last executing test programs:

39.072938946s ago: executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x3, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

38.90470988s ago: executing program 3:
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x0, 0x0, @prog_id}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r0, r1, 0x2, 0x0, 0x4000, @prog_id}, 0x20)

38.822613244s ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)="b6", 0x1}], 0x1}, 0x14f916e07fbb522e)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="20000000041401050000000000000000080001000000000008003d00ffffffff35ff90c9a35548dc931c1b22bba9a064799ca14fbe45f148775c5d5271357fd5ba5998550c02fb26ff2876fcc14b38c5dec598a482a432ea69c619e76885e1cdea6fc2f6eeb9105826bfd1286052d7ddd8eb6a348640581e379b07c9c136a88432da541da81378bfb0302ecc08"], 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x63, &(0x7f0000001100)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r3], 0xf8}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000069117200000000008510000002000000850000000002000095000000000000009500a50500000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x6}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="1c0000001e0081064e81f782db44b9040202080006007c09e8fe08a1", 0x1c}], 0x1}, 0x0)

26.811969098s ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)="b6", 0x1}], 0x1}, 0x14f916e07fbb522e)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="20000000041401050000000000000000080001000000000008003d00ffffffff35ff90c9a35548dc931c1b22bba9a064799ca14fbe45f148775c5d5271357fd5ba5998550c02fb26ff2876fcc14b38c5dec598a482a432ea69c619e76885e1cdea6fc2f6eeb9105826bfd1286052d7ddd8eb6a348640581e379b07c9c136a88432da541da81378bfb0302ecc08"], 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x63, &(0x7f0000001100)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r3], 0xf8}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000069117200000000008510000002000000850000000002000095000000000000009500a50500000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x6}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="1c0000001e0081064e81f782db44b9040202080006007c09e8fe08a1", 0x1c}], 0x1}, 0x0)

12.514533841s ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)="b6", 0x1}], 0x1}, 0x14f916e07fbb522e)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="20000000041401050000000000000000080001000000000008003d00ffffffff35ff90c9a35548dc931c1b22bba9a064799ca14fbe45f148775c5d5271357fd5ba5998550c02fb26ff2876fcc14b38c5dec598a482a432ea69c619e76885e1cdea6fc2f6eeb9105826bfd1286052d7ddd8eb6a348640581e379b07c9c136a88432da541da81378bfb0302ecc08"], 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x63, &(0x7f0000001100)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r3], 0xf8}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000069117200000000008510000002000000850000000002000095000000000000009500a50500000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x6}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="1c0000001e0081064e81f782db44b9040202080006007c09e8fe08a1", 0x1c}], 0x1}, 0x0)

2.234284168s ago: executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$netlink(r1, 0x10e, 0x3, &(0x7f0000000200)=""/47, &(0x7f0000000240)=0x2f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000040016800400149015b0b06f69"], 0x28}}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000340)={'ip_vti0\x00', &(0x7f0000001740)={'ip_vti0\x00', <r5=>r3, 0x7800, 0x20, 0x80, 0x0, {{0x14, 0x4, 0x3, 0x2, 0x50, 0x64, 0x0, 0x3, 0x29, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0xa}, {[@timestamp_addr={0x44, 0xc, 0x40, 0x1, 0x2, [{@private=0xa010102, 0x8000}]}, @timestamp_prespec={0x44, 0xc, 0x44, 0x3, 0x4, [{@broadcast}]}, @end, @timestamp_addr={0x44, 0x14, 0x4e, 0x1, 0x1, [{@rand_addr=0x64010100, 0x6e}, {@local, 0x8}]}, @lsrr={0x83, 0xf, 0x39, [@rand_addr=0x64010102, @remote, @multicast2]}]}}}}})
sendmsg$nl_route(r1, &(0x7f0000001540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001500)={&(0x7f0000001640)=ANY=[@ANYBLOB="240000005200080029bd7000fcdbdf251c08000600c700000008000100", @ANYRES32=r5, @ANYBLOB="aaeef3ed62ff1343ed5bc7d4bbf934fb1836e0db3dccf81fc369c8b7ca3d21601cff265af4a9d63eb2630d8aca49d4218bdaecee4e31620568fb24b2401f28e33ff7d172882dcf0463de446f2d8f952234541600eae09c364916c778884bf9d0d9b3de26f82c1d6999a98068dfe9c45a0e8146b2cac16da51a65bae33a226722e6db54080b3c74f707c962a21c19f5220a9c88b9286a562019b13152ec4e291655e8ea4d22600e46ca93c8c74b06e0e7e9f83cdcfdf3bed2"], 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$rds(r6, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
write(r7, &(0x7f0000000040)="0a03000019002551075c0165ff0ffc02802000030004000500e1000cee020f001a000000", 0x33a)
sendmsg$key(r4, &(0x7f00005f5000)={0x0, 0x0, 0x0}, 0x0)
accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000080)=0x14)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x8}, {r4}], 0x2, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)={[0x20]}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000008c00bf60d3"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, &(0x7f0000000480)=""/4096, &(0x7f0000000280)=0x1000)
r8 = openat$cgroup_ro(r2, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r8, 0x0)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f0000000140), &(0x7f0000000180)=0x8)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x3, @none, 0x0, 0x2}, 0xe)
shutdown(0xffffffffffffffff, 0x0)

1.660274644s ago: executing program 4:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r2, 0x11b, 0x8, 0x0, &(0x7f0000000040))

1.477990178s ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c000701080000000000000007000000", @ANYRES32=<r3=>r1, @ANYBLOB="e04f00000a000200aaaaaaaaaa0c"], 0x28}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x4888, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000010000304000000000000000000007400", @ANYRES32=r3, @ANYBLOB="08000000000000000a000100"], 0x2c}}, 0x0)

1.472220645s ago: executing program 4:
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffffffffffff99, &(0x7f0000000080)=[{&(0x7f00000000c0)="e03f030010000b05d25a806c8c6f94f90324fc601000010020000000053582fb8f51c18fffd99b8e8bc137153e37", 0x33fe0}], 0x1}, 0x40040)

1.253876314s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000010900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000070000000060a010400000000000000000100000008000b4000000000400004803c0001800b000100736f636b657400002c000280080002400000000d080001400000000108000300000000f408000300000000e0080003000000009e0900010073797a30"], 0x140}}, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000300)={0x1100, 0x0, 0x0, 0x2a40})
ioctl$FS_IOC_RESVSP(r0, 0x40305828, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000"], &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000002380)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYRES32=r2], &(0x7f0000000100)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2}, 0x90)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000001940), 0x0)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendfile(r5, r4, 0x0, 0x5)
recvmsg(r4, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r6, 0x84, 0x10, &(0x7f0000000080)=""/4057, &(0x7f0000001140)=0xfd9)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000001100), 0x8)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
ioctl$FIBMAP(r0, 0x4030582a, &(0x7f0000000080))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

1.232172634s ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r0, 0x84, 0xd, &(0x7f0000001f00)=""/4062, &(0x7f00000004c0)=0x744)

1.134749477s ago: executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x8, &(0x7f00000002c0)={&(0x7f0000000540)=@newtaction={0x48, 0x31, 0x1, 0x0, 0x0, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0x48}}, 0x0)

985.10697ms ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001362564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

881.366882ms ago: executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f00000006c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x10000001}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x4}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0)

811.722685ms ago: executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
accept$alg(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)="b6", 0x1}], 0x1}, 0x14f916e07fbb522e)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="20000000041401050000000000000000080001000000000008003d00ffffffff35ff90c9a35548dc931c1b22bba9a064799ca14fbe45f148775c5d5271357fd5ba5998550c02fb26ff2876fcc14b38c5dec598a482a432ea69c619e76885e1cdea6fc2f6eeb9105826bfd1286052d7ddd8eb6a348640581e379b07c9c136a88432da541da81378bfb0302ecc08"], 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x63, &(0x7f0000001100)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r3], 0xf8}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000069117200000000008510000002000000850000000002000095000000000000009500a50500000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x6}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="1c0000001e0081064e81f782db44b9040202080006007c09e8fe08a1", 0x1c}], 0x1}, 0x0)

739.598816ms ago: executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
sendto$inet6(r0, &(0x7f0000000140)='g', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x1)
sendmsg$inet6(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000001c0)='=', 0x1}], 0x1}, 0x0)

707.471687ms ago: executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000040)=0xad3, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r2 = epoll_create1(0x0)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x30000000})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r3})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFBR(r5, 0x8940, &(0x7f0000000b80)=@generic={0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_es_insert_delayed_block\x00', r4}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x4, 0x4}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='ext4_es_insert_delayed_block\x00', r7}, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000100), 0x1001)

