739700][T12217] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  253.856508][ T6635] bridge_slave_1: left allmulticast mode
[  253.866126][ T6635] bridge_slave_1: left promiscuous mode
[  253.872898][ T6635] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.891513][ T6635] bridge_slave_0: left allmulticast mode
[  253.897868][ T6635] bridge_slave_0: left promiscuous mode
[  253.903658][ T6635] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.176955][ T5152] Bluetooth: hci2: command tx timeout
[  254.301451][ T6635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.314893][ T6635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.334928][ T6635] bond0 (unregistering): Released all slaves
[  254.470753][T12233] ip6gre2: entered allmulticast mode
[  254.604616][T12250] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1762'.
[  254.613564][T12256] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1761'.
[  254.879599][T12263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1764'.
[  254.991690][ T6635] hsr_slave_0: left promiscuous mode
[  255.017462][ T6635] hsr_slave_1: left promiscuous mode
[  255.037244][ T6635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.045501][ T6635] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.057407][ T6635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.064848][ T6635] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.088896][ T6635] veth1_macvtap: left promiscuous mode
[  255.094456][ T6635] veth0_macvtap: left promiscuous mode
[  255.101325][ T6635] veth1_vlan: left promiscuous mode
[  255.106632][ T6635] veth0_vlan: left promiscuous mode
[  255.526052][ T6635] team0 (unregistering): Port device team_slave_1 removed
[  255.573206][ T6635] team0 (unregistering): Port device team_slave_0 removed
[  255.696773][ T5152] Bluetooth: hci4: command tx timeout
[  255.942250][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.948899][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.992102][T12274] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1766'.
[  256.005765][T12274] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1766'.
[  256.029077][T12011] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.081085][T12277] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1767'.
[  256.257194][ T5152] Bluetooth: hci2: command tx timeout
[  256.276917][T12033] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  256.306777][T12033] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  256.315464][T12033] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  256.326292][T12033] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  256.373744][T12011] veth0_vlan: entered promiscuous mode
[  256.390136][T12011] veth1_vlan: entered promiscuous mode
[  256.511655][T12011] veth0_macvtap: entered promiscuous mode
[  256.538780][T12011] veth1_macvtap: entered promiscuous mode
[  256.654078][T12033] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.698733][T12011] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.712984][T12302] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1773'.
[  256.730905][T12011] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.753510][T12011] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.762366][T12011] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.771185][T12011] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.779991][T12011] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.815960][T12033] 8021q: adding VLAN 0 to HW filter on device team0
[  256.821659][T12306] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1774'.
[  256.840624][T12293] pimreg: entered allmulticast mode
[  256.894414][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.901643][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.937715][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.944883][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.122391][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.137612][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.231403][ T6635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.241547][ T6635] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.779268][ T5152] Bluetooth: hci4: command tx timeout
[  258.856406][T12333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1779'.
[  258.883173][T12033] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.014788][T12033] veth0_vlan: entered promiscuous mode
[  259.035451][T12033] veth1_vlan: entered promiscuous mode
[  259.043222][T12341] netlink: 'syz.3.1782': attribute type 4 has an invalid length.
[  259.078358][T12033] veth0_macvtap: entered promiscuous mode
[  259.090537][T12033] veth1_macvtap: entered promiscuous mode
[  259.116235][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.129934][T12344] netlink: 'syz.3.1782': attribute type 23 has an invalid length.
[  259.129960][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.149763][T12033] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.151230][T12344] netlink: 'syz.3.1782': attribute type 11 has an invalid length.
[  259.159978][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.175788][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.187756][T12033] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.196414][T12344] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1782'.
[  259.197839][T12033] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.214295][T12033] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.224695][T12033] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.233506][T12033] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.381304][ T3519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.466981][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.475710][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.493587][ T6641] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.502048][ T6641] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.890262][ T3519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.963026][ T3519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.084860][ T3519] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.152165][ T3519] bridge_slave_1: left allmulticast mode
[  260.158221][ T3519] bridge_slave_1: left promiscuous mode
[  260.163997][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.172560][ T3519] bridge_slave_0: left allmulticast mode
[  260.178799][ T3519] bridge_slave_0: left promiscuous mode
[  260.184511][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.431728][T12354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1784'.
[  260.455190][T12354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1784'.
[  260.568410][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  260.597397][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  260.619894][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  260.639923][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  260.659075][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  260.678721][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  260.714798][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.726413][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.741747][ T3519] bond0 (unregistering): Released all slaves
[  260.880451][T12356] chnl_net:caif_netlink_parms(): no params data found
[  260.971772][T12356] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.982004][T12356] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.989340][T12356] bridge_slave_0: entered allmulticast mode
[  260.995884][T12356] bridge_slave_0: entered promiscuous mode
[  261.003721][T12356] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.010871][T12356] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.019003][T12356] bridge_slave_1: entered allmulticast mode
[  261.025569][T12356] bridge_slave_1: entered promiscuous mode
[  261.046547][ T3519] hsr_slave_0: left promiscuous mode
[  261.052573][ T3519] hsr_slave_1: left promiscuous mode
[  261.070397][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.078483][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.086434][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.093961][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.122643][ T3519] veth1_macvtap: left promiscuous mode
[  261.129946][ T3519] veth0_macvtap: left promiscuous mode
[  261.135556][ T3519] veth1_vlan: left promiscuous mode
[  261.146274][ T3519] veth0_vlan: left promiscuous mode
[  261.693334][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  261.736077][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  262.164275][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  262.173685][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  262.184764][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  262.193602][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  262.205977][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  262.221432][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  262.399027][T12373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1786'.
[  262.452968][T12356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  262.522758][T12356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  262.536866][T12389] vxcan1: entered allmulticast mode
[  262.588131][T12356] team0: Port device team_slave_0 added
[  262.600843][T12392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1790'.
[  262.603117][T12356] team0: Port device team_slave_1 added
[  262.679316][T12356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.689793][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.720657][T12356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.734430][T12356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  262.741793][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.747060][ T5152] Bluetooth: hci2: command tx timeout
[  262.774966][T12356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.790908][T12395] ip6gretap0: vlans aren't supported yet for dev_uc|mc_add()
[  262.894036][T12356] hsr_slave_0: entered promiscuous mode
[  262.905757][T12356] hsr_slave_1: entered promiscuous mode
[  263.078279][ T3519] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.116492][T12384] chnl_net:caif_netlink_parms(): no params data found
[  263.177328][ T3519] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.270473][ T3519] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.299268][T12384] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.306558][T12384] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.313932][T12384] bridge_slave_0: entered allmulticast mode
[  263.324244][T12384] bridge_slave_0: entered promiscuous mode
[  263.353077][ T3519] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.370139][T12384] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.381114][T12384] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.390071][T12384] bridge_slave_1: entered allmulticast mode
[  263.401054][T12384] bridge_slave_1: entered promiscuous mode
[  263.447012][T12384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.482289][T12384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.562881][T12384] team0: Port device team_slave_0 added
[  263.589787][T12384] team0: Port device team_slave_1 added
[  263.595999][ T3519] bridge_slave_1: left allmulticast mode
[  263.604019][ T3519] bridge_slave_1: left promiscuous mode
[  263.613139][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.631310][ T3519] bridge_slave_0: left allmulticast mode
[  263.637419][ T3519] bridge_slave_0: left promiscuous mode
[  263.643107][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.674825][T12427] netlink: 'syz.3.1797': attribute type 1 has an invalid length.
[  263.683003][T12427] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1797'.
[  264.059247][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  264.071741][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  264.082351][ T3519] bond0 (unregistering): Released all slaves
[  264.263951][T12384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.277873][T12384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.316923][T12384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.336882][ T5152] Bluetooth: hci4: command tx timeout
[  264.338324][T12384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.366230][T12384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.406555][T12384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.604273][T12384] hsr_slave_0: entered promiscuous mode
[  264.616349][T12384] hsr_slave_1: entered promiscuous mode
[  264.625101][T12384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  264.635080][T12384] Cannot create hsr debugfs directory
[  264.684807][ T3519] hsr_slave_0: left promiscuous mode
[  264.692631][ T3519] hsr_slave_1: left promiscuous mode
[  264.705596][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.713574][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.722209][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.729848][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.762596][ T3519] veth1_macvtap: left promiscuous mode
[  264.769261][ T3519] veth0_macvtap: left promiscuous mode
[  264.775607][ T3519] veth1_vlan: left promiscuous mode
[  264.781688][ T3519] veth0_vlan: left promiscuous mode
[  264.817160][ T5152] Bluetooth: hci2: command tx timeout
[  265.212947][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  265.257994][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  265.772758][T12356] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  265.795755][T12356] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  265.817144][T12525] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1812'.
[  265.829726][T12356] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  265.867210][T12356] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  266.201157][T12356] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.247700][T12356] 8021q: adding VLAN 0 to HW filter on device team0
[  266.267820][ T6615] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.274998][ T6615] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.302653][ T6615] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.309848][ T6615] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.318890][T12552] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1817'.
[  266.416950][ T5152] Bluetooth: hci4: command tx timeout
[  266.435448][T12384] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  266.446973][T12384] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  266.470954][T12384] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  266.481378][T12384] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  266.568078][T12384] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.599565][T12384] 8021q: adding VLAN 0 to HW filter on device team0
[  266.625653][ T6641] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.632869][ T6641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.679036][ T6641] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.686238][ T6641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.796504][T12356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.894079][T12356] veth0_vlan: entered promiscuous mode
[  266.908028][ T5152] Bluetooth: hci2: command tx timeout
[  266.962648][T12356] veth1_vlan: entered promiscuous mode
[  267.021603][T12384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.064282][T12579] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1822'.
[  267.097460][T12356] veth0_macvtap: entered promiscuous mode
[  267.127476][T12356] veth1_macvtap: entered promiscuous mode
[  267.178273][T12356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.185715][T12384] veth0_vlan: entered promiscuous mode
[  267.210161][T12384] veth1_vlan: entered promiscuous mode
[  267.230307][T12356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.263674][T12356] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.279085][T12356] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.290084][T12356] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.299201][T12356] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.326850][T12585] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  267.353477][T12384] veth0_macvtap: entered promiscuous mode
[  267.378848][T12384] veth1_macvtap: entered promiscuous mode
[  267.399538][T12578] netlink: 'syz.4.1822': attribute type 32 has an invalid length.
