last executing test programs:

1m23.283716148s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

1m6.600290383s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

51.573008475s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

37.67350259s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

25.393112994s ago: executing program 1:
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
accept4(r1, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x30)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
preadv(r3, &(0x7f0000003200)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_bond\x00', <r4=>0x0})
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={r4, 0x3, 0x5, @dev}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x30, r5, 0x325, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}]}]}, 0x30}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000010000000000000000000000791200000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_ERSPAN={0x4, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_ERSPAN_HWID={0x5}}}}]}, 0x38}}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYRES32=r6, @ANYRES16=r7, @ANYBLOB="01000000000000800000d50a9a0000001400000018000180140002006e7464657673696d300000000000000500188c910000000500"], 0x3c}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600093582c137153e370c0c188001ac0f000300", 0x2e}], 0x1}, 0x0)

24.911661418s ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x1c}, [@RTA_SRC={0x8, 0x2, @remote}]}, 0x24}}, 0x0)

24.776836489s ago: executing program 1:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x41, 0xf3, &(0x7f0000000400)=""/243}, 0x58) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000140), 0xfecc) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f00000002c0)={@broadcast, @empty}, 0x8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$inet_int(r3, 0x0, 0x17, &(0x7f0000000300)=0x8, 0x4) (async)
r4 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='veth1_virt_wifi\x00', 0x10) (async)
sendto$unix(r4, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) (async)
recvmmsg(r3, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x20, 0x140f, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x4}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x7, 0x45, 'sa\x00'}]}, 0x20}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000004c0)={0x34, r6, 0x135, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x0, 0xff}, {}, {}, {}, {}], "040ded930dde6d5a"}}]}, 0x34}}, 0x0) (async)
sendto$phonet(r0, &(0x7f0000000000)="2b5f682aa4981e35f12f89135553a390f3a85fc05322f6e750df8f549b3ab521d643d8802e0d428f9227414e76f2483d951d58546aac3be45c9dead7002bbbde4d83644aebbf6aaa0ab8fe9324416eb829bf358a4483e8dc4f403da92efa5f82ec14e0c487dd95039b42132ecb2212f238524bbc78d238c60842acbc291a51cd1320ed49d32a36a21a2a444f00ee69b8", 0x90, 0x4000000, &(0x7f0000000100)={0x23, 0x20, 0x1f, 0xf8}, 0x10)

24.485603552s ago: executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xd0}}]}, 0x0}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x3a, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48)
syz_emit_ethernet(0x5e, &(0x7f00000001c0)={@local, @broadcast, @val={@val={0x88a8, 0x6, 0x1, 0x2}, {0x8100, 0x1, 0x1, 0x3}}, {@canfd={0xd, {{}, 0x21, 0x1, 0x0, 0x0, "ea839b1bc3ca14cf580cd7e98cb76b8a52e724f890d03ebc8d6d81df98db9eb4363f06f7b0ab3a291cfb8b0f00331e3023304d4fae939cb8f2ac74e4923adf45"}}}}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000180)={0x200, 0x48, [0x9, 0xc70f, 0x80000001, 0x9], &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4}, 0xe)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x19, &(0x7f0000000080)={r4}, 0x8)
socket$igmp6(0xa, 0x3, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f0000000300)={<r6=>0x0, "79d4f528bb3dff71d3f06cc3e43b3269"})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000001300)={r6, 0x87af, 0x0, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r7, r8, 0x2, 0x2}, 0x10)

24.233660393s ago: executing program 1:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000004c0)={0x30, r2, 0x135, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{}, {}, {}, {}], "7ecbad144922f925"}}]}, 0x30}}, 0x0) (fail_nth: 7)

23.39370077s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

4.983608217s ago: executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0xffffffffffffffd1) (async)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000f3000000bfa30000000000000702000000feffff7a0af0ff0001000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010402000000000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000002f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc2695ed094bd09b52680910d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fa369258673b5df11cc2afb53611cc320000bc0b80e80efc8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aaffe400000000000000000000008b798b4f5458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d08c72137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e1226c9129a7c5f8ee5f50579e2f638f7eb12f63be72a39817b324d6e417b1c2cbfdcada0a16e31790e26cf1010000805f6ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b3f48d5e40a3ae01a5dfde3b4dca205009c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf4180f2d06399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf381171cc9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408ae4c53b3dcd3ab82f187bf77779d035818e562bf2737acf0412b217aa0d530438c101979312cbdb013c2f26afc263e0000000000000000000062f3e153dbe06af8a0adf64c0350927e75518774b37bb7f263cc9aad6e77c4cb355c661674ff770488bda1de51bd35429848af22383f4b3bcd4c38a395fd29d7825c15fbfb51f897c7c83954785bab4ce8ae811de674d6fc056943e59fa8e7912b2a16d98b4198b914f4206b6a72fbdf879d4273213d9d32ddd0990c1914488a00a79c12d737"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)

4.230815127s ago: executing program 1:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000004c0)={0x30, r2, 0x135, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{}, {}, {}, {}], "7ecbad144922f925"}}]}, 0x30}}, 0x0) (fail_nth: 7)

3.541201664s ago: executing program 4:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffffffffffffffff}, 0x6) (async, rerun: 32)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async, rerun: 32)
r2 = socket$inet_sctp(0x2, 0x5, 0x84) (async)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r3, &(0x7f0000000980)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0) (async)
shutdown(r3, 0x1)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r5=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000000c0)={r5}, &(0x7f0000000140)=0xc)
getsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000000)={r5, 0x195, 0x8, 0x8}, &(0x7f00000000c0)=0x10) (async, rerun: 64)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) (rerun: 64)

3.333594205s ago: executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x4}, 0x90)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r0, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}, {0x0, 0xffefff7f}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)

3.199124608s ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000580)={@val={0xa}, @void, @eth={@broadcast, @remote, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x6000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data}}}}}}, 0xfdef) (fail_nth: 4)

2.079594555s ago: executing program 3:
listen(0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @broadcast, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x2, 0x0, @empty, @empty}, {0x16, 0x0, 0x0, @multicast2}}}}}, 0x0)

1.938958482s ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @rand_addr=0x64010101}, 0x10)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r5=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x14, &(0x7f00000002c0)={r5}, 0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000000c0)={r5, 0x6}, &(0x7f0000000180)=0x8)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x3f, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x25, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000653751d3c0000000118110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000008510000004001000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000019bf01000400000018350000040000000000000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0xa3, &(0x7f0000000240)=""/163, 0x0, 0x8c}, 0x90)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000fc0)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@loopback}, 0x0, @in6=@private1}}, &(0x7f0000000300)=0xe8)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x2}, 0x1}, 0x1c)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r10 = accept4(r9, 0x0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(r10, 0x8903, &(0x7f0000000580)=<r11=>0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r13 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000000100)={0x0, <r14=>0x0, <r15=>0x0}, &(0x7f0000000140)=0xc)
r16 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r16, 0x0, 0x7, &(0x7f00000000c0)='7', 0x1)
ioctl$TUNSETGROUP(r12, 0x400454d0, r15)
r17 = gettid()
r18 = syz_open_procfs$namespace(r17, &(0x7f00000002c0)='ns/time_for_children\x00')
r19 = getgid()
sendmmsg$unix(r10, &(0x7f0000000f00)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000540)=[{&(0x7f0000000400)="80f4712c50c0d2e55bfcbc1c6e0a8024391a6cac7c4668287deba177325995c6a615c29509d78402b276ad70eb30e27f8a7f7406f312e599d1fbb12fc7bda7656ac4a86139f19797d928aebb49a3d59eeaca2b2789d0da3e6130f6e354b8c8cd96bb975d3045633988dfc17f642d465fa152f9a4d6a7c67e387458", 0x7b}, {&(0x7f0000000480)="882ab8bbb5df3ac1ede80bb7bd553644a860bde5b9c7ba3ae84e1d7876231463591067742a26033ad649fe5477ec76a966e0aed1ad0ab2b9d9fe7c", 0x3b}, {&(0x7f00000004c0)="63f7bd69f5dcb068416b51c6ac0d8866e398713d67869ed8d059bdc29754a62abaa30b6a1a09d78cbad95fdf8beb5ef18c303647881f6b8ae96b804be08e7c635ce4f3d483675577511523ec8f3eaf4694bddd65184a6cb983b28f396e4fb9141df7ab2322f02ef2c8e6629b13ab90db7560f8eb0f45a45e9ac4d06ffdbb3d", 0x7f}], 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r7, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r7, @ANYRES32=r9, @ANYRES32=r7, @ANYRES32=r7, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r8, @ANYRES32=r15, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r17, @ANYRES32=r8, @ANYRES32=r19, @ANYBLOB="00000000e8ee3bc9f34d977b3a77f5d21930b78dcc0d67da844e1e483af6326cd1f68692eedd1c37e8738f6ec9f302b1971299fddbd2d0f93319aa3b39ee9b7ce26e9edb1e81bf90ad7568cd96"], 0x78, 0xc891}}, {{&(0x7f0000000640)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000007c0)=[{&(0x7f00000006c0)="2720760f46db877d9dc7e3931e0d", 0xe}, {&(0x7f0000000700)="769d2034b5343b788b", 0x9}, {&(0x7f0000000740)="89ed5027401f0b297ad8245e63969ac9fb4c29e2520a9f", 0x17}, {&(0x7f0000000780)="d33dbd3a8e61db7622b1e9dfc4d06b1c18dce0b804ae96f8a0e80d24bf33ea54aa8849b780c23819ea", 0x29}], 0x4, &(0x7f00000010c0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r9, @ANYRES32=r9, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r12, @ANYRES32=r13, @ANYBLOB="240000000000000001000100010000001ca1c1", @ANYRES32=r13, @ANYRES32, @ANYRES32=r13, @ANYRES32=r18, @ANYRES32=r13, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r9, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r14, @ANYRES32=r19, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r17, @ANYRES32=r14, @ANYRES32=r15, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r13, @ANYRES32=r7, @ANYRES32, @ANYRES32=r7, @ANYBLOB="18000000000000000100000001000000", @ANYRES32, @ANYRES32=r12], 0xf0, 0x1}}, {{&(0x7f0000000840)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000d40)=[{&(0x7f0000000a00)="8f9ddbc168d288cb15a8480ce6c812f1f4fa02ca6949cd2540497e8593d82fda7367b4668c80674503212446946141cc9508bd51cd1330c86789840f15e73e06962c77b5d1ec6b92d5833a15df80c6d123f2902e6ba154da649e9962a34c2a34a55f7cd69b9ed1ffcc67a98fbdae240b1c1daf4c2f4238bcfeef041cd95d23e0a30e48605e85c83e50cf3033e16cf3678ac36adfb971896af826f82b1b69e667d8573cd854e7da0cc0059dc3c900525a71cd4d71d49f53fcb9dcec1e56bf79594a4fda3782e8b256af735af5970184d0d0db9817", 0xd4}, {&(0x7f0000000b00)="5c0684beec08df243968880f4645c5c8a961dcc5037ef4c660f16a30cae15f34c59c38b2ea1983a25f1860bd17f993c105dc0471e3c829d05074b7c03b3f51ef1aeb765c477c337629bfa53889d9916943358725060330a0126e92740f4896f7056638d759820ced1d67ac92aba1f55450d490045d33744ad5a06028c3dfb43f7532be6d64e91c3d006085ce07511d8b339f3409b67b7f2de33954f6757684acf5be0052fd3946f8dc8cdf56c937", 0xae}, {&(0x7f0000000bc0)="8597fb1c0aa243a0f7d74ccba5cd5aec7c38ecb4c83c1f3169310ee611834229801b0f9f9ccd3f98aa2fc222d81d51c717c7a8ce673699d340178e2d0f800b7e58e6fc66b8248c4b23f68803b340d91be7ec7fc8f05890a74f2b716709d832fa9085e7b4e2615fd547592e4dfd72a95634689281115c47282f2653d8859327", 0x7f}, {&(0x7f0000000c40)="7cc75bfa682419f77f698feedd0a960d77b053424ee5e3c2dc61", 0x1a}, {&(0x7f0000000c80)="21c930acfb619a7871b2fb4fb0b3a7bf81001f14014913acbc899cc48fb07c", 0x1f}, {&(0x7f0000000cc0)="9b1b834153b30a57735a5a1cf3f75cbab62fd31aec48da727c229196687f541e7bcb532dfb0e32fa625038511e42cb7d1eba9d8faa5aa04aeeba82f5dec9b016e247e65f7a138de54a3023dc67b93b0909a6100349a8dacd6f8d1db7105f2f70b74ecc358e0d4324fa607987655ea7c81a7db3ecc602", 0x76}], 0x6, &(0x7f0000000e80)=ANY=[@ANYBLOB="100000000000000001010000010000001c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r8, @ANYRES32=r19, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r18, @ANYBLOB='\x00\x00\x00\x00'], 0x48, 0x800}}], 0x3, 0x8010)

1.654447746s ago: executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x5000000}, 0x20)

1.563458998s ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="680000000000000000000000000000001400000000000000000000000000000000000001440000803d00000028feb3a1d8e656b0590d68d0d76a4a4e38207c18b38cea3c9c700be24a30446c454baa6f0421a4707aa17d16574e0fbe63958c19b4f40b1e270000007cf82fbf85ecdd0024f958bcc3a3ee8dfea962f3eff2c391f2981eb350e8ac3c4a21bf26d5624df791b9f6ebac7e6f108e9914d4c509a14995d4175c748200b81498e649520f5b5f32865da9aade12bf7141ba99f8c2551b5aaacc3985ccd2e50c94e6aa0b4e3a4db1b3da4f"], 0x68}], 0x1}, 0x0)
r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001bc0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000080)=0xfffffffc, 0x4)
r3 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
listen(r3, 0x0)
r4 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r4, &(0x7f0000000080)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000}, 0x1c)
accept4$inet6(r3, 0x0, 0x0, 0x0)
sendmsg$tipc(r4, &(0x7f0000000640)={&(0x7f0000000300), 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)='Z', 0x1}], 0x1}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_AUTORATE={0x8}, @TCA_CAKE_TARGET={0x8}]}}]}, 0x44}}, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff})
ioctl$int_in(r7, 0x5421, &(0x7f0000000140)=0xbc8)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
readv(r7, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/68, 0x44}], 0x1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000180)={0x0, 'macsec0\x00', {}, 0xfffe})

1.535708458s ago: executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, 0x19, 0xa, 0x201}, 0x14}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f000000c2c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