666.712085ms ago: executing program 0:
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000000), 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000080000000000000000000a1400000010"], 0x28}}, 0x0)
r3 = socket(0x0, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x4, "00000000000000000400004f00"}}}]}, 0x48}}, 0x0)
sendmmsg$inet6(r3, &(0x7f0000001e80)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x1ff, @private2}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000200)="506671b59db1f2daddf56339f18f3ebba37441bca0fea0b573387359b01cf1882cd292c0fa98e45c35f97aad2733c5aa830a2a2377aa00990788ee09442bbdff03b480cbe257deb008df0240a25b935462d86bb806c6822173f8ac1cf375f926dd2bed5323234b87443649bdeadb4b735c2c23165ca457f62ac3aea54a18ee98e2f8699e77463c1fa6a263eb0aa709e80699a8b217d5837a05da", 0x9a}, {&(0x7f00000002c0)="95b2b9c481f0df04bae618df205534224964c325ce903c0a0f3adaef625c23fb9eceb8c4a03d7246654d5bbc50475907d7e7ffb5274a2a723089baba1a72ff033e81027f8384cf0802ae2b9f6467727be6d43666d615658dbf4b1f9e38045f31616d19a818d51c4e535fefa8c24235fe92ebfef6fe02906c136966025873b041091451b822988f4914ff3a9b45e54a156825014d85b842a0a423cc3a9d8862d3f2635ab063df028f6670a10a2fa2bb02fb20c181298a618b16453affd920a439655a3bab0322d16c83cc2af39c05d86cdf93686f09442a846cf8a4425409", 0xde}], 0x2, &(0x7f0000000600)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1ff}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x578c}}, @pktinfo={{0x24, 0x29, 0x32, {@private0={0xfc, 0x0, '\x00', 0x1}, r1}}}, @rthdr_2292={{0x48, 0x29, 0x39, {0x2c, 0x6, 0x2, 0x9, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @mcast2]}}}, @dontfrag={{0x14}}, @hoplimit={{0x14, 0x29, 0x34, 0x1}}, @rthdr={{0xa8, 0x29, 0x39, {0x33, 0x12, 0x1, 0x7, 0x0, [@local, @ipv4={'\x00', '\xff\xff', @local}, @local, @private0, @dev={0xfe, 0x80, '\x00', 0x41}, @private0, @rand_addr=' \x01\x00', @empty, @mcast1]}}}, @rthdrdstopts={{0x30, 0x29, 0x37, {0x33, 0x2, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @pad1]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x0, 0x8, 0x1, 0x9, 0x0, [@mcast1, @mcast2, @local, @remote]}}}], 0x200}}, {{&(0x7f00000003c0)={0xa, 0x4e21, 0x7, @private1, 0x7f}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000400)="36899cb69b7a6edccd63bd9ec72291ed83d3d7ee11b3da957027f3de28137df1222f631311337721feafecbfc2d00c393f6367f6b5f55d67bf3a01ca3ec269c92e9dbd02302f4d0249a126e65954c8c6fe15d5341b0d1355c78171ae6a1f5716bee6b51033a610f47eaa1949428864e170488a934c7f15d2880e", 0x7a}, {&(0x7f0000000480)="7d1c57ba521b010bdc797811f87ac8f8178741fd5d05db3d8fb6bba30aa5a86acd51bf6e735c3ca9cb987f96f1b7e002f0ef71552aa07fc9b62280032112011ef2044d5dd2fb6624733d79491bab1f89ef95fc0341e0473c834d93f2ac39337aab74ed8471189b3ea83d6b05831d9d6851704a49b1563bc213b80cce5dbf", 0x7e}, {&(0x7f0000000840)="bb2bb34cd96f766419144c4c34f1aba3488e186f8efce8fce78884e639d9ec1a81819645160deda49ed98c6e29834b3c7ce3f37ba313541a48c9da21487b08d7cf47d48548b20b1d1a5fb544f2446be3e53603cb261fd52392a7b2ac802876bfc569d12eb79137162ed4d7f10cd339816592169807594a98004b9f81cceab5c6548ed50d4d62ff2c127e42925332beea75c0990e5b168962a21073d5da2390250f14272834e731935483ac86936d21d18359723e03a8b949e66a2e272c78c1c2ee3e4fcc83aa9b7660059aea7b6cd3ed671f1ea1f2fc94292809d0fbb71f4fd4c12f533933580f5f445fcffc9fc0481b7345e6d5103c2bd638", 0xf9}, {&(0x7f0000000500)="6d38095ea1c022849d78aa8953582ef177f7a4a6766dd1e54d03492c8866302fcc144ccdb627123caf737bc32af483451a80007e", 0x34}, {&(0x7f0000000d00)="d87ce66458f4faacff644a6adbcb13c82e3a784a5e692204918a3f8808ebb7b9d180c5f6e903907e4063d641da5d1cbfa081c29a44ff600b704a484a08ad483da81cc94412ac9efbcad035e6b67287c279ab188dc2bafffa8c408fbac2ff94f13c0302585d93d2b8445c91f528b4a35e56108b45d665ebb199bc347858ec0d29fd5d4ff544e81b051d34fd8d79e7413f284f374ec93e641547706f0125a45e86d960d02ab148e914a324f9e9ef45217139a2fdd90da13a024ac4af37d615bf8d581571e8c51ae76a75a40a8d9adbe1b94311b907c455cf8630146f29f8d0f7ebc303662ecd09567941f296e9a8f4d43fcc4c727687a5d182db4e5603e1caba68f383ecf6c8571da0bc79952c746b67136b74bb8fa1c3fa7dc99ccd9bda2615c51f69fc8b036b387fc318fc3844339f039241f6290ffe4fddb3310e798968768b4e9c69be82cc8446444a3762cc89438e54b6096de3eb390d254d1b71629a6603658dff33d68c9420430749668a09d4193aef0f2072bc4916ab88c875db5eb86f8576e6aed87e189732c232f43dc2bd3be18e95662418c00d11f16d7ff20cfed9468299cf4f15dde6e232263555b47a6cd43c5ffd3d2f8b7b67d5e3e45fb0de30cc502c607b1d150fdc6e54d546eb3de7c14047043c49c66dfde3c6db10f34d1fbdebcb03ed2f83f6b3a9d63217371fc46e6d9fdc8fd2a441f5adc58451c8137531c9e09b9e9175cd3afb9e2ac5111df49b4c934b3a282619407dc2b09fba523d24a79f91c7373d2eeb02a62c3c9a499962971486de5b9929f7babda3afb1048551958a23b2762e7ea9c87ddc30b17bb23bc1172ce97650ca61c54ab6466edc1c0b3a1a6262de9738726fb7f73c7663953dddd75e9df89026aa8290515241c3a699ffe5f923033b8a7981c9a2d3f71e58f047102aae398988e27a0c3aa185006658aad3a713c2148add46d724f17ace77855f0f5c8a4e0f692672ede835e9a5b76fd794bc910fe8cfd7f8ca0c98020e3541589603c566ceaecb11e6adc154153a4510368bed584ee4a1fb7040c35233756ff43a94415244cb6723aafbd676bef9243f97502578e64766ef96b5c9733a4d182fa2ed3dd993c091e9327540849e760a0c34586621939cbe4a0a5d8c8174954fddae64e696be6d435b2b9ffc33850c9dc9c6e19035d5db1c8da4669783f0d0d1c30c11c883f90acdffcb5fa7ea196f3627b7e08307160d43f6f1bf21ad824791c6cabc265c5b61d53f0a921e513b82fe3a68dac9d677533fa7bbd584f14555e79029f5f772e0efbc88fa530b49836cf4590592f7327fced21addd9c4e514541c6217b7934cd039d7f9b83abf587d33058593e6e81f6f537170d977f20903dfa67ff70779da2593579f6ea56a507294ab27076f81defe0071fe0523707f8ff6c9da775aa4ad6560d50f7a634cc12c7af809c489aa1f3827fd8e58ffaf50e39235843cd480b1f34d1d49d3f565a8a3079e448f1e0b52e9702ee5bf79607d6c5fb7511170a22d8f917f84261b50daa132811ae09c936a8d7217198d43d61cf7f47a3ca556b43576ca88e211f52eaaf9229ab25eaba33d5033056b2a9170c4dfb4bbc973f209aa20568a05a7917a73eba6ef315791f3648b46637b6c462c67eb9d1a13c0473663ff6f0efc4a6a86887796eb71b3db6c25f189b73a652a0486fcbf2e0c85ef0847fde1931dd02348a1021f8f37c57a952b8442a88ff1f5b022edbb10dde330de78451ad502c12bb9b5af9cdf8b781a0ab5649f142142419d89a962dbbb52b5a80b66e17a7e39a7a970e5e8a19d818a1db83742a7ad346cdd1a39b1d908654ed8b9885f99ea768de955075269ca40cde46880cb46e8556cf874dde55f34485585da01b481149380cd76b8b170eddcfec8f011318cf0c4e96d84501026bbaf22efd736f595c11563ba95151c34128ccbce9a7cdcb91f97db6968f811513ca09c8436fee21d38e16a160e3be9c1f022d9149c46dea195623312ef093a849e953e28b2d2cea18f1a687ab2748866e0f5517c0b3e1cfcb263e1ee77594959f7837b5f652fbf8883990c151df532e7e5ed09f61e5440d785ddf2d1cae894e559f3ebd6f18c5982b3210f47eba5ecf579b7ac0656cc85c190d7461dfe0b962d09816f8deaa420280e744d8a21f69ebbe14e49e828d938fb5857fd8dbdc5024ab95414d6edf20f3c5fe7f3c45a4d3e366dee4d6e470cfacf72626997ed35add261d1baa809fbd86bb48ec0bd6a08890c67a4c93383da72b3873804005d6c818ce74781ab2e51e740075310aa9afe4819eb44594128ff3383eec1c5b49d284ba070e70c7dc2e89a268d14fd830d709656e15babee6da72cc8dcb142e7826ef23ad360c406a32ec663c7b0b30db4218a54653a28a9b625e9e82fd3f18572a7eec40c36a986f3d5c6fe0ea8918ce79af3fbb8a226b9af99352bb2140ad1f4d2b1fc5ad8f6b41775df467f165766bc71d8c53debe7506237f0d4eefa4e763288bfffb6c1ee0f06c5db810bfb5ecf9495f608e1e4ed957f735b5b8d3978d386e024aa41d05691e5096d55cc7b9f9e8fdc55390f33ea3f5b309b9f2d549716b2165e1b199dccc6b361e2fd919d1c1f468a15394a7bdc6f0da90ff9adf52b4a66cce3455e1c4dd4996555f0ec2ee175e6450e1f0d71653ae371f8947574302be34bd8507f3a1d13ca87981efa7bab1abcf09216e13ecb74fd8e2e827cfa0d7261f2cfca9e36e085ef2228415b5d7eb89f34dee017d129b518d5bbb727b01e385dc5484504872a00dfabbaabfd938d869a8edb0051d7054403d08fe595ea12fa85f9ec309c54265db892b66d0c1d2a180cdd94a11e33ec93faf61774a9b229466ff6f6765a7b13992231d97fef577401ebbaeea0f5073ef94d22c18ee5ede9d628ddefee8c5d4353c53efcdef49a4e96c9b8c70a974bc775e626e1f232be4c6a8723c2ae2cfb09dbccb4b24ec13c9b82bb9e0bd8d3c6a42293382372d4d7bb1b2addb71ebbba09c6132ed11d6efb7f4d410488c493a80575aed261ad47eabb9f3ae88fc7732248522cf3ad587c68398b792282453ecda86520c4570a81631398506ac2f3e89be6d570d6fae2103db7787beafe376f6869646062d5b0795f5ddb2521c0c528987d58070016c20a385bb836a5df338a5dc852ff132fa96cc2472baee62f4be85e55c82c9df61cfa936d1f6a1b4fcd8b48439404e45a921f4e04ad87ff186702e33a8fc1c159de245dc0de68f94b5bb18324c9bf0b190852e0dce7a8d97ffad69f8d31cf1420d037767ad1701cd9a791b217f3ecfa69aff3fe6b42687ab521e28effdeebc56c60098a2408dc5fe9ff99144c6c12bc89a1480fb3ce0b7b9dc199c1d6abe76fba2e6e32a64fb021e69802a850883a6f895e56e6cf062d65afca95e93aea7f1c282d29e7894b7b8f229ffa5d62a383c892dbac137eeba1d73d9be30a945cc602c1e8a89d82592265a30d6ec40bf37e7fd0a7d83c871e455e2f5d54bc3c03c9b652c2de5ad443213340ce378dd261c9ff958b373b633f040ff65e6ea77092d99731292417dd041b40fc108ab3d352565a2073170705cf113ae6ee046cce33b62d25b5f09e06a4e165df2f392b9953647c78818f43951ea3b03f4fe2db8304757ab7179be067767583dad0d2dce390025ffab6ba4971ffcb5c4d75fcb70fcf85a26875cc1e177820fc1cd355ce22fad50239161332d194ffd2d6437badae6e9dec3c79f8bd119e88f91b93c9d7bb24cda9fd9f1c5708cf2d9f0f72f646fc15c6364e7df9a57c98bff56f47155c5f2011610e5bec7551116f3e3e4f9b04382f583616531748963a89adb01162872d2795ea7596c063b8ad37da835ec8778b1f214f9d3ea3578ac822cd23c3065932ebd52b649aac9af90f2cb1fab4f180e0ff54775711f370c7dd618654342b160c905731a2b28d38b02d6ede34e4ac70884329503d31b0ce7f80b9107155566ed02e958bdd9e154d7a2bc6a22b07c8b684a0537a3f83baebfcccc482e3c9adab2d8317a42323d9e30c165ca4cfc22f27a40f2ef97cf4492868dc1a1a2ad8bd3f4c13b3df3588c3d1cc9e7739641eb7905ee4bb2ee15e73d310398d4b2e87c7a0766d7ab6f48f5ad4a4b97808f4f23256098b38ee7a3416962979ec0647a0240d39e9102fe6417c64e8e513741752d6153b4ae67dc118e5107e2d71583dd763e7704bece2d75f63cb16a1b5276f49d2383215974f19e3c967b369ce1d7385071800c58eaaaef425725eb82ed298b9ad4144b108fe588d8136e5759f4f50f412542463c7e7520425715c69b49f22383fbf72d39319194b500f91d39312eba2a8b76306c2f9f8156e38ecc5dfe96ec51193719ae5e84ebbf9ea919b5e077063949a184d9fe80576bf1d2a00dbbae051711e3d071a49ce483bb7e7285759b55976027afb6a4e6c93fc4ff77a1701092e458b720241d9952526ca75ad0457689d4a50e3c36134b070a108f1b3e9cd9b11624ba4ece731cd8f6fc24b193d52d9c7cf15e70cea32a4357e8896f4d6397c445834dcbf8b79a4b26094dc09e230486d20f80f114d2094d44ab6a47e00479cb98511560d37285ccf1c746a9f9bd1ba38218e5c00bf95ef353bd236e008de8f69cc042ec6fcdc28a799a20a1dad9e19ae160c61551317594403d34755b4dd9eecf84b837d99de3a6a4dbbabe51764b084bf6de708bd08afdaae08bcc9ad1671b41a33d6855660389b6df8010f9203ad751f437e47c54a82fb56f3f9be4c59bb61e3759a6cc4f7faf9e787fa8b8730ee0c687daf9438bdfb5b80ebe555068b3d61cafe45a44ba7801d617ccfb18a88565f9c15ba088e1e77ab73a0f63c4f305e3054cef0373da1b86a5b9ed4b636cd9649bc90cebc910a55a7727cd8a8be0c1508ef732516056627ee5de664b10f00113a84a5488f9fc10168832c335442464efffd7edccb3f2e7e07a85bf032ca2ece6359fc7fd0c42cb7b6a3c02ee2a78fc3ed8e2b1995ee3aca06cc654b22e7507fb47605ed3ff5e21ea50c81871e92c5f0efc3525748d3d42f3e558201b9adf2b502d468966f5f703d9e35645c610d86ae82bcf2837e57d6eb784162718be7209c79cc1af9653005545d0dcbb02fe12bbd5ab663f587451ed804313c69980d9d4dcdb508d8615316fc1f6b43f0af2ba9682eccdb5142ad52084c6b12be7867f22ee6192d05089d44bcee564e41af9bf94e68f20eb0a0f0dcda7195053c5543c093f3cb6c1c902043187888869eb070171f0867f998e9055f53905f5aa4300173668b0a6a6f8f6472f9233d55617bb2182e57c6f7a7896934e72833f9da37acabe3994fe1423e00ef9f200f9a0fd9ff663f31aefee8660292bc2778efda6b3581579302763703c7936f488e625a215b6395d8e952c579b89a947e39e98b694eda3210e7d363a46867a979f5fa01010049ab3a132a76ce98bc405a139f03f732c8bed01119f34214470c274a77427a697689687dfbe1f54158aceeff18e85ecefbd9d36718b9089e9e62dbd779911d76ab8a4518398572408e8049da17290714db2e289bb3e30f4b5d2cb75428db6c8fd8a6491af0b35c68d6e02ae7575ed4b2486e6dac715575ea72d830648fc388aeff21776865d8e0871a3dffff821226e05f238786168ed1a601bbd37c44afaabb3fd5308a4f0ebb37e58f5ba00c06ec040978cb6c81ff36a7e0df5ac829362a680bdb38673f197fdfb95afbbee45045a796affbc17dba7971573a2fa4519799784a894706288c3d69ef81cc2ff31469216d9d", 0x1000}], 0x5, &(0x7f0000000940)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0xa38}}, @tclass={{0x14, 0x29, 0x43, 0x9}}], 0x30}}, {{&(0x7f0000000980)={0xa, 0x4e22, 0x34dc, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffe01}, 0x1c, &(0x7f0000000a40)=[{&(0x7f00000009c0)="de4dd88c969a29cbe82b006e6a3ad6d760fdb87087367a23beea9d26be608dddcdddb85ed9323e0f2bad5eaeafa9e5e37e2db6ad3678378ec35eeb1b1e323be537d66e19c6b3c28c2b5173641355e361bd33eef5988740006fa325d1a2f89b93c277096ccd28d026fbccd77f41c72cf78439a843f0323dcf488ef062", 0x7c}], 0x1, 0x0, 0xb0}}, {{&(0x7f0000000b40)={0xa, 0x4e23, 0x20, @loopback, 0x30}, 0x1c, &(0x7f0000001d00)=[{&(0x7f0000000b80)="ba4b9922e2361285a4ea7894362812d1039f", 0x12}, {&(0x7f0000000bc0)="f5adb72cde89b8c3342d7675ec26dc3be6b7f68d60c0145333e4f3716cde37a1fbf1855556cfd2708963c8f48747d3b25fdb3388ba65c188247e41a123d84055b12eabff4c936f040e614683f25e21e55c411d391694cf6e4508973b0dab3206def6553bd9430a3d8bab963af69e4f83fdeb9e7cb040e51004b407bb78cd13bf6df84718fd7129a346e6a4995067a24fc1a74cef433340de11ecc082df1ebb3d07b66eea54c01edb2e920b62ebb2b704238d2c780c72670d7d64575300f7306593837520804d242d842b0dc0959864de38f33d", 0xd3}], 0x2, &(0x7f0000001d40)=[@hoplimit_2292={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0xa6}}, @hopopts={{0x20, 0x29, 0x36, {0x2, 0x0, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x7}}, @dontfrag={{0x14, 0x29, 0x3e, 0x7}}, @dstopts_2292={{0x60, 0x29, 0x4, {0x2, 0x8, '\x00', [@calipso={0x7, 0x38, {0x1, 0xc, 0x3f, 0x1ff, [0x70, 0x4, 0x7ff, 0x9, 0x4ac4, 0x5]}}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x88}, @enc_lim={0x4, 0x1, 0x6}]}}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x32, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0x20}, @jumbo={0xc2, 0x4, 0x7}, @jumbo={0xc2, 0x4, 0x1000}]}}}, @tclass={{0x14, 0x29, 0x43, 0x80}}], 0x120}}], 0x4, 0x4000)
sendmsg$can_bcm(r2, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r1}, 0x10, &(0x7f00000001c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x38}, 0x2}, 0x0)
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r6, 0x80080400)
accept(r6, 0x0, &(0x7f0000000000))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
r9 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r9, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10)
sendmsg$TIPC_CMD_GET_NODES(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r8, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r10, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10)

