last executing test programs:

1m13.68958752s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

58.284494063s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

45.108726128s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

32.697544982s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

15.095500885s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

4.192254003s ago: executing program 2 (id=976):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r1, 0x89e0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x7a, &(0x7f0000000080)={r3, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x30)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r4, &(0x7f0000000080)={0x2, 0xfffd, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
socket(0x2, 0x3, 0x100000001)
syz_emit_ethernet(0x46, &(0x7f00000003c0)=ANY=[@ANYBLOB="0380c2000000bbbbbbbbbbbb080045000038000000000001905c209ce839aa1751c1c985229378ac1e0001ac1414aa030490781200183f2500000000000000000100007f0000017f00000100186371ae9b1c03e668da651b1a5b78feee787c3a80fe5a2d049bedda2499270f88a3d6e4599ff9c1ba154b27f0e5a35d5316070c9e1e52ccd699b8a4be37a6ac65868ee19f042cf955dd7194ea59fde1e81cf2292ab98b779ae685650868e7db4986a35c3564f41b160351804531e8bf31bd21775b44bbf3552c9b46fdd14f5a2a873da15314688d68dee12df104acf64c33f675f42b79d281b5a743e371a658d308c256469af3f95f1ff5c1f83a5c0e5970f8abdd94864e7e60e92520db50cb61a4860e8c5e9d5f8228208424f7fd1f68c52aa6e148f0ef38ca3cb4ee543aa9fc3e1c74ad67a2506e15ec"], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
unshare(0xe020600)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="020084cd2870c1000004000000c02d99e66df5b331d177dc7d", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000308c70e3d45c3e58a721193cd753ef5ef221ca5ff4876a0ce9824910ad7cf56fcbb50113c87ab8b95bf5ba5e9419e59b07041141620a7dc2de1d52e5e78bd4a9d7f3f9d99f112cd26b9d64da4b5166f7bd2b1617639fe0bca2bfa898c7652532b088bf7b9d", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

3.841788509s ago: executing program 2 (id=978):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000040000000400000003"], 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x3c, 0x3a, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4, 0x1200}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x7, 0x0, 0x0, 0x0, @str='),\x00'}]}, @typed={0x17, 0x2, 0x0, 0x0, @str=')\\),{+^(#:[&(.([[*\x00'}]}, 0x3c}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000480)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @remote, @mcast2, {[], @mld={0x83, 0x0, 0x0, 0x0, 0x0, @private0}}}}}}, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_val, @exit]}, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000d40)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="040080000000000000000100", @ANYRES32, @ANYBLOB="27a380a636d2972c6a55b3348090f6ae58a4e38abc4e4e39266f59518f2e506513d59607eb194695f5ef55d72951ad1cd7b0b38a8bac1e6d063104f5b720ff97d2ea99fa5c3c4609fe53fdd64408fdbfdbc2422ea5fa45c200884f66396efc9eaee12ae49dbaa4c4a5b14c9618c1466242b525b84f6aeb3d91f768acdb98403de380aa09433464be3c807d49ff7baa14b7ed08a8843ec85d8620a6a9f03490a1b1c1286f17f0065bce8e340bac15ae2609f846fa4a287b93cd71c2f04d73e706cb45641650ee5934c8edd2cd3906486890e4c9f2c3f66ab7cf4ba7c6e00b1ee444a6b5b8eba28eb2fd3d18977e3e6700f465357c6969359bf8fed002d81898a91c393351adece39ef95c233a12d9521bf106890f6ffb049f2add190cdec5fe3024154cff3d03dea388e51e9f1e88", @ANYRES64=r4], 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000740), 0x80000002, r5}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x7, 0x21, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffff9}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x6}, @alu={0x7, 0x0, 0x6, 0x4, 0x8, 0x50, 0xffffffffffffffff}, @map_fd={0x18, 0x4, 0x1, 0x0, r1}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x21}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @ldst={0x0, 0x1, 0x1, 0x4, 0xa6b0de1238f8f78d, 0x1, 0xffffffffffffffe1}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @ldst={0x3, 0x2, 0x2, 0x6e201134fb3daae8, 0x8, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r9, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB='8'], 0x90}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x1f, 0x6, 0x640, 0x0, 0x428, 0xf0, 0x300, 0xf0, 0x570, 0x570, 0x570, 0x570, 0x570, 0x6, &(0x7f0000000100), {[{{@ipv6={@remote, @loopback, [0xffffffff, 0xffffffff, 0xffffffff, 0xff000000], [0xffffffff, 0x0, 0xffffff00, 0xffffff00], 'wlan1\x00', 'veth0_to_batadv\x00', {0xff}, {}, 0x3a, 0xcd, 0x4}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@broadcast, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1e, 0x28, 0x1}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@remote, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x29, 0x2}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x5}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@random="50e9824754e8"}}, @inet=@rpfilter={{0x28}, {0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@srh={{0x30}, {0x88, 0x2, 0x9b, 0x40, 0x9, 0x110, 0x40}}, @inet=@rpfilter={{0x28}, {0x4}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@mcast2, @ipv4=@broadcast, 0x6, 0x2b, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6a0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x80000001}, 0x1c)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f00000001c0))
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), r3)
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000540)={0x1c, r10, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000880}, 0x40040)

3.771976396s ago: executing program 1 (id=980):
socket$packet(0x11, 0x2, 0x300) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) (async)
syz_emit_ethernet(0x0, 0x0, 0x0)
close(0x3) (async)
socket(0x1a, 0x0, 0x4) (async)
socket$kcm(0x11, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) (async)
openat$ppp(0xffffffffffffff9c, 0x0, 0x203, 0x0) (async)
r2 = socket(0x2, 0x1, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) (async)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0xa00000000000000, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x948, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB]}, 0x78)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) (async)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x1)
r5 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000200)=0x1, 0x12) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
write$cgroup_int(r7, &(0x7f00000000c0), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f00000019c0)=ANY=[@ANYBLOB='!\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB, @ANYRES32], 0x50)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(des3_ede)\x00'}, 0x19)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)

3.501051351s ago: executing program 1 (id=982):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x90, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x60, 0x2, {{}, [@TCA_NETEM_LOSS={0x4, 0xd, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GE={0x14}, @NETEM_LOSS_GE={0x11}]}]}}}]}, 0x90}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.current\x00', 0x26e1, 0x0)
close(r4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x6e}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8924, &(0x7f00000000c0)={'wlan0\x00', 0x1})
r6 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
sendmmsg$inet(r6, &(0x7f00000001c0), 0x0, 0x40)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000010008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)
listen(r7, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r10, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x7c}}, 0x0)
close(r8)

3.0706741s ago: executing program 3 (id=984):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000f9ffffff00000000958dc08af805e468"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb8a0a63cdec5908060001080006040001000000ff0300ac1414bbaaaaaaaaaa36ac"], 0x0)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0xfffffe45, 0x2e, 0x1, 0x70bd27, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x2, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f"]}]}, 0x114}], 0x1}, 0x80)

3.06905856s ago: executing program 1 (id=985):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r1, &(0x7f0000000a80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=""/17, 0x11}, 0x2}], 0x1, 0x2000000022, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4b, &(0x7f0000000040)=0xfd87, 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xe}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xe}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

3.015429267s ago: executing program 2 (id=986):
socket$inet6_dccp(0xa, 0x6, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'gre0\x00'})
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0, 0x50}, 0x20040050)
r3 = socket(0xa, 0x1, 0x3)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x4e20, 0x1000002, 'lblc\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000008900000000000000000000000000000052f7c1133d7e15a8b0e8c19a0f0be8348e020123b56c5a10cd3cdcf8d46fef0411e4a8be48a9796dc65f8fc2"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$inet(r5, &(0x7f0000002080)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000740)="17", 0x1}, {0x0}], 0x2}}], 0x2, 0x400c8c4) (fail_nth: 34)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x890}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000007c0)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@loopback}, 0x0, @in6=@private2}}, &(0x7f00000008c0)=0xfffffc6d)
sendmsg$nl_xfrm(r3, &(0x7f0000000c40)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a40)=ANY=[@ANYBLOB="a40100001c0000042abd7000ffdbdf252bac000700fc000000000000000000000000000000e00000020000000000000000000000004e2100004e2200070a00800032000000", @ANYRES32, @ANYRES32=r8, @ANYBLOB="018000000000000000000000000000000000000000000080040000000000000004000000000000000552000000000002000000000000000000000000000000000000000000002009000000000000000100000000000000ffffffffffffff7f05000000b06b6e0000013d0200000000e4000600ac1414bb000000000000000000000000640101000000000000000000000000004e2400094e2100"/164, @ANYRES32=0x0, @ANYBLOB="ac1e0101000000000000000000000000000004d60000000000000000000000000000ffffac1414aa0300000000000000040000000000000009000000000000000100000000000000000000000000000007000000000000007f000000000000000200000000000000ff0100000000000051000000000000000800000000000000ff01000000000000030000003ce200000600000027bd7000053500000a0000072000"/171], 0x1a4}, 0x1, 0x0, 0x0, 0x20040010}, 0x20040000)

2.885985575s ago: executing program 4 (id=987):
r0 = socket(0xa, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$OSF_MSG_ADD(r2, 0x0, 0x8001)
sendmmsg$inet(r2, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r3)
bind$isdn_base(r0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'rr\x00', 0x2f, 0x3}, 0x2c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000140)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000ffed0063011400000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)
socket(0xa, 0x1, 0x0) (async)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r1, 0x0, 0x0) (async)
accept4(r1, 0x0, 0x0, 0x0) (async)
sendmsg$OSF_MSG_ADD(r2, 0x0, 0x8001) (async)
sendmmsg$inet(r2, 0x0, 0x0, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r3) (async)
bind$isdn_base(r0, 0x0, 0x0) (async)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'rr\x00', 0x2f, 0x3}, 0x2c) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000140)=0x1, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000ffed0063011400000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) (async)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0) (async)

2.885853756s ago: executing program 3 (id=988):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x4, 0x2}, 0xc)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4040004)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000010008108040f9becdb4cb92e0a28b137140000004abd6efb2503eaff0d000100020072bf050005001201", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000010008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

2.815835599s ago: executing program 1 (id=989):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={@ifindex=<r1=>0x0, 0x36, 0x1, 0x10000, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], <r2=>0x0}, 0x40)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz1\x00', 0x200002, 0x0)
r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@o_path={&(0x7f00000001c0)='./file0\x00', 0x0, 0x4018, r0}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r3, 0xffffffffffffffff, 0x2, 0x10, 0x0, @void, @value=r4, @void, @void, r2}, 0x20)
r5 = openat$cgroup_ro(r3, &(0x7f0000000240)='cgroup.controllers\x00', 0x0, 0x0)
recvfrom$inet6(r5, &(0x7f0000000280)=""/7, 0x7, 0x2000, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x9, '\x00', r1, r5, 0x1, 0x3, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000340), 0x4)
ioctl$BTRFS_IOC_FS_INFO(r3, 0x8400941f, &(0x7f0000000380))
sendmsg$nl_route_sched(r5, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)=@gettclass={0x24, 0x2a, 0x100, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xfff1, 0x7}, {0xd, 0x6}, {0x9, 0xfff3}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000081)
getsockname$packet(r5, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000008c0)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b40)={r0, 0x0, 0xdc, 0x11, &(0x7f0000000900)="e51915fc3b1fcbe9383d1ad779a9185ae01eae8db9a7087d4acd96c4683270f30fdb4ce55f3d3eb888d97acae065189c03b2cac4bc664ffac22d654f0e930a0d61a1d40cb49e059e6db324df6eaca2b35410ce153cac78d69a0380c84bf08984f9d07c5e7375e5b466c5b19937533707e38a0ffba8eac25ae254d83dc7e8cf7ee973e52505414d7070bb6bc454e22a63635e37ef399e117dd04766cc34fa3f37c2981b18785a675c9474dba25a2a1c08735d18a05265d370c6d8cca121d5007ca79f7a3ae747334504eef8937e985972917e479c9e0521472f8a583a", &(0x7f0000000a00)=""/17, 0x1, 0x0, 0xb1, 0x1e, &(0x7f0000000a40)="dd155d3a105045c73cc524352b5cd4f1b894ce0bdd897fe70dc758530deeb7d765c77da169dcedcd48eaea94d3172154dd69897c60b10fb01312c778c0eacc7d483d3cdeeba842c13a95b4b8b2463b4d26836f1832050bcfe66426388e340ede17aa20a3861657d75f4b9ee06f5dae02f852befb6f425b1bf6725d16caa411eefe8f631a5e401a8c2fb6b79a100ea48eaf9eda5c63aa5b56726db2619ba0eb1e3451d7043a8b28782bd761617ae5bf2812", &(0x7f0000000b00)="4fbf5e7c71e1bbc43972e89da4d193acd2c1426ae336f3cff142ef5f5afb", 0x0, 0x0, 0xe1e}, 0x50)
r8 = accept$phonet_pipe(r5, &(0x7f0000000bc0), &(0x7f0000000c00)=0x10)
ioctl$sock_SIOCGIFCONF(r8, 0x8912, &(0x7f0000000c40)=@buf)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r9, &(0x7f0000000c80)={0xa, 0x4e24, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, 0x1c)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d00), r6)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000e00)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x44, r10, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x20}}}}, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x10, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}]}, @NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x54}, {0x8, 0x0, 0xffffffab}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000041)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000f80)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000f40)={&(0x7f0000000e80)={0x84, r10, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x44}}}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x9}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_BSS_BASIC_RATES={0x1c, 0x24, [{0x3, 0x1}, {0x48}, {0x9, 0x1}, {0x3}, {0x24, 0x1}, {0x24}, {0xb}, {0x2}, {0x10}, {0xf33719b3b3c09d64}, {0x4a}, {0x2, 0x1}, {0x12, 0x1}, {0x36}, {0x2, 0x1}, {0x60}, {0x3, 0x1}, {0x4, 0x1}, {0x48}, {0x3}, {0xb, 0x1}, {0x1, 0x1}, {0x1b, 0x1}, {0x18}]}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x101}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xae8e}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x84}, 0x1, 0x0, 0x0, 0x10c06bd8ffe3af4a}, 0x44)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r11 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001000), r7)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001100)={&(0x7f0000001040)={0x84, r11, 0x400, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@empty}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xffffffff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x87}]}]}, 0x84}}, 0x20000000)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000013c0)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001380)={&(0x7f00000011c0)={0x194, r10, 0x200, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x107}, @NL80211_ATTR_TX_RATES={0x14c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x8c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x3, 0xe, 0xa9e5, 0x1, 0x8d, 0xf3]}}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x1b, 0x12, 0x6c, 0x2, 0x2, 0xb, 0x4, 0x2e7fa7eb2571e3cb, 0x16, 0x48, 0x9, 0x9, 0x24, 0x0]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfbff, 0xd, 0xd, 0x40, 0x2, 0x7, 0x8001, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffe, 0x7, 0x40, 0x6, 0x2, 0x8, 0x0, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xc, 0x2, 0x5, 0xdaee, 0x5, 0xa]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_2GHZ={0x1c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0xa0, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0xb, 0x6, 0x26d, 0x8e55, 0xd, 0x6, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xda, 0x7fff, 0x7, 0x2, 0x9, 0x5, 0x2, 0x9]}}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x5, 0x3}, {0x4, 0x3}, {0x6}, {0x7}, {0x0, 0xa}, {0x3, 0x7}, {0x0, 0x4}, {0x5, 0x1}, {0x5, 0x1}, {0x6, 0xa}, {0x6, 0x1}, {0x3, 0x1}, {0x7}, {0x1}, {0x2, 0x8}, {0x2}, {0x2, 0xa}, {0x6, 0x3}, {0x2, 0x6}, {0x6, 0x4}, {0x7, 0x3}, {0x5, 0x8}, {0x6, 0x5}, {0x1, 0x4}, {0x5, 0x6}, {0x0, 0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x1, 0x2}, {0x4, 0x5}, {0x5, 0x7}, {0x7, 0x3}, {0x7, 0x5}, {0x5, 0xa}, {0x5, 0x7}, {0x1, 0x8}, {0x3, 0x3}, {0x5, 0x2}, {0x6, 0x3}, {0x2, 0x6}, {0x0, 0x2}, {0x6, 0x8}, {0x4, 0x4}, {0x7, 0x1}, {0x6, 0x9}, {0x5, 0x8}, {0x1, 0x2}, {0x3, 0x5}, {0x0, 0x6}, {0x6, 0x9}, {}, {0x5, 0x9}, {0x6, 0x3}, {0x0, 0x8}, {0x6, 0x5}, {0x6}, {0x3, 0x1}, {0x1, 0x4}, {0x1, 0x5}, {0x4}, {0x2}, {0x2, 0x9}, {0x1, 0x9}, {0x6, 0x1}, {0x5, 0x3}, {}, {0x2, 0x3}, {0x7, 0xa}, {0x1, 0x6}, {0x2, 0xa}, {0x7, 0x4}, {0x7, 0x2}, {0x6, 0x5}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x6, 0x400, 0x9, 0x4, 0x8, 0x1, 0xffff]}}]}]}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x3}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x5}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xc0}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x9}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000014c0)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001480)={&(0x7f0000001440)={0x24, 0x2, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0xd427cfafcba3bd06)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001500)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x7efa, '\x00', r1, 0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
accept4$packet(r5, &(0x7f0000001580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000015c0)=0x14, 0x80000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000001780)={&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000001600)=""/129, 0x81, 0x1, &(0x7f00000016c0)=""/134, 0x86}, &(0x7f00000017c0)=0x40)

2.697267196s ago: executing program 2 (id=990):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=<r1=>r0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FICLONE(r2, 0x40049409, r1)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f00000001002700000000000800"], 0x6c}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r4)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r6=>0x0})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newae={0x48, 0x1e, 0x101, 0x70bd2b, 0x25dfdbfb, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4d5, 0xa, 0x2b}, @in6=@private2, 0xb413, 0x3501}, [@etimer_thresh={0x8, 0xc, 0xa56}]}, 0x48}}, 0x20008000)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x3c, r5, 0x60b, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}]}, 0x3c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r9)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r9, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r10, &(0x7f0000001140)={0x10, 0x0, 0x25dfdbfd, 0x100000}, 0xc)
r11 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r11, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r11, 0x1, 0x8, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r11, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r12, 0x6, 0xd, &(0x7f0000000000)='dctcp-reno\x00', 0xb)

2.558007121s ago: executing program 3 (id=991):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000faffffff0000000000000000850000002c000000850000000700000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x27, 0x8, 0x0, &(0x7f0000000180)="f9ad48cc429d29fc", 0x0, 0x100, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000000020202b631af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b70300000000000085"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r3, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
socket$netlink(0x10, 0x3, 0x8000000004)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={<r4=>0xffffffffffffffff})
sendmsg$unix(r4, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e24, 0x6232, @dev={0xfe, 0x80, '\x00', 0xf}, 0xeaa7}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000030000000c00050000000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r5, @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="080001"], 0x90}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x10000, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xfffffffffffffed4, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6, 0x2, 0x1, 0x0, 0x4e21}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x40090}, 0x0)