1.533583707s ago: executing program 0:
r0 = socket(0x3, 0x4, 0xffffffff)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000040)="0d000000010000", 0x7)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000540)=0x4, 0x4)
sendmmsg$inet6(r1, &(0x7f0000005c80)=[{{&(0x7f0000000200)={0xa, 0x4e22, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0xb80b)
listen(r0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000002580)={0x2040, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x2014, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "fc654c187d6eb5f0ca15095cc8787b50b96435ad3147dd10e867248d37187c2a131a62d105462ce34d5cf8ded36159aea612a3460534d8c298556e91590238f40dd2c7148d365ab6cdd5f2a7f74bac8d59f731c655a46917f18b28ed05e58b70287d26677601258a5c0ab9f679e2e520228c3a1f1aede04c6ba82cc38cc2ab6b35a24fb20e032dedf6f6caf4bfea5435f746f746fd46ca192e3744eb6908b358c10833bf484237ba654641e6186a45957c6345e61ea620fdc74383ce1df4a24e7044bae596f018736424a5bfa438865044e7026fa37a3540fadd0e89d87aecd3bc127e0cb10274991d6127224a0f2a4ef19e2c4dedbe45f2471abcc38c584ead0e3df3f9211022b2421fb6b327361e8f58f2b73134fc5444b350ede95ecef5bbbf9950e75c9f772a3ff0180d2cfac287228709726a6abbab2971982de7f1a9149d71dcbfd212e89ff17cf284b7f8ad82a469cb1c1e3d9d1d3689271c8dad0ba89dda651d4242062ac0bc5877e397236fa9476ac5fac7c2c896babca09d74720004cd0e634327de4fd87ed72ae069c095d2c70caed52e3335478c1c3719925e24f2fd7755baebd5cde385727a0f0440dd3b662248c43ff5afc4f186ff0051ba8eaa07623b79c4bb6985f14c5ac15041a6ff7584f921982e5414481d4db4c76798d70a59b5aeccb6e7882aefe70993758b55b4dc4039c2b1c98452113aaf23ccdf68cb6eff6e048f9da6f39a2def3caaf80cdcbadb83b029b8738391f02fec90c8a8b6f036aae8ceaff5dca7d3e0098423fedc676c6774ab0e6a72bd246c0b3004d1988f802b846d62ca59e9a63ce12814176ec4380e1cf29d27e7b2f7e7eadcaae8f182498ad32e67323fe6ef9508fec40dd38897652053ef92e44a909060c237890c196f0c26ab10248f999001f6231813a81313971bea77a5470f312d185dce689adc99e430e4010a3a341482c51fb71c23c3cdf92303c7580c73775f9a74685a61ce9849eaca52b97ee7ffe2e672dc1be5267c285a102711b1b5d81d6dbb76494f2892fd4f85244ade3cdd3809fd5fdfce5157fc1658f0bceb379489732583707c170fc6392aa4f5b94843aeb18da58e0156e029c2b722918b1b3dc7c151cb9c248ddd18423629b53cd4b0ab2693b0df29c88c04657f4eccdc41357de8186fdc0ec86f92950734975921a2fde57c3e7176b57c871d76ff8a8f36520b67e64930cf34bcde9ad92d057a359ca022b646df18e2b7202845bd8ac4be5e5ebae436dc4b93dfaaf2778a53e7e4be937e83dac7d1d481bdbd8081ab0ac08af067e62580bbdbf397cbc629db9b023734b6fad7824d1a8b3257c1c18d6ebc928140060f004ec484b183560f830a1eb0c527c8600bb2600d761e847454e677aa29486aa407a9e9a5e9dc9542de038e3e55fdfec13184cdb16716556f972eef5c56230c43d146c86a9147265c309a279db6d138647920410896c5397c5f83634fa5e92b5161f786482d84830864388b91c2c1e3e9f9f038d5fa66f7fe904e14df0a60d46066c6b1f37cec6e13c35832f512be21da21a5921b81cc452b0076c2ec10fc5481cd0e1ca917b40cb3aa839b120ce6eb9773e942b74ececac6bdcd22eb8dd6cd9f148e0ebe5ef3094f42adc39bc5ca2259e1eab5059ccf5e82bb57b97d4d13a90747299b2e6b64f962aabf222e4f287503181de3c3a68fb2b0068583f3b97e40ce06e9805a7121eccac0527b8f1b18a62762efe0a9ce4114b7d1ba942bc93533ee0b1bd7f0a607207b976dfa1fbe3ce0868e7f4e31b41a0aada0ac6b291aefe22ea5338f07e57b981b8e4e4a121f231d2f46989fd5dd09a7c1d198f5886b4f1a222eccdabff096a81fef3c9e497621128562880938fe05a1f1c4da81daba55bf326f1e3a1712d79f01fbef2ee230615d4e454be67f0ad4dc2bfffaecbb683742925738b45854ab713ae548b9709e9ea2e28224ef466bced79e3ec6c163d45db187bc01c75afa85f78003927dcd122086acc8dd1b1224de41d62b83e34083dd39fe68aa5a479ba403f5dbddf9b763ca521b7efca6234be16484f1e0112d963672a6d24cdac15e80bcb82b3b22231670c41fe7e8a0a083b6df768e7fb0d94a004f8372f5cf8b9b45cc679eb67828a94d0ffabfe09d95ad2789cb8657f7ea86a46260416a72e6fc7b44e549a2e39fe015c7647cc0bec15fa63d26894be1cc5326331e7e0b1c505934182accf049bab033b026d48fda51de740afc0666e6c891e0c5192f4b2df21493477ff45319d7d8b816f0b73ccfa12d6846362feb4b85063ca42e950eb577c630300dc52698a38ca19cbbb398404a1e8e27d0be49985e59caef03da096d1ccbeed73bd7c9588325b747ab77f4d7c1c1f18388ce1771882ee680ed737ad197ff92f1052e5e79f6ffa5b85ba3fac5db13e0d0046c9dca0ab4b74b20299ba6bdd758940e088df31e1382cee6901503299028467a864d27affae30fd9aef5a6ff948c052124511a75a46d5a316e28fb6c5bfac787be5833c63c535557235b0e09f9a78a338aa8864613fca77a7e252d1975af2c4a6bcc969d1e20e3cd4dfc1b2fe34b70fd7804dbfde4fa4d950e5fb4eb926dece9e4601b12efe322bb42ac808158fef0a26900000000726654987e7de20d1e41e82c607c33c6bae7bb234744b51dc683d5857afd6ba8246cebc734e393806ef102a6baaf04f3a7c3cb888d5830e1c6ae170c5c920e806b4f518be4416b216cdf9b1658a412d9e4eab6c9b20ce99960f27e77fdf9a2e98b35c63859f9db6bdcbef1001a19e12e41370f9358531987851ab64c250e68a8569ace4418e2118caff7d3d4caf1c87bc50a8ae75770fdae88a8490c041b39d08190d8b7c908caddd66331a508929d53dd6bc2dbc86f97115ff0a364b70f96918e6ed354c97e59ea5e2c7b149cd51d7c85a27ac658e78b99326857858df0ac0ee240cbb6ee9d9ee6c2c2ff7c29dd25fd337dc08bddeb50305ed48b9f5d89c55ffedde29ce0412ea8e2c976f961eb0c4966d2a8be0b657a5e51048a8a10005c488e1f637ce208a35b5aed0c2067465191dc42ebf6e4853cc89998bdf2ef755f38a3cd985b62df36a5ebc3b47df32423ee46857f9db9d756ff69ecd4ef2f307dcaefd4a1f399543952df972269c28200df8ebacad4eed1c00b9ce9841799bea583cafdeaa8d4a371a8ae55d8ffe4846833985975d8b234adff63eace9d2c4d1680c370827ebe1831ef311077607e8c4920506e03528861085dcfdb918f1efe91420c390fbca0a38377e1635c402ec1c34eddae986ffa8756b27f6c340907bae99f4a6b328fca8177b4dfaceea5ad3ceb901dbcefc15ded322bece4e750969e81935764ebe88749464af7e692e3d324c519b456013daae93bd63215540380a7fe08f0e050cdeb25db2a8b9b6f5720ad1e7d2c5b6d609712eccd321d6211fb642a4cdf72504aabd017a9b4827d1e0e0264435a5e1045dbe33834968d2db503972995559b1efe1b9ce475405118346b63f637b1abf8e8374e7100d6b41c9c672d2b244c7a82ffb882522efd9e903fc69db14c469685780005843856c6623591f305d383eae55a1a1d5619dfff0027413f26fa6a793a348ba8b192e1b088745a2175d55517a75d4b63cce41cc0dcaca9002cd37a1ccc6710ba2a099297b0824f976919e8abf3b1510b1305a95241fefbd036afa9d4538affc82f005d29b9f2c0e60d6c20f673b8ca28cb088e1e89efe334f25ffe1a3fb3581e5aa63b9a4a49f269b5538788aacbbc04d49902ae2af1f59d2484ab6ba7a9b477be0d92e221fc48cdbc00bef7125bfe36f9afb1cbd58fef21625ec99ffd2e35fb00767e3f22dba7d36163203cfaf1860a8b1afe0d878ea00fe08f68fd592a6395fb357acbdc2834c8ac85571527dbf1dbaaccede3d583e2b9bf076737716785f44aebc7ba917fb426d5541adff1e75836ab70fb0b43565ab5e24c5902879f31701cc006b4ee2f57be0916cf0b6cd489c4fa9129031a4af75a00048f20eb962f0c6f68cda0d7756a4e83f7d065c4a00b8263d95f6b979507b7ca01735e83a5e5ff0b76f077ef6e4c1150f9202b5311a231b76111d48a387e09075edb2448fb19d2869ae420ada8ee7577fe980ed7e057dc963c0a98db790bb5b7920220f8a55213b6530637b832abdf3c6fefdefb712a2c2c9eba8087ce39335ddabdadb86f493061e593981c6b2d70b4bac3b58885787c46f85c1022f5ff6cec16ba227aa5dac2e0be30522c08369f18d170b9cb454f3ebf86d1e923fdd65245d8e0c476bfedddcb772453f4d0e70d059e79b8811c379c9eff6e45d99f81186930b32b24cdcb906a41fe29c147ed834b37e77800a33c15e65d121ee85a924ef6bbc1c8f4a423fbc5d14645a08178227f4c7f111fa318823a6c075ddf9e131c9bca8d56dec4a68fbab9a0c1a128880d8b4dec59b89ec33c19eb76f09f31ad730cba735b60deba54c399119949e45af4de5c758281945fe6b6a25ac1cd57a81b48f11a6575e79b82e529d4ba1b2a1175cfa03ef6d149b165195fa64736b302e28ee6444368fb395a2d89c8747348b546a07ed0306682971539f0031d88ffa020d0b3d40369e0a3d2238293a75a155eb5c0749f64ed37a9af5be26d5a4322a55a23c33d176280bd0e4c5168f2e66bca925304d0f32074f5e68d7c43f9e2e3f14a6bcf3e77e6b71737131c3e90208072e37c8a6cad1cabd756aa694e85b86256ce13b43541a26438374b6029ee461d223ed34ed1e9a3e580cec7b2b41bc9823b3729e683f079a498636d022799dd94c5e870b6aa7f3d36fb51ffb6c5e317fcde6b5ae45073f8e90ee0fc1fa0641ff6f0b789dcc6df2fe9a3b5e6ed9d2be3403f5af96e7c6019b0a0ce4f8342323638a52c121956de068069fe5c44946b5023e1db7742fec29cb749bcdc09d795b683c553dbae1298540b2cf1bc3e5e52adf252bca47ba2182c80541daf1d11b1c67675171e69c1abe3c0bc3a0f2d1a6e2165ca1647c394970a404a6002621a258cef01e2ca12a138888dace9ad06d2f0c0209f286c11b289626aa557cc201560651054a6042e84c6fc5e345e2f702d61851fed5ffa36ade652f76db815dabb7b8eee016ea0836d0086f2a2f7bd1c4a4ceb1d706817b41347a891c34b45eb06a9ecb19041d5a39f050cb0413662dc4700385fac2e1823e1ce4d08c66692fde0862a057f2aa2425d511735fff53d0e3d88bfb245e7724ba4ba8452e469862d333dad5c63bfa778809c043132db3a57e122d0495441f7a07034a3ac1024b8fc063694d8316c29639cb6605ff362a853f976c763f6d10e4e0972760e60f08acdd8a73607e7311819fe24ad8b670bbf0adede086f91bd0839ce37927f43a263e3e8369932db9ab786ba66e1bba664bfa8aa50d98ed18fc90e560933c2e8da72757a4539756740a73c41180cf97fde47cf3e9e6005302459d831eea7a03157e0c3178776e4d4add3999b9a1efca7c99b8234ff9d33492431dd9bd0814301ee49260e30b8b6afc46ce8a733bc9d7850c789e5e98cdefbfb11131a85bc24e75453a16c6780ab4229b985d1fe7a255f71cfe18398e881d493ded88300b54f6c4a5567fd84a6e1f11835433448a00420ab1b3a49fcc0e9938da52b68f9409c94a0de61f0beb69532c4f7a11fae6a9ffd10db7de01e3272448b517ad795a06f3fef8148b7196cb81a80aed42e395c1ac346dd27f9bce87661e19f957a17d54d59b68e023c1516ae9ba4d75f18d4b8fc7e9fe6f74e38597b0e520000000000"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7ffd}, @ETHTOOL_A_BITSET_MASK={0x1004, 