410.971253ms ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000002d00000085000000500000009500000000000000ac4ed1f05edbf68833674a316d7f4569822b4045cdc5fe3a20f5c8f661d31ddf7d987f3e4f6866d24c7319eb106cecbe6a94a214e1f3905ad9b19b583d0d2bb1454c0c96e79eed4e088632754f52c26e81780a75528dc33fa9b0417b856aa96c4b91ebd0e6510da0a7dea282989e2a84655598cee1d26de40690280c623e412ee3f6841d88d5685d7b4ee2d7f876545e36b5ec25a90461e7ec7a6b300d0a70cc24118baea3d1faa4764db5e0c8a340bfe32282d861ed318ee6a9c14061024493abaee51a81d5d722688ec05777b49d01e6467b8eaf738978e767686c06ba1d04efadf622149950e571a080f812b08b867df1dca55ac242f4e0c03373ce117e2c9a9b41342b3feaefbdc2fe1202dac22ebf30461a5ee7753dd0f2876a75b89eb07b065bd017dadb8e63a60416f5687b05f15fd4b0c26aca16da993ff79ac7107fd1dd81cdd1ba8dcd99de2b7e385c1d02cdb00bf5e2812b9d90ba838c4a7fb9e54d44454e3060850cf9737c3f3e8ba9bc3768a2498b937ff31277593bc9e1456a5b3d258db6011e1e274c7b7a30552b0e914a50a16068afd08064cc16ac036159ae3c871ea5962b36205da33d29b8a83fa0049ec421a4c9d0c650a60687009bed7a8c0ee5b17bdeaf93c71e9d7ecdfffb42d4ba2012206f28cc7871a660e5efd7df407898805673fede7519f5f2a4c36a07ec87d9bface2114be4b0d5dc7e1c8fa94725c05d34eb05d64c70778e7a756878f92e656e72b83ccf2acdd649a8e86fe00ef1bfa037328afd546896fae17a"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x42)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='ext4_sync_file_enter\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xf, 0x13, r3, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x42400)

341.996921ms ago: executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
write$cgroup_subtree(r0, &(0x7f0000000600)=ANY=[], 0xda00)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)

334.033781ms ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000018000100000000000000000002000000000000070000000008001e80"], 0x24}}, 0x0)

278.090776ms ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000000)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x20, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1a, 0x1, "10c4e3257eaa66a5725a38cd58d26115453baa910be0"}]}]}]}]}], {0x14, 0x10}}, 0xd4}}, 0x0)

203.097818ms ago: executing program 1:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r1}, 0x69)

157.620589ms ago: executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmmsg$unix(r0, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="04001b42", 0x4}], 0x1}}], 0x1, 0x0)

141.45512ms ago: executing program 4:
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@typedef={0x1}]}, {0x0, [0x5f]}}, 0x0, 0x27}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x1}, 0x48)

105.554133ms ago: executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_DPORT={0x6}, @IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}]}, 0x40}}, 0x0)

14.007464ms ago: executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='illinois\x00', 0x9)
sendto$inet(r0, &(0x7f0000000180)='{', 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000001cc0)=[{&(0x7f0000000940)="014bb6a68759182ab7e144f718ee0b9d487461d1891d71f57a540210b1b32e260da68c9e5042f43d8e39a995d58933e84e8f3166bcc26b57e038599805becad925bd3f30fe3ab8f293da067003b56ad9b15655", 0x53}, {&(0x7f0000002240)="d51bea8a3a04d260ddb6a37b69751f4fc9b43c211d9dccf8de698ab41303e10068ea5deb65e3a8e78dce6207179f92118585938a4509c5fb36a6519358da1cffd32cec80da48998b2a98c0bbec29a972cb61bed21830a974b9e0303beea60607d728888c6ffbfc04446df912c9e5f02ddc1000c77480edb8a30e9badfe45fbfe26f1aeff4e9a6b61762060c40c99a293a8403760985ae64734abda01e8ede5a55d675385f6c3477a76fa39e9c4214f943d638ea03f71b9c191678e7519fb352d4055b4055985107dc10b2b6b9fc4fe45d8fbf03230c055255370089eb08e9f58ecdb24cf8c10cae443053f1ac8561c1978582c1e4a29315b7cc3af05f98a220d60e58686479f664c60972633472fb111d584b9936462af095f5c8d3e8a4874c61ad02ce53007cd66d834014fa8ec8e5728a0994332654728861b628c5fe798c9f4ef20707f67cbdde77fb1245c9e2604010fd7bfec7e62e3d7c5c9dd42363493d5c7c11c6e11d35a0cda192caceb59868b11371617df594be36ff2ef4729b1a154b936a467ccf5062b5f2d8512f0fcf5a7f1b4ee14d8a84b29818d3952bac0127c53725bc5a7d04eb21d7d0315d19af0767cd2cc5e1cef880efa3d6c748126b1a13c9b946a702da3b5bbc73d4038268ceb3f72f2b2655055917c7bef03805989a2021d584eb4cee5d35c869fb8e62f3c33c2dec68f0394a92d47a7703c39828a4b97a040f1eac15756f52217720632eb9b4c1985e56cf5f9191fea6494955b5d1588d5584dd775a63f33329d22a0d5c93538d9ee44e6785618e4427b5993de07d9ed20bd894bedc81b1a244abac867452ffe6761d813d9d0e91156f5a0bbbafc20eb9a11c4bedf40997a4033536186fe4711e8deba3b09b1c4968f2d2f8eecc270e8fc9dfac0c6e61a45770a8fd9ce415eb4fde150681a0602370f61293b3727e8437bad2dc82bad7df2865f2eefcf2193718f37ad63d2e3e93c7962fb2c8c743b258b8b6e1c892fe258c70f1bd87119fe0841c85b2133f5070c075165ae02c2a20310155829d0b25068c5833b364d7e9a3fc18d1ec7c675f1408889a61302cad962b6b334fb0390ad5d6e8d9d8b8ca48648d58ad67e0aa466316c918ccec0eed937dfb1abab53bee56a3b12a73373414f52730bf5eab605458b8a2893db3459f5ba0519a2fcc91648d1e22cc2f8c1a4590866ff0fcabb5b58fe0ad175ad5660060c6ae6bba76a8bca1f1dd5dcd6c72bb684ae013f603a6710449e2551cc8f81d97fff7373c83e9c26b9cb7cc727a0ce73f719e687a1e2e6c5e6371abee61562092b2f0241e94d027cd1d7f127a330264758c3e2790aafaa5ea14f258632f0dff9525d0e9a903b97adc77eb0968e02543557949d5ec92864490f055803a163825115202022a704a3e7f75431030603bbf9476bdc0a5e5430e0", 0x3f9}], 0x2}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)="9b9ffa26f4cb5171be632cdfd9a71ff9ed099e18b36a34d2a17950e0989d7c024fd3cbb14a0fd95d60b2b03e6642192be3902f01d756951c1bc7003ed2070f38b02a30c94a1d16ca530e9578d07134cfddbc2f367283c7fbd3741a95993d4f42826e1e", 0x63}, {0x0}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)

11.331225ms ago: executing program 4:
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r1 = epoll_create(0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
r4 = accept4$rose(r3, &(0x7f0000000040)=@full={0xb, @dev, @default, 0x0, [@rose, @remote, @bcast, @default, @null, @bcast]}, &(0x7f0000000140)=0x40, 0x800)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r5}, 0x10)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000880)=@bpf_lsm={0x9, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x4}, [@initr0, @jmp={0x4, 0x1, 0x3, 0x4, 0x0, 0xffffffffffffffe0}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r6, &(0x7f0000000000)=ANY=[], 0xfffffecc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="d6e3fe7782", @ANYRESOCT], 0x18}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x0, 0x32, 0x0, 0xa}, 0x20)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x4, 0x3e8, 0x100, 0x0, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg1\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x4}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x2}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x90000008})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)

1.145307ms ago: executing program 0:
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
socket(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)={0xb0, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x72, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xb0}}, 0x0)