2.557620789s ago: executing program 4 (id=992):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0)=[@timestamp, @mss, @sack_perm, @mss={0x2, 0x574d}, @window={0x3, 0x0, 0x2}, @window], 0x5e)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x2, 0x3}, 0x14)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r3, &(0x7f0000004680)=[{{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000100)="e3d724599b29b10ff47d3994f4b0acc55bf2c2d70fc6a59090d942388be90a04c806f35e0954e9dddcaaa87859c0c5155d92484d5746cddd", 0x38}, {&(0x7f00000004c0)="fac76f7d22463a82f0b830b87f4f98c972cecc0e9ed56073000e1343ad34eb21829903774998b8e3980aeee6b87fbf06d4fec09da471dec62a09fbb64e3c2b6f2eecab37f754295e8c702d1428ddc7b12cb557d861e90ff1384b60ad3b941ae9b10616da6de67f23b3cd1a84249f2b8c137fc75b6786b565bc6f8b71a8f1", 0x7e}, {&(0x7f0000009080)="0c4d39c28f57ee87c377f5df0031002ca828d1af63aad1f0a87c958164f14784181eb3cdcb4637686cfea69d1d67ddf15e327a524e39388bc0f78cd8bd17f92724e6921b59edd2da3f0b95a43e82b40c87cd27b1c317156855692404904c9255f256bbdbd61e5f0cbaa95c221e35dfcd63c6adf175b57c3f72d818c979d1ace7911e3f586a8ac79e38609944c300172c4bae377bde530f192f347542ad7b97cc9c11970fa7124e4ea22a83a6b930c864407b3f3fd9b1b686f625078fbd7998c2d821ab3835d75cc9e2914e1c6e24e39c310200b885da52956591528018c31acb928e4f58a79333c68e9d3822649c09b3b3df8eda7b59ea8a3ea36990616f50a320645a5f7f9deb6dca037f4cfaceed9eea47e3582214d52544e031bb05809fea2063203384b1cd8c5d5619423c681efa6aed72b1b6e8b1b65970c418a7ad5aeec021e254254268", 0x147}, {&(0x7f0000002a40)="71cba0417c1a4f547fdea9f4051408e4a6e4d818a70d5b922c539c18bfb3c0bbf99cbb0d99d010e4b8266197d3cf1f033336df51ec7592c71b92c5f64e7abed0162fddb184f1c3cdeb6c54018e7d3823db5f681e62a8b3116d0be6706b77b3949865f6db0b63c0e4d01a3ca9797e22781119dc8049cf314efddaca5085fdf3532ad46e842a740a0b289d3753337a4219549e48b7830a16a691535404c17df960c305280f32937ccaee16491cfa72fc1d0dceafbc9321e9f24480a1fb50dba1940e79d335ca31af10819ceca9fdac3fcefcfc5a290f8ae0c09502169fac2429048b0d3ddf7f7f3822be85afaf724123125797b0ae6ff3e3d19539266b919c3ca64f27d71129c243520e7a49e01b9ffb95528e337e32da4dc9a6cd17e17fc50c95bc64fcd13fcbf3edae86406ff3febe565f381e701a209d37957c3d77ff28394307c38271a7dfcc4ea2f2b0250209231af33564bd7ee8b770be6022d140005650ec55301406f3c7f369d896ad0fa4d74cd85b660d085611f75faf6e4cc3a8b297babf94734ce6e1c85da5ed199e272876fae40536e86bef494b024feeda29a04aa91217e1795c2cc2dfc72bb1cea40e487d32290bab64967d8274f09bb25f044f9e2591c98825af394beb13d5c2df79d9b67216dce97e103debfdf6d7333c50a85eb6e6d2083eec06b3ddb9a6dc5b8ff47e6ae28d2cf38aabdf947f6a559dfb490b3d8f7ab07fe20eb585ce8fc16c30b9abddd134e670e938519ab69f37725329258ae47e3348931a6daa2b4698431af9d240e86fbc28c7ea466f71be1b107654d60e7c682b1a0673b4301e323710f7fc29d1682c96451f7a514ca5e322f1bd94e69476e0d7cd3c364e675527e648e5fd34c46dd7216186f34605f15560d060d1e89469ffdd183bca1dc146411be2ace6ce9a1081e9dfadfd5a239b3b935cf83ea5d8958a28ab38dbb6a003dd6c124c7ca911317a892d6d99cec53796288238a7ae730e346f6b486697bf1e6a19d5d816687aa6db99b973ad14153b98d2b533a3ae24f64051f38a39db235129527655a447a76d69dd1fe57e5a07e27a23d6bc53f9a6791520a8bd79c228b07add52bb0817bafa229c9972268e57811f6a63003e337e129c6596816ad53e44b34c76414f2680b3f3091309291d834ad76ac248a5070f2068eff54b8570f61fe3ff3e22cdec87bdeb5c0feb9caddb9cb0ce73b6462300e392efda972ef49a2cc1831d8710231a12a8bb2497e3046649d4edf3dda2623195aca3154e347a8675e4541e26bf090605831f7a50d1475b38466a5526b4a9500cb760b52e50ef0b489d45b777ec730a951472e01cf73bd87143dec36239d1d926376e5021d7726473473b00ce11021581168b8163a815050be112cc6c93d5fdeef2c17a82d153012edac0fb2b2d87b35bdfab403dd53b2a122b52f2c0feb65f88e7c509e1c44585b9b01f321f398522b22579b62640edb3c463d9e2a15a2ea98482474cd3be12a22c43fee43db7b1495bfb1b76d36d68cb1578ef9c1f9f060d52bb32f61abc06d62a2633fab6c710ea9d4c5b79a12a1aef607580fb882e0b7b016d6b3f1da0227b6a5e1cfe2d6223f534ca02d813e9c9aa396433d747ac9a089845f14f3f048e2face21807ecb0e34ba052d56a0094a4eb4490f5ca73fdce856f309d26ed0502658d6f5661514f86127da3fd80307f9c95ee6a8f024c5e80eaeb6de2af176b5e9100588cc4c197fd3eb14798f44467dd63bad3189bd1b7a66c145f2fc64b80695c4727c3beb23b2de57ed8d26e77ddf4ef3dc237b839d1051c3d838be41cf3753f087e3e9f6e6910e7d9121533a3b0897d1ce13257d9cead93572291c21dbdff0b1dde38b2f80ad4d4841d3cbbf9e7d34e3bfff83187ebdba789acefa5b0af90b9f468ee45406646747730da187475c3e8514dfdf04eb06e8a00bef518f26452cb693ec73c04a0e8059e9d07dd66acf8a39ad5c11c3d60e136929a608342e9270d5e85db74276e2c4dfca159fa785c88d80717a461acf4bf04b38f4820f0708ac4ce44ce189860848b71cc3f89c29ae09e165be30ca8755069a46c7d94ae2419c956728816136f789293a79179921bd2a865ed4b6a6623c893eb545de729bfee52480ef23f5bdbbeabef34d9809893dba2a2b17cea735b8c399ddf8e00be67e83c8c8279aea5addb9b31b063a8db58cce782e742a1d94043361e4763360a1515fcc558e20169dce32eaae2a3f56a32c30bec30aaa545ce07c3c74597bf8d4de80228fbfa245e0e9f378735ed2c7aecdaa3e5475aaf43f7c5cf5b3d39bcdcbafa7d9870801d2ad3d221b07a741b59e018172e4320689633496c88e5e9da9b784f24e799b9fed4eea93c32ad1134f0abb43c864d22fa142d7b7f082f9874b67e33b2ff3a125b29bdde5d500e09ea4a0a5feb394f3f5646a3db85f9dc0b5d29e5164afc325a106ecc6b8433a644917d77cf522d8a49d0c2ad7811d884f6d07e204a7f8a7ef4381a496e69e5c1bf5d7ccdab32e23dd9663c2a612edc8d5ac7859af96812f813cd3af96e09dd9a5fbe7f5bfcd7a71b85c50d2597c708135f7a143ae9cc3f0fab0339d67ef57eb73ca79ee779cfd0ddf3b4b81048f78edaa9ef75d48f0a32b0ef5de072b4869c99b40f9c813c26c45fb434f5642bddba13190a1ff02be22124e7c91954df9ee17170dd6c6637175ecbc859ebd8672a43413c92d958eb36f567f519726b07cd89c5a1e3c16fc68a23dfca40eab09632e92152c1e38165a9a4759363605ba1f2b0e3470ce97a668500fc2b600b9747de1b4627fb4e9dd6c929008c44f72ea9792200ba710a2188b120bd4f97705002fd1f932a877aa5852dd808ff713eeffa74b3317f6e2d06f952972fdfa12cda4d22f82ee1b0ce06927a77b05571c6c0b5d3fa1c161d6265380fc4f505bb438a6212755b2f0ee39824534a3031983586b72a6e998cf295e6e24eb98a791127026a6a49db9e65678c39c1dec31c4f8f76bc382c685a4282517631bcae9b62b96cac51662a99737784bec9a83e0e59e2d1ff5c8d1dbcf462ebd7adc964c5c0095c8afee644a77af28163fc6f40cc3235cf06120de636a6c49d63d866a00c3ae77a2fcf1321842f30aa72ee861e04294f8ae71d68d74dcdadbe244bf1ff24d75a252bfd2fe9a023c6e4f7fff5801a5534deb9f758906280db67b4040c49692277409b315f0cdb55ea59466f4adabc2385198d35aa30c71a322fe20b7bfa02139eba6f03a34ba635ec61b9f88da98a085e0b379e3002182cbb2ef2cbc9b7079b14a245aeb0067a400279b034421e057488ae0f96b9b9ecad86b3eb52dd9401f445ad978faf646a0b13e0666dccaec3945b966b4f2b09391a3212bf1bfeb7295879f1a598c5862fe0dc7cba882ad07cd55b277689ebc6e919ce735c66e52d031c7f7a98086fed98d02f4bb816bc7567ff97885108b622ec46626b5133da63f485427ec795ecb6d5ac7a53a8968956feedad9b01cb69c83120b16dd0374e3b52f98d7b67a13181e16dbdd8a0466fd8c93d2b3ac30c6ea0c60c89fefc56cabeda052e9c08fc3995223cd8c79daa6b0262db8e7f0e25f601ef9dc5b0e46a4f141ba6d31b4c7656fdf1ab9c98d987810e5d636f3fad1fe7ea5790b053e6baf5b80a96a0a6ea53e557fd67c991f71bcc56fbfecabe1c68af6a7885618a2ad1f291b675c48aab2e29e34167520be0c35bdc053fe440224ac12ed298120c32fd9dac4fef6ea9b8647e0db90821c48d36cc5428f0182fc59fb5dba39246158c7e7e2f8bbf5fbe39ebe41ad4cdb1f3c6a69717c639a236a506a1fcdf2db7119971a136878e0101f39be4548754d29c2d2ff6f6b384fcfeb6f3fd47f858fef185644524b8b75a5aed67f6033ca8a5703679755d9535cb8dd7f5bfed75435894866aaa3599d39ab539aa51161bb98eecfb6c9797f010d435af15e3703ce7d93ca0044b783d4a56bd4e22467b302047379f6a88533d6a31ba39b44ea4ca9e69c0e3ca86a5e5b8889a3ddd09870e1e74a852dc3a0f0e3f74599d43e348d7d9ce7e9604653578723f66f07c758bc062dea8fa74abaeb43b8f51c0565ff1fe749634175cbe5df0a3fa5344c5966864bff9cc05bfa728b4aefba648e86696397436139056eed4f03d925ede75a6301ba50cf749ce9d84a4136d6e54f3a5d1c75a809c45a43a980c0ce639c6546a0c08f20e1d7f661f64cae3256d511fa41e6fba6792b82ce6204f2c76a1977b792c28d5d5b87aaf34c1f914ded0e4d82ddf1c0a1c01d61ca7797914af639547e257bea58f10ab42e01234305becbeefcc3e5c7d25e020d5cf8c1d338e9cca9cccb91cb63b81d3295a4966ebe55788b7ea789be28d186eeea5db4dcbe5985c6b35301187770a0752a350e311f34ca7ab7dd094981c70ff1d9b15153cdc7d55d7d80584b0a16c290107c81106f14d8be77d64288513c3124a89c6558857dcc81653509d9a0c6fbb986b1bc060e3a8732cb0eef81412e086fa78b2be5454e5f92e4064fe03062e2f5cade9d3bbfbaec78de01eb57d3036c83c5f53fa699e199d7ed6e6381a656160a0813fd8f04c088488833da41afe401b1d126f54398dddd1cf2c5e26907ff4c985800e10675c3b414d571dbf6eea6136f8dfc08159d218bcc9f301adcefee3a86e336db21b4a546a3744c28476b629824c7967a135324f87a34354932f19520f17cb83111931448fc7e4c5111aa8c0e6184e1201c046d2be7fba26214152c491e34b3a101859bd8e1b59ab746a1cfd75b1883d237dc62cf6f9c29989238517dc96b48c25ea718b93394714ed5eed4270757a451267c4406fd162ae8570bdb22d9a9ec7318642919117bb1def065aef3a423e51d449fa20857cb3be0c6dbd64bcc10a86f132aef128dd76173ecd829c339592255c1321eb2a3c19a08094252bab73ea148f89bb5e6ffc70d45acf4e7dbe1efe71e3d34491ce1af0e7fc9ee60300c245c71d4fdfd5c6386666d35da4104bb759714ca2c63ab1e77d72c3cc663430d37c84d4efc7270b619bbb5c2d6b4487e2063f79995411a9d5444cb492", 0xe06}], 0x4}}], 0x1, 0x48841)
recvmmsg(r3, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)
sendmsg$sock(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x84)
shutdown(r0, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000002500000008000300", @ANYRES32=r6, @ANYBLOB="08002608000000000000000008021100000100000c005080ff000500040006000a00340001010101010100000800350003000000"], 0x50}}, 0x0)

2.53398281s ago: executing program 1 (id=993):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$BTRFS_IOC_SPACE_INFO(r1, 0xc0109414, &(0x7f0000000940)={0x57d, 0x4428b954, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TLS_TX(r3, 0x11e, 0x1, &(0x7f0000000100)=@ccm_128={{}, "ee6a8e64a9f4d496", "2742cd9e1a7dee0a5709069c6e67af34", "2a715cd7", "bc0876e56d217c57"}, 0x28)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000080))
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000040)=0x20000000, 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="034886dd090032000300300000006000000001002f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022ebc26e993953"], 0xfdef)

2.367031436s ago: executing program 4 (id=994):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@alu={0x7, 0x0, 0x8, 0xa}, @jmp], {0x95, 0x0, 0x0, 0x1a03d3}}, &(0x7f0000000100)='GPL\x00', 0x4, 0xfa, &(0x7f0000000140)=""/250, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xe, 0x10, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000005c0)={0x40, 0x0, 0x3}, 0x10) (async, rerun: 64)
bind$tipc(r1, 0x0, 0x0) (async, rerun: 64)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000900)={{r3}, &(0x7f0000000880), &(0x7f00000008c0)='%-010d \x00'}, 0x20) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) (async)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) (async)
recvmmsg(r2, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001340)=""/179, 0xb3}], 0x1}, 0x4}], 0x1, 0x40010002, 0x0) (async)
shutdown(r2, 0x1) (async)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080), 0x10)

2.283264706s ago: executing program 2 (id=995):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffff58, &(0x7f0000000000)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x10c}}, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000180)={'wg2\x00'})
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000400)={@in={{0x2, 0x0, @loopback}}, 0xaa, 0x0, 0x43, 0x0, "9e62d38162d11d34e29ca77dcbf24898d6a94f553da1788337c9c9b9ae7339d4fa08282a85f3f595ecc7ea4970f940447ed103956cd02d6f7c2b69aac55e1b172f0c0dcc8ca7134702e02bd673843fac"}, 0xd8)
connect$inet(r1, &(0x7f00000003c0)={0x2, 0x0, @loopback}, 0x10)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @remote, @val, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @empty, @empty, @local, @broadcast}}}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000006c0)={@in={{0x2, 0x4e23, @loopback}}, 0x0, 0x0, 0x4e, 0x0, "e91b1dc5727500bb1f86bee48ec8d8126ddc3ecd08e785a81c2662df00256b8c01f0a6f5a70b8935d4d32116282e9d4161c64eed7a8ff500000000c3a708b1649892c15bb15773fa3293578178b35412"}, 0xd8)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000140), 0x16)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x7fe2, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r4, 0x0, 0x0}, 0x20)
getsockopt$bt_hci(r3, 0x84, 0x84, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b7000000000000004e0a0000000000001da00000000000009500000000000000c7a199ba5633231d61336a0535434728d609f5658a9359ebbd64de3a6a34e15f0013bcf12b22aa0c3ab50c0bb8a9699b61d63c1241e47dbce83afda45edf8b54d12716bd7070f76846dedd79cd68223be16030753751a8f7d6fb0808bc4cce042a5fbdd42679099493099841879e27ef86c6cbc18c100f732b6fa27e20d0c73ff6998293305c3d9303862e6a2b839b7435b40986a69a5841b71efc1c2407ccfa1538f312633d28d8b183846896f5ea10dcddd1284c2b53432e5c7f10fae683311b25f5"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xffdf, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x32)

2.198434857s ago: executing program 0 (id=296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r1=>0x0}) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x2a, 0x2, 0x0)
unshare(0x22020600) (async)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000a14a6c714b58a9450000000000aa0f7ece06128f82509efea8260387a4d3f81f080e22da92e58a14c14518083ef942239995b1b12c823a577b8940f639ca6b5f0ce6dcc369cea68be193f8d3a2adf8b32616cae64e1bbd5afe6acd9a44de"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async, rerun: 64)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 64)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2000000000000002) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB="40b1e0ae4b27e9940f6a0000000000310b632b00000000000000000013c2f3b799e73e27c503a0e5adf6ab5ff4da524e310100000001000000f09180fec16748ef7efdeca5f26ddcad4140c2673c24d48955cdd8a81bf651756f8ac5f8b619ed365dcda38457d8073df246bd1b29fa15bf67e22f1a978b96bc4c4cb87e6b3f87909e35029d578cfc53d8fed22bfeeebae66d55d274683a233d998f4897fd0641feff178c3b1bd456edb4e86538432a47d42d9fa33f6f7a5d0f84bb624e5aec09fb9b9c4411d6f4718024321aef2fed4fac676ae78da24d1eda4dafd4376aafb9c42fb155b3604fa220c044d02494ee9aac7c8d8b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async, rerun: 64)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)

2.185778169s ago: executing program 4 (id=996):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32000000000500050000006c00050001000600000024000780080008400000137906000440fffff000060005400000000008000640"], 0x6c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000000306030000000000020000000000000005000100"], 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=ANY=[], 0xa8}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00'})
getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1800000004140100000000000000000008000100010009c6"], 0x18}}, 0x24000018)

2.123904484s ago: executing program 3 (id=997):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000008000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000ab00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

960.390705ms ago: executing program 1 (id=998):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940))
r0 = socket$l2tp(0x2, 0x2, 0x73)
recvfrom$l2tp(r0, &(0x7f0000000000)=""/27, 0x1b, 0x4000, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
unshare(0x42000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8010, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r3, 0x731, 0x0, 0x0, {0x38}}, 0x14}, 0x1, 0x2}, 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000140), 0x4)
getsockopt$bt_hci(r4, 0x11a, 0x2, 0x0, &(0x7f00000004c0)=0x4)
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000280)='v', 0x1}], 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, 0x3a, 0x107, 0x0, 0x0, {0x3, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}, 0x1c}}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x14, 0xb, 0x6, 0x401, 0x0, 0x0, {0xa, 0x0, 0x7}, [@IPSET_ATTR_FAMILY={0x0, 0x5, 0x7}, @IPSET_ATTR_FAMILY]}, 0x74}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_FD={0x8, 0x1c, r6}]}, 0x3c}}, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r9)
sendmsg$NFC_CMD_GET_TARGET(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r10, 0x1}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r9)

931.267195ms ago: executing program 2 (id=999):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001f00)=ANY=[@ANYBLOB="300000001900010000000000000000008020000000110005"], 0x30}, 0x1, 0x0, 0x0, 0x5e329d40e2bb6d1a}, 0x4000000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x600)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000040000000400000003"], 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r6, r5, 0x4, 0x0, 0x0, @void, @value}, 0x10)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000000202070400000000000000000a000004300002802c000180140003"], 0x44}, 0x1, 0x0, 0x0, 0x3a2a1cc9b05b5d3c}, 0x40)
sendto$inet6(r3, &(0x7f0000000100)="3dede56026dd8af4c8f30eaaa750ad334bb873d668565e65c1278a7237c6", 0x1e, 0x80, 0x0, 0x0)
pipe(&(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x17, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c0000fc00000000000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="800000000000000014000300766c616e3100000000000000000000000800040007000000300016802c0001802800010002000000aaaaaaaaaa1800"/84], 0x6c}}, 0x0)

929.619226ms ago: executing program 3 (id=1000):
socket$inet6_dccp(0xa, 0x6, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'gre0\x00'})
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0, 0x50}, 0x20040050)
r3 = socket(0xa, 0x1, 0x3)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x4e20, 0x1000002, 'lblc\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000008900000000000000000000000000000052f7c1133d7e15a8b0e8c19a0f0be8348e020123b56c5a10cd3cdcf8d46fef0411e4a8be48a9796dc65f8fc2"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$inet(r5, &(0x7f0000002080)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000740)="17", 0x1}, {0x0}], 0x2}}], 0x2, 0x400c8c4) (fail_nth: 35)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup/syz0\x00', 0x200002, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x890}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000007c0)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@loopback}, 0x0, @in6=@private2}}, &(0x7f00000008c0)=0xfffffc6d)
sendmsg$nl_xfrm(r3, &(0x7f0000000c40)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a40)=ANY=[@ANYBLOB="a40100001c0000042abd7000ffdbdf252bac000700fc000000000000000000000000000000e00000020000000000000000000000004e2100004e2200070a00800032000000", @ANYRES32, @ANYRES32=r8, @ANYBLOB="018000000000000000000000000000000000000000000080040000000000000004000000000000000552000000000002000000000000000000000000000000000000000000002009000000000000000100000000000000ffffffffffffff7f05000000b06b6e0000013d0200000000e4000600ac1414bb000000000000000000000000640101000000000000000000000000004e2400094e2100"/164, @ANYRES32=0x0, @ANYBLOB="ac1e0101000000000000000000000000000004d60000000000000000000000000000ffffac1414aa0300000000000000040000000000000009000000000000000100000000000000000000000000000007000000000000007f000000000000000200000000000000ff0100000000000051000000000000000800000000000000ff01000000000000030000003ce200000600000027bd7000053500000a0000072000"/171], 0x1a4}, 0x1, 0x0, 0x0, 0x20040010}, 0x20040000)

921.590196ms ago: executing program 4 (id=1001):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0}) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6, 0x2, 0x1, 0x0, 0x4e21}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) (async)
r3 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r3, 0x0, 0x0) (async)
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, 0x0, 0x1) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f1, 0x0) (async, rerun: 32)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000540)={'veth1_macvtap\x00', 0xc26d}) (async, rerun: 32)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000380000003800000004000000000000000000000200000000010000000000000e030000000000000002000000000000040200000002000000000000110300000000000000002e5f"], 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (rerun: 32)

249.855798ms ago: executing program 3 (id=1002):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007110110000000000950000000000f400"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000002c0)={0x5, 0x1, 0x0, 0x0, @vifc_lcl_addr=@multicast1, @local}, 0x10)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f00000008c0)=0x8, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000001c80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37bc21cfdc8180c7d09c35d130d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56bd86acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r2, r2, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x6d91fb6102d8d9cc, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x4, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r4}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r4}, 0x38)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xb7}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket(0x40000000015, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="2f0000000800000004", @ANYRES32, @ANYBLOB="691c76"], 0x20)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r5, 0x6612)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)