0x5, "263170b5cd05e6fc471e6a6d47c441262cc5a6bea4536de48f876bb3e18f2770592169ec48ed1eb2ab7f45d3d09f256c9cf523648002907bd759f9b49046b49bbf690528ee245a9984bfb6b549cbc0cc10c70b8822c02fdbdb97b1eac5040be1d4810de8d03036886825e1707f605ad694187e989b1028fe859e75495455b24efcb7edecd7ec594b754487807288227b9f8d4d50cefb31adfc2cbf174b21cbd848f97bb3938b8634f2d009f49a1b7c21c834007aba0ae45a160b137906d131353ff1c29b4a2e25bd592a32dd283d538bbaafcb2f39cfc886ee844e580c527b6e251428c7f49b0f8aa2787c9a664db867c35b5443e512f6cec18cfb353b47e0e040488f44d5e628feb3cc3f19d8ad4039e092abdc46e7013c6b84260c014c82f25f9a8bae6daf139eb3b415876f78a86746b45763ee3f9f805a92b2e2089630b1ecefc435a089df8e7062595f2278ed8d2f88e761281eef63081cedd34a3b6c9a70f3cf21e12822aa96b868829dcaea9bbc9741d06ca535984fc0795c6d5b1e6bd529d993b8e6f758ba1816d8a8dd8bb723d1e082832c23c122ed608d8f047957ec5158b253c9807649609a19042ac21bed5d6b06604cb4fe91160345fd8afdc2855e82be5165164fb58344d5df35b88b44ed301430604d842124bda146cf109c7d2a00443ea3cc8482c52bd81f20a11a1bce3a74a2ff26d1982717f1ee8d9e6c8c927b80901440041bc53e8ab6b832787d7c9ff002ba1671936365e75aa54fde03d25d8c55ecf2b7cf651542933085ca86da84b46a6559154486ac5f087b7b54f3f24fd2ff3c8f08b7bcb23aa06f73ca6257bec8b06e0f91131845a026c10414be9f3db4660f1b3682738a35978b62986017b273754f0db231026b4912c53b44bd268389bd8b58e017959349fc93c7ba61f88d5a964862cfb1b3cda61e5c784b2028f9cfa7ddc5a781d9a2a9594fd1891ff7da7b7382a55b0dfa4b5f1e0f0c979dfa463c3696d51c23728683a5586191da03f61dce79639cee2bcd982a9183b44231da08018aacc3c9a8a52f29684ab029ca7bcf406f51c8b042dc77faeaf8e9139682cd00283319a1a21cb20d6aae66a18c0c358b756f57102e3f455be7ed71694018e91e28786f9bc6418e25ad300a8dce02975c1e73e03b1ebd21950e9fabdeafa2785079f0fc8ec12013acc0e23faf473634e4f50a5095b3f2ed81814fb313f29b94afd96cc35d52311d4e66fbe5a66a7c849c674b86bba8808c821a7ec133ecc61f2389eec0664689dbc1ba2c81f9148972c95d0cb272c9779be02c44b4aa252e2ee375d6d2310a12ef1e0ce9a7d4088922ee9640cec46facece5c5ea427dee19bca3952c3c13767de82909abc92edecab3e16c2f24dd9dcef4dec3c336bab497ae04c6d11db505037575b649a68622b45d35244bceb129363434a3bf3602827dce99c0e59b294a5ce1a2bc06e5467e9de31ab426c42fa5e7193d0a2d33c5234a5e9ba2c425db54041e7a1472315f9a5449496cad9a945967875d3549ad348e12403b28a3f6a666f7dc423629ba7a18244477764b8923a6b30fa04a2d6ed22ac8c64924fa2616d43da8a5b3f9cc30b2e29e4fc64b0027c33a8bc39d45feb704f7d2708f1f1bebd0eb13bd08e4049cb7a130847d9e334613a591563d0e207448e689ae5866c36f2503180b53f7a70b68eede9df307e9eb77aa39b12320a84711bdf03109cdc2414fa44478475e4b5a2f628e0cb0475e3e7ebf8fad644d69efb268883e394c46b971e6ca87a67e242f480f2ef7679583d182ab21d2ee026acf80f25b3afacccda853d38f84052cdf2edcfdf0513e1cf39574aa7af1ae53a3e08dbad47aefd14a37b6288c719e9c0737bb4119d7fe3eb350a8ec2fb0fec9b4633aa256d3f52f76423a8891f0a7e67378af5d53af8cf1543883def1c73a1f3c51fde6246dab90ec2b3f59c07a4eb1cefbdf60533cb97c0a555519998f9325630d489b00c6c736e6c768515f38f3a7d3cdb99c54f0e46f5a3aa9f280225cb3c3b33e2ff2aa757a2df467265252397dbd68aa7dca7fb9a8fb77611385995a070a99a7fc9db80ab7653c1c94f9a0ad09c713c39559587d8f886bc2db265ef6099138204e8517fa71aea4c75a8149dae6467d792431e54aecbf0f300dc7f6cc5a28495d77f3a4cd39c78de472ca2ebc95d67258a2e0f27bc9903c5540b9546f47aacd4898a0857e7b2f69125dd4839d788181aa409c40a914afe805aa075035d557bcce6a45e0a81cf3b8541e62e6f9a54fd71797d87b1fc4e0a0786fbd34b0dee8f5f57ef71495271b9f946480adcd2066bbefe000d99470bf92125996cba78276f1463dfbf501de575e597394ad02c484fe6291e56d7362ca402ff0af9582a1dc61dffad77d94da15c1328634b64b172edcd782a769f5fe9dd3a777c69d80a84fe83071c6ef7ae0becfb509b938932738bc7c454b63030ade2877a85897e5abc0cb0a9606e877987b5856d5992f43fba549d950d302b62db8c14a59b0bf58fb5a8f6402d3894c0e5be41348181aee736590383b14e7abb7253e381d24ee4e64dde82f48d3e9bf3e0be0e099b800b3bba1d92fd6a451cddcb9ae29a20b39d1066834e9337ed58defcd20cfd032adce59049fcbfc62ac762bed756475f150e86374cfc973d2d247ec6c347308f4c2618f0dc5f3e5cf363088bd90490f552f017000f376c35af0aadfa776ba9eca3567afb932325f14fa34b42f004b88249276b727bea1b865db9deaa405c9c1e1567cf6198cbf33aa646fe81398a0234d6fd687682bc2fcf052f9e129dd2d68f1154e4ea32e4984ad806b843513e94e994c5df73580587c0c1399ead2477ad7e04c3eb8787a685f86eb58d2d3254bd7f7f5e206aee379cbfa497ce32120e79cacea3c1663050c2f818d324786bcf799e27322f80d0c8cd6f41e9e10f441d331bed1f71577a07e89a1507947aacdbc07f8af0944f3c228b5ee9ec27b808108aaebe61f1884e1581b19c9c14cfffe2e96c7fe07f6a36116bea130e63db9d1e82fa4ade6bfd6cc72a9654d9bd829c1752d5d640a0b5d555d936b4eb160f2cfee1d92f3a783f2ab33120404045ac7ad20c2ee000abe6b889d7840bd16276d831fae6e1e37c68e3f567934859f7e8a1d7486f6923565ec0f0bb6473f8b8a87a8fd20d11b903c42570bc2d584c2b8743c36c3339998c53fe96b457aae5ec3e38f877dfc9c11e2f597123eea7f75642a0138296c63ed1b1a58753fdc1bc56e9405ab808d420c11e286662034ef471ab7c997ae392c928cff9476d31ffb6df1173bc6b0d1769b5bb58952d839f7297d396bea2bc8a37db8e18236857218e9f5a000a255363baaae8ecd13fcb7a5cb7a3dcadbb96a44e17aa7e8e42ca565d81c31134746b1b5726d86db9d2ba54ce70c7cf2ee0c1df212c3a705154693248ca6b80a5b2d2d101face58c2c01e5382a6b0f1b71f95764f910b7dcdeb2e791f3d17a967d536fbc590f5d3785ff25b6e9039dd1f910fe5782ac9658b2284b7b720cb2fe2569485721422adff4daec78c8491bd1b7534fd38c9030b91b66b280636a2e2edb01f99a4851f77249803fae628dc42f17ab10735338a196507819876a196af3c31a80e95907a8d98c1fa34c03d9073429f9ef63ca753ca48256722ed171f8e43189c4887b35ba481823538b80a304008960fc2f6dd0db0d065eebd3e1fbc4b342cb78075cf5334ae2bd70cbebbc1aecd89a4b1941599207990d453488ed9a246788a3a75a447fb41865b9d8ad5ed928ac29bad4ad7f7a13b29149445cdc4e5024acdd15088a64268fb7960c6c3674741153dd3755126e0d411aa0a7b4abed17c65ddf767c7df110f8f77ba9def3d0a82c445177b3fd7074f6262f0cf4a2d585019dbee516587808021776e7539bce272b82cd53637e9887725f289ed9bb1909ef4a46f7567f3c64cb1f6ab6da2a174ff0c9010358b4da94ea893d55d5d011e3dd86c94839e278f80f84feb905f437df79b9acb64e4516b390d45f2fd68a810554fa147fa00dcc486758da35e645ae2ea865225c4dbb1e268e93d2b24e64328c7e86fc0e126267ee4bf0de60380cfdfddcaf2e6523764ea889bfd836397fc2c56c65dd572a24dff827cefd8d4f40b732d3a1b5353359d8f587376127c9c499a0d97e9f552f6208cceceb8972c19547387bec505acdea0c9bab01cf80020d3717ca488e87e6e3df810af9bf6c22f176c8d130a1c0f12466d53c9d5d54c50f0717efdefac3e53ad90e9f9c7217187195c3911f90d0a8be5e8e4f953b038e0ca529555992ecff480bc4895798530ae8d68a0246ae40070d5c1a16b2b15e8855c195a260865b13b6eb5f941040265973a20af4dcdd4cf4d03a2a215bff70c5b8f25c48c211cdf978240b8e7d4c2778f15c3858a4cda110d1c6e8ae19d83ea015748930a1ff6bae442d67a6cd41354012944a388ff95046b4f8b7676577487aa200c0175d99886dcb50dbc72c0bdc0f41b4ebbf5bc9a8cd67c9624f9afccfff4725e9bb9729306beda2f119dbc2e2cacec52300d6ae0d250b700e2bd7bf6b6d86498a03f3f4ad500134ef581ccdbb3d1cf90fb11562d0e078eb788f4f2e485abd15dd5175d7fc0570d87f3bf6750ab29f37b441aab2a7435f4d8ba0e9e0cff366c1b9706e34985a0ce4ed46e5a2a8390381b77d3391e7fe6e564ddf2aff4cfef7009de8e2bd2bbdf91e5412925b8f5258feeedaf4d73a59842be186c31c34c92ef8a3a7b2c1f4a46dd93c419843530c94e01ede1516744c9100976bb61b25e391fa4b829f9c24204c35910819d0b369b765655332a5582088d918f1e323170551f672d002d73332beac073c651e7d3cb1817a7ac313e7cd847ee0af275ce267914609e6d3db6ab59aaf30ba2ad0e214ad76cd4edef476eb89133084eb8e1147fd5a44a9fde4c06f8df9bcfe0938f8776b83263a315918249fa9beae3153073bffe265758f6d8cf4c07112468ddc7e8911efe97e06aa0a55de6560b69d1d3fce4c3f1132e1ffe10a4b2c3a77295ba1653b9e3da6c1c9028367a890ef1666a4b5701a4b000cbb77cbdef060469f96213d75c0d1cd8aa3ae5024ce5af26fe6219f5970eeccd4b8bc743292cb7df8db34a65ef289c237836ab202fc28d27d9bd260b2bd3678710216bd575689ef030a260eb91cfd9131dfa3327c674b44b97859082a4c07c5da8eb80e0be86e28310a7d8ba75beb4eae4ecc046ce9ce633cd6e3352f0ec93c8b910c60f2900c5efc4ed5d4c3c99faeb475eb3b7c825e4a926870f88936a76e4e4aa2bb19f1bafdc620ce24dc4792d3a34d2b75684560217651b39a782c9b83d3bac7e3747a71ebb90d6348efeba1c13f373af4bd22c0ad425cdcc5aefbaa80a83616f8f7cf7e3c7980e80d947040e7e1ee24ec7a5a58123795c927afc6a2319b6e1903b85601adbdd1a3c1ae80cc6162dc9cf0b65780b075e8f0de53521146a586a81e29a30a50677999c1d70eb1987f7bfb1cc2bd33b45ec8ce9b671863f8f7d0de7796f0420e7525d5d5e16a3b690959008414a535b3ee50091d0e5605e04f5d9d9d50d079dea049cab2071827fc9d14e73c3aed6e314566d4ab834b029e10a3f239dda92a66a690e378154eeddf53ffde9e608afbc37a223266cf0e4c3e4ad89538700d8a781b45d1285eef89da14a66a2b9531e29d21de251f1a4e1895aad67fe9216f81c63ff48e651cf2a65e97bb884b62552a98479b74f48ff9d1759ca9edd4a3eedceb7e2571893c7b4989741e229f0c27"}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x2040}}, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000454ff0), 0x10)
accept4$nfc_llcp(r0, 0x0, 0x0, 0x0)