[  267.407788][T12578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1822'.
[  267.417468][T12578] (unnamed net_device) (uninitialized): Setting coupled_control to on (1)
[  267.436276][T12594] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  267.493321][T12384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.505302][T12384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.517388][T12384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.564946][T12384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.583136][T12384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.594641][T12384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.625822][T12384] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.626859][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.636636][T12384] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.652251][T12384] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.661380][T12384] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.662082][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.699115][ T6635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.708920][ T6635] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.734984][T12601] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1829'.
[  267.833181][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.843184][ T6635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.850427][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.856729][ T6635] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.966083][T12608] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1831'.
[  268.042151][T12612] netlink: 'syz.3.1832': attribute type 1 has an invalid length.
[  268.119474][T12587] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  268.162016][T12617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1834'.
[  268.191924][T12620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1833'.
[  268.298436][T12628] netlink: 'syz.0.1837': attribute type 2 has an invalid length.
[  268.322312][T12628] netlink: 'syz.0.1837': attribute type 8 has an invalid length.
[  268.406408][T12634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1840'.
[  268.450429][T12634] tun1: tun_chr_ioctl cmd 1074025677
[  268.455929][T12634] tun1: linktype set to 769
[  268.530465][T12632] vlan2: entered promiscuous mode
[  268.545855][T12632] vlan2: entered allmulticast mode
[  268.826339][T12661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1845'.
[  269.038290][ T6637] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.517332][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  269.526256][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  269.535602][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  269.544730][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  269.554633][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  269.562604][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  269.662898][T12668] chnl_net:caif_netlink_parms(): no params data found
[  269.705918][T12668] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.713942][T12668] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.721233][T12668] bridge_slave_0: entered allmulticast mode
[  269.728469][T12668] bridge_slave_0: entered promiscuous mode
[  269.735867][T12668] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.743128][T12668] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.750861][T12668] bridge_slave_1: entered allmulticast mode
[  269.758049][T12668] bridge_slave_1: entered promiscuous mode
[  269.781339][T12668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.793690][T12668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.822407][T12668] team0: Port device team_slave_0 added
[  269.830319][T12668] team0: Port device team_slave_1 added
[  269.849138][T12668] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.856099][T12668] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.882521][T12668] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.896108][T12668] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.903616][T12668] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.930637][T12668] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.967605][T12668] hsr_slave_0: entered promiscuous mode
[  269.973834][T12668] hsr_slave_1: entered promiscuous mode
[  269.980332][T12668] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.988401][T12668] Cannot create hsr debugfs directory
[  270.338036][ T6637] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.406574][ T6637] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.483887][ T6637] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.570703][ T6637] bridge_slave_1: left allmulticast mode
[  270.576394][ T6637] bridge_slave_1: left promiscuous mode
[  270.584684][ T6637] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.595755][ T6637] bridge_slave_0: left allmulticast mode
[  270.601670][ T6637] bridge_slave_0: left promiscuous mode
[  270.608360][ T6637] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.917828][ T6637] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.929672][ T6637] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.940763][ T6637] bond0 (unregistering): Released all slaves
[  271.373814][T12698] netlink: 'syz.0.1855': attribute type 11 has an invalid length.
[  271.387126][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  271.394315][T12698] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1855'.
[  271.409391][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  271.423962][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  271.458190][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  271.481740][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  271.501930][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  271.505056][T12709] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  271.527695][T12705] bridge0: left allmulticast mode
[  271.599145][ T6637] hsr_slave_0: left promiscuous mode
[  271.617521][ T5152] Bluetooth: hci2: command tx timeout
[  271.631030][T12709] sctp: [Deprecated]: syz.3.1857 (pid 12709) Use of struct sctp_assoc_value in delayed_ack socket option.
[  271.631030][T12709] Use struct sctp_sack_info instead
[  271.636439][ T6637] hsr_slave_1: left promiscuous mode
[  271.683321][ T6637] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.695112][ T6637] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.718577][ T6637] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.726460][ T6637] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.756452][ T6637] veth1_macvtap: left promiscuous mode
[  271.762735][ T6637] veth0_macvtap: left promiscuous mode
[  271.771199][ T6637] veth1_vlan: left promiscuous mode
[  271.776860][ T6637] veth0_vlan: left promiscuous mode
[  271.798300][T12723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1860'.
[  272.321104][ T6637] team0 (unregistering): Port device team_slave_1 removed
[  272.362858][ T6637] team0 (unregistering): Port device team_slave_0 removed
[  272.766498][T12668] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  272.811896][T12668] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  272.882215][T12668] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  272.923312][T12668] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  273.070966][T12668] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.086775][T12668] 8021q: adding VLAN 0 to HW filter on device team0
[  273.100476][ T3519] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.107602][ T3519] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.151641][ T3519] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.158816][ T3519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.194806][T12668] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  273.208706][T12755] FAULT_INJECTION: forcing a failure.
[  273.208706][T12755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.216077][T12668] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  273.230799][T12755] CPU: 1 UID: 0 PID: 12755 Comm: syz.3.1866 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  273.243265][T12755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  273.253357][T12755] Call Trace:
[  273.256660][T12755]  <TASK>
[  273.259604][T12755]  dump_stack_lvl+0x241/0x360
[  273.264317][T12755]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.269550][T12755]  ? __pfx__printk+0x10/0x10
[  273.274171][T12755]  ? __pfx_lock_release+0x10/0x10
[  273.279228][T12755]  should_fail_ex+0x3b0/0x4e0
[  273.283912][T12755]  _copy_from_user+0x2f/0xc0
[  273.288509][T12755]  copy_msghdr_from_user+0xae/0x680
[  273.293712][T12755]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  273.299529][T12755]  __sys_sendmsg+0x22d/0x380
[  273.304121][T12755]  ? __pfx___sys_sendmsg+0x10/0x10
[  273.309244][T12755]  ? __pfx_vfs_write+0x10/0x10
[  273.314034][T12755]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  273.320366][T12755]  ? do_syscall_64+0x100/0x230
[  273.325128][T12755]  ? do_syscall_64+0xb6/0x230
[  273.329804][T12755]  do_syscall_64+0xf3/0x230
[  273.334305][T12755]  ? clear_bhb_loop+0x35/0x90
[  273.338980][T12755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.344884][T12755] RIP: 0033:0x7f903bd7e719
[  273.349303][T12755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.368905][T12755] RSP: 002b:00007f903b7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  273.377321][T12755] RAX: ffffffffffffffda RBX: 00007f903bf35f80 RCX: 00007f903bd7e719
[  273.385290][T12755] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  273.393258][T12755] RBP: 00007f903b7ff090 R08: 0000000000000000 R09: 0000000000000000
[  273.401228][T12755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.409195][T12755] R13: 0000000000000000 R14: 00007f903bf35f80 R15: 00007ffd9dbb2b88
[  273.417184][T12755]  </TASK>
[  273.539756][ T5152] Bluetooth: hci4: command tx timeout
[  273.560834][T12754] netlink: 'syz.0.1865': attribute type 2 has an invalid length.
[  273.569563][T12764] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1868'.
[  273.696896][ T5152] Bluetooth: hci2: command tx timeout
[  273.723293][ T6637] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.780618][T12754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1865'.
[  273.919267][ T6637] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.945477][T12700] chnl_net:caif_netlink_parms(): no params data found
[  274.028489][T12781] Bluetooth: MGMT ver 1.23
[  274.038482][ T6637] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.295380][ T6637] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.353856][T12668] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.375031][T12700] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.383095][T12700] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.391702][T12700] bridge_slave_0: entered allmulticast mode
[  274.398805][T12700] bridge_slave_0: entered promiscuous mode
[  274.417335][T12700] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.437036][T12700] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.444284][T12700] bridge_slave_1: entered allmulticast mode
[  274.452675][T12700] bridge_slave_1: entered promiscuous mode
[  274.500678][T12700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.515833][T12700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.601114][T12700] team0: Port device team_slave_0 added
[  274.610781][T12700] team0: Port device team_slave_1 added
[  274.634293][ T6637] bridge_slave_1: left allmulticast mode
[  274.644673][ T6637] bridge_slave_1: left promiscuous mode
[  274.650777][ T6637] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.665532][ T6637] bridge_slave_0: left allmulticast mode
[  274.672919][ T6637] bridge_slave_0: left promiscuous mode
[  274.679048][ T6637] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.049823][ T6637] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  275.061437][ T6637] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  275.073027][ T6637] bond0 (unregistering): Released all slaves
[  275.110033][T12668] veth0_vlan: entered promiscuous mode
[  275.170908][T12700] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.188301][T12700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.254277][T12700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.348395][T12700] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.369918][T12700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.436806][T12700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.523507][T12821] FAULT_INJECTION: forcing a failure.
[  275.523507][T12821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.584992][T12824] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1883'.
[  275.592872][T12821] CPU: 0 UID: 0 PID: 12821 Comm: syz.4.1882 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  275.604665][T12821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  275.614746][T12821] Call Trace:
[  275.615553][T12668] veth1_vlan: entered promiscuous mode
[  275.618023][T12821]  <TASK>
[  275.618034][T12821]  dump_stack_lvl+0x241/0x360
[  275.618067][T12821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.636348][T12821]  ? __pfx__printk+0x10/0x10
[  275.640971][T12821]  should_fail_ex+0x3b0/0x4e0
[  275.645657][T12821]  _copy_to_user+0x31/0xb0
[  275.650077][T12821]  bpf_test_finish+0x59c/0x890
[  275.654849][T12821]  ? __pfx_bpf_test_finish+0x10/0x10
[  275.660146][T12821]  ? convert_skb_to___skb+0x2d3/0x510
[  275.665526][T12821]  bpf_prog_test_run_skb+0xfe5/0x1820
[  275.670909][T12821]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  275.676719][T12821]  ? fput+0x1a8/0x230
[  275.680697][T12821]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  275.686503][T12821]  bpf_prog_test_run+0x2e4/0x360
[  275.691451][T12821]  __sys_bpf+0x48d/0x810
[  275.695704][T12821]  ? __pfx___sys_bpf+0x10/0x10
[  275.700473][T12821]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  275.706454][T12821]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  275.712784][T12821]  ? do_syscall_64+0x100/0x230
[  275.717544][T12821]  __x64_sys_bpf+0x7c/0x90
[  275.721964][T12821]  do_syscall_64+0xf3/0x230
[  275.726465][T12821]  ? clear_bhb_loop+0x35/0x90
[  275.731143][T12821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.737037][T12821] RIP: 0033:0x7f2bfdb7e719
[  275.741449][T12821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.761054][T12821] RSP: 002b:00007f2bfea42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  275.769484][T12821] RAX: ffffffffffffffda RBX: 00007f2bfdd35f80 RCX: 00007f2bfdb7e719
[  275.777470][T12821] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  275.785465][T12821] RBP: 00007f2bfea42090 R08: 0000000000000000 R09: 0000000000000000
[  275.793459][T12821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.801435][T12821] R13: 0000000000000000 R14: 00007f2bfdd35f80 R15: 00007ffd2d0078f8
[  275.809418][T12821]  </TASK>
[  275.827101][ T5152] Bluetooth: hci4: command tx timeout
[  275.832601][ T5152] Bluetooth: hci2: command tx timeout
[  275.894049][T12700] hsr_slave_0: entered promiscuous mode
[  275.903645][T12700] hsr_slave_1: entered promiscuous mode
[  275.997120][ T6637] hsr_slave_0: left promiscuous mode
[  276.018284][ T6637] hsr_slave_1: left promiscuous mode
[  276.031067][ T6637] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.042683][ T6637] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.050665][T12834] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1885'.