0s ago: executing program 4 (id=1003):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
pread64(r0, &(0x7f0000000000)=""/124, 0x7c, 0x3)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f00000000c0)={[{0x2d, 'blkio'}]}, 0x7)
r2 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sendmmsg$alg(r2, &(0x7f0000001700)=[{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="fcdd7a2ffb62f7f732e29b099206330b0609266d3f30927cbc39a54445d57a74a163aa35504ba4866beeae9221ef153b5dae9d948a7137ab8f0a16c722ccb4084e11eaee853e2662457012d68c8936387ca0548ca5d4c80301bfc8fedeb48ec67b1ed660c849297f08c8c1fdcd93a2a646423d4143a069eb3641e0ed1d13d7e8c92ca0d4c53dd6b94d9e7a061cff49ea090dc2", 0x93}, {&(0x7f00000001c0)="dd1651e240b9585ef268a50592998cc8c35f79eabb1522908f4d4b055fea6e394ecba22c9421cf5a9d3c66d77e9c7cbf2b0a2a", 0x33}], 0x2, &(0x7f0000000240)=[@assoc={0x18, 0x117, 0x4, 0x80000001}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x9}, @iv={0x38, 0x117, 0x2, 0x1e, "3443eac4076e8677a4e4caa1cf7f5363bc8b8ad0e9952b13edba13e7c9b0"}, @assoc={0x18}], 0x98, 0x4881}, {0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="1e82e144971f632746906dad7162e6279418bec6861c355712366591dfd202c2edc8e8c6f10f8c5ccf3c7a8072584fd0af1bd088f3289f5f770c7381e25f6586e1bd2af37bec1173375ffa18fb78a807cef6cb120894d8041591a200879f5528071da394e50d111e51ad5f193a45d98bbaa47d9fa2b4fd2621868b39eedb3dfe03a4f92314850fbb479cb99acb2d2a97abaeac27a96646d80c7f9592", 0x9c}, {&(0x7f00000003c0)="41121644c15ff0a94c0629d247a13ce5c730db2b7e3534d29742816c22a3b284e18730122050f419e7dd8e4a91d576f888c282dd655d255c018a627549c88f5446cdb380681e1906c9", 0x49}, {&(0x7f0000000440)="8add78e9e2bdca36ee6c71d96baa362d9541e6559a807242151b0aab875b3939afd0aec99f1947d4f45fd5694ef883525bb826a50000eaf26708987b429e5b20f4312faf192363a19f1b7b194af70732643bcaaa9020def429f74595325c5586a37d44565cb9c358338682201c7a408567572c0b25c4079b1057de0f4da5793cd851d344dc93f5cb36b5d4234d7bff4bf4a4ac7d841bc4bb45c16e690675337179bf2c", 0xa3}, {&(0x7f0000000500)="74b6cfaf9dbb4738e7f1453f9ff62d986a77ab055ef50c532b56f55bfff1c84adad7418ef2924f924967148a42a6d1fd72bb189b480cbb616f2141e7e1883d2e25ab193d", 0x44}, {&(0x7f0000000580)="f1ea51", 0x3}, {&(0x7f00000005c0)="540fdaa5c296bebb18", 0x9}], 0x6, &(0x7f0000000680)=[@iv={0x1018, 0x117, 0x2, 0x1000, "9153b4c0b86e958aafa85415b2ad8ef817c7b585e95f57bdc60f16d182b5c912011260c440e5a54f99698f0cbc8ec205059c89dc19752ad2c4e688833b6e176326ad1ca5e5b4933788ecdfff2ae5f1ddc65bc206dd778969ccb75c41a1919d59fec991656ff03b26ead6a6d175e63e0d84e175df9a07ef53eaa966ace8eef7c93e549f3d83cd222c8d3521840b0b1bab539631a57bbbbd454230f28af680bd4df37d2c9feb4dae6d61cee113e9b453d924b2e25d6e6732bcc111f2a63200edbee8a7c424647c7f3fde620b9ef62bdd94b128f8e6ee6ebc4fa010e3fdf263a15a64ce60767a115ecd996f2d42eca8101c25df8ce22849c09e4c0c85a0ab841cb0c3a0ffbe87cc6cfd049324443c22acd71fd265ca0479cd8534fbaf7de7fa4fcadedef890b168958c905e51973da4587c96e29991d761369a6981461e574e6339fe8e5f0bb97ed2502fc671eaf88537a7b76c7acf254ed3ad3e51992da2b4c26ac7a9188d3dcce4fa433762936e37d383af984903a7840b45d27132e00a24b6ecd723fabcb48e67c5bc38a2eaff43a61e6f3f558a30ead6bba8d0d47da5003c4b5a6cb995471bd7395f8c28fabc5bbb88f7849d0b941545f303942a369a8d329830816ba6b6a2edb5dcde8c332c9a5819c90d6bccbf75d45e4f2b0884dacf7cb1d88ebbeeb224249172ed8ce349e7074dd8e8e92531c0d3cc369fe560b366673c1ec5230099f7f95d5a93446d91f1c4bba6f139693532d2caf310e7509a317eabc8e81d40a24608c018848ef8e5fc859170afdb6b4bca03dd984cc0c1b97f8c3905d411bf3df19f86d86d73316fd9e66c8d0e6904ce4f3d8d68f36d02e0085bc9fa6b2d323dbbd8825692674cda30adda317c2f02ec948aab095908e4483849d4950f5d8ae84dd4a5af617dee6ecd29bc8861ff1331de612cac44bbdd5916a7cccb8be43a3ec4225ea788d0ff6296de03a61d73960dd084a4f1bccdc98b59b4b95188e90cfccf3c2fcaaa659f1dd89bb679a56106aea6f5d85e438b74212364976e694aee9ae2a2629470b01490f57ad0470a3337aa6f6a66c2657783640634fbca0488d573df2e359b18b2ce1507408cee00229267ccb4ba6f4d3a776d7eafac636b159ee6b571b02dfeafdd7c78c52fd4c1ce0baf5f95a9d1fb81805c8656e95fd125567da9979d4dc58eac69c99bb11991b63908fd8feb935e0d1eb68b89aa0d8dccf0d03b4d41218d37aa258cdf7a9c603631ac0b400d7d05104f472afb8bb82a0de06a81211b095bf04688a1b4e0b72fa135eb1ee73d27f580d43dd206284ae86db892032e90f21e2fb46290bd5e39455b0a89127160b041b572b32500a5adbfaab063f1cbc7db534f3c015edd63529a8c919108140ea1fd8a70c4d3c472da73621594156bb210002e8ab8c741d3d6c3f37bd9709d4b3269ed5514cc40d53c00a07a5281a9caf3ea5f33de1f8f2c7f68101ceab8d331c9c54e4c5c479f700e5aa7d93455819198fb806611c69879b9ce38d513ba13c1dc358389acf9299ebd8faf802fd3f008965ddfca6863d42ed249f656165076ce3c32264213d105b9773d915031015ae97fd7cb9f107a47309b47f60122a305415208ddd2dba338a862b9a0d878b5cb58910bfef54bcdbc6c3b949558aa6e5fb967c91caac515dbbab5c9efde268aa5c0aa9a27efae233f9436b4ec3c08cf91968360200fbdbd5ab8ca677898c56194c7f3178e90a361ff3222dcc29745ed9cd521e43897744a337273af2475de66adc4701eecf93dee904dd4d98794f3f54118f6ccde87a15f940c5ebbfe323ffccf45d3026850ebf2d0e7f2b097ad4bd7269a86c1b4eb8d92d9e0b568750cec27e89edb2e656c24f7fe19167060557f292de0d52370a18a755d07e204bdd2b8b51ca8318c4a137e27c970a9f1c659f09a3ab36d0ee043d19c5e9f335a1e6a35448511e6ee013c49535ef4ba9acff91ce6bcca37b94e391ebf27aa9cb0e5ddb69453323f01e65a4aa1d20c6930c44f370e5e9c54138c5a7ca2b61c3d60ea1202420bad7ff676867361c6f44b6c02f8dbb576391fb8b9dd7b38cd4c2102a4bd775611b323bb0a459c9d38f619009924a3066e12cd0366d5bb9eecb85c2fbd2d186608a630122bc039292beba214e51094c6a3d5b9f0f329cb4316db354292199722853436268141185ebece52b9c68744b15d808689751b75eb987da79d60fa9f169f01eed5feb54a6af62c7a41fa07140135899b669f2a3fe96ad88c7885f56aebdc3ee003ad2869cc4834cbd67f974356004f111fe15ee0bffc0671496b19db99642e9ecd42be6360c9de084476082309764fd7353b5d84e9c36d4f6173034f9e7754c5b7206000b739e179d486f898ca552f68c38b92537440909b19b1f3232816f4fa34def4be50d0886534b70163791148dfa5398958791b3d31dcbc34fa369ff510ea57c958c26869931804c6607c9763bb018ee5e8d4459aafb9d911d96f5f001ecbf9b2a2770a284cf188689c782070704dbcf0d614e3e0b491f20b9b39874e70e1e0a14d0ad74d8f227e9ae829b8099456353eff72178935cb528ce9d9785098141a187d751dbb5a6934a6e83cebc0e6266d72007ddd69dc9fb6d96dc2c5a6a8875fdc18d0373eb2130c79ebac03d20bbf8b4e88fed8a7f0c909bf93139bd452796fcc51b1a7efb609f7b6f00134eaf052b8cf513d417e477d50622f0ba7517e3da25f558202daddb0b6f22d7d7e4c773559abd55dbe1be636a73eaeb57387bcb2d70ab91ce4e9816272a18e5edb8402db78b0911df004e3839eed46e98bf836e1e282ddb76ed5d801d6d91ab600d6af5f247689806d041979f5bb5ab4afd765a15bd987bbe1afcb73091020370cb413aa2675545993488937038baaa7259f67e7d330529d092e4cb78acec11272a60629bf5bd91b57f85033dff5f0f9dcdcc59f9bd2dc3768308aceeff69258ec4654ffead5b76a2e7aeb17964d0cf1e21bd211e7a69c2c687f7ec1b04b9f10977f969cb02a202fab6d80442da49b70e139f88d00a4ad47cc2b61b6514e70f094225dc795e5b8ea2f4e8c170397cd900322c0ee080239476abbc041846563659542b81d67e249bf5b8f5262a521dd09bb5f50255ec2771e9289f265ceea94af0484a69d11b8c9b6235633ec7c4e3bf28c7951459adc105afbf848598cc1f6bc38632e723e666ca124be374b042577910ac68ed0bf242dc261e6d89f728d86b0e3179af034af4dc74b7dc87d672d39372c06e8f19fe4c625e2f87c40386605bcef0545a0712baa6ddb3b0b09eb8405610783915ef3181e4284ea1154f94072885d98de538483a721d118ea63e0c965f2580a124db18d4dc2927a6b747f32c52c6152688f02bdbb7f0c1d1171cd4c84275f0860773dfd35f87c3a8fffdf15ce547a758f2eccff16c5d002f6b3423b28e9412c3778e0125bd6a689b7c0bdecd3b850e9482e61098017b1465b771af128290b3ec917fa80b280fd0da35fdc90cde0dcc71edc74e7c050c58253fb2561fd2f8457fd166a636971a6d95f2ba36c4f6fdd7ccc0914eb1a52d9427599bcbccd9e0eb6a1d0d193e96e7b026eed3e32a2f6de82fce77c9582ecde471d80de2142f937a0c972fbeecb32b1ccdf3b1ff68b14bb2fe261a13001b72ac57c1b2e7e4f90b526e627234ee31943b33ce1e2053a0537b7e3b6d47d988b469e64061054f4225fc33a3a2c0c3e88d19d8cf374000171a66bb438c306e6e00a1bb16eff2adaebccc93a3cc0545ac5ae59d49b3f8e5ef7ce65321fd217188cf1cc6d6ff5d00faa3140142b00a8377ff55ad1e6a9d593142f952c214d987c895091a14e0ecaddb5d423fb30d4fd35e99630080cc2ba02c0a8a2da7a421aaf5dee7e52d0047701ae1ad5541f80222e8d7b2638a54a95529152e21f93fc234d98bf33f163c270fc53929e6ad50c4e33840d9983faff202163e0c6d408b21b5344fece65130f1b3b5e552fa85aa9f3b31575d1adeb6a72d0477ddd3dda2ac5a5ef88e5b85c895ae9178e0d747c3eb28bfdaf731f08dd253b88f4e398258e8fef07d77afe41075a9745ccc688a3db0240f9711f3ed6949604d839fab46ee97ad48905991af421ad372e788f5d541d8a2bc8d9875ce9d505e7caf01169ab686ac13500ba62bf1f45ef667b60c42537f1599d77022167b067586c430f9499aea8ca0998dfbdb2b00fc7eb1e41e3ddae9b5a0e04bc052081d3f73f083cb3fded907d4206a8a1d55847e161c80819177778122c977d7d31e6d3cb7c24a903201f96e7ff9072da7be0727e94be895affa557faf32177f4af4f95284d3ddaccccde8c65e4cb69109eec27492da1aadece89649c5152a12e41a3ddfc1725740b1d426a437997c9cdd24d68a2559e7bf4a83d93364bc8e8115cc8d9cac6945b1689685804643f250cdcc4abc34a3f95b46ab977fe6a0a45683c73a95076c8c8ad04385eee1f418f9f1cf7d68f3b78036caf5db5ac8656e5d439eaacc2f35e5af1ff841f41558e55a38a6825969cf1d6398df94b8404e83d9c45c55a4a271d5e1698a3d07ca03bdb0831bca489b82f7d4ac1a6ed309ba624d332b2b2806d57d37aa7e4957b652ab52a054b5bbec3084279735148552c9bda44e164b63eb0c7fa28ec2f900403f805ed7301f57efdbc39d404c95616dc59625884507486ae29eaaba89822e14a84c3c502792c4bfc70380aa1c91475fc15d375d358eee7f2d07b2421e838c28acfa47232b9a58c17ec7a938b3f71f8bfa0d06e1768a0faf437bd0ff0cb8b2cf57fba4bd3ccc52d5c65ff3123d79bdd12fdc3200cfde50ea411139e67860cbbfd386f587758ae07a5a5702357f8ec7363f0ee7a0a8ec81e0d19b6de977402a4346b0e415e94d3c45100d2d62fb20f1cf1c8ad5d80b0a4ad8a8089fcc71de9535b7fe77ea3a05d9f17eea602f29ae3caeec079b29cc7c07dc3b2e4ec333b7a773535c118f4dfeae0f8fdb52798310f5e55ed869f000a3226aed572ede1de137d56e6fe9a6426541cba108b2060de882d7c051a6c9dda5a62c10d50d383ac935faebc171408931760a5ef0dc85943f330e5068ae347d5716b54392435f83147567ca4b6a8ce1a3a50b0faea939c99fb6459084dd558058421b1c0f09bb221277089317a4b4f89e734b87d91bdb448c57f4e6d73699a69f5136a3731cb10af3d80a87c0e610c334713b04eefe227cc225d0e9f67b0fc5555c62d1ab18e65c23c650a2dbdc1c772301dbd890e5f1c2aaa4e6d1c7d6b0a385e9a58ad175c3e87b7735c16d58a212b73eeec1f35f4b53e1c535da0e724f14df0d367df9baa3a5089030b7d5f95a97357fcf6c61f9349e9e700cd1b09fb02a0a2dd3f52eeb4acb77264ecaa90110825a1cf17850effe72d62186693834460be717b3a182723c3305a2969580e4c28426412923e57117971dc2f05d28f49c7bb1385b7796ab4acefbf585b9b318f2fa294347396b39787408773f257e8980d8458ea17aa22d6c22d9efe5d5ef5c0d74d8482ddea95f564093804c9eb8afe9bc310955ea3283a56d62a1004113376e2c7b5f284a241d395242539957bf2e1bafa1b39e32b7210cb608ead2db2119a69a1e16cb3a7ad3cced7bafb05db9bd429686d24547b98ff2ba756a0cd27685038d065baff57de3a33da64ca711f37e187073a18ffffbe9c7ac1fa198ccdf95f7da0559679d803f2a327c4edf3faf76a2371926416ada5b6084b8d1c6cdc5c688fd565f4dd11291d67bcd4632d9a0811c2acd22b4fa181d61cd081bd974e11"}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x2}, @assoc={0x18, 0x117, 0x4, 0x8}], 0x1060, 0x4000}], 0x2, 0x4000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f00000017c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r3, &(0x7f0000001880)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x28, r4, 0x1, 0x70bd28, 0x25dfdbff, {}, [@SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @empty}}]}, 0x28}, 0x1, 0x0, 0x0, 0x400}, 0x40c4)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000001900)={'wlan0\x00'})
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001980), r1)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000001a40)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)={0x1c, r6, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x24000090)
listen(r2, 0x7fffffff)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a80), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000001ac0)={'veth1_to_batadv\x00', @remote})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), r3)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000001c00)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b80)={0x2c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @SEG6_ATTR_SECRET={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r9 = accept(r3, &(0x7f0000001c40)=@pppol2tpv3={0x18, 0x1, {0x0, <r10=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000001cc0)=0x80)
ioctl$sock_inet6_SIOCADDRT(r10, 0x890b, &(0x7f0000001d00)={@private2, @loopback, @ipv4={'\x00', '\xff\xff', @local}, 0x9, 0x3ff, 0x5, 0x500, 0x7, 0x1, r5})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001dc0), r9)
sendmsg$NL80211_CMD_GET_STATION(r9, &(0x7f0000001ec0)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001e80)={&(0x7f0000001e00)={0x4c, r11, 0x10, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x0, 0x79}}}}, [@NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x6}, @NL80211_ATTR_STA_SUPPORTED_RATES={0xc, 0x13, [{0x18}, {0xc, 0x1}, {0x24}, {0x12, 0x1}, {0x5}, {0x1}, {0x60}, {0x16}]}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x20000880)
accept4$ax25(r10, &(0x7f0000001f00)={{0x3, @bcast}, [@bcast, @default, @rose, @rose, @rose, @bcast, @rose, @null]}, &(0x7f0000001f80)=0x48, 0x800)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002000), r3)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000002040)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r10, &(0x7f0000002140)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002100)={&(0x7f0000002080)={0x70, r12, 0x20, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x9, 0x42}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x20008000)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r9, &(0x7f0000002240)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002200)={&(0x7f00000021c0)={0x18, 0x140e, 0x10, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
pselect6(0x40, &(0x7f0000002280)={0x481a, 0x1, 0x6, 0x8000000000000001, 0x8, 0x0, 0x7, 0x8}, &(0x7f00000022c0)={0x2, 0x3, 0x8, 0x84, 0x10001, 0x0, 0x7, 0x2}, &(0x7f0000002300)={0x2, 0x80, 0x2852, 0x1, 0x3, 0x80000000, 0xfffffffffffffffb, 0x5}, &(0x7f0000002340), &(0x7f00000023c0)={&(0x7f0000002380)={[0x9]}, 0x8})
ioctl$SIOCX25CALLACCPTAPPRV(r10, 0x89e8)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r9, &(0x7f00000024c0)={&(0x7f0000002400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002480)={&(0x7f0000002440)={0x14, r8, 0x8, 0x70bd25, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)

kernel console output (not intermixed with test programs):