1.384706079s ago: executing program 4:
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
close(r2)
r3 = socket$kcm(0x2b, 0x1, 0x0)
close(r3)
socket(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0xd, &(0x7f0000000080), 0x2cb)
close(r3)
listen(r1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000000)=0xb)
accept(r1, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r6}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x4c, r9, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}}]}, 0x4c}}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x88}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)={0x1e4, r9, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x3f}, {0x8, 0xb, 0x2ae4}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6, 0x16, 0xfff9}, {0x5}, {0x6, 0x11, 0x6}, {0x8, 0xb, 0x1f}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x2}, {0x6, 0x16, 0x7aa}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x40}, {0x8, 0xb, 0x230c}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x400}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x5}, {0x8, 0xb, 0x4}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0x9}, {0x5}, {0x6, 0x11, 0x3f}, {0x8, 0xb, 0x7f}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x6}, {0x6, 0x16, 0x58d}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x9}}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x4008080}, 0x20008001)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r8)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)={0x128, r10, 0x100, 0x70bd29, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4c804}, 0x4050)
r11 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r11, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bpq0, 0x1000000, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, 0x0, [@null, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]})

1.357473554s ago: executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000001500)=ANY=[@ANYBLOB="180086d8932f0400008000000001920000b27ad88d9e58e2a9fcea8ca0642777b349c36843243018aad0256e1f24f048e1e82b38fc7c53d8ab974ae9e691bb33f24c374cb0a9d1f9b8b72b9aa52dcfafdfd2e53d4f62403c59877a05bfa40aeef426f1dd149d03cabc89507cb4e005994dd04412b6d4058821d4cafbb3ee3eee77dc5ef46fe03b0e05e9ffef92e246ebec12fbd10cf1dffd853f5f9e9c0b22507849ac1cfaa714cf940c5ac731086ebf83bc86c3f0e30933fa8e350afaab2a210611131ad92cfae57f3331da1c41b7d9237b1fa1"], &(0x7f00000000c0)='syzkaller\x00', 0x4}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001380), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000014c0)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001480)={&(0x7f00000013c0)={0x88, r3, 0x300, 0x70bd27, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x50, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x96}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010102}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4850}, 0x801)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r8=>0x0})
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000100)={'veth1_virt_wifi\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33}})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x48, r6, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_PAN_ID={0x6}]}, 0x48}, 0x4, 0x700000000000000}, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_ERSPAN_VER={0x5}}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000451}, 0x0)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018013307000000261608bd30", 0x10)
r12 = accept4(r10, 0x0, 0x0, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$GTP_CMD_DELPDP(r13, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x24, r14, 0x1, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x24}}, 0x0)
sendmsg$BATADV_CMD_GET_ORIGINATORS(r12, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002940)={&(0x7f00000028c0)={0x14}, 0x14}}, 0xc000)
sendmmsg$alg(r12, &(0x7f0000002cc0)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="12d24a518248fb542a89bf1469d01b7b2a1ce27e05c2c5b8214720c173cbf5be8c0a4eb562cc2e30a943692fffaf56575f2f0bbf74f7368b6f25eeb634f62ed7bf443700ada5581027622add9c62675f775ce63992e774da38ddb41361721a5fc9c272bd4ef5f7284815ffc396a590a40c93df4c34ffb7817afc73caac1096dc327023d20811d83a4afbd99915a2a050a16792f78d7d0628ac85968d909f1128dde930058a4b4a023d965f04054f26bb3d5063b39361150e2522f8ce005903f6cc315ee95ac18acdf03487beb18e1b8a2eae62bcf6ee9ebad21146b2c0e6d9379aff699bb4c388858789c34b00e498f403e19b91a7e41059617ba809fd9903b1f0fa97702418069b5c3ed7da70f950bb93ce31680d135bc8251c82b7d8ab752b0b22b4dac0b54423112c107d66ed64300ed0c5df408e28fd10eb17d588265be7c4353e459a8edac5fccd0f1a4d66d0fd27cde372d76bdcc9e42b71a90e454b7ad0832adae965ddf42969d4a4e9727f790b5e108f3079fca8b145888dede23d30f048b6b845798141238f3d25113ddb50bcf34217a8a46a5759bcf5daa94551def7d5710058ef8b783754328d53d674a7503cddbef6784efb223877eb4410c050820ad3e7dbeca1599ab9082fddf04af15ccc37a8b183b96367cb9fb9c07e9d5da7c195476275ac8e3b2c9d12379a35e8b648e346ecff6c8338d3dc027602c945e5429afa13ff0c3c2a35b2c597549ffec282fc0b838bce71a7c5b66a895bf7d43b3f60d1dc6df3af4220ec9e849504a413734d69c184a84fef804e4d8d80ba195c4295726c655ac082fc72bd5f0af9b3cbc8f1b27d85b802de42fea6107946e3cf721f66bbd2c00652a43fda7a29c07696b2012f9daf1dfe3b492b4770df310c845a13725c5fa9a6ec1b74883c43399d5ffc072aaf7c04f0661246721b40149a94f4f3efbc01b591ba849a913c10a5c83ade0e03e7ccc9c355eb6893006d353d6ac3fa2bb4eea1971122fb0e91d5b4cde4625607e6926d1b560d83b53f74cc7d61809e40b98abd045f4065b45c60ce3ec539b823c4699e5914d1b92db249c213d1e74e6d913602a91a98d8e2519dbd069648f52e5c290e325f2304b31f9a4b6b2f216c57cc0e58bfa62e8468f9a4e626829efb57bf7b27c6c089d3ac855dcc9fa37d0f012c4a0930d9b2cb4f322575befbf8d43c567dbfbb3b2a066f5762bce9ad623815ca84201441b51d6e9f6035dab100da2d7a179be523d55b1886ef54cc984a8dc1e5e2d22f2a4bc79135d40f3fdd49395301855cb99103f0fcae972bfdd29e41a1b8894201bd762d94d9ec3d3b687867ca5b99ca99bd2b2da8d7888b754b64b9f869c4c0f32d2a90510680e7419c7a522aa4b09753dc99afe8f0cf06a5159a1a9c8167d491ab943395f21bc48970a49747e524e217c1541b0ffaad3fc614363a101350e1d5ad465f0d0427f01250afa545e6df3225e191841cf211ed3f106930d11bfe83a8eb6752e1a36a8ca83867c91eda8572c08b45e844e796028de718e65ecc6c0962f25e9c0a47bb4682e787c3fb0198ce4203b6b44251fb6b5a0095f2e83c62b9e9f1eef09dc3f6617e6baa6dbca099f5c8daf81fa6ca9735711a11d1b69b6dc6de050f73dfad8a946840e5b34f468d31c1b079995512f0ee6c8272bca6b95b45deb603c05007a74bf6c6c351bf26708c2044bb1c3d0e20cf0dad88de229d1b9f1d3dfd06a8d298fe21284d9456a787c3fb3d58720031378d6c9bb0edaf894e57836e5122ec2b2a6c66a11dc4ca1985583aa3f2074fd607b5597d639354499ab59d9b5ce558209f767aa5223a21dcdc1337c015da607b39655bd64ada593487764347dda015f2a6ded1a167711664881adab66f1c92566fe7ee29d7a783a8988ad101f0f945a5b6d5c7c79f3caac76ac51e34ac8b4e5409ce186936f455310442e8dadb9805df0f0202a3f6c34e124b95180cf5a10f380f6290a0d80139cbf9589bf65e61184bb0bdb81016689131c2348768d9bcf93d7a2938e54fe7df9950bd0b737cc8cc7b87aeea6557af122378178009bc7218b3c390f958fed91c434785ced5612abb9d43fa810e88b659393800c3f298158c972764976bb60f79397ab6ed4705eaa7d541776ab6d503ef34e507e8865f4ed18357273f04e3bf7c545b8716b0d086e13b14421ed1e52defed133472c9c904bde0ab15c2df5e1ba3e69dd041615167e0e0627b01d529757f0acbda53ddf7c590e5f84bf46bbc04f27e381ac56eea050fad1bf95892c11f8ca78aaf4b251cfff3f2e57de9fe01b04ffba940736494b99075441c1ec70f7bdb346429237a5ef88b17cc4f126bd3c7de4c95f481805fd74479c5b89bf769f6dcbf3dbae4e0dea349af4d3ea5d1f67435fd3b2526e504e403b483fd11bfa94ae9786892c1c128be1ac7e7e1ae7f5740ec75dd62086ef959360e1442fca3c5bb7ab539105fc6f508f552d3b51592e03e51c6001606d36678c3172c8fa47d1f0555076b3b6766e15bfc97c4aef9dc727bbd4b79c4beec47af5678cf4ded0356a3e6ede17bccd1cc0d95010a21f0a6b007ca0a8d31726fcf71d755dfcc3d0f74b5c22ba9990e9ad35298186dcf16b1c3d8fecd614f49a5ffe3f1bb515eed1230871d78d673bdb87639db16637477bc261568275d274ba70b741f93695f220c38238d2c0fe000883ff434cada9ff269a269b063aba770011a73ea31f69df17adde92c67666faaf19cf12db461b4e1729fec9f74490fbbd4da2348ff841506440da13ca0c3595ad27153380c829c6747b4fe7cedba506c9c5a2d9d29c9e985a443a652370af56efd0f09924671a5e2d5a5ff86730ed506be280e53a5108bc52bfb717014fa877fdf8f60b63d416475f464ff9fa6c576afe32fadd68446ae13518c849e3662f9cd7a5f5f621a09c8a5ecdc72e72e73af512efc88abd9fc8b30785d0941030b51240a855c08feb97638f41eedef3ce297e113857b27d98fd885ebb5b20de4d54ad6a8f4d16748e29163d1d1acdc79ffed248d3f5774ef5981465ce916037c5bcff114acc955caa82b3f8127dc092afd504252f020d59745dc751cde21737b3eff8568c6ab58e37deb09ae7fcf6864812cde95f7ac9f48adb946a2912c942a249534d7d4ce162e7c6d1308f55d9ce6e036beee8b01c87d29a16376c38f33e016decacb94e6456979dc55586c22f3e72c8c76cdd4538357fe0c9d4ccc81bec42ef2b5e56171bda1e4b55cbca0316fac39216c83c39314393a52231e3e4e7707388638d7a14975bd66f42d6a9178fa7b986b68c6d4966e775d066b6ba85628203ed2764636f1da7e8e111e10b7aed0421a12248a834974348e5ef458f974f55a7849fec26e8213eb8789b4f76672fd86a893361d584a4a3696d095ba74b89abef4cbbef19bd4597f114928f664b42190adcd3fc085841e3597e63bb337e907b2c40beb16a4883843665b8d38f5ddefd4cb87a5844bb866aa426bfd39369c483fd83fe554ced2c202bc24756db8f953f1526f3d404cf361808e9f794b2b8289abc7e1bffee3bfcba31c1b0a05df73f2df8787dfe43f7f183b076a573242988a5a56d67d13bf0208e40be07e3d386cf608d3e9c79009aa7041b6ebf96a5ddcd1330593f3ddd6fca097d6a29ad81dbb3b3157a52393053e733fa6eb997111e3b00471076877d066dcdf1c3fdc116a2eca36f545919e548a97eb0a543c1a8228c2cbca99f2b4ea3987b59903525957991abbd0272c2d6f450659999bda417c05a96080760e967dbb6453fe3cbd722c5be60d6d46fabb7a46ad560b41c28500a6b82ce2d1d8c51d8e82d8abcfda59a12626e949a51e7092cb62c81beb4643eb02c1c51ea1309956b201493ca63ccfe61215482cfdcd25ac42c21b8403805f83bb75aec14384ea0aa2be09abcd20a12734ad87fc0933b01eb85610809238e82752ef30df0defa690986395261019d602aafd0c86356b74bf5e4ab59e52821069cc961a9d08c19b5e20d8edafc9f3efc7fac3b26ac4817fde9f79c93939185e67509b51102271b8794aa7ed1cfc43069404cadc91e7d43dcb53bddbecba8ca89229f2f829ab2af210112c7ca06610dc4bf2d4fced361db647ff73c207bd2291a7cfa0534209ffcd77e4026d4ec7066bb9768141cbe93ce22cec32c15a6aa765c9547c25e0e48c30ac55c53c672a527a34d1e8d23f065c5b0f91c31136a027d4ce97809e3247678df2a5b7ea51d0e3adb6e9886a5855be88e4a0e9981ad260b08781d10a14ebee68fa05c2d365adf9e514a44c237c0004096e28d755f0e681588a2fe77192e720d83856fcbc6b0ecb2dc51727bab884913b5ef643a600244a4f734ae9d64b6c893a47816107d914c03b0abcbee88ada480d8fbfa0668c28151e7151a58a9329c2653eaa4396e5433ff8d15a2f23d9ef07b0389186af58732e869e1e5e21b30efa943fd338c8bc6af7c4148931c5e2f03b349d8152e2679ad16eb91d25da8fe014f4b2e8974964a2953f4ce201f8f9659c040cea23a958e838174f6a7bf24834610d4809cb4f01367b1294938b716a7183e0bb4440cf90a444d4a2f79db26c31ba479596475c1489f97e6de95251c65f75d7d2f9ff50852c115fb35f4909e067eb3c4348f3e7d4d7448d0c6e8e3e510ea668afa85bcd152832fa8bccd12ef554c62198f0008324ca40237fb1183116b158b2a49b1e17a8b251b72f87dc465be81de8ee603f7f4c3df33162899215d31991367d0a9de50a5a7443f6806b7f2c0ec552b04dc94c34adc93d531ed8a293c7dae01d95bac4281d2c664ac18b0e30c99597489b27adc0714a30309c2ae5561f83baf28a89d61b3e7b6091aaa3cecda38c9a54756f02ac5a8998687ccf8f9f1160f3942bb2d1837c00fd90e834111b6a1d154fb4d73fa59ceecc1b1a460cda1d722d6006e5b70a8dde0e3b868cb51d956493f2e7c0e036a18190c777f38ae989e8024709584e19371aa04e0e3d945ac52cecbcd5664e188b98cbd634a115f21d491828760a4e527c3d0de188936f23dd3e53be75e4c3f767a267cc749e113451b0d5b35b0137234c9e0fbaff4f4b797e3e4a575b8570e88b6007a0b8f2359c1a710188d7f85952adee7bb23394a600c2828b3b3fde0392044088e843a3e77f3018337b87a2ba33b606546c3a906b89b3a012371a5226d2f44bf27e727c4493c204f48e8b4228d10ac1bd7b19727652e059cb3c539163ebdb7a851d4f932ea916b11b5af5dcfb2ac279faea0e0663b961769f9dd8c19714c274d258bf0c0e00221a56a7d66330b3d4228deb7a3bfa1bd5b1b10198cfa1220152f3976d4c6ea659c9011545ca287a070f3aaeec51836bfe7d9aeadf52bcf1af7667834f0636faf7ca39d7df7fbe3651a2e7355127ea49532a9121f4c50c84cd8ed1a16dfafde1a6befa98fe4475673c3c455e69270a43ef99466bfab816c11ccb0cf80d5115aaee55114357ac0a9cf9eb1366eac1d39c8857b44a7cbfcd31963afae94172e5b5a72b3234970df32bc5ffcb54ba71983c4652b0247c0bc78473d98505846ca61ce16644ae5632fbd923ab7a7a5ab8d72cb1aaf354cd0b8e65c53b23460e2f468fe316d6d5d9399cbd5f1f700588cebf3d6e696168244211a9f4ffcc19c3b09a2b93429434589ceab54129bf93e3ce3cd795ba63f1ce8323a1fd055229156092199e8fa43c8a6feae09d62e49e3b3b1a1132f31e7784477783039f77b77e7cf094cbf112c69cb0d6", 0xfed}, {0x0}], 0x2}], 0x1, 0x0)
sendmsg$IEEE802154_LIST_IFACE(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)={0x70, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}]}, 0x70}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000)

1.067667306s ago: executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@exit], {0x95, 0x0, 0x7000}}, &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238}, 0x90)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, 0x0)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800050001040f0f080003000000080008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0) (fail_nth: 2)

611.740177ms ago: executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_deladdr={0x34, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r2}, [@IFA_LABEL={0x14, 0x3, 'syz_tun\x00'}, @IFA_ADDRESS={0x8, 0x1, @loopback}]}, 0x34}}, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
unshare(0x20000100)
socket$netlink(0x10, 0x3, 0x1)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
writev(r3, &(0x7f0000fb1000)=[{&(0x7f0000000100)="480000001400197f09004b0101048c590288ff75367580001f00000100282199396686d4ff5bffff00f83bf8617c63b7c7e5ed5e00000000000000000000ea040018005d4b18857a", 0x48}], 0x1)

606.0234ms ago: executing program 0:
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x0, 0x18, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x2, 0x89, 0x0, @local, @multicast2}}}})

440.656181ms ago: executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001800010000000000000000001d01000008000900", @ANYRES32=0x0, @ANYBLOB="1500010000000000000000006db26c93fe5baaf10600000008000a00", @ANYRES32=0x0, @ANYBLOB="ec9eb13c", @ANYRES32=0xee01, @ANYBLOB], 0x44}}, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r0, 0x400)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r3 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$WPAN_SECURITY(r3, 0x0, 0x1, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000280), 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)
socketpair(0x22, 0x2, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
sendto(0xffffffffffffffff, &(0x7f00000000c0)="120000001200e7ef00", 0x9, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='timer_start\x00', r5}, 0x10)
sendto$x25(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

426.323978ms ago: executing program 4:
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x70, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x204a0}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'xfrm0\x00'}, @IFLA_AF_SPEC={0x3c, 0x1a, 0x0, 0x1, [@AF_INET={0x38, 0x2, 0x0, 0x1, {0x34, 0x1, 0x0, 0x1, [{0x8, 0x200}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8, 0x3}]}}]}]}, 0x70}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_sctp(0xa, 0x0, 0x84)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r7 = socket$inet6(0xa, 0x3, 0x3)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x2, @in=@private, 0x0, 0x1}}, 0xe8)
sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
listen(r8, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000040)=ANY=[@ANYBLOB='+pids'], 0x6)
write$cgroup_subtree(r11, &(0x7f0000000480)=ANY=[@ANYBLOB="2d7069645320db91288738b482c786ec22f051117b9c4b609335d3de65033b1f168fc95cdc5210b78d78f3b97b5d8b1eac1a9cd320e2d6a9d874f036037f675c19739312154351a7a48ec817e13a930e289595a2a987af0dfd92b9"], 0x6)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r9, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021140000001000010000000000000000000084000ad5df8c6fdeb116a9ebc15f708f1eaf484fa511c84fe75d3a16e665deea8790769b5488b7a6accdecc49bc8eb22e00934b5a9afcef94a3c060f5e9a6eb08919b12b86c4bdcee4459d640b994061063f8c801abd1643806149edd331736f49c94ebc028c60d90cca667da4459fcf9476a2c9abdbdf38be5097"], 0x84}}, 0x0)

382.888756ms ago: executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x0, 0x168, 0x9, 0x0, 0xb, 0x360, 0x250, 0x250, 0x360, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [], 'veth0_to_bridge\x00', 'nicvf0\x00'}, 0x6000000, 0x230, 0x278, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'veth1_to_batadv\x00', {0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x6, 0x1000, 0x0, 0x87}}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'team0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xff4b) (fail_nth: 3)