0s ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000000a240)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6}]}}}]}, 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.133' (ED25519) to the list of known hosts.
2024/06/20 11:26:21 fuzzer started
2024/06/20 11:26:21 dialing manager at 10.128.0.169:30016
[   53.758439][ T5086] cgroup: Unknown subsys name 'net'
[   53.937978][ T5086] cgroup: Unknown subsys name 'rlimit'
2024/06/20 11:26:23 starting 5 executor processes
[   55.037899][ T5087] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   55.693540][ T5109] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.702172][ T5109] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.710673][ T5109] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.726791][ T5113] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.737240][ T5116] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   55.744901][ T5116] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.752907][ T5119] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   55.752980][ T5116] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.768299][ T5117] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   55.769143][ T5116] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   55.776657][ T5119] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   55.783960][ T5116] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   55.800665][ T5117] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   55.808707][ T5119] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   55.821817][ T4487] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.822751][ T5119] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   55.830119][ T4487] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   55.837160][ T5119] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   55.843303][ T4487] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   55.850736][ T5119] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   55.860685][ T4487] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   55.872006][ T4487] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   55.872226][ T5119] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   55.879677][ T4487] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   55.929019][ T5113] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   55.937827][ T5113] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   55.947249][ T5113] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   55.955810][ T5113] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   55.963544][ T5113] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   55.971197][ T5113] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   56.461699][ T5122] chnl_net:caif_netlink_parms(): no params data found
[   56.533122][ T5110] chnl_net:caif_netlink_parms(): no params data found
[   56.597531][ T5111] chnl_net:caif_netlink_parms(): no params data found
[   56.650210][ T5114] chnl_net:caif_netlink_parms(): no params data found
[   56.722346][ T5122] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.730350][ T5122] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.738436][ T5122] bridge_slave_0: entered allmulticast mode
[   56.745689][ T5122] bridge_slave_0: entered promiscuous mode
[   56.758038][ T5122] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.765963][ T5122] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.773107][ T5122] bridge_slave_1: entered allmulticast mode
[   56.780176][ T5122] bridge_slave_1: entered promiscuous mode
[   56.809927][ T5106] chnl_net:caif_netlink_parms(): no params data found
[   56.882178][ T5110] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.889561][ T5110] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.897249][ T5110] bridge_slave_0: entered allmulticast mode
[   56.907017][ T5110] bridge_slave_0: entered promiscuous mode
[   56.921777][ T5110] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.929254][ T5110] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.939032][ T5110] bridge_slave_1: entered allmulticast mode
[   56.945915][ T5110] bridge_slave_1: entered promiscuous mode
[   56.956338][ T5122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.974857][ T5122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.047618][ T5111] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.058503][ T5111] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.066174][ T5111] bridge_slave_0: entered allmulticast mode
[   57.072847][ T5111] bridge_slave_0: entered promiscuous mode
[   57.081794][ T5111] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.089002][ T5111] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.096389][ T5111] bridge_slave_1: entered allmulticast mode
[   57.103110][ T5111] bridge_slave_1: entered promiscuous mode
[   57.116546][ T5110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.166053][ T5110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.202436][ T5122] team0: Port device team_slave_0 added
[   57.211172][ T5122] team0: Port device team_slave_1 added
[   57.244046][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.251152][ T5114] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.259107][ T5114] bridge_slave_0: entered allmulticast mode
[   57.266055][ T5114] bridge_slave_0: entered promiscuous mode
[   57.274509][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.281750][ T5114] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.289046][ T5114] bridge_slave_1: entered allmulticast mode
[   57.295995][ T5114] bridge_slave_1: entered promiscuous mode
[   57.323574][ T5111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.337420][ T5111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.359827][ T5110] team0: Port device team_slave_0 added
[   57.385308][ T5122] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.392275][ T5122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.421816][ T5122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.457147][ T5106] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.464422][ T5106] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.471593][ T5106] bridge_slave_0: entered allmulticast mode
[   57.478949][ T5106] bridge_slave_0: entered promiscuous mode
[   57.488743][ T5110] team0: Port device team_slave_1 added
[   57.503625][ T5114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.516470][ T5114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.526193][ T5122] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.533147][ T5122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.559418][ T5122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.594395][ T5111] team0: Port device team_slave_0 added
[   57.600667][ T5106] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.608304][ T5106] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.615927][ T5106] bridge_slave_1: entered allmulticast mode
[   57.622632][ T5106] bridge_slave_1: entered promiscuous mode
[   57.671682][ T5114] team0: Port device team_slave_0 added
[   57.679786][ T5111] team0: Port device team_slave_1 added
[   57.741344][ T5114] team0: Port device team_slave_1 added
[   57.749343][ T5111] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.756598][ T5111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.782863][ T5111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.807700][ T5110] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.816080][ T5110] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.842549][ T5110] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.856640][ T5110] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.863614][ T5110] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.889767][ T5110] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.894699][ T5113] Bluetooth: hci0: command tx timeout
[   57.900609][ T4487] Bluetooth: hci1: command tx timeout
[   57.930978][ T5111] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.937997][ T5111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.964335][ T5111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.975024][ T4487] Bluetooth: hci2: command tx timeout
[   57.980749][ T4487] Bluetooth: hci3: command tx timeout
[   57.983039][ T5106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.000000][ T5106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.021506][ T5122] hsr_slave_0: entered promiscuous mode
[   58.027899][ T5122] hsr_slave_1: entered promiscuous mode
[   58.048887][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.056158][ T4487] Bluetooth: hci4: command tx timeout
[   58.060554][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.088463][ T5114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.123191][ T5106] team0: Port device team_slave_0 added
[   58.142774][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.149871][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.175859][ T5114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.207372][ T5106] team0: Port device team_slave_1 added
[   58.253411][ T5110] hsr_slave_0: entered promiscuous mode
[   58.260240][ T5110] hsr_slave_1: entered promiscuous mode
[   58.267691][ T5110] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.275776][ T5110] Cannot create hsr debugfs directory
[   58.306559][ T5111] hsr_slave_0: entered promiscuous mode
[   58.312977][ T5111] hsr_slave_1: entered promiscuous mode
[   58.319738][ T5111] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.327357][ T5111] Cannot create hsr debugfs directory
[   58.378997][ T5106] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.386228][ T5106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.414203][ T5106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.457623][ T5114] hsr_slave_0: entered promiscuous mode
[   58.464476][ T5114] hsr_slave_1: entered promiscuous mode
[   58.470602][ T5114] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.478468][ T5114] Cannot create hsr debugfs directory
[   58.494385][ T5106] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.501448][ T5106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.527643][ T5106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.678658][ T5106] hsr_slave_0: entered promiscuous mode
[   58.687974][ T5106] hsr_slave_1: entered promiscuous mode
[   58.699133][ T5106] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.707461][ T5106] Cannot create hsr debugfs directory
[   58.993628][ T5122] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   59.006857][ T5122] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   59.028254][ T5122] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   59.040342][ T5122] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   59.112783][ T5110] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   59.125660][ T5110] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   59.138783][ T5110] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   59.149213][ T5110] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   59.246500][ T5111] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.267922][ T5111] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.302197][ T5111] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.312297][ T5111] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.370861][ T5114] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   59.390338][ T5114] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   59.401338][ T5114] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   59.428064][ T5122] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.436332][ T5114] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   59.530828][ T5122] 8021q: adding VLAN 0 to HW filter on device team0
[   59.560273][ T5106] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   59.598327][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.605645][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.617206][ T5106] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   59.629119][ T5106] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   59.641711][ T5106] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   59.659029][ T5110] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.689366][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.696594][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.723509][ T5110] 8021q: adding VLAN 0 to HW filter on device team0
[   59.792483][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.799654][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.826416][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.833522][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   59.867639][ T5111] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.958594][ T5111] 8021q: adding VLAN 0 to HW filter on device team0
[   59.976583][ T4487] Bluetooth: hci1: command tx timeout
[   59.976591][ T5113] Bluetooth: hci0: command tx timeout
[   59.993648][ T5114] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.043416][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.050643][ T5160] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.058407][ T4487] Bluetooth: hci3: command tx timeout
[   60.058606][ T5113] Bluetooth: hci2: command tx timeout
[   60.081780][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.088984][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.134232][ T5113] Bluetooth: hci4: command tx timeout
[   60.181643][ T5114] 8021q: adding VLAN 0 to HW filter on device team0
[   60.230677][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.237815][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.275098][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.282273][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.389190][ T5122] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.413398][ T5106] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.481672][ T5114] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.511197][ T5106] 8021q: adding VLAN 0 to HW filter on device team0
[   60.571040][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.578265][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.603282][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.610484][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.637531][ T5110] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.663570][ T5122] veth0_vlan: entered promiscuous mode
[   60.710258][ T5122] veth1_vlan: entered promiscuous mode
[   60.782050][ T5122] veth0_macvtap: entered promiscuous mode
[   60.794717][ T5111] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.822195][ T5106] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   60.837278][ T5106] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.882206][ T5122] veth1_macvtap: entered promiscuous mode
[   61.000735][ T5114] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.030981][ T5122] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.070731][ T5122] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.159501][ T5122] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.169969][ T5122] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.179690][ T5122] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.188733][ T5122] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.213391][ T5106] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.236410][ T5111] veth0_vlan: entered promiscuous mode
[   61.292254][ T5114] veth0_vlan: entered promiscuous mode
[   61.306152][ T5111] veth1_vlan: entered promiscuous mode
[   61.322295][ T5110] veth0_vlan: entered promiscuous mode
[   61.343759][ T5114] veth1_vlan: entered promiscuous mode
[   61.373460][ T5110] veth1_vlan: entered promiscuous mode
[   61.417111][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.434181][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.512701][ T5110] veth0_macvtap: entered promiscuous mode
[   61.522588][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.526790][ T5106] veth0_vlan: entered promiscuous mode
[   61.536862][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.552306][ T5110] veth1_macvtap: entered promiscuous mode
[   61.573320][ T5114] veth0_macvtap: entered promiscuous mode
[   61.592243][ T5114] veth1_macvtap: entered promiscuous mode
[   61.604485][ T5111] veth0_macvtap: entered promiscuous mode
[   61.626858][ T5106] veth1_vlan: entered promiscuous mode
[   61.671532][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.682693][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.698163][ T5110] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.707526][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.718380][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.728664][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.739792][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.751399][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.763946][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.774629][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.787346][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.808049][ T5111] veth1_macvtap: entered promiscuous mode
[   61.822350][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.834930][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.845739][ T5110] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.856495][ T5110] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.870106][ T5110] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.887220][ T5110] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.907796][ T5110] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.918605][ T5110] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.927414][ T5110] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.951401][ T5114] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.970432][ T5114] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.980180][ T5114] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.998737][ T5114] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.048188][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.058947][ T5113] Bluetooth: hci1: command tx timeout
[   62.064251][ T5113] Bluetooth: hci0: command tx timeout
[   62.066928][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.080522][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.092544][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.102503][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.113537][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.125319][ T5111] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.136444][ T5113] Bluetooth: hci3: command tx timeout
[   62.141845][ T4487] Bluetooth: hci2: command tx timeout
[   62.146845][ T5106] veth0_macvtap: entered promiscuous mode
[   62.163176][ T5192] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'.
[   62.172901][ T5192] tipc: Invalid UDP bearer configuration
[   62.172949][ T5192] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   62.195181][ T5106] veth1_macvtap: entered promiscuous mode
[   62.214208][ T4487] Bluetooth: hci4: command tx timeout