708]  __x64_sys_sendmmsg+0xa0/0xb0
[  146.309964][ T7708]  do_syscall_64+0xf3/0x230
[  146.314481][ T7708]  ? clear_bhb_loop+0x35/0x90
[  146.319174][ T7708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.325082][ T7708] RIP: 0033:0x7fb13317e719
[  146.329509][ T7708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.349130][ T7708] RSP: 002b:00007fb134063038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  146.357562][ T7708] RAX: ffffffffffffffda RBX: 00007fb133335f80 RCX: 00007fb13317e719
[  146.365548][ T7708] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  146.373535][ T7708] RBP: 00007fb134063090 R08: 0000000000000000 R09: 0000000000000000
[  146.381520][ T7708] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000001
[  146.389508][ T7708] R13: 0000000000000000 R14: 00007fb133335f80 R15: 00007ffc35073628
[  146.397515][ T7708]  </TASK>
[  146.673481][ T7731] FAULT_INJECTION: forcing a failure.
[  146.673481][ T7731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.734152][ T7731] CPU: 0 UID: 0 PID: 7731 Comm: syz.3.469 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  146.744817][ T7731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  146.754930][ T7731] Call Trace:
[  146.758223][ T7731]  <TASK>
[  146.761168][ T7731]  dump_stack_lvl+0x241/0x360
[  146.765868][ T7731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.771085][ T7731]  ? __pfx__printk+0x10/0x10
[  146.775699][ T7731]  should_fail_ex+0x3b0/0x4e0
[  146.780394][ T7731]  _copy_from_user+0x2f/0xc0
[  146.785022][ T7731]  bpf_test_init+0x11f/0x180
[  146.789647][ T7731]  bpf_prog_test_run_skb+0x2bb/0x1820
[  146.795130][ T7731]  ? __pfx_lock_release+0x10/0x10
[  146.800231][ T7731]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  146.806068][ T7731]  ? fput+0x1a8/0x230
[  146.810073][ T7731]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  146.815905][ T7731]  bpf_prog_test_run+0x2e4/0x360
[  146.820866][ T7731]  __sys_bpf+0x48d/0x810
[  146.825129][ T7731]  ? __pfx___sys_bpf+0x10/0x10
[  146.829920][ T7731]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  146.835937][ T7731]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.842290][ T7731]  ? do_syscall_64+0x100/0x230
[  146.847077][ T7731]  __x64_sys_bpf+0x7c/0x90
[  146.851514][ T7731]  do_syscall_64+0xf3/0x230
[  146.856033][ T7731]  ? clear_bhb_loop+0x35/0x90
[  146.860734][ T7731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.866669][ T7731] RIP: 0033:0x7fb13317e719
[  146.871099][ T7731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.890720][ T7731] RSP: 002b:00007fb134063038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  146.899154][ T7731] RAX: ffffffffffffffda RBX: 00007fb133335f80 RCX: 00007fb13317e719
[  146.907151][ T7731] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a
[  146.915137][ T7731] RBP: 00007fb134063090 R08: 0000000000000000 R09: 0000000000000000
[  146.923124][ T7731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.931107][ T7731] R13: 0000000000000000 R14: 00007fb133335f80 R15: 00007ffc35073628
[  146.939105][ T7731]  </TASK>
[  147.416830][ T7756] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  147.676975][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.477'.
[  147.837268][ T7420] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  147.908306][ T7420] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  147.944380][ T7420] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  147.988304][ T7420] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  147.991355][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.4.482'.
[  148.053297][ T7787] pimreg: entered allmulticast mode
[  148.129194][ T7789] tun0: tun_chr_ioctl cmd 21731
[  148.217600][ T7792] batadv0: entered promiscuous mode
[  148.300790][ T7798] FAULT_INJECTION: forcing a failure.
[  148.300790][ T7798] name failslab, interval 1, probability 0, space 0, times 0
[  148.349185][ T7798] CPU: 1 UID: 0 PID: 7798 Comm: syz.1.484 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  148.359864][ T7798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  148.369973][ T7798] Call Trace:
[  148.373289][ T7798]  <TASK>
[  148.376257][ T7798]  dump_stack_lvl+0x241/0x360
[  148.380990][ T7798]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.386243][ T7798]  ? __pfx__printk+0x10/0x10
[  148.390882][ T7798]  ? __kmalloc_noprof+0xb0/0x400
[  148.395883][ T7798]  ? __pfx___might_resched+0x10/0x10
[  148.401225][ T7798]  should_fail_ex+0x3b0/0x4e0
[  148.405945][ T7798]  ? sk_prot_alloc+0xe0/0x210
[  148.410677][ T7798]  should_failslab+0xac/0x100
[  148.415414][ T7798]  ? sk_prot_alloc+0xe0/0x210
[  148.420233][ T7798]  __kmalloc_noprof+0xd8/0x400
[  148.425150][ T7798]  sk_prot_alloc+0xe0/0x210
[  148.429706][ T7798]  ? sk_alloc+0x26/0x370
[  148.434007][ T7798]  sk_alloc+0x38/0x370
[  148.438123][ T7798]  ? bpf_test_init+0x15a/0x180
[  148.442941][ T7798]  ? bpf_ctx_init+0x162/0x1b0
[  148.447675][ T7798]  bpf_prog_test_run_skb+0x3ab/0x1820
[  148.453101][ T7798]  ? __pfx_lock_release+0x10/0x10
[  148.458381][ T7798]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  148.464248][ T7798]  ? fput+0x1a8/0x230
[  148.468279][ T7798]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  148.474224][ T7798]  bpf_prog_test_run+0x2e4/0x360
[  148.479216][ T7798]  __sys_bpf+0x48d/0x810
[  148.483237][ T7420] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.483492][ T7798]  ? __pfx___sys_bpf+0x10/0x10
[  148.494893][ T7798]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  148.500932][ T7798]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  148.507314][ T7798]  ? do_syscall_64+0x100/0x230
[  148.512130][ T7798]  __x64_sys_bpf+0x7c/0x90
[  148.516594][ T7798]  do_syscall_64+0xf3/0x230
[  148.521140][ T7798]  ? clear_bhb_loop+0x35/0x90
[  148.525858][ T7798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.531836][ T7798] RIP: 0033:0x7f9e80b7e719
[  148.536302][ T7798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.555958][ T7798] RSP: 002b:00007f9e819f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.564427][ T7798] RAX: ffffffffffffffda RBX: 00007f9e80d35f80 RCX: 00007f9e80b7e719
[  148.571649][ T7420] 8021q: adding VLAN 0 to HW filter on device team0
[  148.572425][ T7798] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a
[  148.587055][ T7798] RBP: 00007f9e819f7090 R08: 0000000000000000 R09: 0000000000000000
[  148.595073][ T7798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.603092][ T7798] R13: 0000000000000000 R14: 00007f9e80d35f80 R15: 00007ffd0c41dbb8
[  148.611127][ T7798]  </TASK>
[  148.645052][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.652280][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.733206][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.740505][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.361627][ T7420] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.576172][ T7844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.492'.
[  149.599814][ T7842] raw_sendmsg: syz.3.491 forgot to set AF_INET. Fix it!
[  149.622826][ T7420] veth0_vlan: entered promiscuous mode
[  149.655186][ T7420] veth1_vlan: entered promiscuous mode
[  149.737815][ T7849] netlink: 'syz.1.494': attribute type 2 has an invalid length.
[  149.752143][ T7420] veth0_macvtap: entered promiscuous mode
[  149.808131][ T7420] veth1_macvtap: entered promiscuous mode
[  149.829700][ T7853] netlink: 12 bytes leftover after parsing attributes in process `syz.4.495'.
[  149.947166][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.995703][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.035900][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.068004][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.105647][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.132629][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.172407][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.215792][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.253072][ T7420] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.344359][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.375607][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.404650][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.427020][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.449840][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.480108][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.501358][ T7420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.535475][ T7420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.576495][ T7885] netlink: 'syz.3.499': attribute type 49 has an invalid length.
[  150.579118][ T7420] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.618183][ T7420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.627072][ T7420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.635933][ T7420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.644665][ T7420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.806902][ T3543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.810153][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.814756][ T3543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.842074][ T7895] netlink: 104 bytes leftover after parsing attributes in process `syz.4.502'.
[  150.860338][ T7891] netlink: 104 bytes leftover after parsing attributes in process `syz.2.500'.
[  150.878082][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.244215][ T7913] netlink: 'syz.2.504': attribute type 2 has an invalid length.
[  151.274228][ T7911] pimreg: left allmulticast mode
[  151.569463][ T7926] netlink: 4 bytes leftover after parsing attributes in process `syz.4.508'.
[  151.588641][ T7927] netlink: 4 bytes leftover after parsing attributes in process `syz.4.508'.
[  151.701283][ T7926] netlink: 12 bytes leftover after parsing attributes in process `syz.4.508'.
[  151.725697][ T7927] netlink: 12 bytes leftover after parsing attributes in process `syz.4.508'.
[  151.841547][ T3266] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.995978][ T7939] netlink: 'syz.2.512': attribute type 21 has an invalid length.
[  152.015722][ T7939] netlink: 'syz.2.512': attribute type 6 has an invalid length.
[  152.178396][ T3266] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.421319][ T7967] netlink: 'syz.4.516': attribute type 1 has an invalid length.
[  152.431329][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  152.440464][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  152.452423][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  152.466339][ T7967] netlink: 'syz.4.516': attribute type 2 has an invalid length.
[  152.474856][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  152.490361][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  152.491367][ T7961] netlink: 'syz.4.516': attribute type 1 has an invalid length.
[  152.519049][ T7961] netlink: 'syz.4.516': attribute type 2 has an invalid length.
[  152.537867][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  152.561156][ T7973] netlink: 'syz.2.517': attribute type 4 has an invalid length.
[  152.600867][ T3266] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.663057][ T7981] Cannot find add_set index 2 as target
[  152.904283][ T3266] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.699650][ T7965] chnl_net:caif_netlink_parms(): no params data found
[  153.861557][ T3266] bridge_slave_1: left allmulticast mode
[  153.870321][ T3266] bridge_slave_1: left promiscuous mode
[  153.884538][ T3266] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.918813][ T3266] bridge_slave_0: left allmulticast mode
[  153.929284][ T3266] bridge_slave_0: left promiscuous mode
[  153.978612][ T8045] FAULT_INJECTION: forcing a failure.
[  153.978612][ T8045] name failslab, interval 1, probability 0, space 0, times 0
[  153.991747][ T3266] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.036552][ T8045] CPU: 0 UID: 0 PID: 8045 Comm: syz.2.530 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  154.047227][ T8045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  154.057322][ T8045] Call Trace:
[  154.060648][ T8045]  <TASK>
[  154.063614][ T8045]  dump_stack_lvl+0x241/0x360
[  154.068358][ T8045]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.073605][ T8045]  ? __pfx__printk+0x10/0x10
[  154.078241][ T8045]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  154.084274][ T8045]  ? __pfx___might_resched+0x10/0x10
[  154.089619][ T8045]  should_fail_ex+0x3b0/0x4e0
[  154.094354][ T8045]  should_failslab+0xac/0x100
[  154.099092][ T8045]  ? __alloc_skb+0x1c3/0x440
[  154.103726][ T8045]  kmem_cache_alloc_node_noprof+0x71/0x320
[  154.109593][ T8045]  __alloc_skb+0x1c3/0x440
[  154.114036][ T8045]  ? __pfx___alloc_skb+0x10/0x10
[  154.119001][ T8045]  alloc_skb_with_frags+0xc3/0x820
[  154.124143][ T8045]  ? __pfx_lock_release+0x10/0x10
[  154.129204][ T8045]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  154.134786][ T8045]  ? __pfx_lock_release+0x10/0x10
[  154.139829][ T8045]  ? skb_set_owner_w+0x246/0x380
[  154.144788][ T8045]  sock_alloc_send_pskb+0x91a/0xa60
[  154.150007][ T8045]  ? __might_fault+0xc6/0x120
[  154.154723][ T8045]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  154.160463][ T8045]  ? __pfx__copy_from_iter+0x10/0x10
[  154.165774][ T8045]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  154.171180][ T8045]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  154.177187][ T8045]  ? __mutex_trylock_common+0x183/0x2e0
[  154.182744][ T8045]  ? skb_put+0x114/0x1f0
[  154.187006][ T8045]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  154.193006][ T8045]  l2cap_chan_send+0xebd/0x2690
[  154.197887][ T8045]  ? __pfx_l2cap_chan_send+0x10/0x10
[  154.203194][ T8045]  ? do_raw_spin_unlock+0x13c/0x8b0
[  154.208420][ T8045]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  154.213554][ T8045]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  154.219117][ T8045]  __sock_sendmsg+0x221/0x270
[  154.223807][ T8045]  ____sys_sendmsg+0x52a/0x7e0
[  154.228598][ T8045]  ? __pfx_____sys_sendmsg+0x10/0x10
[  154.233902][ T8045]  ? rcu_is_watching+0x15/0xb0
[  154.238675][ T8045]  ? __might_fault+0xaa/0x120
[  154.243388][ T8045]  __sys_sendmmsg+0x3ab/0x730
[  154.248090][ T8045]  ? __pfx___sys_sendmmsg+0x10/0x10
[  154.253315][ T8045]  ? __pfx_lock_release+0x10/0x10
[  154.258359][ T8045]  ? kstrtouint_from_user+0x128/0x190
[  154.263758][ T8045]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  154.269666][ T8045]  ? ksys_write+0x229/0x2b0
[  154.274184][ T8045]  ? __pfx_lock_release+0x10/0x10
[  154.279238][ T8045]  ? vfs_write+0x730/0xd30
[  154.283709][ T8045]  ? __mutex_unlock_slowpath+0x21d/0x750
[  154.289375][ T8045]  ? __fget_files+0x3f3/0x470
[  154.294090][ T8045]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  154.300101][ T8045]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  154.306455][ T8045]  ? do_syscall_64+0x100/0x230
[  154.311238][ T8045]  __x64_sys_sendmmsg+0xa0/0xb0
[  154.316114][ T8045]  do_syscall_64+0xf3/0x230
[  154.320629][ T8045]  ? clear_bhb_loop+0x35/0x90
[  154.325321][ T8045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.331226][ T8045] RIP: 0033:0x7f51a837e719
[  154.335652][ T8045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.355288][ T8045] RSP: 002b:00007f51a90a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  154.363724][ T8045] RAX: ffffffffffffffda RBX: 00007f51a8536058 RCX: 00007f51a837e719
[  154.371707][ T8045] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  154.379698][ T8045] RBP: 00007f51a90a9090 R08: 0000000000000000 R09: 0000000000000000
[  154.387686][ T8045] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000001
[  154.395668][ T8045] R13: 0000000000000000 R14: 00007f51a8536058 R15: 00007ffc5469e078
[  154.403663][ T8045]  </TASK>
[  154.646676][ T5847] Bluetooth: hci1: command tx timeout
[  155.143521][ T8084] __nla_validate_parse: 3 callbacks suppressed
[  155.143557][ T8084] netlink: 4 bytes leftover after parsing attributes in process `syz.4.537'.
[  155.325806][ T3266] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  155.348931][ T3266] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  155.368587][ T3266] bond0 (unregistering): Released all slaves
[  155.531950][ T8096] validate_nla: 1 callbacks suppressed
[  155.531971][ T8096] netlink: 'syz.2.542': attribute type 9 has an invalid length.
[  155.735707][ T7965] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.753242][ T7965] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.774770][ T7965] bridge_slave_0: entered allmulticast mode
[  155.791086][ T7965] bridge_slave_0: entered promiscuous mode
[  155.881943][ T7965] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.907392][ T7965] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.959785][ T7965] bridge_slave_1: entered allmulticast mode
[  155.978700][ T7965] bridge_slave_1: entered promiscuous mode
[  156.499572][ T7965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.676083][ T3266] hsr_slave_0: left promiscuous mode
[  156.725756][ T3266] hsr_slave_1: left promiscuous mode
[  156.737008][ T5847] Bluetooth: hci1: command tx timeout
[  156.752946][ T3266] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.778771][ T3266] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.839853][ T3266] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.867253][ T3266] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.953120][ T3266] veth1_macvtap: left promiscuous mode
[  156.980743][ T3266] veth0_macvtap: left promiscuous mode
[  156.995827][ T3266] veth1_vlan: left promiscuous mode
[  157.016527][ T3266] veth0_vlan: left promiscuous mode
[  157.817516][ T3266] team0 (unregistering): Port device team_slave_1 removed
[  157.866617][ T3266] team0 (unregistering): Port device team_slave_0 removed
[  158.301678][ T7965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.418697][ T8163] netlink: del zone limit has 4 unknown bytes
[  158.428640][ T8163] netlink: 'syz.4.557': attribute type 10 has an invalid length.
[  158.437227][ T8163] netlink: 40 bytes leftover after parsing attributes in process `syz.4.557'.
[  158.516222][ T8166] netlink: 'syz.2.556': attribute type 1 has an invalid length.
[  158.544960][ T8163] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  158.596361][ T7965] team0: Port device team_slave_0 added
[  158.610243][ T7965] team0: Port device team_slave_1 added
[  158.825892][ T5847] Bluetooth: hci1: command tx timeout
[  158.832198][ T7965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.840608][ T7965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.866834][ T7965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.879656][ T7965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.887388][ T7965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.913877][ T7965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.193930][ T7965] hsr_slave_0: entered promiscuous mode
[  159.233626][ T7965] hsr_slave_1: entered promiscuous mode
[  159.267785][ T7965] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.290466][ T7965] Cannot create hsr debugfs directory
[  160.316790][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.1.569'.
[  160.891256][ T5847] Bluetooth: hci1: command tx timeout
[  161.130239][ T7965] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  161.163447][ T7965] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  161.246624][ T7965] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  161.293258][ T7965] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  161.304884][ T8272] netlink: 'syz.3.578': attribute type 3 has an invalid length.
[  161.634323][ T7965] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.797839][ T8290] FAULT_INJECTION: forcing a failure.
[  161.797839][ T8290] name failslab, interval 1, probability 0, space 0, times 0
[  161.843542][ T8290] CPU: 0 UID: 0 PID: 8290 Comm: syz.4.581 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  161.854231][ T8290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  161.864329][ T8290] Call Trace:
[  161.867655][ T8290]  <TASK>
[  161.870626][ T8290]  dump_stack_lvl+0x241/0x360
[  161.875355][ T8290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.880612][ T8290]  ? __pfx__printk+0x10/0x10
[  161.885246][ T8290]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  161.891281][ T8290]  ? __pfx___might_resched+0x10/0x10
[  161.896627][ T8290]  should_fail_ex+0x3b0/0x4e0
[  161.901354][ T8290]  should_failslab+0xac/0x100
[  161.906077][ T8290]  ? __alloc_skb+0x1c3/0x440
[  161.910712][ T8290]  kmem_cache_alloc_node_noprof+0x71/0x320
[  161.916634][ T8290]  __alloc_skb+0x1c3/0x440
[  161.921072][ T8290]  ? __pfx___alloc_skb+0x10/0x10
[  161.926034][ T8290]  alloc_skb_with_frags+0xc3/0x820
[  161.931164][ T8290]  ? __pfx_lock_release+0x10/0x10
[  161.936205][ T8290]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  161.941771][ T8290]  ? __pfx_lock_release+0x10/0x10
[  161.946816][ T8290]  ? skb_set_owner_w+0x246/0x380
[  161.951778][ T8290]  sock_alloc_send_pskb+0x91a/0xa60
[  161.957002][ T8290]  ? __might_fault+0xc6/0x120
[  161.961713][ T8290]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  161.967473][ T8290]  ? __pfx__copy_from_iter+0x10/0x10
[  161.972782][ T8290]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  161.978178][ T8290]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  161.984190][ T8290]  ? __mutex_trylock_common+0x183/0x2e0
[  161.989768][ T8290]  ? skb_put+0x114/0x1f0
[  161.994030][ T8290]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  162.000030][ T8290]  l2cap_chan_send+0xebd/0x2690
[  162.004911][ T8290]  ? __pfx_l2cap_chan_send+0x10/0x10
[  162.010214][ T8290]  ? do_raw_spin_unlock+0x13c/0x8b0
[  162.015437][ T8290]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  162.020485][ T8290]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  162.026045][ T8290]  __sock_sendmsg+0x221/0x270
[  162.030737][ T8290]  ____sys_sendmsg+0x52a/0x7e0
[  162.035531][ T8290]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.040844][ T8290]  ? rcu_is_watching+0x15/0xb0
[  162.045630][ T8290]  ? __might_fault+0xaa/0x120
[  162.050344][ T8290]  __sys_sendmmsg+0x3ab/0x730
[  162.055066][ T8290]  ? __pfx___sys_sendmmsg+0x10/0x10
[  162.060315][ T8290]  ? __pfx_lock_release+0x10/0x10
[  162.065372][ T8290]  ? kstrtouint_from_user+0x128/0x190
[  162.070780][ T8290]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  162.076688][ T8290]  ? ksys_write+0x229/0x2b0
[  162.081203][ T8290]  ? __pfx_lock_release+0x10/0x10
[  162.086251][ T8290]  ? vfs_write+0x730/0xd30
[  162.090680][ T8290]  ? __mutex_unlock_slowpath+0x21d/0x750
[  162.096335][ T8290]  ? __fget_files+0x3f3/0x470
[  162.101038][ T8290]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  162.107037][ T8290]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  162.113410][ T8290]  ? do_syscall_64+0x100/0x230
[  162.118190][ T8290]  __x64_sys_sendmmsg+0xa0/0xb0
[  162.123085][ T8290]  do_syscall_64+0xf3/0x230
[  162.127604][ T8290]  ? clear_bhb_loop+0x35/0x90
[  162.132294][ T8290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.138200][ T8290] RIP: 0033:0x7fe6f3f7e719
[  162.142627][ T8290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.162252][ T8290] RSP: 002b:00007fe6f4d9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  162.170687][ T8290] RAX: ffffffffffffffda RBX: 00007fe6f4136058 RCX: 00007fe6f3f7e719
[  162.178696][ T8290] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  162.186691][ T8290] RBP: 00007fe6f4d9e090 R08: 0000000000000000 R09: 0000000000000000
[  162.194672][ T8290] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  162.202673][ T8290] R13: 0000000000000000 R14: 00007fe6f4136058 R15: 00007ffe00d2fe98
[  162.210671][ T8290]  </TASK>
[  162.620561][ T7965] 8021q: adding VLAN 0 to HW filter on device team0
[  162.754821][ T3543] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.762096][ T3543] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.831006][ T3543] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.838243][ T3543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.894061][ T8315] netlink: 'syz.3.584': attribute type 4 has an invalid length.
[  163.015898][ T8315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.584'.
[  163.023288][ T7965] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  163.080872][ T8318] netlink: 'syz.3.584': attribute type 1 has an invalid length.
[  163.109377][ T7965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  163.122857][ T8318] netlink: 224 bytes leftover after parsing attributes in process `syz.3.584'.