0s ago: executing program 3:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r0, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, 0x0, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null={0x40, 0x40, 0x1c}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)

kernel console output (not intermixed with test programs):

veth0_macvtap: entered promiscuous mode
[  398.773433][T16088] veth1_macvtap: entered promiscuous mode
[  398.820956][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.851504][   T29] audit: type=1804 audit(1719132461.820:52): pid=16426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir705121158/syzkaller.a6Uk1E/401/cgroup.controllers" dev="sda1" ino=1950 res=1 errno=0
[  398.884456][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.922462][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.952027][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.982159][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.012404][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.031678][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.071939][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.116458][T16088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.167029][T16430] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  399.188027][T16432] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[  399.188153][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.231097][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.250995][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.265442][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.290880][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.317137][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.327830][T16088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.340699][T16088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.389371][T16088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.431765][T16088] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.469764][T16088] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.493354][T16088] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.527816][T16088] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.768949][ T6001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.798796][ T6001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.826260][T16463] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'.
[  399.891408][T16463] Κό: entered promiscuous mode
[  399.934526][ T3656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.965800][ T3656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.032364][T16465] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  400.093582][T16465] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  400.180628][T16468] syzkaller1: entered promiscuous mode
[  400.187669][T16468] syzkaller1: entered allmulticast mode
[  400.717827][T16493] __nla_validate_parse: 2 callbacks suppressed
[  400.717848][T16493] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  400.753620][T16493] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  401.367808][T16523] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  401.802385][T16541] SET target dimension over the limit!
[  401.832239][T16545] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  402.230455][ T2916] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.308810][T16560] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  402.419133][T16564] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  402.523295][T16571] hsr0: entered promiscuous mode
[  402.559194][T16571] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  402.594348][T16571] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  402.653040][   T29] audit: type=1804 audit(1719132465.620:53): pid=16574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2436913905/syzkaller.Nne7Xz/844/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0
[  402.729579][T16577] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  402.765804][T16577] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  402.802948][T16583] sit2: entered promiscuous mode
[  402.818300][T16583] sit2: entered allmulticast mode
[  402.937379][T16570] hsr0: left promiscuous mode
[  403.136006][ T2916] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.139794][T16594] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  403.228420][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  403.238786][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  403.250139][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  403.270752][ T2916] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.282895][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  403.302451][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  403.312134][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  403.494271][ T2916] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.541400][T16597] lo speed is unknown, defaulting to 1000
[  403.559768][T16597] caif0 speed is unknown, defaulting to 1000
[  403.792787][ T2916] bridge_slave_1: left allmulticast mode
[  403.807853][ T2916] bridge_slave_1: left promiscuous mode
[  403.828499][ T2916] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.847452][T16607] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  403.874627][ T2916] bridge_slave_0: left allmulticast mode
[  403.881529][ T2916] bridge_slave_0: left promiscuous mode
[  403.894486][ T2916] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.901101][T16610] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  404.399027][ T2916] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  404.412045][ T2916] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  404.439200][ T2916] bond0 (unregistering): Released all slaves
[  404.463057][T16609] IPVS: Error connecting to the multicast addr
[  404.492249][T16597] lo speed is unknown, defaulting to 1000
[  404.655682][T16622] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'.
[  404.682344][T16622] syz1: rxe_newlink: already configured on caif0
[  404.723730][T16624] FAULT_INJECTION: forcing a failure.
[  404.723730][T16624] name failslab, interval 1, probability 0, space 0, times 0
[  404.742447][T16624] CPU: 1 PID: 16624 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  404.753017][T16624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  404.763103][T16624] Call Trace:
[  404.766410][T16624]  <TASK>
[  404.769363][T16624]  dump_stack_lvl+0x241/0x360
[  404.774083][T16624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.779316][T16624]  ? __pfx__printk+0x10/0x10
[  404.783950][T16624]  ? __pfx___might_resched+0x10/0x10
[  404.789271][T16624]  should_fail_ex+0x3b0/0x4e0
[  404.794001][T16624]  ? alloc_pipe_info+0xeb/0x4d0
[  404.798902][T16624]  should_failslab+0x9/0x20
[  404.803445][T16624]  kmalloc_trace_noprof+0x6c/0x2c0
[  404.808600][T16624]  alloc_pipe_info+0xeb/0x4d0
[  404.813327][T16624]  create_pipe_files+0x86/0x6a0
[  404.818235][T16624]  __do_pipe_flags+0x48/0x2d0
[  404.822959][T16624]  do_pipe2+0xd4/0x310
[  404.827078][T16624]  ? __pfx_do_pipe2+0x10/0x10
[  404.831793][T16624]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  404.838157][T16624]  ? do_syscall_64+0x100/0x230
[  404.842970][T16624]  __x64_sys_pipe+0x3a/0x50
[  404.847516][T16624]  do_syscall_64+0xf3/0x230
[  404.852062][T16624]  ? clear_bhb_loop+0x35/0x90
[  404.856813][T16624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.862738][T16624] RIP: 0033:0x7f894b27d0a9
[  404.867182][T16624] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  404.886863][T16624] RSP: 002b:00007f894bf530c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[  404.895320][T16624] RAX: ffffffffffffffda RBX: 00007f894b3b3f80 RCX: 00007f894b27d0a9
[  404.903324][T16624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.911326][T16624] RBP: 00007f894bf53120 R08: 0000000000000000 R09: 0000000000000000
[  404.919330][T16624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.927332][T16624] R13: 000000000000000b R14: 00007f894b3b3f80 R15: 00007ffe08cc7b78
[  404.935353][T16624]  </TASK>
[  404.941444][T16626] SET target dimension over the limit!
[  405.218899][T16636] FAULT_INJECTION: forcing a failure.
[  405.218899][T16636] name failslab, interval 1, probability 0, space 0, times 0
[  405.233169][T16636] CPU: 1 PID: 16636 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  405.243720][T16636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  405.253804][T16636] Call Trace:
[  405.257108][T16636]  <TASK>
[  405.260065][T16636]  dump_stack_lvl+0x241/0x360
[  405.264803][T16636]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.270045][T16636]  ? __pfx__printk+0x10/0x10
[  405.274676][T16636]  ? __pfx___might_resched+0x10/0x10
[  405.280007][T16636]  should_fail_ex+0x3b0/0x4e0
[  405.284729][T16636]  ? hash_ipportip_create+0x2fa/0x1040
[  405.290231][T16636]  should_failslab+0x9/0x20
[  405.294779][T16636]  kmalloc_trace_noprof+0x6c/0x2c0
[  405.299946][T16636]  hash_ipportip_create+0x2fa/0x1040
[  405.305277][T16636]  ? __pfx_hash_ipportip_create+0x10/0x10
[  405.311030][T16636]  ip_set_create+0xa5c/0x1900
[  405.315749][T16636]  ? ip_set_create+0x45e/0x1900
[  405.320638][T16636]  ? trace_raw_output_contention_end+0xa2/0xd0
[  405.326842][T16636]  ? __pfx_ip_set_create+0x10/0x10
[  405.331982][T16636]  ? trace_contention_end+0x3c/0x120
[  405.337333][T16636]  ? nfnetlink_rcv_msg+0x225/0x1180
[  405.342564][T16636]  nfnetlink_rcv_msg+0xbec/0x1180
[  405.347624][T16636]  ? 0xffffffffa0000958
[  405.351822][T16636]  ? nfnetlink_rcv_msg+0x225/0x1180
[  405.357067][T16636]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  405.362584][T16636]  ? kasan_save_track+0x51/0x80
[  405.367466][T16636]  ? kasan_save_track+0x3f/0x80
[  405.372352][T16636]  ? kasan_save_free_info+0x40/0x50
[  405.377585][T16636]  ? __dev_queue_xmit+0x1b0e/0x3d30
[  405.382829][T16636]  ? __netlink_deliver_tap+0x54d/0x7c0
[  405.388331][T16636]  ? netlink_deliver_tap+0x19d/0x1b0
[  405.393652][T16636]  ? netlink_unicast+0x7be/0x990
[  405.398646][T16636]  ? netlink_sendmsg+0x8e4/0xcb0
[  405.403617][T16636]  ? ____sys_sendmsg+0x525/0x7d0
[  405.408586][T16636]  netlink_rcv_skb+0x1e3/0x430
[  405.413377][T16636]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  405.418867][T16636]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  405.424204][T16636]  ? apparmor_capable+0x138/0x1b0
[  405.429262][T16636]  ? bpf_lsm_capable+0x9/0x10
[  405.433976][T16636]  ? security_capable+0x90/0xb0
[  405.438879][T16636]  nfnetlink_rcv+0x297/0x2a90
[  405.443601][T16636]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  405.449989][T16636]  ? __local_bh_enable_ip+0x168/0x200
[  405.455400][T16636]  ? lockdep_hardirqs_on+0x99/0x150
[  405.460645][T16636]  ? __local_bh_enable_ip+0x168/0x200
[  405.466048][T16636]  ? dev_hard_start_xmit+0x773/0x7e0
[  405.471369][T16636]  ? __dev_queue_xmit+0x2d2/0x3d30
[  405.476516][T16636]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  405.482278][T16636]  ? __dev_queue_xmit+0x2d2/0x3d30
[  405.487450][T16636]  ? __dev_queue_xmit+0x16c9/0x3d30
[  405.492687][T16636]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  405.497870][T16636]  ? __dev_queue_xmit+0x2d2/0x3d30
[  405.503034][T16636]  ? ref_tracker_free+0x643/0x7e0
[  405.508105][T16636]  ? __asan_memcpy+0x40/0x70
[  405.512728][T16636]  ? __pfx_ref_tracker_free+0x10/0x10
[  405.518165][T16636]  ? netlink_deliver_tap+0x2e/0x1b0
[  405.523396][T16636]  ? skb_clone+0x240/0x390
[  405.527861][T16636]  ? __pfx_lock_release+0x10/0x10
[  405.532924][T16636]  ? __netlink_deliver_tap+0x77e/0x7c0
[  405.538434][T16636]  ? netlink_deliver_tap+0x2e/0x1b0
[  405.543667][T16636]  netlink_unicast+0x7f0/0x990
[  405.548478][T16636]  ? __pfx_netlink_unicast+0x10/0x10
[  405.553800][T16636]  ? __virt_addr_valid+0x183/0x520
[  405.558951][T16636]  ? __check_object_size+0x49c/0x900
[  405.564276][T16636]  ? bpf_lsm_netlink_send+0x9/0x10
[  405.569429][T16636]  netlink_sendmsg+0x8e4/0xcb0
[  405.574247][T16636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.579571][T16636]  ? __import_iovec+0x536/0x820
[  405.584447][T16636]  ? aa_sock_msg_perm+0x91/0x160
[  405.589429][T16636]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  405.594738][T16636]  ? security_socket_sendmsg+0x87/0xb0
[  405.600231][T16636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.605569][T16636]  __sock_sendmsg+0x221/0x270
[  405.610287][T16636]  ____sys_sendmsg+0x525/0x7d0
[  405.615107][T16636]  ? __pfx_____sys_sendmsg+0x10/0x10
[  405.620453][T16636]  __sys_sendmsg+0x2b0/0x3a0
[  405.625083][T16636]  ? __pfx___sys_sendmsg+0x10/0x10
[  405.630232][T16636]  ? vfs_write+0x7c4/0xc90
[  405.634736][T16636]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  405.641138][T16636]  ? do_syscall_64+0x100/0x230
[  405.645939][T16636]  ? do_syscall_64+0xb6/0x230
[  405.650662][T16636]  do_syscall_64+0xf3/0x230
[  405.655202][T16636]  ? clear_bhb_loop+0x35/0x90
[  405.659927][T16636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.665947][T16636] RIP: 0033:0x7f6d9ec7d0a9
[  405.670392][T16636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  405.690036][T16636] RSP: 002b:00007f6d9fab50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.698482][T16636] RAX: ffffffffffffffda RBX: 00007f6d9edb3f80 RCX: 00007f6d9ec7d0a9
[  405.706484][T16636] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  405.714484][T16636] RBP: 00007f6d9fab5120 R08: 0000000000000000 R09: 0000000000000000
[  405.722481][T16636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.730478][T16636] R13: 000000000000000b R14: 00007f6d9edb3f80 R15: 00007ffd9121d5c8
[  405.738497][T16636]  </TASK>
[  405.747871][ T5127] Bluetooth: hci0: command tx timeout
[  405.772752][T16634] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  405.942583][T16645] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  406.257113][ T2916] hsr_slave_0: left promiscuous mode
[  406.289576][ T2916] hsr_slave_1: left promiscuous mode
[  406.308357][ T2916] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  406.327957][ T2916] batman_adv: batadv0: Removing interface: batadv_slave_0
[  406.336763][ T2916] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  406.352027][ T2916] batman_adv: batadv0: Removing interface: batadv_slave_1
[  406.410202][ T2916] veth1_macvtap: left promiscuous mode
[  406.431677][ T2916] veth0_macvtap: left promiscuous mode
[  406.440120][ T2916] veth1_vlan: left promiscuous mode
[  406.445843][ T2916] veth0_vlan: left promiscuous mode
[  406.918238][   T29] audit: type=1804 audit(1719132469.890:54): pid=16664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir508399224/syzkaller.uT4Wtp/232/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[  407.697067][ T2916] team0 (unregistering): Port device team_slave_1 removed
[  407.774406][ T5127] Bluetooth: hci0: command tx timeout
[  407.801087][ T2916] team0 (unregistering): Port device team_slave_0 removed
[  408.486165][T16671] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  408.513165][T16597] chnl_net:caif_netlink_parms(): no params data found
[  408.957209][T16597] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.988613][T16597] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.003344][T16597] bridge_slave_0: entered allmulticast mode
[  409.024925][T16597] bridge_slave_0: entered promiscuous mode
[  409.078498][T16597] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.087097][T16597] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.098786][T16597] bridge_slave_1: entered allmulticast mode
[  409.120242][T16597] bridge_slave_1: entered promiscuous mode
[  409.243087][T16716] netlink: 9412 bytes leftover after parsing attributes in process `syz-executor.3'.
[  409.305097][T16597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.336022][T16597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.473285][T16597] team0: Port device team_slave_0 added
[  409.484078][T16597] team0: Port device team_slave_1 added
[  409.544841][T16720] pim6reg1: entered promiscuous mode
[  409.562290][T16720] pim6reg1: entered allmulticast mode
[  409.564221][T16724] x_tables: unsorted entry at hook 3
[  409.585672][T16597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.602982][T16597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.647952][T16597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.672194][T16724] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  409.680586][T16724] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  409.691525][T16597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.708055][T16597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.738379][T16597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.853309][ T5127] Bluetooth: hci0: command tx timeout
[  409.960407][T16732] openvswitch: netlink: Message has 4 unknown bytes.
[  409.970731][T16597] hsr_slave_0: entered promiscuous mode
[  409.994724][T16597] hsr_slave_1: entered promiscuous mode
[  410.508730][T16760] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  410.724249][T16762] pim6reg1: entered promiscuous mode
[  410.729610][T16762] pim6reg1: entered allmulticast mode
[  410.756551][T16762] x_tables: unsorted entry at hook 3
[  410.851553][T16767] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  410.872213][T16767] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.0'.
[  410.960698][T16771] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  410.961457][T16770] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  411.176260][T16597] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  411.201049][T16597] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  411.231747][T16597] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  411.250500][T16597] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  411.272604][T16784] netlink: 648 bytes leftover after parsing attributes in process `syz-executor.4'.
[  411.555263][T16597] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.626568][T16597] 8021q: adding VLAN 0 to HW filter on device team0
[  411.661928][ T5170] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.669083][ T5170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.681824][T16796] bond_slave_0: entered promiscuous mode