[  276.061802][ T6637] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.069606][ T6637] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.092705][ T6637] veth1_macvtap: left promiscuous mode
[  276.098833][ T6637] veth0_macvtap: left promiscuous mode
[  276.105072][ T6637] veth1_vlan: left promiscuous mode
[  276.111349][ T6637] veth0_vlan: left promiscuous mode
[  276.555021][ T6637] team0 (unregistering): Port device team_slave_1 removed
[  276.598315][ T6637] team0 (unregistering): Port device team_slave_0 removed
[  276.998851][T12828] vlan2: entered promiscuous mode
[  277.004497][T12828] team0: Device vlan2 is of different type
[  277.174394][T12668] veth0_macvtap: entered promiscuous mode
[  277.195334][T12668] veth1_macvtap: entered promiscuous mode
[  277.290667][T12668] batman_adv: batadv0: Interface activated: batadv_slave_0
[  277.392300][T12668] batman_adv: batadv0: Interface activated: batadv_slave_1
[  277.403814][T12861] FAULT_INJECTION: forcing a failure.
[  277.403814][T12861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.418199][T12861] CPU: 0 UID: 0 PID: 12861 Comm: syz.0.1895 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  277.429004][T12861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  277.439091][T12861] Call Trace:
[  277.442406][T12861]  <TASK>
[  277.445359][T12861]  dump_stack_lvl+0x241/0x360
[  277.450075][T12861]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.455314][T12861]  ? __pfx__printk+0x10/0x10
[  277.459942][T12861]  ? snprintf+0xda/0x120
[  277.464209][T12861]  should_fail_ex+0x3b0/0x4e0
[  277.468914][T12861]  _copy_to_user+0x31/0xb0
[  277.473358][T12861]  simple_read_from_buffer+0xca/0x150
[  277.478787][T12861]  proc_fail_nth_read+0x1e9/0x250
[  277.483856][T12861]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  277.489436][T12861]  ? rw_verify_area+0x55e/0x6f0
[  277.494327][T12861]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  277.499905][T12861]  vfs_read+0x1fc/0xb70
[  277.504090][T12861]  ? fdget_pos+0x24e/0x320
[  277.508536][T12861]  ? __pfx_vfs_read+0x10/0x10
[  277.513240][T12861]  ? __fget_files+0x3f3/0x470
[  277.517960][T12861]  ? fdget_pos+0x24e/0x320
[  277.522406][T12861]  ksys_read+0x183/0x2b0
[  277.526674][T12861]  ? __pfx_ksys_read+0x10/0x10
[  277.531483][T12861]  ? do_syscall_64+0x100/0x230
[  277.536356][T12861]  ? do_syscall_64+0xb6/0x230
[  277.541059][T12861]  do_syscall_64+0xf3/0x230
[  277.545581][T12861]  ? clear_bhb_loop+0x35/0x90
[  277.550281][T12861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.556208][T12861] RIP: 0033:0x7efd16f7d15c
[  277.560645][T12861] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  277.580283][T12861] RSP: 002b:00007efd17d78030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  277.588738][T12861] RAX: ffffffffffffffda RBX: 00007efd17135f80 RCX: 00007efd16f7d15c
[  277.596741][T12861] RDX: 000000000000000f RSI: 00007efd17d780a0 RDI: 0000000000000005
[  277.604750][T12861] RBP: 00007efd17d78090 R08: 0000000000000000 R09: 0000000000000000
[  277.612747][T12861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  277.620768][T12861] R13: 0000000000000000 R14: 00007efd17135f80 R15: 00007ffe39e89df8
[  277.628793][T12861]  </TASK>
[  277.690223][T12668] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.704584][T12668] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.715663][T12668] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.724633][T12668] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  277.857259][ T5152] Bluetooth: hci4: command tx timeout
[  277.857369][   T54] Bluetooth: hci2: command tx timeout
[  278.006808][ T6637] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.014654][ T6637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.125493][ T6635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.160778][ T6635] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.227671][T12882] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  278.291497][T12700] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  278.320681][T12889] netlink: 'syz.4.1901': attribute type 3 has an invalid length.
[  278.343591][T12889] netlink: 1136 bytes leftover after parsing attributes in process `syz.4.1901'.
[  278.346962][T12700] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  278.396023][T12700] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  278.438214][T12700] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  278.533321][T12892] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1903'.
[  278.545271][T12892] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1903'.
[  278.645173][T12700] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.663054][T12700] 8021q: adding VLAN 0 to HW filter on device team0
[  278.683228][ T6641] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.690440][ T6641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.728316][ T6641] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.735534][ T6641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.863023][ T3519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.948722][ T3519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.069652][T12700] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.106212][T12700] veth0_vlan: entered promiscuous mode
[  279.119714][T12700] veth1_vlan: entered promiscuous mode
[  279.150318][ T3519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.176135][T12700] veth0_macvtap: entered promiscuous mode
[  279.184607][T12700] veth1_macvtap: entered promiscuous mode
[  279.198046][T12700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.210279][T12700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.223181][T12700] batman_adv: batadv0: Interface activated: batadv_slave_0
[  279.244305][ T3519] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.264328][T12700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  279.275527][T12700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.287834][T12700] batman_adv: batadv0: Interface activated: batadv_slave_1
[  279.302802][T12700] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  279.311746][T12700] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  279.321555][T12700] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  279.331232][T12700] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  279.398949][ T3519] bridge_slave_1: left allmulticast mode
[  279.404639][ T3519] bridge_slave_1: left promiscuous mode
[  279.411138][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.421329][ T3519] bridge_slave_0: left allmulticast mode
[  279.427501][ T3519] bridge_slave_0: left promiscuous mode
[  279.433146][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.731740][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.742817][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.753768][ T3519] bond0 (unregistering): Released all slaves
[  279.772092][ T6637] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.786361][ T6637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.820204][ T6615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.828743][ T6615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.034399][ T3519] hsr_slave_0: left promiscuous mode
[  280.040458][ T3519] hsr_slave_1: left promiscuous mode
[  280.046325][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.054402][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.062253][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.069828][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.089914][ T3519] veth1_macvtap: left promiscuous mode
[  280.095420][ T3519] veth0_macvtap: left promiscuous mode
[  280.101232][ T3519] veth1_vlan: left promiscuous mode
[  280.106497][ T3519] veth0_vlan: left promiscuous mode
[  280.448937][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  280.459671][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  280.482801][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  280.491229][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  280.511288][ T5152] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  280.531385][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  280.781794][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  280.830745][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  281.300764][T12910] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1906'.
[  281.314013][T12910] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1906'.
[  281.323399][T12916] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1909'.
[  281.507478][T12918] chnl_net:caif_netlink_parms(): no params data found
[  281.562626][T12918] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.569930][T12918] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.577346][T12918] bridge_slave_0: entered allmulticast mode
[  281.583929][T12918] bridge_slave_0: entered promiscuous mode
[  281.592087][T12918] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.599318][T12918] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.606513][T12918] bridge_slave_1: entered allmulticast mode
[  281.613377][T12918] bridge_slave_1: entered promiscuous mode
[  281.638225][T12918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.649859][T12918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.675688][T12918] team0: Port device team_slave_0 added
[  281.684028][T12918] team0: Port device team_slave_1 added
[  281.728532][ T3519] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.743608][T12918] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.751182][T12918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.777437][T12918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.790714][T12918] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.797847][T12918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.824062][T12918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.854277][T12918] hsr_slave_0: entered promiscuous mode
[  281.862997][T12918] hsr_slave_1: entered promiscuous mode
[  281.869175][T12918] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  281.877899][T12918] Cannot create hsr debugfs directory
[  282.173540][T12918] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  282.192970][T12918] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  282.201812][T12918] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  282.211487][T12918] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  282.231809][T12918] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.238983][T12918] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.246392][T12918] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.253525][T12918] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.301427][T12918] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.318975][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.328271][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.348933][T12918] 8021q: adding VLAN 0 to HW filter on device team0
[  282.360938][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.368080][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.381054][ T6635] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.388210][ T6635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.514710][T12918] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.550277][T12918] veth0_vlan: entered promiscuous mode
[  282.560896][T12918] veth1_vlan: entered promiscuous mode
[  282.577516][ T5152] Bluetooth: hci2: command tx timeout
[  282.592027][T12918] veth0_macvtap: entered promiscuous mode
[  282.601244][T12918] veth1_macvtap: entered promiscuous mode
[  282.616136][T12918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.627362][T12918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.638477][T12918] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.651299][T12918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  282.662207][T12918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.674077][T12918] batman_adv: batadv0: Interface activated: batadv_slave_1
[  282.685858][T12918] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.694644][T12918] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.705853][T12918] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.714630][T12918] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.764178][ T6637] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.775718][ T6637] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.795648][ T6637] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.803741][ T6637] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.899496][T12934] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1911'.
[  282.930261][T12934] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1911'.