[  163.173562][ T8321] netlink: 4 bytes leftover after parsing attributes in process `syz.2.586'.
[  163.196437][ T8321] vlan0: entered allmulticast mode
[  163.201845][ T8321] bridge_slave_0: entered allmulticast mode
[  163.227079][ T8321] bridge_slave_0: left allmulticast mode
[  163.370135][ T8326] netlink: 104 bytes leftover after parsing attributes in process `syz.1.587'.
[  163.620848][ T7965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.722813][ T7965] veth0_vlan: entered promiscuous mode
[  163.750984][ T8338] netlink: 'syz.4.591': attribute type 1 has an invalid length.
[  163.758518][ T7965] veth1_vlan: entered promiscuous mode
[  163.807371][ T8338] 8021q: adding VLAN 0 to HW filter on device bond3
[  163.889688][ T8349] xt_addrtype: ipv6 does not support BROADCAST matching
[  163.909584][ T8342] 8021q: adding VLAN 0 to HW filter on device batadv2
[  163.922819][ T8342] bond3: (slave batadv2): making interface the new active one
[  163.933059][ T8342] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  163.973953][ T7965] veth0_macvtap: entered promiscuous mode
[  163.983512][ T7965] veth1_macvtap: entered promiscuous mode
[  163.999805][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.010616][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.020814][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.031354][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.041291][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.052094][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.062040][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.072550][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.084006][ T7965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.118834][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.135786][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.166052][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.179489][ T8362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.596'.
[  164.189768][ T8362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.596'.
[  164.196266][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.210790][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.232347][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.245306][ T7965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.257049][ T7965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.268477][ T7965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.312496][ T7965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.355678][ T7965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.375846][ T7965] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.384879][ T7965] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.412088][ T8366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.597'.
[  164.644530][ T8373] netlink: 4 bytes leftover after parsing attributes in process `syz.1.598'.
[  164.652074][ T8372] netlink: 104 bytes leftover after parsing attributes in process `syz.2.599'.
[  164.827704][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.843849][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.887845][ T8378] netlink: 'syz.1.601': attribute type 1 has an invalid length.
[  165.016577][ T8378] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  165.027652][ T3579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.066213][ T3579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.156966][ T8380] Unknown options in mask 1f4
[  165.178486][ T8380] netlink: 'syz.4.603': attribute type 10 has an invalid length.
[  165.226380][ T8400] FAULT_INJECTION: forcing a failure.
[  165.226380][ T8400] name failslab, interval 1, probability 0, space 0, times 0
[  165.260522][ T8380] netdevsim netdevsim4 : entered allmulticast mode
[  165.287417][ T8400] CPU: 1 UID: 0 PID: 8400 Comm: syz.1.606 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  165.298085][ T8400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  165.308190][ T8400] Call Trace:
[  165.311506][ T8400]  <TASK>
[  165.314479][ T8400]  dump_stack_lvl+0x241/0x360
[  165.319212][ T8400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.324474][ T8400]  ? __pfx__printk+0x10/0x10
[  165.329120][ T8400]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  165.335182][ T8400]  ? __pfx___might_resched+0x10/0x10
[  165.340549][ T8400]  should_fail_ex+0x3b0/0x4e0
[  165.345290][ T8400]  should_failslab+0xac/0x100
[  165.350029][ T8400]  ? __alloc_skb+0x1c3/0x440
[  165.354685][ T8400]  kmem_cache_alloc_node_noprof+0x71/0x320
[  165.360609][ T8400]  __alloc_skb+0x1c3/0x440
[  165.365089][ T8400]  ? __pfx___alloc_skb+0x10/0x10
[  165.370105][ T8400]  alloc_skb_with_frags+0xc3/0x820
[  165.375279][ T8400]  ? __pfx_lock_release+0x10/0x10
[  165.380369][ T8400]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  165.385969][ T8400]  ? __pfx_lock_release+0x10/0x10
[  165.391134][ T8400]  ? skb_set_owner_w+0x246/0x380
[  165.396119][ T8400]  sock_alloc_send_pskb+0x91a/0xa60
[  165.401357][ T8400]  ? __might_fault+0xc6/0x120
[  165.406073][ T8400]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  165.411821][ T8400]  ? __pfx__copy_from_iter+0x10/0x10
[  165.417135][ T8400]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  165.422532][ T8400]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  165.428557][ T8400]  ? __mutex_trylock_common+0x183/0x2e0
[  165.434119][ T8400]  ? skb_put+0x114/0x1f0
[  165.438394][ T8400]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  165.444397][ T8400]  l2cap_chan_send+0xebd/0x2690
[  165.449286][ T8400]  ? __pfx_l2cap_chan_send+0x10/0x10
[  165.454591][ T8400]  ? do_raw_spin_unlock+0x13c/0x8b0
[  165.459815][ T8400]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  165.464877][ T8400]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  165.470438][ T8400]  __sock_sendmsg+0x221/0x270
[  165.475131][ T8400]  ____sys_sendmsg+0x52a/0x7e0
[  165.480028][ T8400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.485369][ T8400]  ? rcu_is_watching+0x15/0xb0
[  165.490166][ T8400]  ? __might_fault+0xaa/0x120
[  165.494873][ T8400]  __sys_sendmmsg+0x3ab/0x730
[  165.499579][ T8400]  ? __pfx___sys_sendmmsg+0x10/0x10
[  165.504805][ T8400]  ? __pfx_lock_release+0x10/0x10
[  165.509848][ T8400]  ? kstrtouint_from_user+0x128/0x190
[  165.515260][ T8400]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  165.521168][ T8400]  ? ksys_write+0x229/0x2b0
[  165.525694][ T8400]  ? __pfx_lock_release+0x10/0x10
[  165.530758][ T8400]  ? vfs_write+0x730/0xd30
[  165.535188][ T8400]  ? __mutex_unlock_slowpath+0x21d/0x750
[  165.540845][ T8400]  ? __fget_files+0x3f3/0x470
[  165.545557][ T8400]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  165.551572][ T8400]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  165.557924][ T8400]  ? do_syscall_64+0x100/0x230
[  165.562709][ T8400]  __x64_sys_sendmmsg+0xa0/0xb0
[  165.567582][ T8400]  do_syscall_64+0xf3/0x230
[  165.572097][ T8400]  ? clear_bhb_loop+0x35/0x90
[  165.576787][ T8400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.582691][ T8400] RIP: 0033:0x7f9e80b7e719
[  165.587125][ T8400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.606745][ T8400] RSP: 002b:00007f9e819d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  165.615174][ T8400] RAX: ffffffffffffffda RBX: 00007f9e80d36058 RCX: 00007f9e80b7e719
[  165.623156][ T8400] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  165.631155][ T8400] RBP: 00007f9e819d6090 R08: 0000000000000000 R09: 0000000000000000
[  165.639140][ T8400] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  165.647122][ T8400] R13: 0000000000000000 R14: 00007f9e80d36058 R15: 00007ffd0c41dbb8
[  165.655114][ T8400]  </TASK>
[  165.685993][ T8380] bond0: (slave ): Releasing backup interface
[  166.072091][ T8424] netlink: 'syz.3.613': attribute type 2 has an invalid length.
[  166.199875][ T8432] __nla_validate_parse: 1 callbacks suppressed
[  166.199896][ T8432] netlink: 104 bytes leftover after parsing attributes in process `syz.2.614'.
[  166.594252][ T8441] netlink: 60 bytes leftover after parsing attributes in process `syz.3.618'.
[  166.629555][ T8441] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  167.357375][  T160] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.454396][  T160] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.533730][  T160] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.591173][  T160] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.709631][  T160] bridge_slave_1: left allmulticast mode
[  167.725228][  T160] bridge_slave_1: left promiscuous mode
[  167.734999][  T160] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.756923][  T160] bridge_slave_0: left allmulticast mode
[  167.762634][  T160] bridge_slave_0: left promiscuous mode
[  167.790902][  T160] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.912756][ T8469] xt_TCPMSS: Only works on TCP SYN packets
[  168.116238][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  168.134180][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  168.166202][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  168.195114][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.204651][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  168.214789][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.537739][ T8499] netlink: 12 bytes leftover after parsing attributes in process `syz.4.630'.
[  168.799748][  T160] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.812622][  T160] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.826641][  T160] bond0 (unregistering): Released all slaves
[  168.931294][ T8497] netlink: 44 bytes leftover after parsing attributes in process `syz.4.630'.
[  168.961482][ T8499] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  169.116284][ T8507] netlink: 36 bytes leftover after parsing attributes in process `syz.3.631'.
[  169.652241][ T8533] FAULT_INJECTION: forcing a failure.
[  169.652241][ T8533] name failslab, interval 1, probability 0, space 0, times 0
[  169.699356][ T8533] CPU: 1 UID: 0 PID: 8533 Comm: syz.1.636 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  169.710062][ T8533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  169.720163][ T8533] Call Trace:
[  169.723488][ T8533]  <TASK>
[  169.726459][ T8533]  dump_stack_lvl+0x241/0x360
[  169.731189][ T8533]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.736436][ T8533]  ? __pfx__printk+0x10/0x10
[  169.741063][ T8533]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  169.747089][ T8533]  ? __pfx___might_resched+0x10/0x10
[  169.752427][ T8533]  should_fail_ex+0x3b0/0x4e0
[  169.757154][ T8533]  should_failslab+0xac/0x100
[  169.761887][ T8533]  ? __alloc_skb+0x1c3/0x440
[  169.766523][ T8533]  kmem_cache_alloc_node_noprof+0x71/0x320
[  169.772387][ T8533]  __alloc_skb+0x1c3/0x440
[  169.776861][ T8533]  ? __pfx___alloc_skb+0x10/0x10
[  169.781873][ T8533]  alloc_skb_with_frags+0xc3/0x820
[  169.787041][ T8533]  ? __pfx_lock_release+0x10/0x10
[  169.792122][ T8533]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  169.797729][ T8533]  ? __pfx_lock_release+0x10/0x10
[  169.802811][ T8533]  ? skb_set_owner_w+0x246/0x380
[  169.807807][ T8533]  sock_alloc_send_pskb+0x91a/0xa60
[  169.813064][ T8533]  ? __might_fault+0xc6/0x120
[  169.817821][ T8533]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  169.823635][ T8533]  ? __pfx__copy_from_iter+0x10/0x10
[  169.828986][ T8533]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  169.834433][ T8533]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  169.840470][ T8533]  ? __mutex_trylock_common+0x183/0x2e0
[  169.846065][ T8533]  ? skb_put+0x114/0x1f0
[  169.850368][ T8533]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  169.856406][ T8533]  l2cap_chan_send+0xebd/0x2690
[  169.861328][ T8533]  ? __pfx_l2cap_chan_send+0x10/0x10
[  169.866668][ T8533]  ? do_raw_spin_unlock+0x13c/0x8b0
[  169.871931][ T8533]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  169.877028][ T8533]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  169.882630][ T8533]  __sock_sendmsg+0x221/0x270
[  169.887362][ T8533]  ____sys_sendmsg+0x52a/0x7e0
[  169.892277][ T8533]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.897618][ T8533]  ? rcu_is_watching+0x15/0xb0
[  169.902426][ T8533]  ? __might_fault+0xaa/0x120
[  169.907165][ T8533]  __sys_sendmmsg+0x3ab/0x730
[  169.911910][ T8533]  ? __pfx___sys_sendmmsg+0x10/0x10
[  169.917169][ T8533]  ? __pfx_lock_release+0x10/0x10
[  169.922255][ T8533]  ? kstrtouint_from_user+0x128/0x190
[  169.927700][ T8533]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  169.933643][ T8533]  ? ksys_write+0x229/0x2b0
[  169.938186][ T8533]  ? __pfx_lock_release+0x10/0x10
[  169.943272][ T8533]  ? vfs_write+0x730/0xd30
[  169.947732][ T8533]  ? __mutex_unlock_slowpath+0x21d/0x750
[  169.953419][ T8533]  ? __fget_files+0x3f3/0x470
[  169.958151][ T8533]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  169.964204][ T8533]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  169.970586][ T8533]  ? do_syscall_64+0x100/0x230
[  169.975388][ T8533]  __x64_sys_sendmmsg+0xa0/0xb0
[  169.980308][ T8533]  do_syscall_64+0xf3/0x230
[  169.984862][ T8533]  ? clear_bhb_loop+0x35/0x90
[  169.989594][ T8533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.995532][ T8533] RIP: 0033:0x7f9e80b7e719
[  169.999986][ T8533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.019633][ T8533] RSP: 002b:00007f9e819d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  170.028093][ T8533] RAX: ffffffffffffffda RBX: 00007f9e80d36058 RCX: 00007f9e80b7e719
[  170.036101][ T8533] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  170.044101][ T8533] RBP: 00007f9e819d6090 R08: 0000000000000000 R09: 0000000000000000
[  170.052106][ T8533] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  170.060117][ T8533] R13: 0000000000000000 R14: 00007f9e80d36058 R15: 00007ffd0c41dbb8
[  170.068145][ T8533]  </TASK>
[  170.271993][ T8543] netlink: 244 bytes leftover after parsing attributes in process `syz.3.638'.
[  170.286132][ T8544] netlink: 244 bytes leftover after parsing attributes in process `syz.3.638'.
[  170.302812][   T54] Bluetooth: hci1: command tx timeout
[  170.474986][ T8546] xt_CT: No such helper "netbios-ns"
[  170.484387][  T160] hsr_slave_0: left promiscuous mode
[  170.533310][  T160] hsr_slave_1: left promiscuous mode
[  170.642290][  T160] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.650117][  T160] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.667654][  T160] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.685204][  T160] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.727674][  T160] veth1_macvtap: left promiscuous mode
[  170.739336][  T160] veth0_macvtap: left promiscuous mode
[  170.751264][  T160] veth1_vlan: left promiscuous mode
[  170.763114][  T160] veth0_vlan: left promiscuous mode
[  171.577586][  T160] team0 (unregistering): Port device team_slave_1 removed
[  171.615920][  T160] team0 (unregistering): Port device team_slave_0 removed
[  172.026324][ T8555] bridge5: entered allmulticast mode
[  172.045510][ T8572] netlink: 'syz.3.646': attribute type 21 has an invalid length.
[  172.196616][ T8579] netlink: 48 bytes leftover after parsing attributes in process `syz.3.647'.
[  172.330901][ T8475] chnl_net:caif_netlink_parms(): no params data found
[  172.335702][   T54] Bluetooth: hci1: command tx timeout
[  172.737153][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.768147][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.786686][ T8475] bridge_slave_0: entered allmulticast mode
[  172.793892][ T8475] bridge_slave_0: entered promiscuous mode
[  172.819543][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.842097][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.859609][ T8475] bridge_slave_1: entered allmulticast mode
[  172.867398][ T8475] bridge_slave_1: entered promiscuous mode
[  172.978287][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.017075][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  173.195167][ T8627] netlink: 'syz.4.657': attribute type 10 has an invalid length.
[  173.210923][ T8475] team0: Port device team_slave_0 added
[  173.261656][ T8475] team0: Port device team_slave_1 added
[  173.306521][ T8630] netlink: 'syz.2.658': attribute type 15 has an invalid length.
[  173.335344][ T8627] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.354921][ T8634] netlink: 116 bytes leftover after parsing attributes in process `syz.1.659'.
[  173.395032][ T8627] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.444238][ T8627] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  173.473253][ T8632] netdevsim netdevsim4 : set [1, 1] type 2 family 0 port 20000 - 0
[  173.482022][ T8632] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  173.491397][ T8632] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  173.503199][ T8632] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  173.512775][ T8632] geneve2: entered promiscuous mode
[  173.532787][ T8632] geneve2: entered allmulticast mode
[  173.577679][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.584729][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.656572][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.670401][ T8647] netlink: 20 bytes leftover after parsing attributes in process `syz.2.663'.
[  173.692872][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.709773][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.768999][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.970713][ T8658] FAULT_INJECTION: forcing a failure.
[  173.970713][ T8658] name failslab, interval 1, probability 0, space 0, times 0
[  174.016480][ T8658] CPU: 0 UID: 0 PID: 8658 Comm: syz.4.665 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  174.027143][ T8658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  174.037234][ T8658] Call Trace:
[  174.040529][ T8658]  <TASK>
[  174.043479][ T8658]  dump_stack_lvl+0x241/0x360
[  174.048181][ T8658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.053391][ T8658]  ? __pfx__printk+0x10/0x10
[  174.057992][ T8658]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  174.063991][ T8658]  ? __pfx___might_resched+0x10/0x10
[  174.069304][ T8658]  should_fail_ex+0x3b0/0x4e0
[  174.074002][ T8658]  should_failslab+0xac/0x100
[  174.078696][ T8658]  ? __alloc_skb+0x1c3/0x440
[  174.083313][ T8658]  kmem_cache_alloc_node_noprof+0x71/0x320
[  174.089140][ T8658]  __alloc_skb+0x1c3/0x440
[  174.093575][ T8658]  ? __pfx___alloc_skb+0x10/0x10
[  174.098545][ T8658]  alloc_skb_with_frags+0xc3/0x820
[  174.103710][ T8658]  ? __pfx_lock_release+0x10/0x10
[  174.108779][ T8658]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  174.114349][ T8658]  ? __pfx_lock_release+0x10/0x10
[  174.119390][ T8658]  ? skb_set_owner_w+0x246/0x380
[  174.124348][ T8658]  sock_alloc_send_pskb+0x91a/0xa60
[  174.129565][ T8658]  ? __might_fault+0xc6/0x120
[  174.134280][ T8658]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  174.140023][ T8658]  ? __pfx__copy_from_iter+0x10/0x10
[  174.145343][ T8658]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  174.150741][ T8658]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  174.156742][ T8658]  ? __mutex_trylock_common+0x183/0x2e0
[  174.162304][ T8658]  ? skb_put+0x114/0x1f0
[  174.166564][ T8658]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  174.172571][ T8658]  l2cap_chan_send+0xebd/0x2690
[  174.177459][ T8658]  ? __pfx_l2cap_chan_send+0x10/0x10
[  174.182767][ T8658]  ? do_raw_spin_unlock+0x13c/0x8b0
[  174.187994][ T8658]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  174.193048][ T8658]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  174.198613][ T8658]  __sock_sendmsg+0x221/0x270
[  174.203306][ T8658]  ____sys_sendmsg+0x52a/0x7e0
[  174.208094][ T8658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.213401][ T8658]  ? rcu_is_watching+0x15/0xb0
[  174.218178][ T8658]  ? __might_fault+0xaa/0x120
[  174.222877][ T8658]  __sys_sendmmsg+0x3ab/0x730
[  174.227590][ T8658]  ? __pfx___sys_sendmmsg+0x10/0x10
[  174.232814][ T8658]  ? __pfx_lock_release+0x10/0x10
[  174.237853][ T8658]  ? kstrtouint_from_user+0x128/0x190
[  174.243266][ T8658]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  174.249171][ T8658]  ? ksys_write+0x229/0x2b0
[  174.253683][ T8658]  ? __pfx_lock_release+0x10/0x10
[  174.258745][ T8658]  ? vfs_write+0x730/0xd30
[  174.263172][ T8658]  ? __mutex_unlock_slowpath+0x21d/0x750
[  174.268823][ T8658]  ? __fget_files+0x3f3/0x470
[  174.273530][ T8658]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  174.279539][ T8658]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.285890][ T8658]  ? do_syscall_64+0x100/0x230
[  174.290700][ T8658]  __x64_sys_sendmmsg+0xa0/0xb0
[  174.295580][ T8658]  do_syscall_64+0xf3/0x230
[  174.300091][ T8658]  ? clear_bhb_loop+0x35/0x90
[  174.304780][ T8658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.310691][ T8658] RIP: 0033:0x7fe6f3f7e719
[  174.315132][ T8658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.334777][ T8658] RSP: 002b:00007fe6f4d9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  174.343214][ T8658] RAX: ffffffffffffffda RBX: 00007fe6f4136058 RCX: 00007fe6f3f7e719
[  174.351210][ T8658] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  174.359226][ T8658] RBP: 00007fe6f4d9e090 R08: 0000000000000000 R09: 0000000000000000
[  174.367207][ T8658] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  174.375189][ T8658] R13: 0000000000000000 R14: 00007fe6f4136058 R15: 00007ffe00d2fe98
[  174.383186][ T8658]  </TASK>
[  174.454186][   T54] Bluetooth: hci1: command tx timeout
[  174.541094][ T8475] hsr_slave_0: entered promiscuous mode
[  174.589619][ T8475] hsr_slave_1: entered promiscuous mode
[  174.616218][ T8475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  174.647147][ T8475] Cannot create hsr debugfs directory
[  174.749981][   T29] audit: type=1107 audit(1731604467.179:2): pid=8664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  175.599896][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.4.675'.
[  175.721865][ T8718] pim6reg: entered allmulticast mode
[  175.767520][ T8722] netlink: 12 bytes leftover after parsing attributes in process `syz.3.677'.
[  175.780984][ T8722] netlink: 'syz.3.677': attribute type 10 has an invalid length.
[  175.795109][ T8722] netlink: 55 bytes leftover after parsing attributes in process `syz.3.677'.
[  176.039792][ T8722] team0: Port device virt_wifi0 added
[  176.219794][ T8475] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  176.240779][ T8738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.683'.
[  176.253309][ T8475] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  176.261972][ T8739] netlink: 8 bytes leftover after parsing attributes in process `syz.1.683'.
[  176.286733][ T8738] bridge0: port 1(netdevsim0) entered blocking state
[  176.293812][ T8738] bridge0: port 1(netdevsim0) entered disabled state
[  176.301075][ T8738] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  176.329933][ T8738] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  176.363118][ T8475] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  176.464795][ T8475] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  176.503056][   T54] Bluetooth: hci1: command tx timeout
[  176.641655][ T8746] xt_nfacct: accounting object `syz1' does not exists
[  176.827012][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0
[  176.844137][ T8475] 8021q: adding VLAN 0 to HW filter on device team0
[  176.876136][ T8475] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  176.886661][ T8475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  176.916984][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.924173][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.958979][   T81] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.966262][   T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.050265][ T8761] netlink: 50 bytes leftover after parsing attributes in process `syz.4.690'.
[  177.320643][ T8791] netlink: 12 bytes leftover after parsing attributes in process `syz.4.693'.
[  177.362621][ T8791] netlink: 12 bytes leftover after parsing attributes in process `syz.4.693'.
[  177.578823][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.587511][ T8805] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'.
[  177.696393][ T8810] netlink: 48 bytes leftover after parsing attributes in process `syz.1.696'.
[  178.039135][ T8475] veth0_vlan: entered promiscuous mode
[  178.094334][ T8475] veth1_vlan: entered promiscuous mode