[  411.687601][T16796] bond_slave_1: entered promiscuous mode
[  411.693544][T16796] mac80211_hwsim hwsim35 wlan1: entered promiscuous mode
[  411.741320][ T5167] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.748572][ T5167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  411.783368][T16795] bond_slave_0: left promiscuous mode
[  411.788882][T16795] bond_slave_1: left promiscuous mode
[  411.794534][T16795] mac80211_hwsim hwsim35 wlan1: left promiscuous mode
[  411.899423][T16597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  411.933228][ T5127] Bluetooth: hci0: command tx timeout
[  412.028075][T16806] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  412.051475][T16806] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  412.531484][T16806] team0 (unregistering): Port device team_slave_0 removed
[  412.565598][T16806] team0 (unregistering): Port device team_slave_1 removed
[  412.618271][T16810] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(201687677308838) <= P.seqno(0) <= S.SWH(201687677308912)) and (P.ackno exists or LAWL(185353684721210) <= P.ackno(185353684721212) <= S.AWH(185353684721212), sending SYNC...
[  412.828462][T16818] pim6reg1: entered promiscuous mode
[  412.841243][T16818] pim6reg1: entered allmulticast mode
[  412.886770][T16597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  412.905177][T16818] x_tables: unsorted entry at hook 3
[  412.936136][T16818] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  412.968714][T16818] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  413.124920][T16825] netlink: 'syz-executor.0': attribute type 7 has an invalid length.
[  413.144178][T16825] netlink: 'syz-executor.0': attribute type 39 has an invalid length.
[  413.254614][T16597] veth0_vlan: entered promiscuous mode
[  413.287464][T16597] veth1_vlan: entered promiscuous mode
[  413.341139][T16597] veth0_macvtap: entered promiscuous mode
[  413.355197][T16597] veth1_macvtap: entered promiscuous mode
[  413.389242][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.430841][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.453529][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.474193][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.493264][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.504152][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.514656][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  413.526339][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.538616][T16597] batman_adv: batadv0: Interface activated: batadv_slave_0
[  413.550246][T16842] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  413.567713][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  413.580786][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.593521][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  413.617961][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.640910][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  413.663170][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.675274][T16597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  413.686511][T16597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  413.724122][T16597] batman_adv: batadv0: Interface activated: batadv_slave_1
[  413.750358][T16597] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.772996][T16597] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.789954][T16597] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.798981][T16597] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  413.929383][T16849] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.1'.
[  413.959511][T16849] bridge_slave_1: left allmulticast mode
[  413.979429][T16849] bridge_slave_1: left promiscuous mode
[  413.992761][T16849] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.030999][T16849] bridge_slave_0: left allmulticast mode
[  414.054755][T16849] bridge_slave_0: left promiscuous mode
[  414.070872][T16849] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.600061][T16867] x_tables: unsorted entry at hook 3
[  415.492247][T16871] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  415.500874][T16871] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.3'.
[  415.520939][T16875] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  415.578736][T16875] gretap2: entered promiscuous mode
[  415.612545][T16875] gretap2: entered allmulticast mode
[  415.765514][ T2916] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.794769][ T2916] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.848236][ T5983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.860872][ T5983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  416.180904][T16904] vxcan0: tx drop: invalid sa for name 0x0000000000000002
[  416.244461][T16908] xt_connbytes: Forcing CT accounting to be enabled
[  416.541546][T16916] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  417.344839][T16945] FAULT_INJECTION: forcing a failure.
[  417.344839][T16945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.347795][ T5983] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.415740][T16945] CPU: 0 PID: 16945 Comm: syz-executor.1 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  417.426342][T16945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  417.436443][T16945] Call Trace:
[  417.439754][T16945]  <TASK>
[  417.442770][T16945]  dump_stack_lvl+0x241/0x360
[  417.447504][T16945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.452756][T16945]  ? __pfx__printk+0x10/0x10
[  417.457402][T16945]  ? bpf_cgroup_storage_free+0x8f/0xb0
[  417.462911][T16945]  ? __pfx_lock_release+0x10/0x10
[  417.467972][T16945]  ? bpf_test_run+0x840/0x910
[  417.472691][T16945]  should_fail_ex+0x3b0/0x4e0
[  417.477429][T16945]  _copy_to_user+0x2f/0xb0
[  417.481883][T16945]  bpf_test_finish+0x593/0x8b0
[  417.486677][T16945]  ? __pfx_bpf_test_finish+0x10/0x10
[  417.491979][T16945]  ? convert___skb_to_skb+0x41/0x620
[  417.497278][T16945]  ? convert_skb_to___skb+0x2d3/0x510
[  417.502660][T16945]  bpf_prog_test_run_skb+0xd06/0x13b0
[  417.508052][T16945]  ? __pfx_lock_release+0x10/0x10
[  417.513104][T16945]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  417.518931][T16945]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  417.524751][T16945]  bpf_prog_test_run+0x33a/0x3b0
[  417.529701][T16945]  __sys_bpf+0x48d/0x810
[  417.533967][T16945]  ? __pfx___sys_bpf+0x10/0x10
[  417.538785][T16945]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  417.544799][T16945]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  417.551153][T16945]  ? do_syscall_64+0x100/0x230
[  417.555960][T16945]  __x64_sys_bpf+0x7c/0x90
[  417.560412][T16945]  do_syscall_64+0xf3/0x230
[  417.564939][T16945]  ? clear_bhb_loop+0x35/0x90
[  417.569643][T16945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.575562][T16945] RIP: 0033:0x7f0a7827d0a9
[  417.579993][T16945] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  417.599611][T16945] RSP: 002b:00007f0a78fe40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  417.608059][T16945] RAX: ffffffffffffffda RBX: 00007f0a783b3f80 RCX: 00007f0a7827d0a9
[  417.616046][T16945] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  417.624027][T16945] RBP: 00007f0a78fe4120 R08: 0000000000000000 R09: 0000000000000000
[  417.632007][T16945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.639987][T16945] R13: 000000000000000b R14: 00007f0a783b3f80 R15: 00007ffe08ef6818
[  417.648005][T16945]  </TASK>
[  417.675697][T16937] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  417.789718][T16949] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  417.975404][ T5983] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.024033][T16958] bridge_slave_0: entered promiscuous mode
[  418.041160][T16962] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.4'.
[  418.104179][ T5983] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.214649][ T5983] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.413994][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  418.426715][T16967] GUP no longer grows the stack in syz-executor.0 (16967): 20006000-2000a000 (20005000)
[  418.445449][T16967] CPU: 1 PID: 16967 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  418.456028][T16967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  418.466131][T16967] Call Trace:
[  418.469459][T16967]  <TASK>
[  418.472443][T16967]  dump_stack_lvl+0x241/0x360
[  418.477203][T16967]  ? __pfx_dump_stack_lvl+0x10/0x10
[  418.482473][T16967]  ? __pfx__printk+0x10/0x10
[  418.487121][T16967]  ? find_vma+0xf9/0x170
[  418.491439][T16967]  __get_user_pages+0x10e3/0x1590
[  418.496547][T16967]  ? __gup_longterm_locked+0x1ec9/0x2a80
[  418.502236][T16967]  ? __pfx___get_user_pages+0x10/0x10
[  418.503327][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  418.507654][T16967]  ? __lock_acquire+0x1346/0x1fd0
[  418.519711][T16967]  __gup_longterm_locked+0x1ff6/0x2a80
[  418.525241][T16967]  ? __pfx___gup_longterm_locked+0x10/0x10
[  418.531080][T16967]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  418.537082][T16967]  ? sanity_check_pinned_pages+0x12bb/0x13c0
[  418.543095][T16967]  gup_fast_fallback+0x2732/0x2b40
[  418.548251][T16967]  ? __pfx_gup_fast_fallback+0x10/0x10
[  418.553724][T16967]  ? __pfx_validate_chain+0x10/0x10
[  418.558944][T16967]  ? unwind_get_return_address+0x91/0xc0
[  418.564601][T16967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.570708][T16967]  ? arch_stack_walk+0x16d/0x1b0
[  418.575693][T16967]  ? __lock_acquire+0x1346/0x1fd0
[  418.580738][T16967]  ? is_valid_gup_args+0x124/0x200
[  418.585872][T16967]  pin_user_pages_fast+0xcc/0x160
[  418.590916][T16967]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  418.596573][T16967]  iov_iter_extract_pages+0x3db/0x720
[  418.601981][T16967]  bio_iov_iter_get_pages+0x541/0x1930
[  418.607479][T16967]  ? bio_associate_blkg+0x6c/0x230
[  418.612614][T16967]  ? bio_associate_blkg_from_css+0xb0c/0xc70
[  418.618614][T16967]  ? bio_associate_blkg_from_css+0xa4/0xc70
[  418.624518][T16967]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[  418.630445][T16967]  ? bio_alloc_bioset+0x6d7/0x1130
[  418.635589][T16967]  iomap_dio_bio_iter+0xc8e/0x1670
[  418.640751][T16967]  __iomap_dio_rw+0x1295/0x2370
[  418.645620][T16967]  ? do_syscall_64+0xf3/0x230
[  418.650309][T16967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.656425][T16967]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  418.662431][T16967]  ? __pfx___iomap_dio_rw+0x10/0x10
[  418.667677][T16967]  ? jbd2_journal_stop+0x902/0xd80
[  418.672826][T16967]  ? __pfx_jbd2_journal_stop+0x10/0x10
[  418.678309][T16967]  ? __pfx_ext4_orphan_add+0x10/0x10
[  418.683631][T16967]  iomap_dio_rw+0x46/0xa0
[  418.687981][T16967]  ext4_file_write_iter+0x15e5/0x1a10
[  418.693388][T16967]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  418.699132][T16967]  vfs_write+0xa72/0xc90
[  418.703398][T16967]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  418.709132][T16967]  ? __pfx_vfs_write+0x10/0x10
[  418.713924][T16967]  ? do_futex+0x33b/0x560
[  418.718284][T16967]  ksys_write+0x1a0/0x2c0
[  418.722632][T16967]  ? __pfx_ksys_write+0x10/0x10
[  418.727503][T16967]  ? do_syscall_64+0x100/0x230
[  418.732285][T16967]  ? do_syscall_64+0xb6/0x230
[  418.736984][T16967]  do_syscall_64+0xf3/0x230
[  418.741507][T16967]  ? clear_bhb_loop+0x35/0x90
[  418.746220][T16967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.752173][T16967] RIP: 0033:0x7f894b27d0a9
[  418.756614][T16967] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  418.776237][T16967] RSP: 002b:00007f894bf530c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  418.784678][T16967] RAX: ffffffffffffffda RBX: 00007f894b3b3f80 RCX: 00007f894b27d0a9
[  418.792664][T16967] RDX: 0000000000043400 RSI: 0000000020000200 RDI: 000000000000000f
[  418.800643][T16967] RBP: 00007f894b2ec074 R08: 0000000000000000 R09: 0000000000000000
[  418.808622][T16967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  418.816616][T16967] R13: 000000000000000b R14: 00007f894b3b3f80 R15: 00007ffe08cc7b78
[  418.824633][T16967]  </TASK>
[  418.888898][ T5983] bridge_slave_1: left allmulticast mode
[  418.917856][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  418.919949][ T5983] bridge_slave_1: left promiscuous mode
[  418.936941][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  418.941217][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.954742][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  418.967131][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  418.976627][T16974] xt_connbytes: Forcing CT accounting to be enabled
[  418.997914][T16974] Cannot find add_set index 0 as target
[  419.014886][ T5983] bridge_slave_0: left allmulticast mode
[  419.035995][ T5983] bridge_slave_0: left promiscuous mode
[  419.060277][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.572470][ T5983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  419.593016][ T5983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  419.614019][ T5983] bond0 (unregistering): Released all slaves
[  419.674216][T16969] lo speed is unknown, defaulting to 1000
[  419.681484][T16969] caif0 speed is unknown, defaulting to 1000
[  419.956717][T16996] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.1'.
[  420.160740][T17006] tipc: Started in network mode
[  420.171651][T17006] tipc: Node identity ac1414aa, cluster identity 4711
[  420.180638][T17006] tipc: Enabled bearer <udp:syz2>, priority 10
[  420.189412][T16969] lo speed is unknown, defaulting to 1000
[  420.388595][T17012] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  420.612631][ T5983] hsr_slave_0: left promiscuous mode
[  420.655117][T17020] FAULT_INJECTION: forcing a failure.
[  420.655117][T17020] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  420.657489][ T5983] hsr_slave_1: left promiscuous mode
[  420.683777][ T5983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  420.685886][T17020] CPU: 0 PID: 17020 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  420.691313][ T5983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  420.701675][T17020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  420.701693][T17020] Call Trace:
[  420.701705][T17020]  <TASK>
[  420.701716][T17020]  dump_stack_lvl+0x241/0x360
[  420.701760][T17020]  ? __pfx_dump_stack_lvl+0x10/0x10
[  420.701792][T17020]  ? __pfx__printk+0x10/0x10
[  420.701823][T17020]  ? __lock_acquire+0x1346/0x1fd0
[  420.701861][T17020]  should_fail_ex+0x3b0/0x4e0
[  420.701904][T17020]  prepare_alloc_pages+0x1da/0x5d0
[  420.701953][T17020]  __alloc_pages_noprof+0x166/0x6c0
[  420.701983][T17020]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  420.765483][T17020]  alloc_pages_mpol_noprof+0x3e8/0x680
[  420.770979][T17020]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  420.776990][T17020]  vma_alloc_folio_noprof+0xf3/0x1f0
[  420.782299][T17020]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  420.788213][T17020]  ? do_raw_spin_unlock+0x13c/0x8b0
[  420.793431][T17020]  folio_prealloc+0x31/0x170
[  420.798028][T17020]  do_wp_page+0x11cc/0x52f0
[  420.802574][T17020]  ? __pfx_do_wp_page+0x10/0x10
[  420.807446][T17020]  ? __pfx_lock_acquire+0x10/0x10
[  420.812490][T17020]  ? do_raw_spin_lock+0x14f/0x370
[  420.817548][T17020]  ? __lock_acquire+0x1346/0x1fd0
[  420.822684][T17020]  handle_pte_fault+0x117e/0x7090
[  420.827737][T17020]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  420.833504][T17020]  ? __pfx_lock_acquire+0x10/0x10
[  420.838541][T17020]  ? __pfx_handle_pte_fault+0x10/0x10
[  420.843926][T17020]  ? do_raw_spin_lock+0x14f/0x370
[  420.848985][T17020]  ? follow_page_pte+0xe96/0x1d90
[  420.854026][T17020]  ? follow_page_pte+0xf17/0x1d90
[  420.859068][T17020]  ? __pfx_lock_release+0x10/0x10
[  420.864110][T17020]  ? do_raw_spin_unlock+0x13c/0x8b0
[  420.869338][T17020]  handle_mm_fault+0x10df/0x1ba0
[  420.874320][T17020]  ? __pfx_handle_mm_fault+0x10/0x10
[  420.879635][T17020]  ? __pfx_find_vma+0x10/0x10
[  420.884324][T17020]  ? vma_is_secretmem+0xd/0x50
[  420.889099][T17020]  ? check_vma_flags+0x531/0x5a0
[  420.894055][T17020]  __get_user_pages+0x6ef/0x1590
[  420.899039][T17020]  ? __pfx___get_user_pages+0x10/0x10
[  420.904454][T17020]  __gup_longterm_locked+0x1ff6/0x2a80
[  420.909943][T17020]  ? __pfx_lock_acquire+0x10/0x10
[  420.914990][T17020]  ? __pfx___gup_longterm_locked+0x10/0x10
[  420.920811][T17020]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  420.926811][T17020]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  420.933150][T17020]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  420.939155][T17020]  ? gup_fast_fallback+0x220d/0x2b40
[  420.944456][T17020]  gup_fast_fallback+0x2732/0x2b40
[  420.949607][T17020]  ? __pfx_gup_fast_fallback+0x10/0x10
[  420.955083][T17020]  ? kernel_text_address+0xa7/0xe0
[  420.960207][T17020]  ? unwind_get_return_address+0x91/0xc0
[  420.965851][T17020]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.971939][T17020]  ? arch_stack_walk+0x16d/0x1b0
[  420.976939][T17020]  ? stack_trace_save+0x118/0x1d0
[  420.981995][T17020]  ? __pfx_stack_trace_save+0x10/0x10
[  420.987390][T17020]  ? is_valid_gup_args+0x124/0x200
[  420.992517][T17020]  pin_user_pages_fast+0xcc/0x160
[  420.997555][T17020]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  421.003196][T17020]  ? sock_kmalloc+0xd7/0x160
[  421.007804][T17020]  ? skcipher_recvmsg+0x3f8/0x1230
[  421.012932][T17020]  ? sock_recvmsg+0x22f/0x280
[  421.017619][T17020]  ? ____sys_recvmsg+0x1db/0x470
[  421.022587][T17020]  ? do_syscall_64+0xf3/0x230
[  421.027285][T17020]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.033390][T17020]  iov_iter_extract_pages+0x3db/0x720
[  421.038785][T17020]  extract_iter_to_sg+0x890/0x22b0
[  421.043933][T17020]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  421.049589][T17020]  ? sock_kmalloc+0xd7/0x160
[  421.054239][T17020]  ? rcu_is_watching+0x15/0xb0
[  421.059018][T17020]  ? sock_kmalloc+0xd7/0x160
[  421.063624][T17020]  ? trace_kmalloc+0x1f/0xd0
[  421.068215][T17020]  ? __kmalloc_noprof+0x217/0x400
[  421.073249][T17020]  ? __asan_memset+0x23/0x50
[  421.077851][T17020]  af_alg_get_rsgl+0x41e/0x850