[   62.223925][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.237411][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.249660][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.260471][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.270436][ T5111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.281329][ T5111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.293027][ T5111] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.334312][ T5111] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.343089][ T5111] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.352153][ T5111] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.361436][ T5111] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.401533][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.441276][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.458739][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.470688][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.480948][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.493604][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.504324][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.515232][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.528046][ T5106] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.559016][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.570570][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.580930][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.593496][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.603434][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.616957][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.627506][ T5106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.640262][ T5106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.652038][ T5106] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.697457][ T5106] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.710508][ T5106] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.719415][ T5106] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.728972][ T5106] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.757625][ T5200] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   62.813618][ T1256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.852479][ T1256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.883053][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.912941][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.947247][ T1256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.967540][ T1256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.053512][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.072226][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.114414][ T5211] trusted_key: syz-executor.3 sent an empty control message without MSG_MORE.
[   63.222520][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.254800][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.268476][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.279674][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.393061][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.416837][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.486226][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.517048][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.134585][ T4487] Bluetooth: hci0: command tx timeout
[   64.134783][ T5113] Bluetooth: hci1: command tx timeout
[   64.214439][ T5113] Bluetooth: hci2: command tx timeout
[   64.225778][ T5113] Bluetooth: hci3: command tx timeout
[   64.292595][ T5251] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'.
[   64.302922][ T5113] Bluetooth: hci4: command tx timeout
[   64.336571][ T5251] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'.
[   64.434647][ T5257] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET)
[   64.672970][ T5264] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'.
[   64.683646][ T5264] tipc: Invalid UDP bearer configuration
[   64.684072][ T5264] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   64.702914][ T5267] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[   64.723876][ T5267] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[   65.335773][ T5291] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[   65.384931][ T5298] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x1
[   66.755220][ T5350] Illegal XDP return value 4294967262 on prog  (id 15) dev N/A, expect packet loss!
[   67.509488][ T5399] xt_CT: You must specify a L4 protocol and not use inversions on it
[   67.635424][ T5405] openvswitch: netlink: Unknown key attributes 1
[   67.765586][   T29] audit: type=1804 audit(1718882795.742:2): pid=5407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir185438766/syzkaller.ue0lOi/22/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0
[   67.828197][ T5407] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.831556][ T5417] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[   67.897857][ T5410] Unsupported ieee802154 address type: 0
[   68.398183][ T5438] openvswitch: netlink: Unknown key attributes 1
[   68.681473][ T5450] syz-executor.3 uses old SIOCAX25GETINFO
[   68.705240][ T5451] tipc: Failed to remove unknown binding: 66,1,1/0:1260821247/1260821249
[   68.742302][ T5451] tipc: Failed to remove unknown binding: 66,1,1/0:1260821247/1260821249
[   68.762463][ T5451] tipc: Failed to remove unknown binding: 66,1,1/0:1260821247/1260821249
[   69.036613][ T5464] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[   69.492252][   T29] audit: type=1804 audit(1718882797.462:3): pid=5488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1605557488/syzkaller.LYdpwb/27/cgroup.controllers" dev="sda1" ino=1944 res=1 errno=0
[   69.501806][ T5488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[   69.556098][ T5495] Unsupported ieee802154 address type: 0
[   70.277090][ T5537] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.355221][ T5539] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[   70.378464][ T5541] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   70.387949][ T5541] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   70.397206][ T5541] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   70.407494][ T5541] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   70.442582][ T5541] Zero length message leads to an empty skb
[   70.443944][ T5544] openvswitch: netlink: Unknown key attributes 1
[   70.828593][   T29] audit: type=1804 audit(1718882798.802:4): pid=5562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1606313620/syzkaller.TH7cM7/47/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[   70.847541][ T5562] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   70.902503][ T5565] Unsupported ieee802154 address type: 0
[   71.745038][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[   71.751631][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[   72.039490][ T5570] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.405433][ T5602] Bluetooth: MGMT ver 1.22
[   72.463315][ T5602] ipvlan2: entered promiscuous mode
[   72.470198][ T5602] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   72.654906][ T5617] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   72.697003][ T5624] Bluetooth: MGMT ver 1.22
[   72.924387][ T5639] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   73.016668][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.025593][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.034046][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.126845][ T5647] tipc: Failed to remove unknown binding: 66,1,1/0:3910077789/3910077791
[   73.153117][ T5647] tipc: Failed to remove unknown binding: 66,1,1/0:3910077789/3910077791
[   73.175321][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.185230][ T5647] tipc: Failed to remove unknown binding: 66,1,1/0:3910077789/3910077791
[   73.195623][ T5650] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   73.354733][ T5162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.661015][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.750396][ T5678] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   73.760487][ T5682] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[   73.839161][ T5690] sock: sock_set_timeout: `syz-executor.2' (pid 5690) tries to set negative timeout
[   73.972422][ T5697] netlink: 'syz-executor.0': attribute type 39 has an invalid length.
[   74.020112][ T5700] syz-executor.2[5700] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.020267][ T5700] syz-executor.2[5700] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.176749][ T5707] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'.
[   74.227952][ T5707] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'.
[   74.292639][ T5707] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'.
[   74.355816][ T5716] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[   74.384038][ T5716] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'.
[   74.411795][ T5707] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'.
[   74.516806][ T5724] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[   74.962510][ T5751] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'.
[   74.996751][ T5751] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.2'.
[   75.037968][ T5751] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[   75.583227][ T5208] net_ratelimit: 15 callbacks suppressed
[   75.583246][ T5208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   75.600757][ T5162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   75.613194][  T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   75.815706][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   75.919261][ T5758] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   76.204888][ T5834] x_tables: duplicate underflow at hook 2
[   76.637744][ T5849] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[   76.749341][ T5855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   76.758133][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   76.844402][ T5862] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   76.852773][ T5862] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   76.914297][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   77.549834][ T5896] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[   77.561337][ T5890] bond1: entered promiscuous mode
[   77.650218][ T5897] bond0: (slave bond_slave_0): Releasing backup interface
[   77.732730][ T5897] bond_slave_0: entered promiscuous mode
[   77.766816][ T5897] bond1: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.024642][ T5890] __nla_validate_parse: 10 callbacks suppressed
[   78.024662][ T5890] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[   78.124432][ T5890] bond1 (unregistering): (slave bond_slave_0): Releasing backup interface
[   78.189880][ T5890] bond_slave_0: left promiscuous mode
[   78.219900][ T5890] bond1 (unregistering): Released all slaves
[   78.552111][ T5936] xt_HMARK: spi-set and port-set can't be combined
[   78.874387][ T5957] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[   78.882634][ T5957] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.1'.
[   80.279670][ T6056] bond_slave_0: entered promiscuous mode
[   80.285737][ T6056] bond_slave_1: entered promiscuous mode
[   80.300386][ T6056] macsec1: entered promiscuous mode
[   80.305943][ T6056] bond0: entered promiscuous mode
[   80.311541][ T6056] macsec1: entered allmulticast mode
[   80.322948][ T6056] bond0: entered allmulticast mode
[   80.328823][ T6056] bond_slave_0: entered allmulticast mode
[   80.342630][ T6056] bond_slave_1: entered allmulticast mode
[   80.358853][ T6056] bond0: left allmulticast mode
[   80.363931][ T6056] bond_slave_0: left allmulticast mode
[   80.369590][ T6056] bond_slave_1: left allmulticast mode
[   80.393946][ T6056] bond0: left promiscuous mode
[   80.401719][ T6056] bond_slave_0: left promiscuous mode
[   80.407252][ T6056] bond_slave_1: left promiscuous mode
[   80.505094][ T6069] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[   80.701015][ T5107] net_ratelimit: 50 callbacks suppressed
[   80.701033][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   80.715513][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   80.808093][ T6089] netlink: 'syz-executor.4': attribute type 22 has an invalid length.
[   81.065560][ T6101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.074492][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.104254][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.124781][ T6106] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.151637][ T6106] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.186673][ T6106] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.234833][ T6101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.254551][ T6101] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   81.468719][ T6115] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[   81.981808][ T1759] cfg80211: failed to load regulatory.db
[   82.300183][   T29] audit: type=1804 audit(1718882810.272:5): pid=6143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1605557488/syzkaller.LYdpwb/78/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0
[   82.318188][ T6143] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[   82.364467][ T6144] Unsupported ieee802154 address type: 0
[   82.956518][ T6164] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[   82.991972][ T6166] netlink: 'syz-executor.0': attribute type 22 has an invalid length.
[   83.117508][ T6172] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.154945][ T6172] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.183249][ T6172] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.213990][ T6172] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.266972][ T6179] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[   83.290881][ T6179] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.634700][   T29] audit: type=1804 audit(1718882811.602:6): pid=6187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir185438766/syzkaller.ue0lOi/76/cgroup.controllers" dev="sda1" ino=1951 res=1 errno=0
[   83.708965][ T6187] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[   83.721167][ T6196] vlan2: entered promiscuous mode
[   83.737383][ T6196] veth0_to_hsr: entered promiscuous mode
[   83.754445][ T6192] Unsupported ieee802154 address type: 0
[   83.772426][ T6196] veth0_to_hsr: left promiscuous mode
[   83.872030][ T6198] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[   83.985141][ T5107] IPVS: starting estimator thread 0...
[   84.084424][ T6203] IPVS: using max 19 ests per chain, 45600 per kthread
[   84.383352][ T6214] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'.
[   84.404163][ T6214] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'.
[   84.421584][ T6214] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'.
[   84.453672][ T6214] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[   84.582224][ T6223] ip_vti0: entered promiscuous mode
[   84.604005][ T6223] vlan2: entered promiscuous mode
[   84.618611][ T6223] vlan2: entered allmulticast mode
[   84.632403][ T6223] ip_vti0: entered allmulticast mode
[   84.659880][ T6223] ip_vti0: left allmulticast mode
[   84.679169][ T6223] ip_vti0: left promiscuous mode
[   85.814582][ T1759] net_ratelimit: 64 callbacks suppressed
[   85.814602][ T1759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   86.114993][ T6286] tipc: Started in network mode
[   86.131852][ T6286] tipc: Node identity , cluster identity 4711
[   86.154957][ T6286] tipc: Failed to set node id, please configure manually
[   86.162169][ T6286] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   86.301458][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   86.455842][  T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   86.572224][ T6309] vlan2: entered promiscuous mode
[   86.592027][ T6309] veth0_to_hsr: entered promiscuous mode
[   86.617133][ T6309] veth0_to_hsr: left promiscuous mode
[   87.010397][ T6326] tipc: Started in network mode
[   87.040220][ T6326] tipc: Node identity , cluster identity 4711
[   87.050347][ T6326] tipc: Failed to set node id, please configure manually
[   87.079647][ T6326] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   87.100076][ T5216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.344882][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.413964][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.626813][ T6360] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[   87.736155][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.744554][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.753415][ T1759] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.761973][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   87.815141][ T6373] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[   88.008441][ T6381] bond0: option ad_select: unable to set because the bond device is up
[   88.022045][ T2837] bond0: (slave bond_slave_0): interface is now down
[   88.058317][ T2837] bond0: (slave bond_slave_1): interface is now down
[   88.081532][ T2837] bond0: now running without any active interface!
[   88.159502][ T6383] __nla_validate_parse: 8 callbacks suppressed
[   88.159524][ T6383] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[   88.543213][ T6401] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[   88.554125][ T6402] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[   88.572501][ T6402] netlink: 616 bytes leftover after parsing attributes in process `syz-executor.2'.
[   88.627898][ T6401] warning: `syz-executor.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   89.106325][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[   89.705555][ T6448] ip_vti0: entered promiscuous mode
[   89.711050][ T6448] vlan2: entered promiscuous mode
[   89.731333][ T6448] vlan2: entered allmulticast mode
[   89.746023][ T6448] ip_vti0: entered allmulticast mode
[   89.777632][ T6448] ip_vti0: left allmulticast mode
[   89.787477][ T6448] ip_vti0: left promiscuous mode
[   90.015534][ T6457] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[   90.380318][ T6475] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[   90.580151][ T6480] tipc: Failed to remove unknown binding: 66,1,1/0:3181621435/3181621437
[   90.599388][ T6480] tipc: Failed to remove unknown binding: 66,1,1/0:3181621435/3181621437
[   90.608420][ T6480] tipc: Failed to remove unknown binding: 66,1,1/0:3181621435/3181621437
[   90.850637][ T6494] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[   90.943950][ T5208] net_ratelimit: 5 callbacks suppressed
[   90.943969][ T5208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.173888][ T6512] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   91.215391][ T6512] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   91.275832][ T6517] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   91.331613][ T6512] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   91.400459][ T6512] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   91.494101][ T6523] ieee802154 phy0 wpan0: encryption failed: -22
[   91.501694][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.581429][ T5208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   91.591372][ T6529] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[   91.894455][ T5208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   92.124532][ T6554] ieee802154 phy0 wpan0: encryption failed: -22
[   92.227792][ T5216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   92.534651][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.089556][ T6605] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   93.129859][ T6605] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   93.218057][ T6610] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   93.272016][ T6605] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   93.310026][ T6611] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[   93.339989][ T6615] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.348445][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.401294][ T6615] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.414150][ T6615] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   93.483207][ T6621] ieee802154 phy0 wpan0: encryption failed: -22
[   93.504383][ T6620] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[   93.560828][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[   95.042008][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[   95.155623][ T6695] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[   95.169546][ T6684] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[   95.445320][ T6711] rose0: tun_chr_ioctl cmd 1074025677
[   95.450910][ T6711] rose0: linktype set to 6
[   95.713575][ T6723] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[   95.783470][ T4487] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   95.793268][ T4487] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   95.803004][ T4487] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   95.824340][ T4487] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   95.835416][ T4487] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   95.842879][ T4487] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   95.961357][ T6741] hsr0: entered promiscuous mode
[   96.031259][ T6741] hsr_slave_0: left promiscuous mode
[   96.050798][ T6741] hsr_slave_1: left promiscuous mode
[   96.158809][ T6741] hsr0 (unregistering): left promiscuous mode
[   96.308276][ T6757] rose0: tun_chr_ioctl cmd 1074025677
[   96.317913][ T6757] rose0: linktype set to 6