[  178.170475][ T8475] veth0_macvtap: entered promiscuous mode
[  178.210225][ T8475] veth1_macvtap: entered promiscuous mode
[  178.270139][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.299247][ T8836] netlink: 'syz.2.704': attribute type 10 has an invalid length.
[  178.299283][ T8839] netlink: 'syz.2.704': attribute type 10 has an invalid length.
[  178.325171][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.360882][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.394012][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.416654][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.434911][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.457051][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.466169][ T8839] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  178.482141][ T8839] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  178.498748][ T8847] netlink: 'syz.1.706': attribute type 1 has an invalid length.
[  178.512729][ T8839] team0: Port device netdevsim0 added
[  178.517072][ T8847] netlink: 228 bytes leftover after parsing attributes in process `syz.1.706'.
[  178.549086][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.579755][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.591851][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.616813][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.641202][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.669265][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.693984][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.728524][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.756792][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.873756][ T8475] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.893209][ T8475] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.937174][ T8475] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.955989][ T8475] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.977486][ T8872] netlink: 44 bytes leftover after parsing attributes in process `syz.4.710'.
[  179.352399][ T8888] netlink: 5 bytes leftover after parsing attributes in process `syz.1.715'.
[  179.416112][ T3543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.424152][ T3543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.435788][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.443705][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.909168][ T8915] netlink: 104 bytes leftover after parsing attributes in process `syz.3.721'.
[  180.274107][ T8920] netlink: 32 bytes leftover after parsing attributes in process `syz.1.722'.
[  180.632144][   T81] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.002246][   T81] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.207659][ T8964] ieee802154 phy0 wpan0: encryption failed: -22
[  181.323446][   T81] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.396251][ T8975] netlink: 'syz.1.728': attribute type 10 has an invalid length.
[  181.404355][ T8963] netlink: 'syz.3.726': attribute type 21 has an invalid length.
[  181.597276][   T81] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.647585][ T8985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.730'.
[  181.778704][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  181.789596][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  181.812522][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  181.823976][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  181.837053][ T5155] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  181.844612][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  182.108061][ T9008] netlink: 'syz.2.733': attribute type 10 has an invalid length.
[  182.158646][   T81] bridge_slave_1: left allmulticast mode
[  182.164378][   T81] bridge_slave_1: left promiscuous mode
[  182.193862][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.218820][   T81] bridge_slave_0: left allmulticast mode
[  182.246475][   T81] bridge_slave_0: left promiscuous mode
[  182.252375][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.770483][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.782369][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.801110][   T81] bond0 (unregistering): Released all slaves
[  182.817635][ T9008] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  182.829184][ T9008] team0: Port device netdevsim0 removed
[  182.838449][ T9008] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  183.070884][ T9035] __nla_validate_parse: 1 callbacks suppressed
[  183.070904][ T9035] netlink: 52 bytes leftover after parsing attributes in process `syz.2.742'.
[  183.087447][ T9035] netlink: 24 bytes leftover after parsing attributes in process `syz.2.742'.
[  183.272712][ T9047] vlan2: entered promiscuous mode
[  183.279843][ T9047] vlan2: entered allmulticast mode
[  183.296882][ T9047] xfrm0: entered allmulticast mode
[  183.302274][ T9047] xfrm0: entered promiscuous mode
[  183.352155][ T9047] team0: Port device vlan2 added
[  183.376148][   T54] Bluetooth: hci4: command 0x0405 tx timeout
[  183.559084][ T9051] xfrm0: left allmulticast mode
[  183.580669][ T9051] xfrm0: left promiscuous mode
[  183.630906][ T9053] xfrm0: entered allmulticast mode
[  183.655902][ T9053] xfrm0: entered promiscuous mode
[  183.715331][ T9067] xt_time: invalid argument - start or stop time greater than 23:59:59
[  183.877568][   T81] hsr_slave_0: left promiscuous mode
[  183.925790][ T5847] Bluetooth: hci1: command tx timeout
[  183.965988][   T81] hsr_slave_1: left promiscuous mode
[  184.043290][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.053357][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.095195][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.125640][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.238141][   T81] veth1_macvtap: left promiscuous mode
[  184.259831][   T81] veth0_macvtap: left promiscuous mode
[  184.268483][   T81] veth1_vlan: left promiscuous mode
[  184.273840][   T81] veth0_vlan: left promiscuous mode
[  184.340453][ T9085] netlink: 104 bytes leftover after parsing attributes in process `syz.3.751'.
[  184.457348][ T9089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.752'.
[  184.833986][   T81] team0 (unregistering): Port device team_slave_1 removed
[  184.880064][   T81] team0 (unregistering): Port device team_slave_0 removed
[  185.404913][ T8992] chnl_net:caif_netlink_parms(): no params data found
[  185.548966][ T9095] netlink: 56 bytes leftover after parsing attributes in process `syz.1.753'.
[  185.666691][ T9094] bond0: (slave bond_slave_0): Releasing backup interface
[  185.746890][ T9094] bond0: (slave bond_slave_1): Releasing backup interface
[  185.782533][ T9109] netlink: 20 bytes leftover after parsing attributes in process `syz.2.754'.
[  185.843303][ T9094] team_slave_1: left promiscuous mode
[  185.876459][ T9119] netlink: 'syz.4.755': attribute type 1 has an invalid length.
[  185.887892][ T9094] team0: Port device team_slave_1 removed
[  185.904978][ T9094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.916179][ T9121] netlink: 'syz.3.757': attribute type 1 has an invalid length.
[  185.958725][ T9094] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.987895][ T9094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.995364][ T9094] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.015904][ T5847] Bluetooth: hci1: command tx timeout
[  186.079345][ T9094] bond0: (slave netdevsim0): Releasing backup interface
[  186.194063][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.211919][ T8992] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.230527][ T8992] bridge_slave_0: entered allmulticast mode
[  186.247867][ T8992] bridge_slave_0: entered promiscuous mode
[  186.283230][ T9107] team0: Refused to change device type
[  186.396043][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.408298][ T8992] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.416305][ T8992] bridge_slave_1: entered allmulticast mode
[  186.423793][ T8992] bridge_slave_1: entered promiscuous mode
[  186.566990][ T8992] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.619290][ T8992] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.730507][ T8992] team0: Port device team_slave_0 added
[  186.760432][ T8992] team0: Port device team_slave_1 added
[  186.907136][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.917906][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.961552][ T8992] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.988863][ T9135] netlink: 'syz.3.759': attribute type 5 has an invalid length.
[  187.090289][ T8992] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.112126][ T8992] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.180125][ T8992] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.610964][ T8992] hsr_slave_0: entered promiscuous mode
[  187.760199][ T8992] hsr_slave_1: entered promiscuous mode
[  187.786767][ T8992] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.797397][ T8992] Cannot create hsr debugfs directory
[  187.833189][ T9171] netlink: 'syz.1.764': attribute type 6 has an invalid length.
[  187.841429][ T9171] netlink: 'syz.1.764': attribute type 7 has an invalid length.
[  187.849656][ T9171] netlink: 'syz.1.764': attribute type 8 has an invalid length.
[  187.890717][ T9173] netlink: 104 bytes leftover after parsing attributes in process `syz.2.766'.
[  188.092030][ T5847] Bluetooth: hci1: command tx timeout
[  188.169975][ T9186] netlink: 20 bytes leftover after parsing attributes in process `syz.1.768'.
[  188.185484][ T9181] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  188.319103][  T160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.334735][  T160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.394130][ T9193] netlink: 'syz.2.769': attribute type 2 has an invalid length.
[  188.408949][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.770'.
[  188.515758][ T9200] netlink: 8 bytes leftover after parsing attributes in process `syz.2.769'.
[  188.729211][ T9214] netlink: 40 bytes leftover after parsing attributes in process `syz.4.773'.
[  189.248066][ T8992] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  189.324606][ T8992] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  189.329292][ T9242] netlink: 104 bytes leftover after parsing attributes in process `syz.4.779'.
[  189.376555][ T8992] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  189.408377][ T8992] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  189.609147][ T9260] netlink: 84 bytes leftover after parsing attributes in process `syz.4.783'.
[  189.643384][ T9259] netlink: 48 bytes leftover after parsing attributes in process `syz.3.782'.
[  189.709314][ T9264] netlink: 'syz.3.782': attribute type 1 has an invalid length.
[  189.711745][ T8992] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.736207][ T8992] 8021q: adding VLAN 0 to HW filter on device team0
[  189.751137][  T160] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.758398][  T160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.816218][  T160] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.823520][  T160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.841973][ T9272] xt_hashlimit: invalid interval
[  189.956099][ T9264] 8021q: adding VLAN 0 to HW filter on device bond2
[  189.975698][ T9273] netlink: 'syz.2.786': attribute type 12 has an invalid length.
[  190.040566][ T8992] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  190.096685][ T8992] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  190.186000][ T5847] Bluetooth: hci1: command tx timeout
[  190.601476][ T9310] netlink: 104 bytes leftover after parsing attributes in process `syz.2.793'.
[  190.748483][ T8992] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.801907][ T9320] vcan0: tx drop: invalid da for name 0x0000000000000003
[  190.827326][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.1.796'.
[  190.852890][ T8992] veth0_vlan: entered promiscuous mode
[  190.913697][ T8992] veth1_vlan: entered promiscuous mode
[  191.008243][ T8992] veth0_macvtap: entered promiscuous mode
[  191.070170][ T8992] veth1_macvtap: entered promiscuous mode
[  191.120734][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.150301][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.172464][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.193637][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.216768][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.252809][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.295901][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.341686][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.378214][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.415851][ T8992] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  191.460043][ T8992] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.490461][ T8992] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.514024][ T8992] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.544627][ T8992] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.560402][ T8992] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.575257][ T8992] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.783069][ T3579] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.813827][ T3579] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.879903][ T9367] netlink: 'syz.4.807': attribute type 3 has an invalid length.
[  191.888704][ T3543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.917704][ T3543] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.937596][ T9373] netlink: 16 bytes leftover after parsing attributes in process `syz.2.806'.
[  192.332815][ T9380] xt_CT: You must specify a L4 protocol and not use inversions on it
[  192.526608][ T9380] A link change request failed with some changes committed already. Interface vlan2 may have been left with an inconsistent configuration, please check.
[  192.928239][ T3543] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.867707][ T9423] __nla_validate_parse: 2 callbacks suppressed
[  193.867729][ T9423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.819'.
[  193.932576][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  193.965716][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  193.976895][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  193.998581][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  194.008603][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  194.026608][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  194.423018][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.430285][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.359899][ T3543] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.426621][ T9427] netlink: 8 bytes leftover after parsing attributes in process `syz.4.820'.
[  195.507036][ T3543] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.522533][ T9434] netlink: 'syz.3.821': attribute type 1 has an invalid length.
[  195.539781][ T9429] netlink: 8 bytes leftover after parsing attributes in process `syz.4.820'.
[  195.625126][ T3543] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.755785][ T9439] netlink: 'syz.1.822': attribute type 3 has an invalid length.
[  195.764383][ T9439] netlink: 666 bytes leftover after parsing attributes in process `syz.1.822'.
[  195.787378][ T9446] netlink: 20 bytes leftover after parsing attributes in process `syz.4.826'.
[  195.804648][ T9449] netlink: 'syz.2.827': attribute type 10 has an invalid length.
[  195.829622][ T9445] netlink: 8 bytes leftover after parsing attributes in process `syz.4.826'.
[  195.850749][ T9445] nbd: nbd0 already in use
[  195.894934][ T9449] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.903218][ T9449] team0: Device bond0 failed to register rx_handler
[  195.935159][ T9445] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (16)
[  195.989731][ T9446] netlink: 28 bytes leftover after parsing attributes in process `syz.4.826'.
[  195.999130][ T9445] netlink: 28 bytes leftover after parsing attributes in process `syz.4.826'.
[  196.086140][ T5842] Bluetooth: hci1: command tx timeout
[  196.109221][ T9459] netlink: 28 bytes leftover after parsing attributes in process `syz.2.829'.
[  196.213636][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.829'.
[  196.489315][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  196.495606][ T5842] Bluetooth: hci3: command 0x0406 tx timeout
[  196.496105][ T5845] Bluetooth: hci2: command 0x0406 tx timeout
[  196.579675][ T9430] chnl_net:caif_netlink_parms(): no params data found
[  196.849564][ T3543] bridge_slave_1: left allmulticast mode
[  196.871010][ T3543] bridge_slave_1: left promiscuous mode
[  196.895093][ T3543] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.945380][ T3543] bridge_slave_0: left allmulticast mode
[  196.974184][ T3543] bridge_slave_0: left promiscuous mode
[  197.000745][ T3543] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.192774][ T9512] Bluetooth: MGMT ver 1.23
[  197.948399][ T3543] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.960560][ T3543] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.971907][ T3543] bond0 (unregistering): Released all slaves
[  198.018109][ T9504] syz_tun: entered promiscuous mode
[  198.096857][ T9504] syz_tun: left promiscuous mode
[  198.166063][   T54] Bluetooth: hci1: command tx timeout
[  198.324083][ T9544] netlink: 'syz.4.841': attribute type 11 has an invalid length.
[  198.332449][ T9544] netlink: 'syz.4.841': attribute type 11 has an invalid length.
[  198.448934][ T9430] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.464668][ T9430] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.478887][ T9430] bridge_slave_0: entered allmulticast mode
[  198.508127][ T9430] bridge_slave_0: entered promiscuous mode
[  198.527488][ T9430] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.534673][ T9430] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.561853][ T9430] bridge_slave_1: entered allmulticast mode
[  198.575897][ T9430] bridge_slave_1: entered promiscuous mode
[  198.642345][ T9547] netlink: 'syz.1.843': attribute type 21 has an invalid length.
[  198.800450][ T9550] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  198.819030][ T9430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.835585][ T9550] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0
[  198.855376][ T9430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.932116][ T3543] hsr_slave_0: left promiscuous mode
[  198.957879][ T9558] __nla_validate_parse: 2 callbacks suppressed
[  198.957899][ T9558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.847'.
[  198.976094][ T3543] hsr_slave_1: left promiscuous mode
[  198.997185][ T3543] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.015026][ T3543] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.036199][ T3543] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.047137][ T3543] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.100449][ T3543] veth1_macvtap: left promiscuous mode
[  199.106187][ T3543] veth0_macvtap: left promiscuous mode
[  199.112022][ T3543] veth1_vlan: left promiscuous mode
[  199.118022][ T3543] veth0_vlan: left promiscuous mode
[  199.990305][ T3543] team0 (unregistering): Port device team_slave_1 removed
[  200.037616][ T3543] team0 (unregistering): Port device team_slave_0 removed
[  200.245843][   T54] Bluetooth: hci1: command tx timeout
[  200.598584][   T12] bond0: (slave bond_slave_0): interface is now down
[  200.610455][   T12] bond0: (slave bond_slave_1): interface is now down
[  200.619113][   T12] bond0: (slave batadv_slave_0): interface is now down
[  200.688022][   T12] bond0: (slave bond_slave_0): interface is now down
[  200.711875][   T12] bond0: (slave bond_slave_1): interface is now down
[  200.734442][   T12] bond0: (slave batadv_slave_0): interface is now down
[  200.785213][ T9430] team0: Port device team_slave_0 added
[  200.796526][ T9430] team0: Port device team_slave_1 added
[  200.814111][   T81] bond0: (slave bond_slave_0): interface is now down
[  200.821341][   T81] bond0: (slave bond_slave_1): interface is now down
[  200.828657][   T81] bond0: (slave batadv_slave_0): interface is now down
[  200.867008][   T12] bond0: (slave bond_slave_0): interface is now down
[  200.873958][   T12] bond0: (slave bond_slave_1): interface is now down
[  200.889162][   T12] bond0: (slave batadv_slave_0): interface is now down
[  200.936223][   T11] bond0: (slave bond_slave_0): interface is now down
[  200.970957][   T11] bond0: (slave bond_slave_1): interface is now down
[  200.986002][   T11] bond0: (slave batadv_slave_0): interface is now down
[  201.038788][  T160] bond0: (slave bond_slave_0): interface is now down
[  201.056070][  T160] bond0: (slave bond_slave_1): interface is now down
[  201.063065][  T160] bond0: (slave batadv_slave_0): interface is now down
[  201.102998][  T160] bond0: (slave bond_slave_0): interface is now down
[  201.114746][  T160] bond0: (slave bond_slave_1): interface is now down
[  201.135575][  T160] bond0: (slave batadv_slave_0): interface is now down
[  201.158221][ T9430] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.165236][ T9430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.197224][ T3486] bond0: (slave bond_slave_0): interface is now down
[  201.203976][ T3486] bond0: (slave bond_slave_1): interface is now down
[  201.216703][ T9603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.855'.
[  201.225689][ T3486] bond0: (slave batadv_slave_0): interface is now down
[  201.243414][ T9430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.271928][ T3486] bond0: (slave bond_slave_0): interface is now down
[  201.284369][ T3486] bond0: (slave bond_slave_1): interface is now down
[  201.293606][ T9430] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.303373][ T3486] bond0: (slave batadv_slave_0): interface is now down
[  201.312200][ T9430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.346608][   T35] bond0: (slave bond_slave_0): interface is now down
[  201.366994][   T35] bond0: (slave bond_slave_1): interface is now down
[  201.371474][ T9430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.390084][   T35] bond0: (slave batadv_slave_0): interface is now down
[  201.437321][ T3486] bond0: (slave bond_slave_0): interface is now down
[  201.444295][ T3486] bond0: (slave bond_slave_1): interface is now down
[  201.457051][ T3486] bond0: (slave batadv_slave_0): interface is now down
[  201.525909][   T11] bond0: (slave bond_slave_0): interface is now down
[  201.533471][   T11] bond0: (slave bond_slave_1): interface is now down
[  201.541334][   T11] bond0: (slave batadv_slave_0): interface is now down
[  201.577229][ T9430] hsr_slave_0: entered promiscuous mode
[  201.590032][  T160] bond0: (slave bond_slave_0): interface is now down
[  201.600300][  T160] bond0: (slave bond_slave_1): interface is now down
[  201.632347][  T160] bond0: (slave batadv_slave_0): interface is now down
[  201.650291][ T9430] hsr_slave_1: entered promiscuous mode
[  201.672205][ T9430] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.686210][   T12] bond0: (slave bond_slave_0): interface is now down
[  201.693195][   T12] bond0: (slave bond_slave_1): interface is now down
[  201.708906][ T9430] Cannot create hsr debugfs directory
[  201.714575][   T12] bond0: (slave batadv_slave_0): interface is now down
[  201.721922][ T9622] FAULT_INJECTION: forcing a failure.
[  201.721922][ T9622] name failslab, interval 1, probability 0, space 0, times 0
[  201.746112][   T35] bond0: (slave bond_slave_0): interface is now down
[  201.752886][   T35] bond0: (slave bond_slave_1): interface is now down
[  201.784012][ T9622] CPU: 0 UID: 0 PID: 9622 Comm: syz.3.858 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  201.793816][   T35] bond0: (slave batadv_slave_0): interface is now down
[  201.794653][ T9622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  201.811612][ T9622] Call Trace:
[  201.814928][ T9622]  <TASK>
[  201.817904][ T9622]  dump_stack_lvl+0x241/0x360
[  201.822645][ T9622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.827891][ T9622]  ? __pfx__printk+0x10/0x10
[  201.832526][ T9622]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  201.836500][ T3486] bond0: (slave bond_slave_0): interface is now down
[  201.838557][ T9622]  ? __pfx___might_resched+0x10/0x10
[  201.838609][ T9622]  should_fail_ex+0x3b0/0x4e0
[  201.851329][ T3486] bond0: (slave bond_slave_1): interface is now down
[  201.855234][ T9622]  should_failslab+0xac/0x100
[  201.855271][ T9622]  ? __alloc_skb+0x1c3/0x440