[  421.082643][T17020]  skcipher_recvmsg+0x3f8/0x1230
[  421.087615][T17020]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  421.092997][T17020]  ? aa_sock_msg_perm+0x91/0x160
[  421.097957][T17020]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  421.103247][T17020]  ? security_socket_recvmsg+0x90/0xb0
[  421.108719][T17020]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  421.114110][T17020]  sock_recvmsg+0x22f/0x280
[  421.118629][T17020]  ____sys_recvmsg+0x1db/0x470
[  421.123427][T17020]  ? __pfx_____sys_recvmsg+0x10/0x10
[  421.128752][T17020]  __sys_recvmsg+0x2f0/0x3e0
[  421.133451][T17020]  ? __pfx___sys_recvmsg+0x10/0x10
[  421.138601][T17020]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  421.144934][T17020]  ? do_syscall_64+0x100/0x230
[  421.149716][T17020]  ? do_syscall_64+0xb6/0x230
[  421.154414][T17020]  do_syscall_64+0xf3/0x230
[  421.158932][T17020]  ? clear_bhb_loop+0x35/0x90
[  421.163643][T17020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.169552][T17020] RIP: 0033:0x7f5a7b07d0a9
[  421.173973][T17020] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  421.193585][T17020] RSP: 002b:00007f5a7be550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  421.202012][T17020] RAX: ffffffffffffffda RBX: 00007f5a7b1b3f80 RCX: 00007f5a7b07d0a9
[  421.209993][T17020] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000004
[  421.217971][T17020] RBP: 00007f5a7be55120 R08: 0000000000000000 R09: 0000000000000000
[  421.225964][T17020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  421.233969][T17020] R13: 000000000000000b R14: 00007f5a7b1b3f80 R15: 00007ffeb831b608
[  421.241963][T17020]  </TASK>
[  421.254014][ T5171] tipc: Node number set to 2886997162
[  421.261455][ T5127] Bluetooth: hci0: command tx timeout
[  421.263249][ T5983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.314903][ T5983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.373585][ T5983] veth1_macvtap: left promiscuous mode
[  421.379280][ T5983] veth0_macvtap: left promiscuous mode
[  421.386749][ T5983] veth1_vlan: left promiscuous mode
[  421.412193][ T5983] veth0_vlan: left promiscuous mode
[  421.661520][T17044] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  422.230787][ T5983] team0 (unregistering): Port device team_slave_1 removed
[  422.292564][ T5983] team0 (unregistering): Port device team_slave_0 removed
[  423.033423][T17044] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  423.064303][T17054] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  423.092347][T17055] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  423.207897][T17060] bridge0: entered promiscuous mode
[  423.233407][T17060] vlan2: entered promiscuous mode
[  423.240063][T17070] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  423.250932][T17060] bridge0: port 1(vlan2) entered blocking state
[  423.258395][T17060] bridge0: port 1(vlan2) entered disabled state
[  423.265126][T17060] vlan2: entered allmulticast mode
[  423.270644][T17060] bridge0: entered allmulticast mode
[  423.279951][T17060] vlan2: left allmulticast mode
[  423.285057][T17060] bridge0: left allmulticast mode
[  423.290626][T17063] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  423.300411][ T5127] Bluetooth: hci0: command tx timeout
[  423.309675][T17060] bridge0: left promiscuous mode
[  423.479454][T16969] chnl_net:caif_netlink_parms(): no params data found
[  423.776559][T16969] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.799433][T16969] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.807192][T16969] bridge_slave_0: entered allmulticast mode
[  423.823640][T16969] bridge_slave_0: entered promiscuous mode
[  423.842656][T16969] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.862100][T16969] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.869900][T16969] bridge_slave_1: entered allmulticast mode
[  423.878836][T16969] bridge_slave_1: entered promiscuous mode
[  423.947882][T16969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  423.972316][T16969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  424.076606][T16969] team0: Port device team_slave_0 added
[  424.090843][T17092] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  424.113249][T17092] batman_adv: batadv1: Interface deactivated: netdevsim0
[  424.137171][T17092] batman_adv: batadv1: Removing interface: netdevsim0
[  424.187338][T17092] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  424.204271][T16969] team0: Port device team_slave_1 added
[  424.405728][T16969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  424.432223][T16969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  424.491119][T16969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  424.532532][T17095] lo speed is unknown, defaulting to 1000
[  424.539212][T16969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  424.547703][T16969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  424.594222][T16969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  424.607236][T17095] caif0 speed is unknown, defaulting to 1000
[  424.909304][T17119] FAULT_INJECTION: forcing a failure.
[  424.909304][T17119] name failslab, interval 1, probability 0, space 0, times 0
[  424.951990][T17119] CPU: 0 PID: 17119 Comm: syz-executor.1 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  424.962565][T17119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  424.972658][T17119] Call Trace:
[  424.975991][T17119]  <TASK>
[  424.978943][T17119]  dump_stack_lvl+0x241/0x360
[  424.983681][T17119]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.988911][T17119]  ? __pfx__printk+0x10/0x10
[  424.993533][T17119]  ? netlink_insert+0x10b7/0x14b0
[  424.998607][T17119]  should_fail_ex+0x3b0/0x4e0
[  425.003333][T17119]  ? __alloc_skb+0x1c3/0x440
[  425.007966][T17119]  should_failslab+0x9/0x20
[  425.012518][T17119]  kmem_cache_alloc_node_noprof+0x71/0x320
[  425.018378][T17119]  __alloc_skb+0x1c3/0x440
[  425.022839][T17119]  ? __pfx___alloc_skb+0x10/0x10
[  425.027839][T17119]  ? netlink_autobind+0xd6/0x2f0
[  425.032811][T17119]  ? netlink_autobind+0x2b0/0x2f0
[  425.037874][T17119]  netlink_sendmsg+0x638/0xcb0
[  425.042686][T17119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  425.048013][T17119]  ? __import_iovec+0x536/0x820
[  425.052906][T17119]  ? aa_sock_msg_perm+0x91/0x160
[  425.057895][T17119]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  425.063211][T17119]  ? security_socket_sendmsg+0x87/0xb0
[  425.068721][T17119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  425.074038][T17119]  __sock_sendmsg+0x221/0x270
[  425.078761][T17119]  ____sys_sendmsg+0x525/0x7d0
[  425.083579][T17119]  ? __pfx_____sys_sendmsg+0x10/0x10
[  425.088921][T17119]  __sys_sendmsg+0x2b0/0x3a0
[  425.093557][T17119]  ? __pfx___sys_sendmsg+0x10/0x10
[  425.098703][T17119]  ? vfs_write+0x7c4/0xc90
[  425.103212][T17119]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  425.109577][T17119]  ? do_syscall_64+0x100/0x230
[  425.114391][T17119]  ? do_syscall_64+0xb6/0x230
[  425.119124][T17119]  do_syscall_64+0xf3/0x230
[  425.123667][T17119]  ? clear_bhb_loop+0x35/0x90
[  425.128388][T17119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.134337][T17119] RIP: 0033:0x7f0a7827d0a9
[  425.138844][T17119] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  425.158497][T17119] RSP: 002b:00007f0a78fe40c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  425.166974][T17119] RAX: ffffffffffffffda RBX: 00007f0a783b3f80 RCX: 00007f0a7827d0a9
[  425.174999][T17119] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000005
[  425.183015][T17119] RBP: 00007f0a78fe4120 R08: 0000000000000000 R09: 0000000000000000
[  425.191024][T17119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.199027][T17119] R13: 000000000000000b R14: 00007f0a783b3f80 R15: 00007ffe08ef6818
[  425.207048][T17119]  </TASK>
[  425.276308][T17117] IPVS: Scheduler module ip_vs_sip not found
[  425.302132][T17095] lo speed is unknown, defaulting to 1000
[  425.334819][T16969] hsr_slave_0: entered promiscuous mode
[  425.344357][T16969] hsr_slave_1: entered promiscuous mode
[  425.372564][ T5127] Bluetooth: hci0: command tx timeout
[  425.440129][T17130] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  425.544978][T17132] syzkaller1: entered promiscuous mode
[  425.550514][T17132] syzkaller1: entered allmulticast mode
[  426.291311][T17141] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  426.354672][T16969] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  426.386417][T16969] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  426.426230][T16969] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  426.460060][T16969] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  426.674879][T16969] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.740303][T16969] 8021q: adding VLAN 0 to HW filter on device team0
[  426.775592][ T5288] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.782890][ T5288] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.829632][ T5288] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.836910][ T5288] bridge0: port 2(bridge_slave_1) entered forwarding state
[  426.875040][T17164] tun1: tun_chr_ioctl cmd 1074025677
[  426.880988][T17164] tun1: linktype set to 774
[  426.924320][T17164] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.975418][ T5127] Bluetooth: hci2: command 0x0406 tx timeout
[  427.215483][T17177] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.4'.
[  427.226742][T17177] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  427.240809][T17177] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.4'.
[  427.455881][ T5127] Bluetooth: hci0: command tx timeout
[  427.512611][T16969] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.588549][   T29] audit: type=1804 audit(1719132490.560:55): pid=17194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2436913905/syzkaller.Nne7Xz/894/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0
[  427.655087][T16969] veth0_vlan: entered promiscuous mode
[  427.686346][T16969] veth1_vlan: entered promiscuous mode
[  427.756956][T16969] veth0_macvtap: entered promiscuous mode
[  427.776120][T16969] veth1_macvtap: entered promiscuous mode
[  427.810428][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.835477][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.855806][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.881354][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.896428][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.914875][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.940381][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.955182][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.979068][T16969] batman_adv: batadv0: Interface activated: batadv_slave_0
[  428.022238][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.082034][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.121940][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.146163][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.158618][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.169181][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.183445][T16969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.194231][T16969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.206364][T16969] batman_adv: batadv0: Interface activated: batadv_slave_1
[  428.230678][T16969] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  428.253076][T16969] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  428.261853][T16969] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  428.280696][T16969] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  428.500024][ T5983] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.508437][ T5983] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.593841][ T6001] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.611017][ T6001] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.681692][T17222] syzkaller1: entered promiscuous mode
[  428.688237][T17222] syzkaller1: entered allmulticast mode
[  428.707465][T17221] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  429.128523][   T29] audit: type=1804 audit(1719132492.100:56): pid=17239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1189795041/syzkaller.9GmnkO/219/cgroup.controllers" dev="sda1" ino=1948 res=1 errno=0
[  429.352880][T17257] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  429.478029][T17261] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  430.613833][T17315] xt_hashlimit: max too large, truncated to 1048576
[  430.618091][T17317] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  431.133632][ T5990] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.940725][ T5127] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  431.952381][ T5127] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  431.961019][ T5127] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  431.993300][T17361] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  432.059564][ T5127] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  432.062125][T17361] netlink: 9348 bytes leftover after parsing attributes in process `syz-executor.1'.
[  432.079405][ T5127] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  432.087069][ T5127] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  432.158439][T17361] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  432.197835][T17358] lo speed is unknown, defaulting to 1000
[  432.269783][ T5990] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.313571][T17358] caif0 speed is unknown, defaulting to 1000
[  432.330376][T17369] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  432.567143][T17379] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  432.625188][ T5990] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.675148][T17358] lo speed is unknown, defaulting to 1000
[  432.781675][ T5990] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.067169][T17358] chnl_net:caif_netlink_parms(): no params data found
[  433.172831][ T5990] bridge_slave_1: left allmulticast mode
[  433.178535][ T5990] bridge_slave_1: left promiscuous mode
[  433.202798][ T5990] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.215080][ T5990] bridge_slave_0: left allmulticast mode
[  433.242389][ T5990] bridge_slave_0: left promiscuous mode
[  433.251513][ T5990] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.269584][T17403] FAULT_INJECTION: forcing a failure.
[  433.269584][T17403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.283366][T17403] CPU: 1 PID: 17403 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  433.293997][T17403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  433.304089][T17403] Call Trace:
[  433.307402][T17403]  <TASK>
[  433.310362][T17403]  dump_stack_lvl+0x241/0x360
[  433.315088][T17403]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.320335][T17403]  ? __pfx__printk+0x10/0x10
[  433.324967][T17403]  ? __pfx_lock_release+0x10/0x10
[  433.330036][T17403]  should_fail_ex+0x3b0/0x4e0
[  433.334768][T17403]  _copy_from_user+0x2f/0xe0
[  433.339398][T17403]  ____sys_sendmsg+0x2e4/0x7d0
[  433.344231][T17403]  ? __pfx_____sys_sendmsg+0x10/0x10
[  433.349680][T17403]  __sys_sendmsg+0x2b0/0x3a0
[  433.354309][T17403]  ? __pfx___sys_sendmsg+0x10/0x10
[  433.359451][T17403]  ? vfs_write+0x7c4/0xc90
[  433.363958][T17403]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  433.370323][T17403]  ? do_syscall_64+0x100/0x230
[  433.375157][T17403]  ? do_syscall_64+0xb6/0x230
[  433.379876][T17403]  do_syscall_64+0xf3/0x230
[  433.384420][T17403]  ? clear_bhb_loop+0x35/0x90
[  433.389148][T17403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.395112][T17403] RIP: 0033:0x7f6d9ec7d0a9
[  433.399555][T17403] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  433.419311][T17403] RSP: 002b:00007f6d9fab50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  433.427779][T17403] RAX: ffffffffffffffda RBX: 00007f6d9edb3f80 RCX: 00007f6d9ec7d0a9
[  433.435879][T17403] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000008
[  433.443904][T17403] RBP: 00007f6d9fab5120 R08: 0000000000000000 R09: 0000000000000000
[  433.451909][T17403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.459919][T17403] R13: 000000000000000b R14: 00007f6d9edb3f80 R15: 00007ffd9121d5c8
[  433.467955][T17403]  </TASK>
[  434.172235][ T5127] Bluetooth: hci0: command tx timeout
[  434.459400][T17433] block nbd0: not configured, cannot reconfigure
[  434.791591][ T5990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  434.805888][ T5990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  434.822294][ T5990] bond0 (unregistering): Released all slaves
[  434.864876][T17430] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  435.033241][T17439] ip6tnl2: entered promiscuous mode
[  435.049570][T17439] ip6tnl2: entered allmulticast mode
[  435.186457][T17448] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  435.258185][T17452] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.0'.
[  435.282464][T17358] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.294995][T17358] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.322393][T17358] bridge_slave_0: entered allmulticast mode
[  435.343790][T17358] bridge_slave_0: entered promiscuous mode
[  435.636706][T17358] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.645744][T17358] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.653427][T17358] bridge_slave_1: entered allmulticast mode
[  435.665054][T17358] bridge_slave_1: entered promiscuous mode
[  435.768735][T17358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  435.797418][T17358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  436.121752][T17358] team0: Port device team_slave_0 added
[  436.137601][ T5990] hsr_slave_0: left promiscuous mode
[  436.162140][ T5990] hsr_slave_1: left promiscuous mode
[  436.184784][ T5990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  436.202472][ T5990] batman_adv: batadv0: Removing interface: batadv_slave_0
[  436.211260][ T5990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  436.222750][ T5990] batman_adv: batadv0: Removing interface: batadv_slave_1
[  436.252410][ T5127] Bluetooth: hci0: command tx timeout