[   96.409150][ T6726] chnl_net:caif_netlink_parms(): no params data found
[   96.458988][ T6761] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[   96.565077][ T6773] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[   96.631133][ T6726] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.647987][ T6726] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.657083][ T6726] bridge_slave_0: entered allmulticast mode
[   96.665457][ T6726] bridge_slave_0: entered promiscuous mode
[   96.678021][ T6726] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.685556][ T6726] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.703257][ T6726] bridge_slave_1: entered allmulticast mode
[   96.710684][ T5107] net_ratelimit: 48 callbacks suppressed
[   96.710701][ T5107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.737391][ T6726] bridge_slave_1: entered promiscuous mode
[   96.779217][ T6787] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[   96.803324][ T6726] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.819751][ T6726] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.825678][ T6789] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[   96.908946][ T6726] team0: Port device team_slave_0 added
[   96.929741][ T6726] team0: Port device team_slave_1 added
[   96.972344][ T6796] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   96.982319][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   97.062205][ T6726] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.076841][ T6726] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.111457][ T6726] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.124237][ T6802] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[   97.135078][ T6798] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[   97.143240][ T6798] bond0: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[   97.182840][ T6801] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[   97.203832][ T6801] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   97.260653][ T6726] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.284717][ T6726] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.360117][ T6726] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.503031][ T6726] hsr_slave_0: entered promiscuous mode
[   97.534643][ T6726] hsr_slave_1: entered promiscuous mode
[   97.573822][ T6726] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.590574][ T6726] Cannot create hsr debugfs directory
[   97.735399][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   97.894392][ T4487] Bluetooth: hci4: command tx timeout
[   97.976720][ T6843] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[   97.982342][ T6849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   97.995827][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   98.014810][ T6843] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   98.186004][ T6726] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.295171][ T5162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   98.378848][ T6726] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.507304][ T6726] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.621048][ T6726] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.775374][ T5159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   98.952928][ T6892] __nla_validate_parse: 6 callbacks suppressed
[   98.952947][ T6892] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[   98.955894][ T6894] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[   98.961780][ T6726] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   99.018676][ T6726] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   99.064791][ T6726] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   99.118657][ T6726] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   99.407964][ T6726] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.469621][ T6726] 8021q: adding VLAN 0 to HW filter on device team0
[   99.543765][ T5216] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.550928][ T5216] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.585285][ T5216] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.592475][ T5216] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.811602][ T6935] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   99.820828][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   99.974256][ T4487] Bluetooth: hci4: command tx timeout
[  100.132134][ T6726] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.231175][ T6726] veth0_vlan: entered promiscuous mode
[  100.276952][ T6726] veth1_vlan: entered promiscuous mode
[  100.349296][ T6726] veth0_macvtap: entered promiscuous mode
[  100.379051][ T6726] veth1_macvtap: entered promiscuous mode
[  100.434026][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.463763][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.493906][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.507436][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.519499][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.530143][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.540464][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.551160][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.588144][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.630104][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.660778][ T6726] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.733309][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.772098][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.802065][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.823561][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.848355][ T6978] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  100.858576][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.858601][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.858612][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.858625][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.858637][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.858650][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.860198][ T6726] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.987933][ T6726] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.008849][ T6726] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.033788][ T6726] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.052816][ T6726] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.084582][ T6987] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  101.153000][ T6987] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  101.219672][ T2837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.235572][ T2837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.282965][ T2837] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.303782][ T2837] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.914983][ T7032] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  101.955795][ T7026] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[  102.055406][ T4487] Bluetooth: hci4: command tx timeout
[  102.111392][ T7038] veth0_vlan: entered allmulticast mode
[  102.363392][ T7052] net_ratelimit: 7 callbacks suppressed
[  102.363410][ T7052] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  102.378412][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  102.540036][ T7063] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  102.650626][ T7066] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  102.689309][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  102.840864][ T7083] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  103.453568][ T7118] veth0_vlan: entered allmulticast mode
[  104.133914][ T5113] Bluetooth: hci4: command tx timeout
[  104.374448][ T5216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.521144][ T7158] __nla_validate_parse: 4 callbacks suppressed
[  104.521332][ T7158] netlink: 27 bytes leftover after parsing attributes in process `syz-executor.0'.
[  104.574470][ T7158] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  104.763394][ T7166] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  104.916008][ T7172] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  105.023876][ T5162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  105.106421][ T7180] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.3'.
[  105.645156][ T7199] A link change request failed with some changes committed already. Interface veth1 may have been left with an inconsistent configuration, please check.
[  105.766334][ T7210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  105.800593][ T7210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  105.820174][ T7210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  105.916545][ T7209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  105.958685][ T7209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  106.214646][ T5113] Bluetooth: hci4: command 0x0405 tx timeout
[  106.565955][ T7251] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  106.983509][ T7268] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  107.365878][ T7282] netlink: 27 bytes leftover after parsing attributes in process `syz-executor.3'.
[  107.390833][ T7282] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  107.416239][ T7281] net_ratelimit: 1 callbacks suppressed
[  107.416252][ T7281] A link change request failed with some changes committed already. Interface veth1 may have been left with an inconsistent configuration, please check.
[  107.557431][ T7286] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  108.734327][ T7317] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.0'.
[  108.931517][ T7324] TCP: MD5 Hash mismatch for [fe80::bb].0->[ff02::1].20002 [SP.]L3 index 0
[  109.122133][ T7335] netlink: 'syz-executor.1': attribute type 21 has an invalid length.
[  109.879917][ T7365] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  110.057329][ T7377] __nla_validate_parse: 3 callbacks suppressed
[  110.057355][ T7377] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  110.088173][ T7377] netlink: 'syz-executor.4': attribute type 15 has an invalid length.
[  110.110610][ T7377] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 256 - 0
[  110.119562][ T7377] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 256 - 0
[  110.128659][ T7377] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 256 - 0
[  110.138962][ T7377] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 256 - 0
[  110.156008][ T7377] vxlan0: entered promiscuous mode
[  110.370640][ T7393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.385235][ T7393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.393530][ T7393] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.400597][ T7396] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'.
[  110.495372][ T7391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.522097][ T7391] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.775029][  T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  110.890275][ T7414] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  110.918965][ T7414] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'.
[  110.939709][ T7414] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  111.114891][ T7422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  111.478849][ T7439] IPv6: NLM_F_CREATE should be specified when creating new route
[  111.513872][ T7439] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'.
[  111.905029][ T5113] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  111.920979][ T5113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  111.935338][ T5113] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  111.944600][ T5113] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  111.952716][ T5113] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  111.960238][ T5113] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  112.029530][ T7469] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  112.568570][ T7482] syzkaller0: entered promiscuous mode
[  112.591044][ T7482] syzkaller0: entered allmulticast mode
[  112.779478][ T7462] chnl_net:caif_netlink_parms(): no params data found
[  113.136920][ T7500] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  113.407239][ T7515] xt_CONNSECMARK: invalid mode: 0
[  114.066915][ T4487] Bluetooth: hci3: command tx timeout
[  114.546163][ T7515] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.589311][ T7527] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'.
[  114.690679][ T7462] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.698317][ T7462] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.706620][ T7462] bridge_slave_0: entered allmulticast mode
[  114.715593][ T7462] bridge_slave_0: entered promiscuous mode
[  114.725725][ T7462] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.733724][ T7462] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.741001][ T7462] bridge_slave_1: entered allmulticast mode
[  114.750397][ T7462] bridge_slave_1: entered promiscuous mode
[  114.871574][ T7462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.901574][ T7462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.978118][ T7548] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  115.063355][ T7462] team0: Port device team_slave_0 added
[  115.105045][ T7462] team0: Port device team_slave_1 added
[  115.258492][ T7462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.266898][ T7462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.319166][ T7462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.340948][ T7462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.349606][ T7462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.383338][ T7462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.424746][   T29] audit: type=1804 audit(1718882843.392:7): pid=7570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir185438766/syzkaller.ue0lOi/171/cgroup.controllers" dev="sda1" ino=1956 res=1 errno=0
[  115.480062][ T7462] hsr_slave_0: entered promiscuous mode
[  115.487503][ T7462] hsr_slave_1: entered promiscuous mode
[  115.496489][ T7462] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.508334][ T7462] Cannot create hsr debugfs directory
[  115.743946][ T7580] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  116.088527][ T7462] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.133963][ T5113] Bluetooth: hci3: command tx timeout
[  116.140044][ T7462] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.296484][ T7462] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.316806][ T7462] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.527384][ T7462] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.561432][ T7462] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.721602][ T7628] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  116.722647][ T7462] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.768746][ T7462] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.939761][ T7644] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  117.087222][ T7651] net_ratelimit: 4 callbacks suppressed
[  117.087239][ T7651] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  117.111905][ T7462] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  117.157023][ T7462] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  117.227687][ T7462] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  117.283597][ T7462] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  117.364938][ T7663] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  117.387276][ T7663] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  117.582775][ T7462] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.635937][ T7462] 8021q: adding VLAN 0 to HW filter on device team0
[  117.675361][ T7675] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  117.693988][ T5107] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.701193][ T5107] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.733564][ T5107] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.740797][ T5107] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.111082][ T7692] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  118.214948][ T5113] Bluetooth: hci3: command 0x040f tx timeout
[  118.275453][ T7462] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.478949][ T7462] veth0_vlan: entered promiscuous mode
[  118.532512][ T7462] veth1_vlan: entered promiscuous mode
[  118.787159][ T7718] syzkaller0: entered promiscuous mode
[  118.800494][ T7718] syzkaller0: entered allmulticast mode
[  118.828870][ T7462] veth0_macvtap: entered promiscuous mode
[  118.882574][ T7462] veth1_macvtap: entered promiscuous mode
[  118.952620][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.974161][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.991348][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.020862][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.039232][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.073150][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.091903][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.116891][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.133566][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.153800][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.172293][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.192482][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.214637][ T7462] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.353293][ T7748] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.1'.
[  119.389826][ T7748] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'.
[  119.420950][ T7751] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  120.305832][ T4487] Bluetooth: hci3: command 0x040f tx timeout
[  120.379229][ T5162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  120.628904][ T7754] IPVS: Error connecting to the multicast addr
[  120.650746][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.709331][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.739515][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.771295][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.807504][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.838204][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.870582][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.891479][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.911462][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.935644][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.958943][ T7462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.980134][ T7462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.005595][ T7462] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.040240][ T7462] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.100366][ T7462] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.109215][ T7462] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.124016][ T7462] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.353857][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.361725][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.393678][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.407676][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.431606][ T7798] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  121.485125][ T7800] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  121.746370][ T7808] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  121.957774][ T7818] netlink: 'syz-executor.4': attribute type 62 has an invalid length.
[  122.439391][ T7830] bridge0: entered promiscuous mode
[  122.481206][ T7830] bridge0: entered allmulticast mode
[  122.534505][ T7830] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008
[  122.651920][ T5113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  122.666083][ T5113] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  122.676739][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  122.692091][ T5113] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  122.705879][ T5113] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  122.726565][ T5113] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  122.889856][ T7841] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'.