[  283.111957][ T3519] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.253119][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  283.263312][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  283.273143][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  283.283579][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  283.293129][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  283.301625][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  283.336064][ T3519] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.453165][T12967] GUP no longer grows the stack in syz.4.1917 (12967): 20008000-2000a000 (20006000)
[  283.498165][T12967] CPU: 0 UID: 0 PID: 12967 Comm: syz.4.1917 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  283.508993][T12967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  283.519098][T12967] Call Trace:
[  283.522414][T12967]  <TASK>
[  283.525370][T12967]  dump_stack_lvl+0x241/0x360
[  283.530089][T12967]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.535333][T12967]  ? __pfx__printk+0x10/0x10
[  283.539960][T12967]  ? find_vma+0xf9/0x170
[  283.544247][T12967]  ? vma_is_secretmem+0xd/0x50
[  283.549039][T12967]  ? check_vma_flags+0x52b/0x5a0
[  283.554010][T12967]  __get_user_pages+0x4385/0x49e0
[  283.557961][ T3519] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.559048][T12967]  ? __kernel_text_address+0xd/0x40
[  283.574569][T12967]  ? mark_lock+0x9a/0x360
[  283.578958][T12967]  ? __pfx___get_user_pages+0x10/0x10
[  283.584376][T12967]  ? __pfx_lock_acquire+0x10/0x10
[  283.589440][T12967]  __gup_longterm_locked+0x3ba/0x17d0
[  283.594828][T12967]  pin_user_pages+0x137/0x1f0
[  283.599512][T12967]  ? __pfx_pin_user_pages+0x10/0x10
[  283.604715][T12967]  ? __kmalloc_node_noprof+0x247/0x440
[  283.610199][T12967]  xdp_umem_create+0x978/0xf30
[  283.614987][T12967]  xsk_setsockopt+0x732/0x950
[  283.619670][T12967]  ? __pfx_xsk_setsockopt+0x10/0x10
[  283.624881][T12967]  ? __pfx_lock_acquire+0x10/0x10
[  283.629916][T12967]  ? __fget_files+0x29/0x470
[  283.634519][T12967]  ? aa_sock_opt_perm+0x79/0x120
[  283.639495][T12967]  ? __pfx_xsk_setsockopt+0x10/0x10
[  283.644729][T12967]  do_sock_setsockopt+0x3af/0x720
[  283.649757][T12967]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  283.655307][T12967]  ? __fget_files+0x29/0x470
[  283.659937][T12967]  ? __fget_files+0x3f3/0x470
[  283.664638][T12967]  ? __fget_files+0x29/0x470
[  283.669263][T12967]  __sys_setsockopt+0x1a2/0x250
[  283.674146][T12967]  __x64_sys_setsockopt+0xb5/0xd0
[  283.679174][T12967]  do_syscall_64+0xf3/0x230
[  283.683677][T12967]  ? clear_bhb_loop+0x35/0x90
[  283.688365][T12967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.694257][T12967] RIP: 0033:0x7f2bfdb7e719
[  283.698665][T12967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.718269][T12967] RSP: 002b:00007f2bfea42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  283.726704][T12967] RAX: ffffffffffffffda RBX: 00007f2bfdd35f80 RCX: 00007f2bfdb7e719
[  283.734713][T12967] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000006
[  283.742686][T12967] RBP: 00007f2bfdbf139e R08: 0000000000000020 R09: 0000000000000000
[  283.750678][T12967] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
[  283.758649][T12967] R13: 0000000000000000 R14: 00007f2bfdd35f80 R15: 00007ffd2d0078f8
[  283.766640][T12967]  </TASK>
[  283.799156][T12967] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1917'.
[  283.857878][T12982] netlink: 'syz.3.1921': attribute type 10 has an invalid length.
[  283.869099][T12982] bond0: (slave netdevsim0): Releasing backup interface
[  284.025381][T12990] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  284.088167][ T3519] bridge_slave_1: left allmulticast mode
[  284.093876][ T3519] bridge_slave_1: left promiscuous mode
[  284.118819][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.131661][T12996] netlink: 'syz.4.1925': attribute type 1 has an invalid length.
[  284.140321][T12996] netlink: 'syz.4.1925': attribute type 2 has an invalid length.
[  284.148945][ T3519] bridge_slave_0: left allmulticast mode
[  284.154617][ T3519] bridge_slave_0: left promiscuous mode
[  284.160579][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.553183][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.564202][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.575306][ T3519] bond0 (unregistering): Released all slaves
[  284.590560][T12957] chnl_net:caif_netlink_parms(): no params data found
[  284.907089][T13006] netlink: 'syz.4.1928': attribute type 1 has an invalid length.
[  284.987284][T13021] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1931'.
[  285.013655][T12957] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.025595][T12957] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.033255][T12957] bridge_slave_0: entered allmulticast mode
[  285.045013][T12957] bridge_slave_0: entered promiscuous mode
[  285.061245][T12957] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.068644][T12957] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.090012][T12957] bridge_slave_1: entered allmulticast mode
[  285.098452][T12957] bridge_slave_1: entered promiscuous mode
[  285.127250][ T3519] hsr_slave_0: left promiscuous mode
[  285.133457][ T3519] hsr_slave_1: left promiscuous mode
[  285.143181][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.151087][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.161177][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.168650][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.188189][ T3519] veth1_macvtap: left promiscuous mode
[  285.193725][ T3519] veth0_macvtap: left promiscuous mode
[  285.199395][ T3519] veth1_vlan: left promiscuous mode
[  285.204654][ T3519] veth0_vlan: left promiscuous mode
[  285.388256][ T5152] Bluetooth: hci2: command tx timeout
[  285.610554][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  285.651102][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  286.038598][T12957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.050599][T12957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.099750][T12957] team0: Port device team_slave_0 added
[  286.107486][T12957] team0: Port device team_slave_1 added
[  286.142137][T12957] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.150645][T12957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.177562][T12957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.189995][T12957] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.197609][T12957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.223772][T12957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.270616][T12957] hsr_slave_0: entered promiscuous mode
[  286.277274][T12957] hsr_slave_1: entered promiscuous mode
[  286.406359][ T3519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.524391][T13027] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1932'.
[  286.542629][T13027] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1932'.
[  286.781007][ T5152] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  286.805018][ T3519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.825524][ T5152] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  286.834304][ T5152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  286.864515][ T5152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  286.872247][ T5152] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  286.883387][ T5152] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  286.971603][ T3519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.990106][T13056] netlink: 'syz.3.1940': attribute type 12 has an invalid length.
[  287.059655][ T3519] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.129728][T13050] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1939'.
[  287.189681][T13064] sctp: [Deprecated]: syz.0.1943 (pid 13064) Use of struct sctp_assoc_value in delayed_ack socket option.
[  287.189681][T13064] Use struct sctp_sack_info instead
[  287.198544][T12957] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  287.215212][T13064] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1943'.
[  287.244562][T12957] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  287.268222][T13068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1944'.
[  287.287140][T12957] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  287.296221][T12957] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  287.306097][T13069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1944'.
[  287.322423][T13069] wireguard0: entered promiscuous mode
[  287.328295][T13069] wireguard0: entered allmulticast mode
[  287.380501][ T3519] bridge_slave_1: left allmulticast mode
[  287.386561][ T3519] bridge_slave_1: left promiscuous mode
[  287.392800][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.401947][ T3519] bridge_slave_0: left allmulticast mode
[  287.408219][ T3519] bridge_slave_0: left promiscuous mode
[  287.413964][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.471341][   T54] Bluetooth: hci2: command tx timeout
[  287.769601][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.781067][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.792589][ T3519] bond0 (unregistering): Released all slaves
[  287.820062][T13074] FAULT_INJECTION: forcing a failure.