[  201.863506][ T3486] bond0: (slave batadv_slave_0): interface is now down
[  201.866605][ T9622]  kmem_cache_alloc_node_noprof+0x71/0x320
[  201.866648][ T9622]  __alloc_skb+0x1c3/0x440
[  201.866684][ T9622]  ? __pfx___alloc_skb+0x10/0x10
[  201.891152][   T81] bond0: (slave bond_slave_0): interface is now down
[  201.893351][ T9622]  alloc_skb_with_frags+0xc3/0x820
[  201.893394][ T9622]  ? __pfx_lock_release+0x10/0x10
[  201.893429][ T9622]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  201.907128][   T81] bond0: (slave bond_slave_1): interface is now down
[  201.910252][ T9622]  ? __pfx_lock_release+0x10/0x10
[  201.910294][ T9622]  ? skb_set_owner_w+0x246/0x380
[  201.924063][   T81] bond0: (slave batadv_slave_0): interface is now down
[  201.927598][ T9622]  sock_alloc_send_pskb+0x91a/0xa60
[  201.927642][ T9622]  ? __might_fault+0xc6/0x120
[  201.927696][ T9622]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  201.936987][   T11] bond0: (slave bond_slave_0): interface is now down
[  201.939502][ T9622]  ? __pfx__copy_from_iter+0x10/0x10
[  201.939555][ T9622]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  201.947059][   T11] bond0: (slave bond_slave_1): interface is now down
[  201.949407][ T9622]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  201.965573][   T11] bond0: (slave batadv_slave_0): interface is now down
[  201.967117][ T9622]  ? __mutex_trylock_common+0x183/0x2e0
[  201.967153][ T9622]  ? skb_put+0x114/0x1f0
[  201.967186][ T9622]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  201.987116][   T11] bond0: (slave bond_slave_0): interface is now down
[  201.992082][ T9622]  l2cap_chan_send+0xebd/0x2690
[  201.992131][ T9622]  ? __pfx_l2cap_chan_send+0x10/0x10
[  201.992160][ T9622]  ? do_raw_spin_unlock+0x13c/0x8b0
[  201.992199][ T9622]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  201.992234][ T9622]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  201.992263][ T9622]  __sock_sendmsg+0x221/0x270
[  201.992294][ T9622]  ____sys_sendmsg+0x52a/0x7e0
[  201.992335][ T9622]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.992372][ T9622]  ? rcu_is_watching+0x15/0xb0
[  201.992399][ T9622]  ? __might_fault+0xaa/0x120
[  201.992439][ T9622]  __sys_sendmmsg+0x3ab/0x730
[  201.992481][ T9622]  ? __pfx___sys_sendmmsg+0x10/0x10
[  201.992527][ T9622]  ? __pfx_lock_release+0x10/0x10
[  201.992558][ T9622]  ? kstrtouint_from_user+0x128/0x190
[  201.992616][ T9622]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  201.992643][ T9622]  ? ksys_write+0x229/0x2b0
[  201.992664][ T9622]  ? __pfx_lock_release+0x10/0x10
[  201.992703][ T9622]  ? vfs_write+0x730/0xd30
[  201.992731][ T9622]  ? __mutex_unlock_slowpath+0x21d/0x750
[  201.992767][ T9622]  ? __fget_files+0x3f3/0x470
[  201.992807][ T9622]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  201.992844][ T9622]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  201.992880][ T9622]  ? do_syscall_64+0x100/0x230
[  201.992908][ T9622]  __x64_sys_sendmmsg+0xa0/0xb0
[  201.992944][ T9622]  do_syscall_64+0xf3/0x230
[  201.992968][ T9622]  ? clear_bhb_loop+0x35/0x90
[  201.992997][ T9622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.003345][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.008794][ T9622] RIP: 0033:0x7fb13317e719
[  202.008833][ T9622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.008852][ T9622] RSP: 002b:00007fb134042038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  202.008879][ T9622] RAX: ffffffffffffffda RBX: 00007fb133336058 RCX: 00007fb13317e719
[  202.008897][ T9622] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  202.008912][ T9622] RBP: 00007fb134042090 R08: 0000000000000000 R09: 0000000000000000
[  202.008928][ T9622] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  202.033348][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.035973][ T9622] R13: 0000000000000000 R14: 00007fb133336058 R15: 00007ffc35073628
[  202.036011][ T9622]  </TASK>
[  202.057172][ T9628] netlink: 'syz.1.861': attribute type 1 has an invalid length.
[  202.301106][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.319400][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.326086][   T54] Bluetooth: hci1: command tx timeout
[  202.360134][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.430812][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.465491][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.486314][ T9640] netlink: 'syz.4.863': attribute type 10 has an invalid length.
[  202.492672][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.555650][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.562507][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.605821][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.654939][ T9646] netlink: 'syz.4.864': attribute type 3 has an invalid length.
[  202.662900][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.685906][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.698929][ T9646] Bluetooth: MGMT ver 1.23
[  202.708832][ T9650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.865'.
[  202.718561][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.735779][ T9650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.865'.
[  202.767547][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.776674][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.787323][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.837444][   T11] bond0: (slave bond_slave_0): interface is now down
[  202.852974][   T11] bond0: (slave bond_slave_1): interface is now down
[  202.863904][   T11] bond0: (slave batadv_slave_0): interface is now down
[  202.896532][   T81] bond0: (slave bond_slave_0): interface is now down
[  202.903300][   T81] bond0: (slave bond_slave_1): interface is now down
[  202.910933][   T81] bond0: (slave batadv_slave_0): interface is now down
[  202.965765][   T81] bond0: (slave bond_slave_0): interface is now down
[  202.972526][   T81] bond0: (slave bond_slave_1): interface is now down
[  202.997736][   T81] bond0: (slave batadv_slave_0): interface is now down
[  203.045630][   T81] bond0: (slave bond_slave_0): interface is now down
[  203.052392][   T81] bond0: (slave bond_slave_1): interface is now down
[  203.104325][   T81] bond0: (slave batadv_slave_0): interface is now down
[  203.166765][   T81] bond0: (slave bond_slave_0): interface is now down
[  203.173645][   T81] bond0: (slave bond_slave_1): interface is now down
[  203.210678][   T81] bond0: (slave batadv_slave_0): interface is now down
[  203.261579][   T81] bond0: (slave bond_slave_0): interface is now down
[  203.270396][   T81] bond0: (slave bond_slave_1): interface is now down
[  203.285172][   T81] bond0: (slave batadv_slave_0): interface is now down
[  203.333397][   T35] bond0: (slave bond_slave_0): interface is now down
[  203.344348][   T35] bond0: (slave bond_slave_1): interface is now down
[  203.363930][   T35] bond0: (slave batadv_slave_0): interface is now down
[  203.407354][ T3543] bond0: (slave bond_slave_0): interface is now down
[  203.414152][ T3543] bond0: (slave bond_slave_1): interface is now down
[  203.431689][ T3543] bond0: (slave batadv_slave_0): interface is now down
[  203.489830][   T35] bond0: (slave bond_slave_0): interface is now down
[  203.519390][   T35] bond0: (slave bond_slave_1): interface is now down
[  203.531693][   T35] bond0: (slave batadv_slave_0): interface is now down
[  203.586272][ T3486] bond0: (slave bond_slave_0): interface is now down
[  203.593241][ T3486] bond0: (slave bond_slave_1): interface is now down
[  203.608886][ T3486] bond0: (slave batadv_slave_0): interface is now down
[  203.629926][ T9685] xt_TCPMSS: Only works on TCP SYN packets
[  203.656280][   T35] bond0: (slave bond_slave_0): interface is now down
[  203.663128][   T35] bond0: (slave bond_slave_1): interface is now down
[  203.675154][   T35] bond0: (slave batadv_slave_0): interface is now down
[  203.717257][   T11] bond0: (slave bond_slave_0): interface is now down
[  203.740740][   T11] bond0: (slave bond_slave_1): interface is now down
[  203.776757][   T11] bond0: (slave batadv_slave_0): interface is now down
[  203.825570][   T11] bond0: (slave bond_slave_0): interface is now down
[  203.855237][   T11] bond0: (slave bond_slave_1): interface is now down
[  203.883165][   T11] bond0: (slave batadv_slave_0): interface is now down
[  203.911702][   T11] bond0: now running without any active interface!
[  203.949303][ T9430] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  203.967968][ T9430] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  204.071909][ T9430] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  204.248834][ T9705] netlink: 20 bytes leftover after parsing attributes in process `syz.4.879'.
[  204.256577][ T9430] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  204.283784][ T9707] netlink: 'syz.1.880': attribute type 2 has an invalid length.
[  204.498455][ T9713] netem: unknown loss type 0
[  204.503538][ T9713] netem: change failed
[  204.591631][ T9716] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  204.690294][ T9430] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.885163][ T9430] 8021q: adding VLAN 0 to HW filter on device team0
[  204.973189][ T9430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  204.990723][ T9430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  205.061884][ T9738] netlink: 112 bytes leftover after parsing attributes in process `syz.2.886'.
[  205.072214][ T9738] netlink: 48 bytes leftover after parsing attributes in process `syz.2.886'.
[  205.325359][ T3486] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.332626][ T3486] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.342381][ T3486] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.349600][ T3486] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.567201][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.890'.
[  205.599922][ T9757] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'.
[  205.644618][ T9762] FAULT_INJECTION: forcing a failure.
[  205.644618][ T9762] name failslab, interval 1, probability 0, space 0, times 0
[  205.674497][ T9762] CPU: 1 UID: 0 PID: 9762 Comm: syz.4.889 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  205.685166][ T9762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  205.695264][ T9762] Call Trace:
[  205.698576][ T9762]  <TASK>
[  205.701542][ T9762]  dump_stack_lvl+0x241/0x360
[  205.706315][ T9762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.711565][ T9762]  ? __pfx__printk+0x10/0x10
[  205.716211][ T9762]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  205.722255][ T9762]  ? __pfx___might_resched+0x10/0x10
[  205.727682][ T9762]  should_fail_ex+0x3b0/0x4e0
[  205.732395][ T9762]  should_failslab+0xac/0x100
[  205.737112][ T9762]  ? __alloc_skb+0x1c3/0x440
[  205.741750][ T9762]  kmem_cache_alloc_node_noprof+0x71/0x320
[  205.747618][ T9762]  __alloc_skb+0x1c3/0x440
[  205.752088][ T9762]  ? __pfx___alloc_skb+0x10/0x10
[  205.757079][ T9762]  alloc_skb_with_frags+0xc3/0x820
[  205.762246][ T9762]  ? __pfx_lock_release+0x10/0x10
[  205.767320][ T9762]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  205.772911][ T9762]  ? __pfx_lock_release+0x10/0x10
[  205.777981][ T9762]  ? skb_set_owner_w+0x246/0x380
[  205.782971][ T9762]  sock_alloc_send_pskb+0x91a/0xa60
[  205.788220][ T9762]  ? __might_fault+0xc6/0x120
[  205.792965][ T9762]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  205.798741][ T9762]  ? __pfx__copy_from_iter+0x10/0x10
[  205.804100][ T9762]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  205.809542][ T9762]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  205.815581][ T9762]  ? __mutex_trylock_common+0x183/0x2e0
[  205.821162][ T9762]  ? skb_put+0x114/0x1f0
[  205.825454][ T9762]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  205.831478][ T9762]  l2cap_chan_send+0xebd/0x2690
[  205.836402][ T9762]  ? __pfx_l2cap_chan_send+0x10/0x10
[  205.841730][ T9762]  ? do_raw_spin_unlock+0x13c/0x8b0
[  205.847001][ T9762]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  205.852075][ T9762]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  205.857674][ T9762]  __sock_sendmsg+0x221/0x270
[  205.862400][ T9762]  ____sys_sendmsg+0x52a/0x7e0
[  205.867236][ T9762]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.872563][ T9762]  ? rcu_is_watching+0x15/0xb0
[  205.877397][ T9762]  ? __might_fault+0xaa/0x120
[  205.882150][ T9762]  __sys_sendmmsg+0x3ab/0x730
[  205.886888][ T9762]  ? __pfx___sys_sendmmsg+0x10/0x10
[  205.892152][ T9762]  ? __pfx_lock_release+0x10/0x10
[  205.897219][ T9762]  ? kstrtouint_from_user+0x128/0x190
[  205.902658][ T9762]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  205.908603][ T9762]  ? ksys_write+0x229/0x2b0
[  205.913148][ T9762]  ? __pfx_lock_release+0x10/0x10
[  205.918233][ T9762]  ? vfs_write+0x730/0xd30
[  205.922730][ T9762]  ? __mutex_unlock_slowpath+0x21d/0x750
[  205.928415][ T9762]  ? __fget_files+0x3f3/0x470
[  205.933152][ T9762]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  205.939186][ T9762]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  205.945559][ T9762]  ? do_syscall_64+0x100/0x230
[  205.950374][ T9762]  __x64_sys_sendmmsg+0xa0/0xb0
[  205.955286][ T9762]  do_syscall_64+0xf3/0x230
[  205.959853][ T9762]  ? clear_bhb_loop+0x35/0x90
[  205.964573][ T9762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.970498][ T9762] RIP: 0033:0x7fe6f3f7e719
[  205.974949][ T9762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.994598][ T9762] RSP: 002b:00007fe6f4d9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  206.003067][ T9762] RAX: ffffffffffffffda RBX: 00007fe6f4136058 RCX: 00007fe6f3f7e719
[  206.011093][ T9762] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  206.019112][ T9762] RBP: 00007fe6f4d9e090 R08: 0000000000000000 R09: 0000000000000000
[  206.027149][ T9762] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  206.035162][ T9762] R13: 0000000000000000 R14: 00007fe6f4136058 R15: 00007ffe00d2fe98
[  206.043197][ T9762]  </TASK>
[  206.457523][ T9430] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.685280][ T9430] veth0_vlan: entered promiscuous mode
[  206.725308][ T9793] netlink: 48 bytes leftover after parsing attributes in process `syz.1.897'.
[  206.862543][ T9430] veth1_vlan: entered promiscuous mode
[  206.894963][ T9800] team0: Refused to change device type
[  206.907704][ T9800] netlink: 20 bytes leftover after parsing attributes in process `syz.2.899'.
[  206.993958][ T9430] veth0_macvtap: entered promiscuous mode
[  207.000551][ T9803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.898'.
[  207.017969][ T9430] veth1_macvtap: entered promiscuous mode
[  207.068825][ T9430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.081559][ T9430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.100696][ T9430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.112984][ T9430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.125161][ T9430] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.774189][ T9803] team0 (unregistering): left promiscuous mode
[  207.819521][ T9803] xfrm0: left allmulticast mode
[  207.824686][ T9803] xfrm0: left promiscuous mode
[  207.863241][ T9803] team0 (unregistering): Port device vlan2 removed
[  207.986061][ T9825] team_slave_1: entered allmulticast mode
[  208.018674][ T9430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  208.040280][ T9430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.060966][ T9430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  208.081819][ T9430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.102381][ T9430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  208.120398][ T9430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.153972][ T9430] batman_adv: batadv0: Interface activated: batadv_slave_1
[  208.414714][ T9430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.475768][ T9430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  208.484536][ T9430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.535551][ T9430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.547791][ T9853] netlink: 8 bytes leftover after parsing attributes in process `syz.1.903'.
[  209.203331][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.2.908'.
[  209.316683][  T160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.324581][  T160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  209.412499][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  209.429831][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.629255][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.754860][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.837026][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.955250][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.116161][   T11] bridge_slave_1: left allmulticast mode
[  211.121900][   T11] bridge_slave_1: left promiscuous mode
[  211.128445][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.150803][   T11] bridge_slave_0: left allmulticast mode
[  211.163694][   T11] bridge_slave_0: left promiscuous mode
[  211.170035][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.804816][ T9984] trusted_key: syz.3.925 sent an empty control message without MSG_MORE.
[  212.007714][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  212.024156][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  212.034126][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  212.067779][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  212.091175][ T5155] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  212.107339][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  212.188915][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.209575][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.229533][   T11] bond0 (unregistering): Released all slaves
[  212.486721][T10014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.935'.
[  212.628708][T10011] dvmrp0: left allmulticast mode
[  212.700282][T10018] lo: entered allmulticast mode
[  212.713200][T10018] tunl0: entered allmulticast mode
[  212.724653][T10018] gre0: entered allmulticast mode
[  212.738395][T10018] gretap0: entered allmulticast mode
[  212.757808][T10018] erspan0: entered allmulticast mode
[  212.787770][T10018] ip_vti0: entered allmulticast mode
[  212.798900][T10018] ip6_vti0: entered allmulticast mode
[  212.808636][T10018] sit0: entered allmulticast mode
[  212.828287][T10018] ip6tnl0: entered allmulticast mode
[  212.842484][T10018] ip6gre0: entered allmulticast mode
[  212.873537][T10018] syz_tun: entered allmulticast mode
[  212.898522][T10018] ip6gretap0: entered allmulticast mode
[  212.919633][T10018] vcan0: entered allmulticast mode
[  212.938235][T10018] bond0: entered allmulticast mode
[  212.943644][T10018] bond_slave_0: entered allmulticast mode
[  212.960157][T10018] bond_slave_1: entered allmulticast mode
[  212.973112][T10018] batadv_slave_0: entered allmulticast mode
[  213.005509][T10018] team0: entered allmulticast mode
[  213.010956][T10018] team_slave_0: entered allmulticast mode
[  213.021624][T10018] dummy0: entered allmulticast mode
[  213.030762][T10018] nlmon0: entered allmulticast mode
[  213.039449][T10018] caif0: entered allmulticast mode
[  213.044759][T10018] batadv0: left promiscuous mode
[  213.051438][T10018] batadv0: entered allmulticast mode
[  213.058304][T10018] vxcan0: entered allmulticast mode
[  213.064985][T10018] vxcan1: entered allmulticast mode
[  213.079729][T10018] veth0: entered allmulticast mode
[  213.088788][T10018] veth1: entered allmulticast mode
[  213.098608][T10018] wg0: entered allmulticast mode
[  213.107778][T10018] wg1: entered allmulticast mode
[  213.119733][T10018] wg2: entered allmulticast mode
[  213.131674][T10018] veth0_to_bridge: entered allmulticast mode
[  213.141400][T10018] bridge_slave_0: entered allmulticast mode
[  213.153957][T10018] veth1_to_bridge: entered allmulticast mode
[  213.170970][T10018] veth0_to_bond: entered allmulticast mode
[  213.185232][T10018] veth1_to_bond: entered allmulticast mode
[  213.197850][T10018] veth0_to_team: entered allmulticast mode
[  213.211488][T10018] veth1_to_team: entered allmulticast mode
[  213.221340][T10018] veth0_to_batadv: entered allmulticast mode
[  213.239687][T10018] veth1_to_batadv: entered allmulticast mode
[  213.249633][T10018] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.259565][T10018] batadv_slave_1: entered allmulticast mode
[  213.271198][T10018] xfrm0: left promiscuous mode
[  213.281683][T10018] veth0_to_hsr: entered allmulticast mode
[  213.292132][T10018] hsr_slave_0: entered allmulticast mode
[  213.303357][T10018] veth1_to_hsr: entered allmulticast mode
[  213.312304][T10018] hsr_slave_1: entered allmulticast mode
[  213.330466][T10018] hsr0: entered allmulticast mode
[  213.339655][T10018] veth1_virt_wifi: entered allmulticast mode
[  213.355800][T10018] veth0_virt_wifi: entered allmulticast mode
[  213.366939][T10018] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  213.383747][T10018] veth1_vlan: entered allmulticast mode
[  213.392990][T10018] veth0_vlan: entered allmulticast mode
[  213.409976][T10018] vlan0: entered allmulticast mode
[  213.415221][T10018] vlan1: entered allmulticast mode
[  213.421604][T10018] macvlan0: entered allmulticast mode
[  213.433637][T10018] macvlan1: entered allmulticast mode
[  213.445044][T10018] ipvlan0: entered allmulticast mode
[  213.451159][T10018] ipvlan1: entered allmulticast mode
[  213.457815][T10018] veth1_macvtap: entered allmulticast mode
[  213.464947][T10018] veth0_macvtap: entered allmulticast mode
[  213.474949][T10018] macvtap0: entered allmulticast mode
[  213.483027][T10018] macsec0: entered allmulticast mode
[  213.492060][T10018] geneve0: entered allmulticast mode
[  213.501219][T10018] netdevsim netdevsim4 : unset [1, 0] type 2 family 0 port 6081 - 0
[  213.509875][T10018] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.519265][T10018] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.529175][T10018] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.539247][T10018] geneve1: entered allmulticast mode
[  213.548933][T10018] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[  213.558821][T10018] netdevsim netdevsim4 netdevsim2: entered allmulticast mode
[  213.569923][T10018] netdevsim netdevsim4 netdevsim3: entered allmulticast mode
[  213.592123][T10018] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  213.609093][T10018] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  213.619415][T10018] bridge1: entered allmulticast mode
[  213.624932][T10018] macvlan2: entered allmulticast mode
[  213.631332][T10018] bond1: entered allmulticast mode
[  213.638405][T10018] sit1: entered allmulticast mode
[  213.646183][T10018] ip6tnl1: entered allmulticast mode
[  213.651951][T10018] bond2: entered allmulticast mode
[  213.657347][T10018] batadv1: entered allmulticast mode
[  213.665376][T10018] bridge0: entered allmulticast mode
[  213.671859][T10018] bridge2: entered allmulticast mode
[  213.679727][T10018] bridge3: entered allmulticast mode
[  213.685286][T10018] vlan2: left promiscuous mode
[  213.693047][T10018] bridge4: entered allmulticast mode
[  213.706391][T10018] bond3: entered allmulticast mode
[  213.711667][T10018] batadv2: entered allmulticast mode
[  213.722105][T10018] netdevsim netdevsim4 : unset [1, 1] type 2 family 0 port 20000 - 0
[  213.730399][T10018] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  213.739616][T10018] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  213.749290][T10018] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  213.759282][T10018] geneve2: left promiscuous mode
[  213.885305][T10028] erspan1: entered promiscuous mode
[  213.890795][T10028] erspan1: entered allmulticast mode
[  213.951766][T10045] netlink: 6 bytes leftover after parsing attributes in process `syz.3.937'.
[  213.977698][T10045] netlink: 24 bytes leftover after parsing attributes in process `syz.3.937'.
[  214.082243][ T9989] chnl_net:caif_netlink_parms(): no params data found
[  214.166933][   T54] Bluetooth: hci1: command tx timeout
[  214.276082][T10063] netlink: 32 bytes leftover after parsing attributes in process `syz.4.940'.
[  214.320221][T10065] netlink: 104 bytes leftover after parsing attributes in process `syz.3.941'.
[  214.475065][   T11] hsr_slave_0: left promiscuous mode
[  214.527450][   T11] hsr_slave_1: left promiscuous mode
[  214.565325][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.597252][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.619645][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.640434][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.716911][   T11] veth1_macvtap: left promiscuous mode