[  123.000900][   T64] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.409845][   T64] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.515619][ T4487] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  123.528237][ T4487] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  123.531137][   T64] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.548089][ T4487] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  123.559987][ T4487] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  123.569364][ T4487] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  123.580076][ T4487] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  123.590428][ T7838] chnl_net:caif_netlink_parms(): no params data found
[  123.673090][   T64] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.985529][ T7838] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.013344][ T7838] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.044425][ T7838] bridge_slave_0: entered allmulticast mode
[  124.068954][ T7838] bridge_slave_0: entered promiscuous mode
[  124.086424][ T7838] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.093584][ T7838] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.118283][ T7838] bridge_slave_1: entered allmulticast mode
[  124.131080][ T7838] bridge_slave_1: entered promiscuous mode
[  124.158651][ T7880] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  124.316301][ T7838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.342834][ T7838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.446261][   T64] bridge_slave_1: left allmulticast mode
[  124.452287][   T64] bridge_slave_1: left promiscuous mode
[  124.477557][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.503170][   T64] bridge_slave_0: left allmulticast mode
[  124.514539][   T64] bridge_slave_0: left promiscuous mode
[  124.528733][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.708176][ T7910] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  124.774157][ T5113] Bluetooth: hci2: command tx timeout
[  125.093237][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.108031][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.119734][   T64] bond0 (unregistering): Released all slaves
[  125.142678][ T7838] team0: Port device team_slave_0 added
[  125.150730][ T7901] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  125.159191][ T7916] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'.
[  125.172764][ T7919] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  125.301069][ T7838] team0: Port device team_slave_1 added
[  125.514692][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_0
[  125.521695][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.563848][ T7838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.654609][ T5113] Bluetooth: hci3: command tx timeout
[  125.674247][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.681266][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.733770][ T7838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.762579][ T7940] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  125.852696][ T7943] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  125.862231][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  125.988895][   T64] hsr_slave_0: left promiscuous mode
[  125.999703][   T64] hsr_slave_1: left promiscuous mode
[  126.022651][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.031248][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.047066][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.056331][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.083649][   T64] veth1_macvtap: left promiscuous mode
[  126.089973][   T64] veth0_macvtap: left promiscuous mode
[  126.115577][   T64] veth1_vlan: left promiscuous mode
[  126.122084][   T64] veth0_vlan: left promiscuous mode
[  126.857446][ T5113] Bluetooth: hci2: command tx timeout
[  126.984972][   T64] team0 (unregistering): Port device team_slave_1 removed
[  127.052385][   T64] team0 (unregistering): Port device team_slave_0 removed
[  127.481402][ T7838] hsr_slave_0: entered promiscuous mode
[  127.492255][ T7838] hsr_slave_1: entered promiscuous mode
[  127.501374][ T7838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.513912][ T7838] Cannot create hsr debugfs directory
[  127.519746][ T7967] netlink: 'syz-executor.2': attribute type 21 has an invalid length.
[  127.535057][ T7967] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'.
[  127.550219][ T7967] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  127.560586][ T7995] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  127.621883][ T7868] chnl_net:caif_netlink_parms(): no params data found
[  127.734324][ T5113] Bluetooth: hci3: command tx timeout
[  127.826512][ T8009] ipt_REJECT: ECHOREPLY no longer supported.
[  127.967869][ T8009] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  128.003361][ T8009] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  128.235426][ T7868] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.242696][ T7868] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.250944][ T7868] bridge_slave_0: entered allmulticast mode
[  128.261096][ T7868] bridge_slave_0: entered promiscuous mode
[  128.285138][ T8011] netlink: 1300 bytes leftover after parsing attributes in process `syz-executor.1'.
[  128.314922][ T7868] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.322159][ T7868] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.336561][ T7868] bridge_slave_1: entered allmulticast mode
[  128.345586][ T7868] bridge_slave_1: entered promiscuous mode
[  128.359147][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.374776][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.392036][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.412735][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.424432][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.445890][ T8034] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.479807][ T7868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.512126][ T7868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.514705][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.530148][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.538898][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.626499][ T7868] team0: Port device team_slave_0 added
[  128.706548][ T7838] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  128.718737][ T7838] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.758236][ T7868] team0: Port device team_slave_1 added
[  128.793048][ T8045] netlink: 'syz-executor.2': attribute type 21 has an invalid length.
[  128.809960][ T8045] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.2'.
[  128.849625][ T7838] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  128.873100][ T7838] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.921413][ T8045] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  128.931952][ T8045] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  128.944630][ T5113] Bluetooth: hci2: command tx timeout
[  128.954491][ T7868] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.972087][ T7868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.055175][ T7868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.077993][ T7868] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.087098][ T7868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.123513][ T7868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.178114][ T7838] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  129.203004][ T7838] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.248127][ T8064] veth1_macvtap: left promiscuous mode
[  129.317640][ T7838] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  129.345425][ T7838] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.400189][ T7868] hsr_slave_0: entered promiscuous mode
[  129.412221][ T7868] hsr_slave_1: entered promiscuous mode
[  129.421559][ T7868] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  129.429648][ T7868] Cannot create hsr debugfs directory
[  129.700802][ T7838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  129.738779][ T7838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  129.752962][ T7838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  129.763865][ T7838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  129.824817][ T5113] Bluetooth: hci3: command tx timeout
[  129.946692][ T7838] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.024948][ T7838] 8021q: adding VLAN 0 to HW filter on device team0
[  130.072776][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.079930][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.144624][ T5216] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.151791][ T5216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.182805][ T8071] syz-executor.1 (8071) used greatest stack depth: 17984 bytes left
[  130.277126][ T7868] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  130.321371][ T7868] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  130.366768][ T7868] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  130.406074][ T7868] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  130.451029][ T7838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  130.499103][ T8090] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  130.579963][ T8090] pim6reg1: entered promiscuous mode
[  130.603975][ T8090] pim6reg1: entered allmulticast mode
[  130.728713][ T8102] ipt_REJECT: ECHOREPLY no longer supported.
[  130.802616][ T8102] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  130.957024][ T7868] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.999792][ T7838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.016560][ T5113] Bluetooth: hci2: command tx timeout
[  131.051072][ T8114] netlink: 1300 bytes leftover after parsing attributes in process `syz-executor.1'.
[  131.097904][ T7868] 8021q: adding VLAN 0 to HW filter on device team0
[  131.155207][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.162389][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.342779][ T8117] syzkaller0: entered promiscuous mode
[  131.358671][ T8117] syzkaller0: entered allmulticast mode
[  131.375983][ T5162] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.383139][ T5162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.905723][ T5113] Bluetooth: hci3: command tx timeout
[  132.908611][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.055936][ T8141] net_ratelimit: 191 callbacks suppressed
[  133.055954][ T8141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.057971][ T7868] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  133.062506][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.165550][ T7838] veth0_vlan: entered promiscuous mode
[  133.181617][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  133.225892][ T7838] veth1_vlan: entered promiscuous mode
[  133.376178][ T7838] veth0_macvtap: entered promiscuous mode
[  133.409177][ T7838] veth1_macvtap: entered promiscuous mode
[  133.466197][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.499084][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.513841][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.535247][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.554427][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.575363][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.594387][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.613833][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.626271][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.640340][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.662489][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.683219][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.711816][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.743432][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.757874][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.767844][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.778605][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.809688][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.831550][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.841464][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.852309][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.862833][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.877968][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.888041][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.905902][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.918995][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.927724][ T8165] netlink: 'syz-executor.0': attribute type 21 has an invalid length.
[  133.937630][ T8165] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.947187][ T8165] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.983102][ T7838] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.000548][ T7838] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.014989][ T7838] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.042454][ T7838] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.106378][ T7868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.364438][ T1256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.369682][ T7868] veth0_vlan: entered promiscuous mode
[  134.386580][ T1256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.429693][ T7868] veth1_vlan: entered promiscuous mode
[  134.506733][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.529694][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.593181][ T7868] veth0_macvtap: entered promiscuous mode
[  134.636443][ T7868] veth1_macvtap: entered promiscuous mode
[  134.691769][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.727463][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.758002][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.793212][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.825988][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.854106][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.886680][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.922942][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.963662][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.005006][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.042608][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.082218][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.117762][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.153942][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.187747][ T7868] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.264809][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.304026][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.358890][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.375482][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.398449][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.422764][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.465225][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.487125][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.519480][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.537574][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.552849][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.587365][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.598485][ T7868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.610010][ T7868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.622890][ T7868] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.683664][ T7868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.695283][ T7868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.705413][ T7868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.715071][ T7868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.861203][   T29] audit: type=1804 audit(1718882863.832:8): pid=8236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1756578224/syzkaller.hR8JaY/4/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  135.880702][ T8237] team0: Failed to send options change via netlink (err -105)
[  135.914884][ T8237] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  135.935758][ T8237] team0: Port device team_slave_0 removed
[  136.103641][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.123324][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.219464][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.240134][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.388245][ T8267] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.397942][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.817191][   T29] audit: type=1800 audit(1718882864.792:9): pid=8179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1955 res=0 errno=0
[  136.980242][ T8257] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.301268][ T8277] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  137.328651][ T8277] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  137.348695][ T8257] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.550938][ T8257] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.722617][ T8257] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.818509][ T4487] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  137.828791][ T4487] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  137.838880][ T4487] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  137.850590][ T4487] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  137.861404][ T4487] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  137.869739][ T4487] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  137.923233][ T8301] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  138.012268][ T8307] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.1'.
[  138.112898][ T8257] bridge_slave_1: left allmulticast mode
[  138.119298][ T8257] bridge_slave_1: left promiscuous mode
[  138.126121][ T8257] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.138869][ T8311] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.150752][ T8257] bridge_slave_0: left allmulticast mode
[  138.156758][ T8257] bridge_slave_0: left promiscuous mode
[  138.162777][ T8257] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.359956][ T8257] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.417687][ T8257] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.456025][ T8257] bond0 (unregistering): Released all slaves
[  139.483060][ T8327] tipc: Started in network mode
[  139.488598][ T8327] tipc: Node identity 66663a2034380a73, cluster identity 4711
[  139.497189][ T8327] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  139.513420][ T8329] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.1'.
[  139.544387][ T8329] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.1'.
[  139.575124][  T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.927855][ T8257] hsr_slave_0: left promiscuous mode
[  139.964999][ T8257] hsr_slave_1: left promiscuous mode
[  139.974639][ T4487] Bluetooth: hci3: command tx timeout
[  139.993353][ T8257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  140.003825][ T8257] batman_adv: batadv0: Removing interface: batadv_slave_0
[  140.029225][ T8257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  140.063178][ T8257] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.166104][ T8257] veth1_macvtap: left promiscuous mode
[  140.171850][ T8257] veth0_macvtap: left promiscuous mode
[  140.178329][ T8257] veth1_vlan: left promiscuous mode
[  140.195114][ T8257] veth0_vlan: left promiscuous mode
[  140.202013][ T8377] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  140.214219][ T8377] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[  140.222332][ T8377] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'.
[  140.481212][ T8395] netlink: 19 bytes leftover after parsing attributes in process `syz-executor.0'.
[  141.041241][ T8257] team0 (unregistering): Port device team_slave_1 removed
[  141.082781][ T8257] team0 (unregistering): Port device team_slave_0 removed
[  141.457186][ T8375] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  141.467273][ T8389] netlink: 'syz-executor.1': attribute type 34 has an invalid length.
[  141.528865][ T8295] chnl_net:caif_netlink_parms(): no params data found
[  141.772035][ T8426] netlink: 'syz-executor.0': attribute type 21 has an invalid length.