[  287.820062][T13074] name failslab, interval 1, probability 0, space 0, times 0
[  287.834900][T13074] CPU: 0 UID: 0 PID: 13074 Comm: syz.4.1945 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  287.845722][T13074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  287.855802][T13074] Call Trace:
[  287.859092][T13074]  <TASK>
[  287.862024][T13074]  dump_stack_lvl+0x241/0x360
[  287.866710][T13074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.871911][T13074]  ? __pfx__printk+0x10/0x10
[  287.876502][T13074]  ? __kmalloc_node_noprof+0xb7/0x440
[  287.881875][T13074]  ? __pfx___might_resched+0x10/0x10
[  287.887175][T13074]  should_fail_ex+0x3b0/0x4e0
[  287.891868][T13074]  should_failslab+0xac/0x100
[  287.896554][T13074]  __kmalloc_node_noprof+0xdf/0x440
[  287.901761][T13074]  ? __kvmalloc_node_noprof+0x72/0x190
[  287.907216][T13074]  ? alloc_netdev_mqs+0xbc6/0x1080
[  287.912335][T13074]  __kvmalloc_node_noprof+0x72/0x190
[  287.917622][T13074]  alloc_netdev_mqs+0xc0b/0x1080
[  287.922569][T13074]  rtnl_create_link+0x2f9/0xc20
[  287.927428][T13074]  rtnl_newlink_create+0x210/0xa30
[  287.932546][T13074]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  287.938182][T13074]  ? bpf_lsm_capable+0x9/0x10
[  287.942860][T13074]  ? security_capable+0x7e/0x2d0
[  287.947817][T13074]  ? ns_capable+0x8a/0xf0
[  287.952155][T13074]  rtnl_newlink+0xfa9/0x1550
[  287.956751][T13074]  ? __pfx_rtnl_newlink+0x10/0x10
[  287.961777][T13074]  ? __mutex_lock+0x9ab/0xd70
[  287.966453][T13074]  ? __mutex_lock+0x52a/0xd70
[  287.971129][T13074]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  287.976256][T13074]  ? __pfx_rtnl_newlink+0x10/0x10
[  287.981278][T13074]  rtnetlink_rcv_msg+0x73f/0xcf0
[  287.986225][T13074]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  287.991348][T13074]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  287.996818][T13074]  ? ref_tracker_free+0x643/0x7e0
[  288.001845][T13074]  netlink_rcv_skb+0x1e3/0x430
[  288.006612][T13074]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  288.012089][T13074]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  288.017395][T13074]  ? netlink_deliver_tap+0x2e/0x1b0
[  288.022597][T13074]  netlink_unicast+0x7f6/0x990
[  288.027366][T13074]  ? __pfx_netlink_unicast+0x10/0x10
[  288.032649][T13074]  ? __virt_addr_valid+0x183/0x530
[  288.037772][T13074]  ? __check_object_size+0x48e/0x900
[  288.043081][T13074]  netlink_sendmsg+0x8e4/0xcb0
[  288.047861][T13074]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.053149][T13074]  ? aa_sock_msg_perm+0x91/0x160
[  288.058099][T13074]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.063382][T13074]  __sock_sendmsg+0x221/0x270
[  288.068062][T13074]  ____sys_sendmsg+0x52a/0x7e0
[  288.072844][T13074]  ? __pfx_____sys_sendmsg+0x10/0x10
[  288.078230][T13074]  __sys_sendmsg+0x292/0x380
[  288.082821][T13074]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.087946][T13074]  ? __pfx_vfs_write+0x10/0x10
[  288.092731][T13074]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  288.099068][T13074]  ? do_syscall_64+0x100/0x230
[  288.103833][T13074]  ? do_syscall_64+0xb6/0x230
[  288.108510][T13074]  do_syscall_64+0xf3/0x230
[  288.113015][T13074]  ? clear_bhb_loop+0x35/0x90
[  288.117688][T13074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.123584][T13074] RIP: 0033:0x7f2bfdb7e719
[  288.127996][T13074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.147607][T13074] RSP: 002b:00007f2bfea42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.156025][T13074] RAX: ffffffffffffffda RBX: 00007f2bfdd35f80 RCX: 00007f2bfdb7e719
[  288.163999][T13074] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  288.171966][T13074] RBP: 00007f2bfea42090 R08: 0000000000000000 R09: 0000000000000000
[  288.179936][T13074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  288.187907][T13074] R13: 0000000000000000 R14: 00007f2bfdd35f80 R15: 00007ffd2d0078f8
[  288.195890][T13074]  </TASK>
[  288.363209][T13041] chnl_net:caif_netlink_parms(): no params data found
[  288.665954][T13041] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.674736][T13041] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.682454][T13041] bridge_slave_0: entered allmulticast mode
[  288.690016][T13041] bridge_slave_0: entered promiscuous mode
[  288.698238][T13041] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.705372][T13041] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.713957][T13041] bridge_slave_1: entered allmulticast mode
[  288.720814][T13041] bridge_slave_1: entered promiscuous mode
[  288.749869][ T3519] hsr_slave_0: left promiscuous mode
[  288.756029][ T3519] hsr_slave_1: left promiscuous mode
[  288.765263][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  288.772937][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.783294][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  288.794397][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.820386][ T3519] veth1_macvtap: left promiscuous mode
[  288.828118][ T3519] veth0_macvtap: left promiscuous mode
[  288.833756][ T3519] veth1_vlan: left promiscuous mode
[  288.843504][ T3519] veth0_vlan: left promiscuous mode
[  288.980215][   T54] Bluetooth: hci4: command tx timeout
[  289.293083][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  289.338997][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  289.541120][   T54] Bluetooth: hci2: command tx timeout
[  289.780321][T13041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.812348][T13041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.871188][T13115] FAULT_INJECTION: forcing a failure.
[  289.871188][T13115] name failslab, interval 1, probability 0, space 0, times 0
[  289.901047][T13115] CPU: 0 UID: 0 PID: 13115 Comm: syz.3.1956 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  289.911869][T13115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  289.921954][T13115] Call Trace:
[  289.925257][T13115]  <TASK>
[  289.928215][T13115]  dump_stack_lvl+0x241/0x360
[  289.932942][T13115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.938175][T13115]  ? __pfx__printk+0x10/0x10
[  289.942780][T13115]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  289.948766][T13115]  ? __pfx___might_resched+0x10/0x10
[  289.954064][T13115]  should_fail_ex+0x3b0/0x4e0
[  289.958770][T13115]  should_failslab+0xac/0x100
[  289.963472][T13115]  ? __alloc_skb+0x1c3/0x440
[  289.968058][T13115]  kmem_cache_alloc_node_noprof+0x71/0x320
[  289.973866][T13115]  __alloc_skb+0x1c3/0x440
[  289.978284][T13115]  ? __pfx___alloc_skb+0x10/0x10
[  289.983215][T13115]  ? netlink_ack_tlv_len+0x6e/0x200
[  289.988416][T13115]  netlink_ack+0x13f/0xa30
[  289.992828][T13115]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  289.998299][T13115]  netlink_rcv_skb+0x262/0x430
[  290.003061][T13115]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  290.008553][T13115]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  290.012085][T13041] team0: Port device team_slave_0 added
[  290.013862][T13115]  ? netlink_deliver_tap+0x2e/0x1b0
[  290.023725][T13041] team0: Port device team_slave_1 added
[  290.024700][T13115]  netlink_unicast+0x7f6/0x990
[  290.035047][T13115]  ? __pfx_netlink_unicast+0x10/0x10
[  290.040390][T13115]  ? __virt_addr_valid+0x183/0x530
[  290.045531][T13115]  ? __check_object_size+0x48e/0x900
[  290.050824][T13115]  netlink_sendmsg+0x8e4/0xcb0
[  290.055600][T13115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.060918][T13115]  ? aa_sock_msg_perm+0x91/0x160
[  290.065871][T13115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.071156][T13115]  __sock_sendmsg+0x221/0x270
[  290.075832][T13115]  ____sys_sendmsg+0x52a/0x7e0
[  290.080600][T13115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  290.085912][T13115]  __sys_sendmsg+0x292/0x380
[  290.090500][T13115]  ? __pfx___sys_sendmsg+0x10/0x10
[  290.095613][T13115]  ? __pfx_vfs_write+0x10/0x10
[  290.100404][T13115]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  290.106749][T13115]  ? do_syscall_64+0x100/0x230
[  290.111543][T13115]  ? do_syscall_64+0xb6/0x230
[  290.116234][T13115]  do_syscall_64+0xf3/0x230
[  290.120741][T13115]  ? clear_bhb_loop+0x35/0x90
[  290.125417][T13115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.131309][T13115] RIP: 0033:0x7f903bd7e719
[  290.135713][T13115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.155317][T13115] RSP: 002b:00007f903b7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.163730][T13115] RAX: ffffffffffffffda RBX: 00007f903bf35f80 RCX: 00007f903bd7e719
[  290.171703][T13115] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  290.179677][T13115] RBP: 00007f903b7ff090 R08: 0000000000000000 R09: 0000000000000000
[  290.187658][T13115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  290.195728][T13115] R13: 0000000000000000 R14: 00007f903bf35f80 R15: 00007ffd9dbb2b88
[  290.203712][T13115]  </TASK>
[  290.237842][T12957] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.292825][T13041] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.300348][T13041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.341325][T13041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  290.354520][T13041] batman_adv: batadv0: Adding interface: batadv_slave_1
[  290.370226][T13041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.397798][T13041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  290.413340][T13125] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1960'.
[  290.565651][T13137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1964'.
[  290.569224][T13041] hsr_slave_0: entered promiscuous mode
[  290.593842][T13041] hsr_slave_1: entered promiscuous mode
[  290.600989][T13041] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  290.609510][T13041] Cannot create hsr debugfs directory
[  290.636059][T13142] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  290.663054][T13138] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1963'.
[  290.681760][T13138] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1963'.
[  290.693407][T12957] 8021q: adding VLAN 0 to HW filter on device team0
[  290.738395][ T6635] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.745542][ T6635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.768463][ T6635] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.775657][ T6635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.058202][   T54] Bluetooth: hci4: command tx timeout
[  291.174598][T12957] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.194680][T13168] FAULT_INJECTION: forcing a failure.
[  291.194680][T13168] name failslab, interval 1, probability 0, space 0, times 0
[  291.208956][T13168] CPU: 1 UID: 0 PID: 13168 Comm: syz.3.1970 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  291.219761][T13168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  291.229848][T13168] Call Trace:
[  291.233128][T13168]  <TASK>
[  291.236059][T13168]  dump_stack_lvl+0x241/0x360
[  291.240780][T13168]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.245987][T13168]  ? __pfx__printk+0x10/0x10
[  291.250591][T13168]  ? __kmalloc_node_noprof+0xb7/0x440
[  291.255973][T13168]  ? __pfx___might_resched+0x10/0x10
[  291.261269][T13168]  should_fail_ex+0x3b0/0x4e0
[  291.265949][T13168]  should_failslab+0xac/0x100
[  291.270632][T13168]  __kmalloc_node_noprof+0xdf/0x440
[  291.275837][T13168]  ? alloc_slab_obj_exts+0x3a/0xa0
[  291.280958][T13168]  alloc_slab_obj_exts+0x3a/0xa0
[  291.285983][T13168]  __memcg_slab_post_alloc_hook+0x319/0x7e0
[  291.291876][T13168]  ? kasan_unpoison+0x46/0x70
[  291.296563][T13168]  __kmalloc_node_noprof+0x2a5/0x440
[  291.301855][T13168]  ? __kvmalloc_node_noprof+0x72/0x190
[  291.307316][T13168]  __kvmalloc_node_noprof+0x72/0x190
[  291.312597][T13168]  alloc_netdev_mqs+0xc0b/0x1080
[  291.317540][T13168]  rtnl_create_link+0x2f9/0xc20
[  291.322393][T13168]  rtnl_newlink_create+0x210/0xa30
[  291.327512][T13168]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  291.333142][T13168]  ? bpf_lsm_capable+0x9/0x10
[  291.337818][T13168]  ? security_capable+0x7e/0x2d0
[  291.342756][T13168]  ? ns_capable+0x8a/0xf0
[  291.347088][T13168]  rtnl_newlink+0xfa9/0x1550
[  291.351684][T13168]  ? __pfx_rtnl_newlink+0x10/0x10
[  291.356702][T13168]  ? __mutex_lock+0x9ab/0xd70
[  291.361372][T13168]  ? __mutex_lock+0x52a/0xd70
[  291.366042][T13168]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  291.371165][T13168]  ? __pfx_rtnl_newlink+0x10/0x10
[  291.376182][T13168]  rtnetlink_rcv_msg+0x73f/0xcf0
[  291.381122][T13168]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  291.386234][T13168]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  291.391697][T13168]  ? ref_tracker_free+0x643/0x7e0
[  291.396736][T13168]  netlink_rcv_skb+0x1e3/0x430
[  291.401508][T13168]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  291.406977][T13168]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  291.412278][T13168]  ? netlink_deliver_tap+0x2e/0x1b0
[  291.417476][T13168]  netlink_unicast+0x7f6/0x990
[  291.422244][T13168]  ? __pfx_netlink_unicast+0x10/0x10
[  291.427523][T13168]  ? __virt_addr_valid+0x183/0x530
[  291.432645][T13168]  ? __check_object_size+0x48e/0x900
[  291.437929][T13168]  netlink_sendmsg+0x8e4/0xcb0
[  291.442699][T13168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.447986][T13168]  ? aa_sock_msg_perm+0x91/0x160
[  291.452926][T13168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.458207][T13168]  __sock_sendmsg+0x221/0x270
[  291.462894][T13168]  ____sys_sendmsg+0x52a/0x7e0
[  291.467670][T13168]  ? __pfx_____sys_sendmsg+0x10/0x10
[  291.472972][T13168]  __sys_sendmsg+0x292/0x380
[  291.477564][T13168]  ? __pfx___sys_sendmsg+0x10/0x10
[  291.482686][T13168]  ? __pfx_vfs_write+0x10/0x10
[  291.487476][T13168]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  291.493809][T13168]  ? do_syscall_64+0x100/0x230
[  291.498572][T13168]  ? do_syscall_64+0xb6/0x230
[  291.503257][T13168]  do_syscall_64+0xf3/0x230
[  291.507754][T13168]  ? clear_bhb_loop+0x35/0x90
[  291.512429][T13168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.518321][T13168] RIP: 0033:0x7f903bd7e719
[  291.522733][T13168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.542337][T13168] RSP: 002b:00007f903b7ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.550755][T13168] RAX: ffffffffffffffda RBX: 00007f903bf35f80 RCX: 00007f903bd7e719
[  291.558735][T13168] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  291.566701][T13168] RBP: 00007f903b7ff090 R08: 0000000000000000 R09: 0000000000000000
[  291.574665][T13168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  291.582630][T13168] R13: 0000000000000000 R14: 00007f903bf35f80 R15: 00007ffd9dbb2b88
[  291.590613][T13168]  </TASK>
[  291.648790][   T54] Bluetooth: hci2: command tx timeout
[  291.704228][T12957] veth0_vlan: entered promiscuous mode
[  291.757418][T13179] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1974'.