[  214.722520][   T11] veth0_macvtap: left promiscuous mode
[  214.728777][   T11] veth1_vlan: left promiscuous mode
[  214.734139][   T11] veth0_vlan: left promiscuous mode
[  215.560576][   T11] team0 (unregistering): Port device team_slave_1 removed
[  215.607734][   T11] team0 (unregistering): Port device team_slave_0 removed
[  216.247757][   T54] Bluetooth: hci1: command tx timeout
[  216.291336][ T9989] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.318032][ T9989] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.325351][ T9989] bridge_slave_0: entered allmulticast mode
[  216.345981][T10099] netlink: 432 bytes leftover after parsing attributes in process `syz.4.948'.
[  216.365763][ T9989] bridge_slave_0: entered promiscuous mode
[  216.399274][ T9989] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.408365][T10105] netlink: 432 bytes leftover after parsing attributes in process `syz.4.948'.
[  216.416593][ T9989] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.424763][ T9989] bridge_slave_1: entered allmulticast mode
[  216.443033][ T9989] bridge_slave_1: entered promiscuous mode
[  216.490804][T10104] netlink: 24 bytes leftover after parsing attributes in process `syz.1.950'.
[  216.583154][T10099] netlink: 'syz.4.948': attribute type 4 has an invalid length.
[  216.699879][ T9989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.757982][ T9989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.982898][ T9989] team0: Port device team_slave_0 added
[  217.016378][ T9989] team0: Port device team_slave_1 added
[  217.158756][T10141] netlink: 24 bytes leftover after parsing attributes in process `syz.2.951'.
[  217.184699][ T9989] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.198159][ T9989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.258727][ T9989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.280018][ T9989] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.301089][ T9989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.332864][ T9989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.421301][T10140] pim6reg1: entered allmulticast mode
[  217.628740][ T9989] hsr_slave_0: entered promiscuous mode
[  217.638775][ T9989] hsr_slave_1: entered promiscuous mode
[  217.656198][ T9989] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.675534][ T9989] Cannot create hsr debugfs directory
[  217.684840][T10147] pim6reg1: left allmulticast mode
[  218.346778][   T54] Bluetooth: hci1: command tx timeout
[  218.457205][T10167] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  218.906264][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.3.963'.
[  219.052587][ T9989] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  219.075264][T10188] netlink: 24 bytes leftover after parsing attributes in process `syz.2.964'.
[  219.092805][ T9989] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  219.114756][ T9989] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  219.141828][ T9989] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  219.173648][T10193] ip6gre1: entered allmulticast mode
[  219.435302][ T9989] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.499321][ T9989] 8021q: adding VLAN 0 to HW filter on device team0
[  219.529342][ T3266] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.536599][ T3266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.591844][ T3266] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.599116][ T3266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.947442][T10226] x_tables: duplicate underflow at hook 3
[  220.153523][T10235] netlink: 20 bytes leftover after parsing attributes in process `syz.3.969'.
[  220.406190][   T54] Bluetooth: hci1: command tx timeout
[  220.486828][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[  220.568447][T10250] FAULT_INJECTION: forcing a failure.
[  220.568447][T10250] name failslab, interval 1, probability 0, space 0, times 0
[  220.646922][T10250] CPU: 0 UID: 0 PID: 10250 Comm: syz.2.972 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  220.657684][T10250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  220.667787][T10250] Call Trace:
[  220.671135][T10250]  <TASK>
[  220.674104][T10250]  dump_stack_lvl+0x241/0x360
[  220.678831][T10250]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.684106][T10250]  ? __pfx__printk+0x10/0x10
[  220.688743][T10250]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  220.694776][T10250]  ? __pfx___might_resched+0x10/0x10
[  220.700121][T10250]  should_fail_ex+0x3b0/0x4e0
[  220.704853][T10250]  should_failslab+0xac/0x100
[  220.706866][ T9989] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.709555][T10250]  ? __alloc_skb+0x1c3/0x440
[  220.720936][T10250]  kmem_cache_alloc_node_noprof+0x71/0x320
[  220.726813][T10250]  __alloc_skb+0x1c3/0x440
[  220.731289][T10250]  ? __pfx___alloc_skb+0x10/0x10
[  220.736289][T10250]  alloc_skb_with_frags+0xc3/0x820
[  220.741456][T10250]  ? __pfx_lock_release+0x10/0x10
[  220.746531][T10250]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  220.752133][T10250]  ? __pfx_lock_release+0x10/0x10
[  220.757211][T10250]  ? skb_set_owner_w+0x246/0x380
[  220.762208][T10250]  sock_alloc_send_pskb+0x91a/0xa60
[  220.767469][T10250]  ? __might_fault+0xc6/0x120
[  220.772219][T10250]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  220.775011][T10257] ebt_among: src integrity fail: 30a
[  220.777974][T10250]  ? __pfx__copy_from_iter+0x10/0x10
[  220.778025][T10250]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  220.794046][T10250]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  220.800089][T10250]  ? __mutex_trylock_common+0x183/0x2e0
[  220.805679][T10250]  ? skb_put+0x114/0x1f0
[  220.809977][T10250]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  220.816016][T10250]  l2cap_chan_send+0xebd/0x2690
[  220.820937][T10250]  ? __pfx_l2cap_chan_send+0x10/0x10
[  220.826289][T10250]  ? do_raw_spin_unlock+0x13c/0x8b0
[  220.831547][T10250]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  220.836630][T10250]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  220.842228][T10250]  __sock_sendmsg+0x221/0x270
[  220.846961][T10250]  ____sys_sendmsg+0x52a/0x7e0
[  220.850719][ T9989] veth0_vlan: entered promiscuous mode
[  220.851764][T10250]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.862543][T10250]  ? rcu_is_watching+0x15/0xb0
[  220.867348][T10250]  ? __might_fault+0xaa/0x120
[  220.872077][T10250]  __sys_sendmmsg+0x3ab/0x730
[  220.876820][T10250]  ? __pfx___sys_sendmmsg+0x10/0x10
[  220.882088][T10250]  ? __pfx_lock_release+0x10/0x10
[  220.883291][ T9989] veth1_vlan: entered promiscuous mode
[  220.887146][T10250]  ? kstrtouint_from_user+0x128/0x190
[  220.887205][T10250]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  220.903974][T10250]  ? ksys_write+0x229/0x2b0
[  220.908528][T10250]  ? __pfx_lock_release+0x10/0x10
[  220.913618][T10250]  ? vfs_write+0x730/0xd30
[  220.918079][T10250]  ? __mutex_unlock_slowpath+0x21d/0x750
[  220.923758][T10250]  ? __fget_files+0x3f3/0x470
[  220.928496][T10250]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  220.934538][T10250]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  220.940929][T10250]  ? do_syscall_64+0x100/0x230
[  220.943383][ T9989] veth0_macvtap: entered promiscuous mode
[  220.945740][T10250]  __x64_sys_sendmmsg+0xa0/0xb0
[  220.945784][T10250]  do_syscall_64+0xf3/0x230
[  220.945810][T10250]  ? clear_bhb_loop+0x35/0x90
[  220.945839][T10250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.971538][T10250] RIP: 0033:0x7f51a837e719
[  220.971811][ T9989] veth1_macvtap: entered promiscuous mode
[  220.975970][T10250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.975993][T10250] RSP: 002b:00007f51a90a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  220.976020][T10250] RAX: ffffffffffffffda RBX: 00007f51a8536058 RCX: 00007f51a837e719
[  220.976037][T10250] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  220.976053][T10250] RBP: 00007f51a90a9090 R08: 0000000000000000 R09: 0000000000000000
[  220.976070][T10250] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  221.022410][ T9989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.025764][T10250] R13: 0000000000000000 R14: 00007f51a8536058 R15: 00007ffc5469e078
[  221.025804][T10250]  </TASK>
[  221.091339][ T9989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.101896][ T9989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.113186][ T9989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.130444][ T9989] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.219296][ T9989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.259415][ T9989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.295490][ T9989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.324810][ T9989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.358661][ T9989] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.395127][ T9989] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.443907][ T9989] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.485559][ T9989] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.504636][ T9989] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.739258][T10279] netlink: 'syz.2.978': attribute type 2 has an invalid length.
[  221.784864][ T3486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.813391][ T3486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.912982][ T3266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.947100][T10295] x_tables: duplicate underflow at hook 1
[  221.961282][ T3266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.676952][T10325] batadv0: entered promiscuous mode
[  222.690291][ T5889] IPVS: starting estimator thread 0...
[  222.720066][T10326] tipc: Started in network mode
[  222.725025][T10326] tipc: Node identity ac1414aa, cluster identity 4711
[  222.741603][T10326] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  222.750762][T10326] tipc: Enabled bearer <udp:sÿí>, priority 10
[  222.760007][T10325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.792777][T10332] netlink: 20 bytes leftover after parsing attributes in process `syz.2.990'.
[  222.802476][T10327] IPVS: using max 17 ests per chain, 40800 per kthread
[  222.838820][T10332] netlink: 8 bytes leftover after parsing attributes in process `syz.2.990'.
[  222.877229][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.002806][T10342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.991'.
[  223.015586][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.038579][T10342] block nbd0: must specify backend
[  223.046747][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.3.991'.
[  223.099850][T10352] netlink: 12 bytes leftover after parsing attributes in process `syz.3.991'.
[  223.155776][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.238296][T10360] netlink: 36 bytes leftover after parsing attributes in process `syz.2.995'.
[  223.250749][T10360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.995'.
[  223.295637][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.435667][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.575777][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.715554][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.842243][  T160] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.857046][  T970] tipc: Node number set to 2886997162
[  223.995779][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  224.008005][  T160] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.088918][  T160] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.180424][  T160] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.266037][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  224.334700][  T160] bridge_slave_1: left allmulticast mode
[  224.340721][  T160] bridge_slave_1: left promiscuous mode
[  224.346952][  T160] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.379058][  T160] bridge_slave_0: left allmulticast mode
[  224.384785][  T160] bridge_slave_0: left promiscuous mode
[  224.391391][  T160] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.618713][T10403] FAULT_INJECTION: forcing a failure.
[  224.618713][T10403] name failslab, interval 1, probability 0, space 0, times 0
[  224.651122][T10406] __nla_validate_parse: 4 callbacks suppressed
[  224.651145][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.998'.
[  224.663244][T10403] CPU: 1 UID: 0 PID: 10403 Comm: syz.3.1000 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  224.677800][T10403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  224.687908][T10403] Call Trace:
[  224.691230][T10403]  <TASK>
[  224.694191][T10403]  dump_stack_lvl+0x241/0x360
[  224.698906][T10403]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.704129][T10403]  ? __pfx__printk+0x10/0x10
[  224.708659][T10405] netlink: 20 bytes leftover after parsing attributes in process `syz.2.999'.
[  224.717627][T10403]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  224.723668][T10403]  ? __pfx___might_resched+0x10/0x10
[  224.729016][T10403]  should_fail_ex+0x3b0/0x4e0
[  224.733777][T10403]  should_failslab+0xac/0x100
[  224.738499][T10403]  ? __alloc_skb+0x1c3/0x440
[  224.743146][T10403]  kmem_cache_alloc_node_noprof+0x71/0x320
[  224.749018][T10403]  __alloc_skb+0x1c3/0x440
[  224.753491][T10403]  ? __pfx___alloc_skb+0x10/0x10
[  224.758490][T10403]  alloc_skb_with_frags+0xc3/0x820
[  224.763673][T10403]  ? __pfx_lock_release+0x10/0x10
[  224.768758][T10403]  ? l2cap_sock_alloc_skb_cb+0xe4/0x5b0
[  224.774375][T10403]  ? __pfx_lock_release+0x10/0x10
[  224.779491][T10403]  ? skb_set_owner_w+0x246/0x380
[  224.784487][T10403]  sock_alloc_send_pskb+0x91a/0xa60
[  224.789743][T10403]  ? __might_fault+0xc6/0x120
[  224.794493][T10403]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  224.800279][T10403]  ? __pfx__copy_from_iter+0x10/0x10
[  224.805634][T10403]  l2cap_sock_alloc_skb_cb+0xfc/0x5b0
[  224.811065][T10403]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  224.817204][T10403]  ? __mutex_trylock_common+0x183/0x2e0
[  224.822811][T10403]  ? skb_put+0x114/0x1f0
[  224.827122][T10403]  ? __pfx_l2cap_sock_alloc_skb_cb+0x10/0x10
[  224.833172][T10403]  l2cap_chan_send+0xebd/0x2690
[  224.838095][T10403]  ? __pfx_l2cap_chan_send+0x10/0x10
[  224.843439][T10403]  ? do_raw_spin_unlock+0x13c/0x8b0
[  224.848706][T10403]  l2cap_sock_sendmsg+0x1b4/0x2c0
[  224.853801][T10403]  ? __pfx_l2cap_sock_sendmsg+0x10/0x10
[  224.859405][T10403]  __sock_sendmsg+0x221/0x270
[  224.864131][T10403]  ____sys_sendmsg+0x52a/0x7e0
[  224.868964][T10403]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.874305][T10403]  ? rcu_is_watching+0x15/0xb0
[  224.879128][T10403]  ? __might_fault+0xaa/0x120
[  224.883878][T10403]  __sys_sendmmsg+0x3ab/0x730
[  224.886686][ T5155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  224.888602][T10403]  ? __pfx___sys_sendmmsg+0x10/0x10
[  224.888658][T10403]  ? __pfx_lock_release+0x10/0x10
[  224.898893][ T5155] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  224.900968][T10403]  ? kstrtouint_from_user+0x128/0x190
[  224.901028][T10403]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  224.912604][ T5155] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  224.912955][T10403]  ? ksys_write+0x229/0x2b0
[  224.912986][T10403]  ? __pfx_lock_release+0x10/0x10
[  224.919683][ T5155] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  224.924245][T10403]  ? vfs_write+0x730/0xd30
[  224.934340][ T5155] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  224.935669][T10403]  ? __mutex_unlock_slowpath+0x21d/0x750
[  224.935711][T10403]  ? __fget_files+0x3f3/0x470
[  224.935752][T10403]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  224.941262][ T5155] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  224.947717][T10403]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  224.947762][T10403]  ? do_syscall_64+0x100/0x230
[  224.947791][T10403]  __x64_sys_sendmmsg+0xa0/0xb0
[  224.947828][T10403]  do_syscall_64+0xf3/0x230
[  224.947859][T10403]  ? clear_bhb_loop+0x35/0x90
[  224.947888][T10403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.013562][T10403] RIP: 0033:0x7fb13317e719
[  225.018001][T10403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.037632][T10403] RSP: 002b:00007fb134042038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  225.046076][T10403] RAX: ffffffffffffffda RBX: 00007fb133336058 RCX: 00007fb13317e719
[  225.054105][T10403] RDX: 0000000000000002 RSI: 0000000020002080 RDI: 000000000000000b
[  225.062092][T10403] RBP: 00007fb134042090 R08: 0000000000000000 R09: 0000000000000000
[  225.070081][T10403] R10: 000000000400c8c4 R11: 0000000000000246 R12: 0000000000000002
[  225.078077][T10403] R13: 0000000000000000 R14: 00007fb133336058 R15: 00007ffc35073628
[  225.086108][T10403]  </TASK>
[  225.372237][  T160] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.383813][  T160] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  225.403908][  T160] bond0 (unregistering): Released all slaves
[  225.427241][T10400] netlink: 20 bytes leftover after parsing attributes in process `syz.2.999'.
[  225.486670][T10406] Oops: general protection fault, probably for non-canonical address 0xdffffc000000004b: 0000 [#1] PREEMPT SMP KASAN PTI
[  225.499324][T10406] KASAN: null-ptr-deref in range [0x0000000000000258-0x000000000000025f]
[  225.507783][T10406] CPU: 0 UID: 0 PID: 10406 Comm: syz.1.998 Not tainted 6.12.0-rc6-syzkaller-01561-ga71c69f51d11 #0
[  225.518498][T10406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  225.528593][T10406] RIP: 0010:dev_prep_valid_name+0x3e3/0xa40
[  225.534541][T10406] Code: 20 08 00 00 e8 0e 63 27 fb 48 85 c0 0f 84 8f 04 00 00 48 89 44 24 38 48 8b 5c 24 30 48 81 c3 68 02 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 6e e7 6b f8 48 8b 03 48 89 5c 24
[  225.554201][T10406] RSP: 0018:ffffc900046ce980 EFLAGS: 00010207
[  225.560313][T10406] RAX: 000000000000004b RBX: 000000000000025f RCX: 0000000000002000
[  225.568336][T10406] RDX: 0000000000001000 RSI: ffffffff8c610a80 RDI: ffffffff8c610a40
[  225.576351][T10406] RBP: ffffc900046cea90 R08: 0000000000000920 R09: 00000000ffffffff
[  225.584366][T10406] R10: dffffc0000000000 R11: fffffbfff285c102 R12: dffffc0000000000
[  225.592376][T10406] R13: 1ffff920008d9d40 R14: ffff888033330127 R15: 1ffff920008d9d3c
[  225.600405][T10406] FS:  00007f9e819b56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  225.609349][T10406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  225.615939][T10406] CR2: 00007fe6f4c656c0 CR3: 0000000033060000 CR4: 00000000003526f0
[  225.623918][T10406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  225.631893][T10406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  225.639874][T10406] Call Trace:
[  225.643158][T10406]  <TASK>
[  225.646099][T10406]  ? __die_body+0x5f/0xb0
[  225.650465][T10406]  ? die_addr+0xb0/0xe0
[  225.654625][T10406]  ? exc_general_protection+0x3dd/0x5d0
[  225.660200][T10406]  ? asm_exc_general_protection+0x26/0x30
[  225.665930][T10406]  ? dev_prep_valid_name+0x3e3/0xa40
[  225.671227][T10406]  ? __pfx_dev_prep_valid_name+0x10/0x10
[  225.676876][T10406]  register_netdevice+0x542/0x1b00
[  225.682002][T10406]  ? rcu_is_watching+0x15/0xb0
[  225.686781][T10406]  ? trace_kmalloc+0x1f/0xd0
[  225.691396][T10406]  ? __kmalloc_node_noprof+0x247/0x440
[  225.696873][T10406]  ? validate_linkmsg+0x825/0xa30
[  225.701916][T10406]  ? sized_strscpy+0x8d/0x220
[  225.706602][T10406]  ? __pfx_validate_linkmsg+0x10/0x10
[  225.711999][T10406]  ? __pfx_register_netdevice+0x10/0x10
[  225.717582][T10406]  ? rtnl_create_link+0x91c/0xc20
[  225.722625][T10406]  vxcan_newlink+0x314/0x5c0
[  225.727225][T10406]  ? rtnl_newlink_create+0x210/0xa30
[  225.732520][T10406]  ? __pfx_vxcan_newlink+0x10/0x10
[  225.737661][T10406]  ? __pfx_validate_linkmsg+0x10/0x10
[  225.743073][T10406]  ? alloc_netdev_mqs+0xcd0/0x1080
[  225.748204][T10406]  ? rtnl_create_link+0x91c/0xc20
[  225.753254][T10406]  ? __pfx_vxcan_newlink+0x10/0x10
[  225.758377][T10406]  rtnl_newlink_create+0x2df/0xa30
[  225.763508][T10406]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  225.769149][T10406]  ? ns_capable+0x8a/0xf0
[  225.773491][T10406]  rtnl_newlink+0x17dd/0x24f0
[  225.778181][T10406]  ? __pfx_rtnl_newlink+0x10/0x10
[  225.783226][T10406]  ? netlink_unicast+0x7c4/0x990
[  225.788204][T10406]  ? __pfx_validate_chain+0x10/0x10
[  225.793423][T10406]  ? __sys_sendmsg+0x292/0x380
[  225.798225][T10406]  ? do_syscall_64+0xf3/0x230
[  225.802927][T10406]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.809059][T10406]  ? __pfx_lock_release+0x10/0x10
[  225.814114][T10406]  ? __pfx_rtnl_newlink+0x10/0x10
[  225.819152][T10406]  rtnetlink_rcv_msg+0x791/0xcf0
[  225.824096][T10406]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  225.829218][T10406]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  225.834689][T10406]  ? ref_tracker_free+0x643/0x7e0
[  225.839724][T10406]  netlink_rcv_skb+0x1e3/0x430
[  225.844506][T10406]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  225.849989][T10406]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  225.855329][T10406]  ? netlink_deliver_tap+0x2e/0x1b0
[  225.860556][T10406]  netlink_unicast+0x7f6/0x990
[  225.865360][T10406]  ? __pfx_netlink_unicast+0x10/0x10
[  225.870668][T10406]  ? __virt_addr_valid+0x183/0x530
[  225.875794][T10406]  ? __check_object_size+0x48e/0x900
[  225.881118][T10406]  netlink_sendmsg+0x8e4/0xcb0
[  225.885911][T10406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.891216][T10406]  ? aa_sock_msg_perm+0x91/0x160
[  225.896169][T10406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.901482][T10406]  __sock_sendmsg+0x221/0x270
[  225.906172][T10406]  ____sys_sendmsg+0x52a/0x7e0
[  225.910952][T10406]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.916254][T10406]  __sys_sendmsg+0x292/0x380
[  225.920860][T10406]  ? __pfx___sys_sendmsg+0x10/0x10
[  225.925984][T10406]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  225.931986][T10406]  ? call_rcu+0x731/0xa70
[  225.936339][T10406]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  225.942691][T10406]  ? do_syscall_64+0x100/0x230
[  225.947465][T10406]  ? do_syscall_64+0xb6/0x230
[  225.952149][T10406]  do_syscall_64+0xf3/0x230
[  225.956666][T10406]  ? clear_bhb_loop+0x35/0x90
[  225.961357][T10406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.967255][T10406] RIP: 0033:0x7f9e80b7e719
[  225.971674][T10406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.991293][T10406] RSP: 002b:00007f9e819b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.999720][T10406] RAX: ffffffffffffffda RBX: 00007f9e80d36130 RCX: 00007f9e80b7e719
[  226.007698][T10406] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000000b
[  226.015672][T10406] RBP: 00007f9e80bf175e R08: 0000000000000000 R09: 0000000000000000
[  226.023648][T10406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  226.031620][T10406] R13: 0000000000000000 R14: 00007f9e80d36130 R15: 00007ffd0c41dbb8
[  226.039604][T10406]  </TASK>
[  226.042626][T10406] Modules linked in:
[  226.048313][T10406] ---[ end trace 0000000000000000 ]---
[  226.072623][T10406] RIP: 0010:dev_prep_valid_name+0x3e3/0xa40
[  226.145780][T10406] Code: 20 08 00 00 e8 0e 63 27 fb 48 85 c0 0f 84 8f 04 00 00 48 89 44 24 38 48 8b 5c 24 30 48 81 c3 68 02 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 6e e7 6b f8 48 8b 03 48 89 5c 24
[  226.175302][T10406] RSP: 0018:ffffc900046ce980 EFLAGS: 00010207
[  226.191702][T10406] RAX: 000000000000004b RBX: 000000000000025f RCX: 0000000000002000
[  226.199948][T10406] RDX: 0000000000001000 RSI: ffffffff8c610a80 RDI: ffffffff8c610a40
[  226.208719][T10406] RBP: ffffc900046cea90 R08: 0000000000000920 R09: 00000000ffffffff
[  226.218169][T10406] R10: dffffc0000000000 R11: fffffbfff285c102 R12: dffffc0000000000
[  226.226290][T10406] R13: 1ffff920008d9d40 R14: ffff888033330127 R15: 1ffff920008d9d3c
[  226.234446][T10406] FS:  00007f9e819b56c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  226.243516][T10406] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  226.250767][T10406] CR2: 0000562035c1b088 CR3: 0000000033060000 CR4: 00000000003526f0
[  226.258890][T10406] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  226.267469][T10406] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  226.275654][T10406] Kernel panic - not syncing: Fatal exception
[  226.282084][T10406] Kernel Offset: disabled
[  226.286417][T10406] Rebooting in 86400 seconds..