[  141.794657][ T8426] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  141.816912][ T8295] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.819938][ T8430] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  141.825682][ T8295] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.845114][ T8295] bridge_slave_0: entered allmulticast mode
[  141.852574][ T8295] bridge_slave_0: entered promiscuous mode
[  141.885530][ T8295] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.904268][ T8295] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.914335][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.948505][ T8295] bridge_slave_1: entered allmulticast mode
[  141.975902][ T8295] bridge_slave_1: entered promiscuous mode
[  142.054292][ T4487] Bluetooth: hci3: command tx timeout
[  142.063508][ T8433] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'.
[  142.101438][ T8295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.153598][ T8295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.265617][ T8295] team0: Port device team_slave_0 added
[  142.286478][ T8295] team0: Port device team_slave_1 added
[  142.371952][ T8295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.398103][ T8295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.430334][ T8295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.446832][ T8295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.463966][ T8295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.522557][ T8295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.622300][   T29] audit: type=1804 audit(1718882870.582:10): pid=8453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2802221483/syzkaller.9qM1Fk/117/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0
[  142.727996][ T8447] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  142.752049][ T8295] hsr_slave_0: entered promiscuous mode
[  142.759844][ T8450] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  142.770598][ T8450] netlink: 'syz-executor.4': attribute type 8 has an invalid length.
[  142.781264][ T8295] hsr_slave_1: entered promiscuous mode
[  142.790793][ T8450] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  142.803201][ T8295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.812713][ T8295] Cannot create hsr debugfs directory
[  142.853984][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  143.787277][ T8295] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  143.808189][ T8295] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  143.827449][ T8295] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  143.848990][ T8295] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  143.860949][ T8499] netlink: 'syz-executor.1': attribute type 7 has an invalid length.
[  143.884770][ T8499] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  144.020348][ T8295] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.050302][ T8295] 8021q: adding VLAN 0 to HW filter on device team0
[  144.067897][ T5208] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.076104][ T5208] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.105745][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.112924][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.144531][ T4487] Bluetooth: hci3: command tx timeout
[  144.326818][   T29] audit: type=1804 audit(1718882872.302:11): pid=8513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1756578224/syzkaller.hR8JaY/30/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  144.386746][ T8295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.526426][ T8295] veth0_vlan: entered promiscuous mode
[  144.576269][ T8295] veth1_vlan: entered promiscuous mode
[  144.586454][ T8518] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[  144.700238][ T8295] veth0_macvtap: entered promiscuous mode
[  144.748714][ T8295] veth1_macvtap: entered promiscuous mode
[  144.813975][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.835316][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.865109][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.891718][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.912029][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.925368][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.948692][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.974318][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.995640][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.013475][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.035497][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.055601][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.073353][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.084518][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.115457][ T8295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.177318][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.226222][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.259427][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.292171][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.312569][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.341372][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.354891][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.368406][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.378458][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.390556][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.401779][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.413447][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.424447][ T8295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.437009][ T8295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.457035][ T8295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.526000][ T8295] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.547401][ T8295] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.564319][ T8295] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.577210][ T8295] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.599685][ T8551] __nla_validate_parse: 2 callbacks suppressed
[  145.599703][ T8551] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'.
[  145.630823][ T8551] unsupported nlmsg_type 40
[  145.679345][ T8551] team0: Port device vlan2 added
[  145.698812][ T8553] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  145.706544][ T8553] IPv6: NLM_F_CREATE should be set when creating new route
[  145.713810][ T8553] IPv6: NLM_F_CREATE should be set when creating new route
[  145.780756][ T2812] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.799752][ T2812] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.885898][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.906366][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.186630][ T8577] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  146.327488][ T8585] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  146.367079][ T8585] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  146.380018][ T8585] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.467711][ T8591] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  146.525493][ T8591] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.0'.
[  146.839081][ T8611] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  146.931990][ T8611] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  147.126741][ T8630] netlink: 105120 bytes leftover after parsing attributes in process `syz-executor.4'.
[  147.145047][ T8630] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.4'.
[  147.498066][ T8644] netlink: 766 bytes leftover after parsing attributes in process `syz-executor.4'.
[  147.595933][ T8651] syz-executor.2[8651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.596072][ T8651] syz-executor.2[8651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.043601][ T8657] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.090911][ T8660] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  148.116578][ T8635] netlink: 'syz-executor.1': attribute type 15 has an invalid length.
[  148.134009][ T8660] netlink: 157116 bytes leftover after parsing attributes in process `syz-executor.4'.
[  148.307817][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  148.390110][ T8673] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  148.485498][ T8676] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  148.499859][ T8676] gretap0: entered promiscuous mode
[  148.548517][ T8676] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  148.572918][ T8676] 0�X��D: renamed from gretap0
[  148.593563][ T8676] 0�X��D: left promiscuous mode
[  148.600231][ T8676] 0�X��D: entered allmulticast mode
[  148.619964][ T8676] A link change request failed with some changes committed already. Interface 60�X��D may have been left with an inconsistent configuration, please check.
[  148.845828][ T8681] syz-executor.1[8681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.845973][ T8681] syz-executor.1[8681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.869406][ T8257] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.991039][ T8683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.001249][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.017218][ T8683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.031917][ T8682] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.044813][ T8682] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.175576][ T5216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.464504][ T8707] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[  149.631569][ T5113] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  149.681236][ T5113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  149.690251][ T5113] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  149.700947][ T5113] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  149.734826][ T5113] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  149.745518][ T5113] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  149.767829][ T5113] ==================================================================
[  149.775927][ T5113] BUG: KASAN: double-free in hci_req_sync_complete+0xe7/0x290
[  149.783438][ T5113] Free of addr ffff8880629a4c80 by task kworker/u9:3/5113
[  149.790555][ T5113] 
[  149.792891][ T5113] CPU: 1 PID: 5113 Comm: kworker/u9:3 Not tainted 6.10.0-rc3-syzkaller-00163-g8851346912a1 #0
[  149.803142][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  149.813219][ T5113] Workqueue: hci3 hci_rx_work
[  149.817947][ T5113] Call Trace:
[  149.821243][ T5113]  <TASK>
[  149.824186][ T5113]  dump_stack_lvl+0x241/0x360
[  149.828882][ T5113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.834098][ T5113]  ? __pfx__printk+0x10/0x10
[  149.838705][ T5113]  ? _printk+0xd5/0x120
[  149.842877][ T5113]  ? __virt_addr_valid+0x183/0x520
[  149.848012][ T5113]  ? __virt_addr_valid+0x183/0x520
[  149.853139][ T5113]  print_report+0x169/0x550
[  149.857655][ T5113]  ? __virt_addr_valid+0x183/0x520
[  149.862782][ T5113]  ? __virt_addr_valid+0x183/0x520
[  149.867912][ T5113]  ? __virt_addr_valid+0x44e/0x520
[  149.873040][ T5113]  ? __phys_addr+0xba/0x170
[  149.877562][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  149.882949][ T5113]  kasan_report_invalid_free+0x11a/0x140
[  149.888598][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  149.893992][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  149.899379][ T5113]  poison_slab_object+0xf4/0x150
[  149.904340][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  149.909730][ T5113]  __kasan_slab_free+0x37/0x60
[  149.914504][ T5113]  kmem_cache_free+0x145/0x350
[  149.919281][ T5113]  hci_req_sync_complete+0xe7/0x290
[  149.924501][ T5113]  hci_event_packet+0xc71/0x1540
[  149.929546][ T5113]  ? __pfx_hci_cmd_complete_evt+0x10/0x10
[  149.935309][ T5113]  ? __pfx_hci_event_packet+0x10/0x10
[  149.940699][ T5113]  ? do_raw_spin_unlock+0x13c/0x8b0
[  149.945957][ T5113]  ? __pfx_hci_req_sync_complete+0x10/0x10
[  149.951790][ T5113]  ? hci_send_to_monitor+0xd8/0x7f0
[  149.957012][ T5113]  ? kcov_remote_start+0x9e/0x7e0
[  149.962051][ T5113]  hci_rx_work+0x3e8/0xca0
[  149.966489][ T5113]  ? process_scheduled_works+0x945/0x1830
[  149.972219][ T5113]  process_scheduled_works+0xa2c/0x1830
[  149.977790][ T5113]  ? __pfx_process_scheduled_works+0x10/0x10
[  149.983787][ T5113]  ? assign_work+0x364/0x3d0
[  149.988390][ T5113]  worker_thread+0x86d/0xd70
[  149.993008][ T5113]  ? __kthread_parkme+0x169/0x1d0
[  149.998054][ T5113]  ? __pfx_worker_thread+0x10/0x10
[  150.003181][ T5113]  kthread+0x2f0/0x390
[  150.007273][ T5113]  ? __pfx_worker_thread+0x10/0x10
[  150.012402][ T5113]  ? __pfx_kthread+0x10/0x10
[  150.017012][ T5113]  ret_from_fork+0x4b/0x80
[  150.021450][ T5113]  ? __pfx_kthread+0x10/0x10
[  150.026056][ T5113]  ret_from_fork_asm+0x1a/0x30
[  150.030850][ T5113]  </TASK>
[  150.033876][ T5113] 
[  150.036200][ T5113] Allocated by task 5113:
[  150.040531][ T5113]  kasan_save_track+0x3f/0x80
[  150.045221][ T5113]  __kasan_slab_alloc+0x66/0x80
[  150.050080][ T5113]  kmem_cache_alloc_noprof+0x135/0x2a0
[  150.055549][ T5113]  skb_clone+0x20c/0x390
[  150.059812][ T5113]  hci_cmd_work+0x29e/0x670
[  150.064326][ T5113]  process_scheduled_works+0xa2c/0x1830
[  150.069881][ T5113]  worker_thread+0x86d/0xd70
[  150.074482][ T5113]  kthread+0x2f0/0x390
[  150.078557][ T5113]  ret_from_fork+0x4b/0x80
[  150.082981][ T5113]  ret_from_fork_asm+0x1a/0x30
[  150.087758][ T5113] 
[  150.090086][ T5113] Freed by task 8717:
[  150.094063][ T5113]  kasan_save_track+0x3f/0x80
[  150.098749][ T5113]  kasan_save_free_info+0x40/0x50
[  150.103785][ T5113]  poison_slab_object+0xe0/0x150
[  150.108731][ T5113]  __kasan_slab_free+0x37/0x60
[  150.113516][ T5113]  kmem_cache_free+0x145/0x350
[  150.118301][ T5113]  __hci_req_sync+0x62f/0x950
[  150.122998][ T5113]  hci_req_sync+0xa9/0xd0
[  150.127349][ T5113]  hci_dev_cmd+0x4c5/0xa50
[  150.131779][ T5113]  sock_do_ioctl+0x158/0x460
[  150.136391][ T5113]  sock_ioctl+0x629/0x8e0
[  150.140740][ T5113]  __se_sys_ioctl+0xfc/0x170
[  150.145349][ T5113]  do_syscall_64+0xf3/0x230
[  150.149868][ T5113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.155782][ T5113] 
[  150.156726][ T8717] chnl_net:caif_netlink_parms(): no params data found
[  150.158098][ T5113] The buggy address belongs to the object at ffff8880629a4c80
[  150.158098][ T5113]  which belongs to the cache skbuff_head_cache of size 240
[  150.179443][ T5113] The buggy address is located 0 bytes inside of
[  150.179443][ T5113]  240-byte region [ffff8880629a4c80, ffff8880629a4d70)
[  150.192563][ T5113] 
[  150.194892][ T5113] The buggy address belongs to the physical page:
[  150.201321][ T5113] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x629a4
[  150.210099][ T5113] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  150.217672][ T5113] page_type: 0xffffefff(slab)
[  150.222363][ T5113] raw: 00fff00000000000 ffff888018ae0780 0000000000000000 dead000000000001
[  150.230964][ T5113] raw: 0000000000000000 00000000800c000c 00000001ffffefff 0000000000000000
[  150.239556][ T5113] page dumped because: kasan: bad access detected
[  150.245989][ T5113] page_owner tracks the page as allocated
[  150.251714][ T5113] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6501, tgid 6497 (syz-executor.4), ts 91114943059, free_ts 81344197669
[  150.272576][ T5113]  post_alloc_hook+0x1f3/0x230
[  150.277368][ T5113]  get_page_from_freelist+0x2e43/0x2f00
[  150.282937][ T5113]  __alloc_pages_noprof+0x256/0x6c0
[  150.288157][ T5113]  alloc_slab_page+0x5f/0x120
[  150.292843][ T5113]  allocate_slab+0x5a/0x2f0
[  150.297355][ T5113]  ___slab_alloc+0xcd1/0x14b0
[  150.302038][ T5113]  kmem_cache_alloc_bulk_noprof+0x202/0x770
[  150.307937][ T5113]  bpf_test_run_xdp_live+0x1774/0x1e60
[  150.313407][ T5113]  bpf_prog_test_run_xdp+0x80e/0x11b0
[  150.318788][ T5113]  bpf_prog_test_run+0x33a/0x3b0
[  150.323729][ T5113]  __sys_bpf+0x48d/0x810
[  150.327979][ T5113]  __x64_sys_bpf+0x7c/0x90
[  150.332406][ T5113]  do_syscall_64+0xf3/0x230
[  150.336922][ T5113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.342829][ T5113] page last free pid 6109 tgid 6109 stack trace:
[  150.349163][ T5113]  free_unref_page+0xd22/0xea0
[  150.353938][ T5113]  __put_partials+0xeb/0x130
[  150.358539][ T5113]  put_cpu_partial+0x17c/0x250
[  150.363309][ T5113]  __slab_free+0x2ea/0x3d0
[  150.367734][ T5113]  qlist_free_all+0x9e/0x140
[  150.372334][ T5113]  kasan_quarantine_reduce+0x14f/0x170
[  150.377803][ T5113]  __kasan_slab_alloc+0x23/0x80
[  150.382671][ T5113]  kmem_cache_alloc_noprof+0x135/0x2a0
[  150.388157][ T5113]  getname_flags+0xbd/0x4f0
[  150.392678][ T5113]  __x64_sys_symlinkat+0x7c/0xb0
[  150.397632][ T5113]  do_syscall_64+0xf3/0x230
[  150.402154][ T5113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.408064][ T5113] 
[  150.410387][ T5113] Memory state around the buggy address:
[  150.416016][ T5113]  ffff8880629a4b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.424082][ T5113]  ffff8880629a4c00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  150.432155][ T5113] >ffff8880629a4c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.440221][ T5113]                    ^
[  150.444290][ T5113]  ffff8880629a4d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  150.452361][ T5113]  ffff8880629a4d80: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[  150.460424][ T5113] ==================================================================
2024/06/20 11:27:58 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  150.504537][ T5113] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  150.511763][ T5113] CPU: 1 PID: 5113 Comm: kworker/u9:3 Not tainted 6.10.0-rc3-syzkaller-00163-g8851346912a1 #0
[  150.522019][ T5113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  150.532091][ T5113] Workqueue: hci3 hci_rx_work
[  150.536801][ T5113] Call Trace:
[  150.540085][ T5113]  <TASK>
[  150.543018][ T5113]  dump_stack_lvl+0x241/0x360
[  150.547715][ T5113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.552935][ T5113]  ? __pfx__printk+0x10/0x10
[  150.557541][ T5113]  ? preempt_schedule+0xe1/0xf0
[  150.562490][ T5113]  ? vscnprintf+0x5d/0x90
[  150.566837][ T5113]  panic+0x349/0x860
[  150.570748][ T5113]  ? check_panic_on_warn+0x21/0xb0
[  150.575875][ T5113]  ? __pfx_panic+0x10/0x10
[  150.580309][ T5113]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  150.586307][ T5113]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  150.592632][ T5113]  ? print_report+0x502/0x550
[  150.597305][ T5113]  check_panic_on_warn+0x86/0xb0
[  150.602244][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  150.607609][ T5113]  end_report+0x77/0x160
[  150.611841][ T5113]  kasan_report_invalid_free+0x12a/0x140
[  150.617466][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  150.622831][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  150.628194][ T5113]  poison_slab_object+0xf4/0x150
[  150.633125][ T5113]  ? hci_req_sync_complete+0xe7/0x290
[  150.638750][ T5113]  __kasan_slab_free+0x37/0x60
[  150.643500][ T5113]  kmem_cache_free+0x145/0x350
[  150.648252][ T5113]  hci_req_sync_complete+0xe7/0x290
[  150.653448][ T5113]  hci_event_packet+0xc71/0x1540
[  150.658380][ T5113]  ? __pfx_hci_cmd_complete_evt+0x10/0x10
[  150.664098][ T5113]  ? __pfx_hci_event_packet+0x10/0x10
[  150.669462][ T5113]  ? do_raw_spin_unlock+0x13c/0x8b0
[  150.674652][ T5113]  ? __pfx_hci_req_sync_complete+0x10/0x10
[  150.680452][ T5113]  ? hci_send_to_monitor+0xd8/0x7f0
[  150.685648][ T5113]  ? kcov_remote_start+0x9e/0x7e0
[  150.690672][ T5113]  hci_rx_work+0x3e8/0xca0
[  150.695103][ T5113]  ? process_scheduled_works+0x945/0x1830
[  150.700816][ T5113]  process_scheduled_works+0xa2c/0x1830
[  150.706364][ T5113]  ? __pfx_process_scheduled_works+0x10/0x10
[  150.712334][ T5113]  ? assign_work+0x364/0x3d0
[  150.716911][ T5113]  worker_thread+0x86d/0xd70
[  150.721494][ T5113]  ? __kthread_parkme+0x169/0x1d0
[  150.726511][ T5113]  ? __pfx_worker_thread+0x10/0x10
[  150.731611][ T5113]  kthread+0x2f0/0x390
[  150.735686][ T5113]  ? __pfx_worker_thread+0x10/0x10
[  150.740788][ T5113]  ? __pfx_kthread+0x10/0x10
[  150.745370][ T5113]  ret_from_fork+0x4b/0x80
[  150.749777][ T5113]  ? __pfx_kthread+0x10/0x10
[  150.754367][ T5113]  ret_from_fork_asm+0x1a/0x30
[  150.759219][ T5113]  </TASK>
[  150.762486][ T5113] Kernel Offset: disabled
[  150.766800][ T5113] Rebooting in 86400 seconds..