[  291.773785][T12957] veth1_vlan: entered promiscuous mode
[  291.847824][T12957] veth0_macvtap: entered promiscuous mode
[  291.869328][T12957] veth1_macvtap: entered promiscuous mode
[  291.892403][T13184] netlink: 'syz.0.1975': attribute type 2 has an invalid length.
[  291.892418][T13185] netlink: 'syz.0.1975': attribute type 2 has an invalid length.
[  291.924594][T12957] batman_adv: batadv0: Interface activated: batadv_slave_0
[  291.939699][T12957] batman_adv: batadv0: Interface activated: batadv_slave_1
[  291.955469][T13041] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  291.967256][T13041] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  291.979223][T13041] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  292.001235][T12957] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.020355][T12957] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.060438][T12957] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.086918][T12957] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.123612][T13041] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  292.328485][ T6635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.342043][ T6635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.404230][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.412644][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.449828][T13041] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.487293][T13213] netlink: 'syz.4.1984': attribute type 1 has an invalid length.
[  292.513604][T13041] 8021q: adding VLAN 0 to HW filter on device team0
[  292.562331][ T6635] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.569687][ T6635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.684983][ T3519] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.692188][ T3519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.010662][ T6641] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.068212][T13041] 8021q: adding VLAN 0 to HW filter on device batadv0
[  293.133419][T13041] veth0_vlan: entered promiscuous mode
[  293.139795][   T54] Bluetooth: hci4: command tx timeout
[  293.147496][T13041] veth1_vlan: entered promiscuous mode
[  293.173155][T13041] veth0_macvtap: entered promiscuous mode
[  293.182641][T13041] veth1_macvtap: entered promiscuous mode
[  293.200192][T13041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.210957][T13041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.222981][T13041] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.242558][T13041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.253289][T13041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.265903][T13041] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.278330][T13041] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.287688][T13041] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.296397][T13041] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.305504][T13041] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.362331][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.371344][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.394947][ T6635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.405042][ T6635] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.430410][ T6641] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.732478][ T6641] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.943810][ T6641] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.181725][ T6641] bridge_slave_1: left allmulticast mode
[  294.188351][ T6641] bridge_slave_1: left promiscuous mode
[  294.194053][ T6641] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.203691][ T6641] bridge_slave_0: left allmulticast mode
[  294.209547][ T6641] bridge_slave_0: left promiscuous mode
[  294.215249][ T6641] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.512580][ T6641] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.524147][ T6641] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.536277][ T6641] bond0 (unregistering): Released all slaves
[  294.781133][T13233] netlink: 448 bytes leftover after parsing attributes in process `syz.0.1988'.
[  294.821129][ T6641] hsr_slave_0: left promiscuous mode
[  294.827637][ T6641] hsr_slave_1: left promiscuous mode
[  294.850877][ T6641] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.860585][ T6641] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.871622][ T6641] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.879225][ T6641] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.910787][ T6641] veth1_macvtap: left promiscuous mode
[  294.916364][ T6641] veth0_macvtap: left promiscuous mode
[  294.922269][ T6641] veth1_vlan: left promiscuous mode
[  294.929964][ T6641] veth0_vlan: left promiscuous mode
[  294.943873][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  294.955863][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  294.965470][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  294.976193][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  294.985695][ T5152] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  294.993669][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  295.356299][ T6641] team0 (unregistering): Port device team_slave_1 removed
[  295.395967][ T6641] team0 (unregistering): Port device team_slave_0 removed
[  295.914289][T13235] chnl_net:caif_netlink_parms(): no params data found
[  295.976044][T13235] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.984887][T13235] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.992224][T13235] bridge_slave_0: entered allmulticast mode
[  295.999206][T13235] bridge_slave_0: entered promiscuous mode
[  296.006555][T13235] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.014032][T13235] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.021522][T13235] bridge_slave_1: entered allmulticast mode
[  296.029387][T13235] bridge_slave_1: entered promiscuous mode
[  296.053094][T13235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.064811][T13235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.094639][T13235] team0: Port device team_slave_0 added
[  296.102927][T13235] team0: Port device team_slave_1 added
[  296.121007][T13235] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.128728][T13235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.154842][T13235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.273632][ T6641] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.314407][T13235] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.323749][T13235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.353074][T13235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.374715][T13248] FAULT_INJECTION: forcing a failure.
[  296.374715][T13248] name failslab, interval 1, probability 0, space 0, times 0
[  296.407524][T13255] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  296.408324][T13252] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  296.419157][T13248] CPU: 1 UID: 0 PID: 13248 Comm: syz.4.1990 Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  296.437544][T13248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  296.447714][T13248] Call Trace:
[  296.451011][T13248]  <TASK>
[  296.453959][T13248]  dump_stack_lvl+0x241/0x360
[  296.458671][T13248]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.463904][T13248]  ? __pfx__printk+0x10/0x10
[  296.468529][T13248]  ? ref_tracker_alloc+0x332/0x490
[  296.473670][T13248]  should_fail_ex+0x3b0/0x4e0
[  296.478378][T13248]  ? skb_clone+0x20c/0x390
[  296.482816][T13248]  should_failslab+0xac/0x100
[  296.487516][T13248]  ? skb_clone+0x20c/0x390
[  296.491957][T13248]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  296.497363][T13248]  skb_clone+0x20c/0x390
[  296.501634][T13248]  __netlink_deliver_tap+0x3cc/0x7c0
[  296.506932][T13248]  ? netlink_deliver_tap+0x2e/0x1b0
[  296.512131][T13248]  netlink_deliver_tap+0x19d/0x1b0
[  296.517239][T13248]  netlink_sendskb+0x68/0x140
[  296.521921][T13248]  netlink_unicast+0x39d/0x990
[  296.526687][T13248]  ? __asan_memcpy+0x40/0x70
[  296.531293][T13248]  ? __pfx_netlink_unicast+0x10/0x10
[  296.536584][T13248]  netlink_rcv_skb+0x262/0x430
[  296.541352][T13248]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  296.546812][T13248]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  296.552108][T13248]  ? netlink_deliver_tap+0x2e/0x1b0
[  296.557303][T13248]  netlink_unicast+0x7f6/0x990
[  296.562074][T13248]  ? __pfx_netlink_unicast+0x10/0x10
[  296.567355][T13248]  ? __virt_addr_valid+0x183/0x530
[  296.572466][T13248]  ? __check_object_size+0x48e/0x900
[  296.577752][T13248]  netlink_sendmsg+0x8e4/0xcb0
[  296.582546][T13248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.587849][T13248]  ? aa_sock_msg_perm+0x91/0x160
[  296.592807][T13248]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.598095][T13248]  __sock_sendmsg+0x221/0x270
[  296.602772][T13248]  ____sys_sendmsg+0x52a/0x7e0
[  296.607557][T13248]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.612853][T13248]  __sys_sendmsg+0x292/0x380
[  296.617442][T13248]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.622562][T13248]  ? __pfx_vfs_write+0x10/0x10
[  296.627347][T13248]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  296.633673][T13248]  ? do_syscall_64+0x100/0x230
[  296.638435][T13248]  ? do_syscall_64+0xb6/0x230
[  296.643110][T13248]  do_syscall_64+0xf3/0x230
[  296.647610][T13248]  ? clear_bhb_loop+0x35/0x90
[  296.652283][T13248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.658181][T13248] RIP: 0033:0x7f2bfdb7e719
[  296.662599][T13248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.682201][T13248] RSP: 002b:00007f2bfea42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.690612][T13248] RAX: ffffffffffffffda RBX: 00007f2bfdd35f80 RCX: 00007f2bfdb7e719
[  296.698583][T13248] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  296.706549][T13248] RBP: 00007f2bfea42090 R08: 0000000000000000 R09: 0000000000000000
[  296.714519][T13248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  296.722483][T13248] R13: 0000000000000000 R14: 00007f2bfdd35f80 R15: 00007ffd2d0078f8
[  296.730463][T13248]  </TASK>
[  296.740779][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  296.755248][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  296.764514][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  296.793633][T13245] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1989'.
[  296.807060][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  296.821944][ T6641] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.838592][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  296.846822][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  296.907521][T13267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1995'.
[  296.913824][T13235] hsr_slave_0: entered promiscuous mode
[  296.926475][T13235] hsr_slave_1: entered promiscuous mode
[  296.964885][ T6641] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.057302][ T5152] Bluetooth: hci2: command tx timeout
[  297.094089][ T6641] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.172198][T13274] netlink: 'syz.0.1996': attribute type 1 has an invalid length.
[  297.395912][T13290] sctp: [Deprecated]: syz.0.2000 (pid 13290) Use of struct sctp_assoc_value in delayed_ack socket option.
[  297.395912][T13290] Use struct sctp_sack_info instead
[  297.412834][T13256] chnl_net:caif_netlink_parms(): no params data found
[  297.434275][T13285] gtp2: entered promiscuous mode
[  297.440625][T13285] gtp2: entered allmulticast mode
[  297.449063][T13289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2001'.
[  297.473334][ T6641] bridge_slave_1: left allmulticast mode
[  297.486932][ T6641] bridge_slave_1: left promiscuous mode
[  297.492638][ T6641] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.512777][ T6641] bridge_slave_0: left allmulticast mode
[  297.522711][ T6641] bridge_slave_0: left promiscuous mode
[  297.529304][ T6641] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.949814][ T6641] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.961582][ T6641] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.972668][ T6641] bond0 (unregistering): Released all slaves
[  298.166452][T13256] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.174712][T13256] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.183111][T13256] bridge_slave_0: entered allmulticast mode
[  298.190591][T13256] bridge_slave_0: entered promiscuous mode
[  298.212351][T13256] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.226428][T13256] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.238303][T13256] bridge_slave_1: entered allmulticast mode
[  298.245708][T13256] bridge_slave_1: entered promiscuous mode
[  298.408942][T13256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.486368][T13315] netlink: 'syz.0.2006': attribute type 11 has an invalid length.
[  298.494951][ T6641] hsr_slave_0: left promiscuous mode
[  298.504878][ T6641] hsr_slave_1: left promiscuous mode
[  298.510905][ T6641] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.518705][ T6641] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.526418][ T6641] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.534632][ T6641] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.555664][ T6641] veth1_macvtap: left promiscuous mode
[  298.561567][ T6641] veth0_macvtap: left promiscuous mode
[  298.567639][ T6641] veth1_vlan: left promiscuous mode
[  298.573162][ T6641] veth0_vlan: left promiscuous mode
[  298.897223][ T5152] Bluetooth: hci4: command tx timeout
[  299.051749][ T6641] team0 (unregistering): Port device team_slave_1 removed
[  299.092432][ T6641] team0 (unregistering): Port device team_slave_0 removed
[  299.140453][ T5152] Bluetooth: hci2: command tx timeout
[  299.478221][T13256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.609583][T13256] team0: Port device team_slave_0 added
[  299.624558][T13256] team0: Port device team_slave_1 added
[  299.672541][T13256] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.689396][T13256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.720607][T13256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.733343][T13235] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  299.763138][T13334] netlink: 'syz.0.2010': attribute type 1 has an invalid length.
[  299.772529][T13256] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.781032][T13256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.807717][T13256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  299.819754][T13235] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  299.830017][T13235] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  299.843022][T13235] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  299.922734][T13256] hsr_slave_0: entered promiscuous mode
[  299.929846][T13256] hsr_slave_1: entered promiscuous mode
[  299.936054][T13256] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  299.950540][T13256] Cannot create hsr debugfs directory
[  300.179912][T13346] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2013'.
[  300.203459][T13346] vlan2: entered promiscuous mode
[  300.213033][T13346] macvtap0: entered promiscuous mode
[  300.223701][T13346] macvtap0: left promiscuous mode
[  300.256893][T13348] netlink: 'syz.0.2015': attribute type 30 has an invalid length.
[  300.264882][T13348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2015'.
[  300.274251][T13348] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  300.306265][T13235] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.337696][T13235] 8021q: adding VLAN 0 to HW filter on device team0
[  300.366021][ T3519] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.373254][ T3519] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.416006][ T3519] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.423241][ T3519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.522028][T13256] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  300.541534][T13256] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  300.555956][T13256] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  300.570562][T13256] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  300.663781][T13364] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2018'.
[  300.666311][T13256] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.703869][T13256] 8021q: adding VLAN 0 to HW filter on device team0
[  300.723805][ T6641] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.731023][ T6641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.744637][T13235] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.759268][ T6635] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.766396][ T6635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.799704][T13256] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  300.810682][T13256] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  300.849617][T13235] veth0_vlan: entered promiscuous mode
[  300.861256][T13235] veth1_vlan: entered promiscuous mode
[  300.984868][ T5152] Bluetooth: hci4: command tx timeout
[  301.270068][ T5152] Bluetooth: hci2: command tx timeout
[  303.082978][ T5152] Bluetooth: hci4: command tx timeout
[  303.755984][ T5152] Bluetooth: hci2: command tx timeout
[  323.415930][ T5152] Bluetooth: hci4: command tx timeout
[  323.487170][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  323.493498][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  346.693680][T13373] 8021q: adding VLAN 0 to HW filter on device bond3
[  378.822653][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.830490][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  421.996610][ T5853] Bluetooth: hci2: command 0x0406 tx timeout
[  422.002721][ T5853] Bluetooth: hci4: command 0x0406 tx timeout
[  448.746994][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  448.753351][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  464.226920][   T30] INFO: task syz.4.2007:13316 blocked for more than 140 seconds.
[  464.234702][   T30]       Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  464.276725][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  464.285685][   T30] task:syz.4.2007      state:D stack:23072 pid:13316 tgid:13316 ppid:5838   flags:0x00000000
[  464.376570][   T30] Call Trace:
[  464.379900][   T30]  <TASK>
[  464.382854][   T30]  __schedule+0x18af/0x4bd0
[  464.446640][   T30]  ? __pfx___schedule+0x10/0x10
[  464.451557][   T30]  ? __pfx_lock_release+0x10/0x10
[  464.496743][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  464.502270][   T30]  ? schedule+0x90/0x320
[  464.555030][   T30]  schedule+0x14b/0x320
[  464.566592][   T30]  schedule_preempt_disabled+0x13/0x30
[  464.572096][   T30]  __mutex_lock+0x6a7/0xd70
[  464.626684][   T30]  ? __mutex_lock+0x52a/0xd70
[  464.631439][   T30]  ? pipe_release+0x48/0x320
[  464.636066][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  464.716578][   T30]  ? __pfx___might_resched+0x10/0x10
[  464.721936][   T30]  ? __pfx_call_rcu+0x10/0x10
[  464.776616][   T30]  pipe_release+0x48/0x320
[  464.781258][   T30]  ? __pfx_pipe_release+0x10/0x10
[  464.786312][   T30]  __fput+0x23f/0x880
[  464.836563][   T30]  task_work_run+0x24f/0x310
[  464.841228][   T30]  ? __pfx_task_work_run+0x10/0x10
[  464.846365][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  464.916584][   T30]  syscall_exit_to_user_mode+0x168/0x370
[  464.922284][   T30]  do_syscall_64+0x100/0x230
[  464.986599][   T30]  ? clear_bhb_loop+0x35/0x90
[  464.991340][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.036589][   T30] RIP: 0033:0x7f2bfdb7e719
[  465.041060][   T30] RSP: 002b:00007ffd2d007a58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  465.106550][   T30] RAX: 0000000000000000 RBX: 00007f2bfdd37a80 RCX: 00007f2bfdb7e719
[  465.114579][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  465.196555][   T30] RBP: 00007f2bfdd37a80 R08: 0000000000000006 R09: 00007ffd2d007d4f
[  465.204583][   T30] R10: 00000000003ffbbc R11: 0000000000000246 R12: 000000000004910a
[  465.276594][   T30] R13: 00007ffd2d007b60 R14: 0000000000000032 R15: ffffffffffffffff
[  465.284645][   T30]  </TASK>
[  465.336614][   T30] INFO: task syz.4.2007:13318 blocked for more than 141 seconds.
[  465.344385][   T30]       Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  465.436596][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  465.445320][   T30] task:syz.4.2007      state:D stack:27392 pid:13318 tgid:13316 ppid:5838   flags:0x00000000
[  465.546628][   T30] Call Trace:
[  465.549965][   T30]  <TASK>
[  465.552917][   T30]  __schedule+0x18af/0x4bd0
[  465.606687][   T30]  ? __pfx___schedule+0x10/0x10
[  465.611611][   T30]  ? __pfx_lock_release+0x10/0x10
[  465.666652][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  465.672185][   T30]  ? schedule+0x90/0x320
[  465.676452][   T30]  schedule+0x14b/0x320
[  465.736681][   T30]  schedule_preempt_disabled+0x13/0x30
[  465.742201][   T30]  __mutex_lock+0x6a7/0xd70
[  465.786727][   T30]  ? __mutex_lock+0x52a/0xd70
[  465.791474][   T30]  ? pipe_write+0x1c6/0x1a30
[  465.796096][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  465.876587][   T30]  ? aa_file_perm+0x137/0xf50
[  465.881342][   T30]  ? __pfx_validate_chain+0x10/0x10
[  465.926599][   T30]  pipe_write+0x1c6/0x1a30
[  465.931084][   T30]  ? mark_lock+0x9a/0x360
[  465.935435][   T30]  ? __lock_acquire+0x1384/0x2050
[  466.006580][   T30]  ? __pfx_pipe_write+0x10/0x10
[  466.011659][   T30]  ? common_file_perm+0x1a6/0x210
[  466.056632][   T30]  ? bpf_lsm_file_permission+0x9/0x10
[  466.062068][   T30]  ? security_file_permission+0x74/0x280
[  466.116577][   T30]  vfs_write+0xaeb/0xd30
[  466.120891][   T30]  ? __pfx_pipe_write+0x10/0x10
[  466.125768][   T30]  ? __pfx_vfs_write+0x10/0x10
[  466.206707][   T30]  ? fdget_pos+0x19a/0x320
[  466.211197][   T30]  ksys_write+0x183/0x2b0
[  466.215702][   T30]  ? __pfx_ksys_write+0x10/0x10
[  466.286646][   T30]  ? exc_page_fault+0x590/0x8c0
[  466.291569][   T30]  ? do_syscall_64+0xb6/0x230
[  466.296275][   T30]  do_syscall_64+0xf3/0x230
[  466.346693][   T30]  ? clear_bhb_loop+0x35/0x90
[  466.351435][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.416665][   T30] RIP: 0033:0x7f2bfdb7e719
[  466.421299][   T30] RSP: 002b:00007f2bfea21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  466.476561][   T30] RAX: ffffffffffffffda RBX: 00007f2bfdd36058 RCX: 00007f2bfdb7e719
[  466.484588][   T30] RDX: 0000000000000004 RSI: 0000000020000180 RDI: 0000000000000009
[  466.586610][   T30] RBP: 00007f2bfdbf139e R08: 0000000000000000 R09: 0000000000000000
[  466.594650][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.676696][   T30] R13: 0000000000000001 R14: 00007f2bfdd36058 R15: 00007ffd2d0078f8
[  466.684804][   T30]  </TASK>
[  466.746686][   T30] 
[  466.746686][   T30] Showing all locks held in the system:
[  466.754468][   T30] 1 lock held by khungtaskd/30:
[  466.806587][   T30]  #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  466.866692][   T30] 2 locks held by getty/5591:
[  466.871431][   T30]  #0: ffff88814d4ce0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  466.946610][   T30]  #1: ffffc900032232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  466.996666][   T30] 3 locks held by syz-executor/13235:
[  467.002095][   T30] 1 lock held by syz.4.2007/13316:
[  467.066797][   T30]  #0: ffff888031f9c068 (&pipe->mutex){+.+.}-{3:3}, at: pipe_release+0x48/0x320
[  467.075941][   T30] 1 lock held by syz.4.2007/13317:
[  467.136550][   T30]  #0: ffff888031f9c068 (&pipe->mutex){+.+.}-{3:3}, at: splice_file_to_pipe+0x2e/0x500
[  467.146305][   T30] 1 lock held by syz.4.2007/13318:
[  467.226649][   T30]  #0: ffff888031f9c068 (&pipe->mutex){+.+.}-{3:3}, at: pipe_write+0x1c6/0x1a30
[  467.235806][   T30] 
[  467.296545][   T30] =============================================
[  467.296545][   T30] 
[  467.305018][   T30] NMI backtrace for cpu 1
[  467.309358][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  467.319877][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  467.329952][   T30] Call Trace:
[  467.333244][   T30]  <TASK>
[  467.336185][   T30]  dump_stack_lvl+0x241/0x360
[  467.340893][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  467.346119][   T30]  ? __pfx__printk+0x10/0x10
[  467.350737][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  467.355701][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  467.361175][   T30]  ? _printk+0xd5/0x120
[  467.365348][   T30]  ? __pfx__printk+0x10/0x10
[  467.369956][   T30]  ? __wake_up_klogd+0xcc/0x110
[  467.374825][   T30]  ? __pfx__printk+0x10/0x10
[  467.379432][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  467.384478][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  467.390477][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  467.396477][   T30]  watchdog+0xff4/0x1040
[  467.400746][   T30]  ? watchdog+0x1ea/0x1040
[  467.405184][   T30]  ? __pfx_watchdog+0x10/0x10
[  467.409879][   T30]  kthread+0x2f0/0x390
[  467.413961][   T30]  ? __pfx_watchdog+0x10/0x10
[  467.418661][   T30]  ? __pfx_kthread+0x10/0x10
[  467.423266][   T30]  ret_from_fork+0x4b/0x80
[  467.427701][   T30]  ? __pfx_kthread+0x10/0x10
[  467.432304][   T30]  ret_from_fork_asm+0x1a/0x30
[  467.437112][   T30]  </TASK>
[  467.440760][   T30] Sending NMI from CPU 1 to CPUs 0:
[  467.446188][    C0] NMI backtrace for cpu 0
[  467.446201][    C0] CPU: 0 UID: 0 PID: 13235 Comm: syz-executor Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  467.446222][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  467.446233][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x90
[  467.446260][    C0] Code: 10 48 89 74 0a 18 4c 89 44 0a 20 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 c0 d5 03 00 65 8b 05 50 f7
[  467.446275][    C0] RSP: 0018:ffffc90003fffba8 EFLAGS: 00000086
[  467.446290][    C0] RAX: 1ffff1100b7a9c62 RBX: ffff8880259fe878 RCX: dffffc0000000000
[  467.446303][    C0] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000020
[  467.446314][    C0] RBP: 0000000000000001 R08: ffffffff8159a49a R09: ffffffff81599a22
[  467.446326][    C0] R10: 0000000000000002 R11: ffff88805bd4da00 R12: ffff88805bd4da00
[  467.446338][    C0] R13: 0000000000000001 R14: 0000000000000011 R15: 0000000000000001
[  467.446349][    C0] FS:  000055555f771500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  467.446365][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  467.446377][    C0] CR2: 00007f903bf36060 CR3: 000000006d1a6000 CR4: 00000000003526f0
[  467.446392][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  467.446402][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  467.446413][    C0] Call Trace:
[  467.446419][    C0]  <NMI>
[  467.446426][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  467.446446][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  467.446471][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  467.446489][    C0]  ? nmi_handle+0x2a/0x5a0
[  467.446517][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  467.446538][    C0]  ? nmi_handle+0x14f/0x5a0
[  467.446554][    C0]  ? nmi_handle+0x2a/0x5a0
[  467.446571][    C0]  ? __pfx___sanitizer_cov_trace_const_cmp4+0x10/0x10
[  467.446593][    C0]  ? default_do_nmi+0x63/0x160
[  467.446613][    C0]  ? exc_nmi+0x123/0x1f0
[  467.446630][    C0]  ? end_repeat_nmi+0xf/0x53
[  467.446648][    C0]  ? send_signal_locked+0x32/0x920
[  467.446664][    C0]  ? __send_signal_locked+0xca/0xdc0
[  467.446682][    C0]  ? __pfx___sanitizer_cov_trace_const_cmp4+0x10/0x10
[  467.446705][    C0]  ? __pfx___sanitizer_cov_trace_const_cmp4+0x10/0x10
[  467.446728][    C0]  ? __pfx___sanitizer_cov_trace_const_cmp4+0x10/0x10
[  467.446750][    C0]  </NMI>
[  467.446755][    C0]  <TASK>
[  467.446761][    C0]  __send_signal_locked+0x133/0xdc0
[  467.446778][    C0]  ? __lock_task_sighand+0x2a5/0x2d0
[  467.446794][    C0]  ? __lock_task_sighand+0x29/0x2d0
[  467.446812][    C0]  group_send_sig_info+0x292/0x310
[  467.446831][    C0]  ? __pfx_group_send_sig_info+0x10/0x10
[  467.446850][    C0]  ? __pfx_signal_setup_done+0x10/0x10
[  467.446872][    C0]  bpf_send_signal_common+0x2dd/0x430
[  467.446901][    C0]  ? __pfx_bpf_send_signal_common+0x10/0x10
[  467.446921][    C0]  ? __pfx___cant_migrate+0x10/0x10
[  467.446947][    C0]  ? bpf_trace_run2+0x1fc/0x540
[  467.446963][    C0]  bpf_send_signal+0x19/0x30
[  467.446987][    C0]  bpf_prog_7ba5217f62dcd359+0x41/0x45
[  467.447002][    C0]  bpf_trace_run2+0x2ec/0x540
[  467.447022][    C0]  ? __pfx_bpf_trace_run2+0x10/0x10
[  467.447039][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  467.447064][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  467.447088][    C0]  ? do_syscall_64+0x100/0x230
[  467.447104][    C0]  trace_sys_enter+0x93/0xd0
[  467.447127][    C0]  syscall_trace_enter+0xf8/0x150
[  467.447150][    C0]  do_syscall_64+0xcc/0x230
[  467.447166][    C0]  ? clear_bhb_loop+0x35/0x90
[  467.447182][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.447205][    C0] RIP: 0033:0x7fbba6f1a099
[  467.447217][    C0] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  467.447231][    C0] RSP: 002b:00007ffd7c931800 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  467.447248][    C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fbba6f1a099
[  467.447260][    C0] RDX: 00007ffd7c931800 RSI: 00007ffd7c931930 RDI: 0000000000000011
[  467.447271][    C0] RBP: 00007ffd7c931df0 R08: 0000000000000002 R09: 007061747663616d
[  467.447283][    C0] R10: 00007ffd7c932226 R11: 0000000000000246 R12: 00007ffd7c931e70
[  467.447295][    C0] R13: 00007fbba6ff2384 R14: 00007fbba7c64620 R15: 00007fbba6ff2384
[  467.447315][    C0]  </TASK>
[  468.256663][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  468.263562][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-01164-gccb35037c48a #0
[  468.274087][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  468.284158][   T30] Call Trace:
[  468.287450][   T30]  <TASK>
[  468.290392][   T30]  dump_stack_lvl+0x241/0x360
[  468.295098][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.300324][   T30]  ? __pfx__printk+0x10/0x10
[  468.304930][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  468.310938][   T30]  ? vscnprintf+0x5d/0x90
[  468.315284][   T30]  panic+0x349/0x880
[  468.319200][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  468.325369][   T30]  ? __pfx_panic+0x10/0x10
[  468.329802][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  468.335194][   T30]  ? __irq_work_queue_local+0x137/0x410
[  468.340761][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  468.346151][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  468.352809][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  468.358996][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  468.365182][   T30]  watchdog+0x1033/0x1040
[  468.369542][   T30]  ? watchdog+0x1ea/0x1040
[  468.373999][   T30]  ? __pfx_watchdog+0x10/0x10
[  468.378695][   T30]  kthread+0x2f0/0x390
[  468.382783][   T30]  ? __pfx_watchdog+0x10/0x10
[  468.387476][   T30]  ? __pfx_kthread+0x10/0x10
[  468.392169][   T30]  ret_from_fork+0x4b/0x80
[  468.396606][   T30]  ? __pfx_kthread+0x10/0x10
[  468.401211][   T30]  ret_from_fork_asm+0x1a/0x30
[  468.406003][   T30]  </TASK>
[  468.409306][   T30] Kernel Offset: disabled
[  468.413647][   T30] Rebooting in 86400 seconds..