[  436.304354][ T5990] veth1_macvtap: left promiscuous mode
[  436.322033][ T5990] veth0_macvtap: left promiscuous mode
[  436.327749][ T5990] veth1_vlan: left promiscuous mode
[  436.342506][ T5990] veth0_vlan: left promiscuous mode
[  437.027220][T17488] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  437.036497][T17488] netlink: 126008 bytes leftover after parsing attributes in process `syz-executor.0'.
[  437.410847][ T5990] team0 (unregistering): Port device team_slave_1 removed
[  437.491835][ T5990] team0 (unregistering): Port device team_slave_0 removed
[  437.725615][T17498] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  438.072691][T17358] team0: Port device team_slave_1 added
[  438.254619][T17358] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.272682][T17358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.329298][T17358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.340620][ T5127] Bluetooth: hci0: command tx timeout
[  438.423535][T17358] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.430610][T17358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.465515][T17358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.517433][ T5170] IPVS: starting estimator thread 0...
[  438.631674][T17358] hsr_slave_0: entered promiscuous mode
[  438.637779][T17514] IPVS: using max 22 ests per chain, 52800 per kthread
[  438.661150][T17358] hsr_slave_1: entered promiscuous mode
[  438.709948][   T29] audit: type=1804 audit(1719132501.680:57): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir705121158/syzkaller.a6Uk1E/502/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  438.793661][   T29] audit: type=1804 audit(1719132501.720:58): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir705121158/syzkaller.a6Uk1E/502/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  438.856136][   T29] audit: type=1804 audit(1719132501.720:59): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir705121158/syzkaller.a6Uk1E/502/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  438.903963][   T29] audit: type=1804 audit(1719132501.720:60): pid=17518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir705121158/syzkaller.a6Uk1E/502/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  439.736355][T17358] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  439.757818][T17358] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  439.813528][T17358] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  439.836403][T17358] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  439.943780][T17548] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  440.127784][T17358] 8021q: adding VLAN 0 to HW filter on device bond0
[  440.210123][T17557] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  440.217887][T17358] 8021q: adding VLAN 0 to HW filter on device team0
[  440.238632][ T5171] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.245836][ T5171] bridge0: port 1(bridge_slave_0) entered forwarding state
[  440.271149][T17553] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  440.289468][T17553] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  440.309806][ T5171] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.317033][ T5171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  440.380246][T17553] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  440.412234][ T5127] Bluetooth: hci0: command tx timeout
[  440.472248][T17557] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  440.588773][T17358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  440.754107][T17578] IPVS: wrr: TCP 172.20.20.170:0 - no destination available
[  440.910813][T17583] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  440.933713][T17583] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  440.963955][T17583] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  440.984582][T17589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  441.016413][T17587] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  441.079414][T17358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  441.103131][T17583] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  441.214218][T17358] veth0_vlan: entered promiscuous mode
[  441.257243][T17358] veth1_vlan: entered promiscuous mode
[  441.361780][T17358] veth0_macvtap: entered promiscuous mode
[  441.387134][T17598] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[  441.422351][T17598] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  441.448214][T17358] veth1_macvtap: entered promiscuous mode
[  441.533330][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.563098][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.587474][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.622062][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.641967][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.661918][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.683167][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.709424][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.724100][T17358] batman_adv: batadv0: Interface activated: batadv_slave_0
[  441.725201][T17620] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  441.749404][T17609] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  441.769968][T17620] netlink: 284 bytes leftover after parsing attributes in process `syz-executor.4'.
[  441.791088][T17615] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  441.825919][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.852251][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.873605][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.884531][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.894507][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.905934][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.917094][T17358] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.928674][T17358] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.951396][T17358] batman_adv: batadv0: Interface activated: batadv_slave_1
[  441.970107][T17358] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  442.014998][T17358] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  442.039144][T17358] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  442.048085][T17358] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  442.174006][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.338003][ T5990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.358669][ T5990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.423057][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.452320][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.582766][T17644] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.646459][T17646] syz-executor.4[17646] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  442.646703][T17646] syz-executor.4[17646] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  442.665466][T17646] netdevsim netdevsim4 €: renamed from netdevsim0 (while UP)
[  442.798832][T17651] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  442.818974][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.944517][T17656] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  443.011598][T17653] IPVS: wrr: TCP 172.20.20.170:0 - no destination available
[  443.315602][T17669] FAULT_INJECTION: forcing a failure.
[  443.315602][T17669] name failslab, interval 1, probability 0, space 0, times 0
[  443.358791][T17669] CPU: 1 PID: 17669 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  443.369391][T17669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  443.379469][T17669] Call Trace:
[  443.382770][T17669]  <TASK>
[  443.385702][T17669]  dump_stack_lvl+0x241/0x360
[  443.390394][T17669]  ? __pfx_dump_stack_lvl+0x10/0x10
[  443.395615][T17669]  ? __pfx__printk+0x10/0x10
[  443.400243][T17669]  ? __phys_addr+0xba/0x170
[  443.404784][T17669]  should_fail_ex+0x3b0/0x4e0
[  443.409480][T17669]  ? __build_skb+0x4b/0x90
[  443.413910][T17669]  should_failslab+0x9/0x20
[  443.418451][T17669]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  443.423874][T17669]  __build_skb+0x4b/0x90
[  443.428155][T17669]  netlink_alloc_large_skb+0x65/0x100
[  443.433553][T17669]  netlink_sendmsg+0x638/0xcb0
[  443.438334][T17669]  ? __pfx_netlink_sendmsg+0x10/0x10
[  443.443634][T17669]  ? __mutex_trylock_common+0x183/0x2e0
[  443.449203][T17669]  ? aa_sock_msg_perm+0x91/0x160
[  443.454161][T17669]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  443.459454][T17669]  ? security_socket_sendmsg+0x87/0xb0
[  443.464933][T17669]  ? __pfx_netlink_sendmsg+0x10/0x10
[  443.470223][T17669]  __sock_sendmsg+0x221/0x270
[  443.474908][T17669]  sock_sendmsg+0x134/0x200
[  443.479425][T17669]  ? __pfx_sock_sendmsg+0x10/0x10
[  443.484471][T17669]  ? iov_iter_bvec+0x4e/0x180
[  443.489170][T17669]  splice_to_socket+0xa13/0x10b0
[  443.494114][T17669]  ? __pfx_lock_release+0x10/0x10
[  443.499167][T17669]  ? __pfx_splice_to_socket+0x10/0x10
[  443.504571][T17669]  ? __lock_acquire+0x1346/0x1fd0
[  443.509611][T17669]  ? bpf_lsm_file_permission+0x9/0x10
[  443.514991][T17669]  ? security_file_permission+0x7f/0xa0
[  443.520552][T17669]  ? rw_verify_area+0x1d2/0x6b0
[  443.525416][T17669]  ? __pfx_splice_to_socket+0x10/0x10
[  443.530813][T17669]  do_splice+0xd77/0x1900
[  443.535157][T17669]  ? __pfx_lock_release+0x10/0x10
[  443.540188][T17669]  ? vfs_write+0x7c4/0xc90
[  443.544635][T17669]  ? __mutex_unlock_slowpath+0x21d/0x750
[  443.550283][T17669]  ? pipe_clear_nowait+0x196/0x220
[  443.555410][T17669]  ? __pfx_do_splice+0x10/0x10
[  443.560192][T17669]  __se_sys_splice+0x331/0x4a0
[  443.564976][T17669]  ? __pfx___se_sys_splice+0x10/0x10
[  443.570276][T17669]  ? do_syscall_64+0x100/0x230
[  443.575050][T17669]  ? __x64_sys_splice+0x21/0xf0
[  443.579912][T17669]  do_syscall_64+0xf3/0x230
[  443.584452][T17669]  ? clear_bhb_loop+0x35/0x90
[  443.589157][T17669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.595056][T17669] RIP: 0033:0x7f894b27d0a9
[  443.599478][T17669] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  443.619087][T17669] RSP: 002b:00007f894bf320c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  443.627512][T17669] RAX: ffffffffffffffda RBX: 00007f894b3b4050 RCX: 00007f894b27d0a9
[  443.635488][T17669] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  443.643462][T17669] RBP: 00007f894bf32120 R08: 0000000000007fff R09: 0000000000000000
[  443.651438][T17669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.659418][T17669] R13: 000000000000006e R14: 00007f894b3b4050 R15: 00007ffe08cc7b78
[  443.667418][T17669]  </TASK>
[  443.671696][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.961691][T17684] bridge0: port 1(gretap0) entered blocking state
[  443.982386][T17684] bridge0: port 1(gretap0) entered disabled state
[  443.989057][T17684] gretap0: entered allmulticast mode
[  444.010502][T17684] gretap0: entered promiscuous mode
[  444.074953][T17684] gretap0: left allmulticast mode
[  444.082448][T17684] gretap0: left promiscuous mode
[  444.107569][T17684] bridge0: port 1(gretap0) entered disabled state
[  444.312999][ T2916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.321465][ T2916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.733642][ T2905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  444.777824][T17711] lo speed is unknown, defaulting to 1000
[  444.844185][T17711] caif0 speed is unknown, defaulting to 1000
[  445.469701][ T6001] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.592576][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  445.604871][T17724] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  445.642848][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  445.660995][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  445.672545][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  445.682624][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  445.689969][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  445.782909][T17724] bond3: entered promiscuous mode
[  445.816498][T17711] lo speed is unknown, defaulting to 1000
[  445.817773][T17712] __nla_validate_parse: 4 callbacks suppressed
[  445.817793][T17712] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'.
[  445.848490][T17712] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  445.890977][T17729] bond0: (slave bond_slave_0): Releasing backup interface
[  445.936964][T17729] bond3: (slave bond_slave_0): making interface the new active one
[  445.963220][T17729] bond_slave_0: entered promiscuous mode
[  445.971629][T17729] bond3: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.024200][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.069648][T17723] lo speed is unknown, defaulting to 1000
[  446.101556][T17723] caif0 speed is unknown, defaulting to 1000
[  446.207645][T17736] lo speed is unknown, defaulting to 1000
[  446.400167][ T6001] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.538579][ T6001] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.587434][T17736] caif0 speed is unknown, defaulting to 1000
[  446.665670][ T5127] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  446.675310][ T5127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  446.686286][ T6001] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.699014][ T5127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  446.709831][ T5127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  446.718748][ T5127] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  446.726264][ T5127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  446.736749][T17748] Cannot find add_set index 0 as target
[  447.131995][T17749] lo speed is unknown, defaulting to 1000
[  447.132036][T17723] lo speed is unknown, defaulting to 1000
[  447.297904][T17749] caif0 speed is unknown, defaulting to 1000
[  447.316031][ T6001] bridge_slave_1: left allmulticast mode
[  447.321808][ T6001] bridge_slave_1: left promiscuous mode
[  447.322524][T17736] lo speed is unknown, defaulting to 1000
[  447.352556][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.383476][ T6001] bridge_slave_0: left allmulticast mode
[  447.389227][ T6001] bridge_slave_0: left promiscuous mode
[  447.403060][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.573807][ T5127] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  447.585276][ T5127] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  447.593879][ T5127] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  447.604312][ T5127] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  447.620496][ T5127] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  447.634030][ T5127] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  447.772501][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.785558][ T5127] Bluetooth: hci0: command tx timeout
[  447.935458][ T5990] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.985796][ T6001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  447.998366][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  448.009773][ T6001] bond0 (unregistering): Released all slaves
[  448.125827][T17749] lo speed is unknown, defaulting to 1000
[  448.303740][T17753] lo speed is unknown, defaulting to 1000
[  448.385525][T17753] caif0 speed is unknown, defaulting to 1000
[  448.583632][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.634466][T17753] lo speed is unknown, defaulting to 1000
[  448.814805][ T5127] Bluetooth: hci2: command tx timeout
[  448.820435][ T2905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.886115][T17723] chnl_net:caif_netlink_parms(): no params data found
[  449.134088][T17764] FAULT_INJECTION: forcing a failure.
[  449.134088][T17764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.146530][ T6001] hsr_slave_0: left promiscuous mode
[  449.148650][T17764] CPU: 1 PID: 17764 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  449.163048][T17764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  449.173127][T17764] Call Trace:
[  449.176413][T17764]  <TASK>
[  449.179347][T17764]  dump_stack_lvl+0x241/0x360
[  449.184066][T17764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.189274][T17764]  ? __pfx__printk+0x10/0x10
[  449.193868][T17764]  ? __pfx_lock_release+0x10/0x10
[  449.198902][T17764]  should_fail_ex+0x3b0/0x4e0
[  449.203611][T17764]  _copy_from_user+0x2f/0xe0
[  449.208238][T17764]  generic_map_update_batch+0x5ba/0x900
[  449.213879][T17764]  ? __pfx_generic_map_update_batch+0x10/0x10
[  449.219989][T17764]  ? __pfx_generic_map_update_batch+0x10/0x10
[  449.226089][T17764]  bpf_map_do_batch+0x3e0/0x690
[  449.230951][T17764]  __sys_bpf+0x377/0x810
[  449.235207][T17764]  ? __pfx___sys_bpf+0x10/0x10
[  449.239988][T17764]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  449.245983][T17764]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  449.252326][T17764]  ? do_syscall_64+0x100/0x230
[  449.257146][T17764]  __x64_sys_bpf+0x7c/0x90
[  449.261704][T17764]  do_syscall_64+0xf3/0x230
[  449.266248][T17764]  ? clear_bhb_loop+0x35/0x90
[  449.270959][T17764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.276877][T17764] RIP: 0033:0x7f5a7b07d0a9
[  449.281336][T17764] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  449.300942][T17764] RSP: 002b:00007f5a7be550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  449.309384][T17764] RAX: ffffffffffffffda RBX: 00007f5a7b1b3f80 RCX: 00007f5a7b07d0a9
[  449.317368][T17764] RDX: 0000000000000038 RSI: 0000000020000200 RDI: 000000000000001a
[  449.325334][T17764] RBP: 00007f5a7be55120 R08: 0000000000000000 R09: 0000000000000000
[  449.333305][T17764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  449.341274][T17764] R13: 000000000000000b R14: 00007f5a7b1b3f80 R15: 00007ffeb831b608
[  449.349258][T17764]  </TASK>
[  449.355349][ T6001] hsr_slave_1: left promiscuous mode
[  449.372815][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  449.393827][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0
[  449.413329][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  449.420896][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1
[  449.458604][T17768] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.476796][ T6001] veth1_macvtap: left promiscuous mode
[  449.483297][ T6001] veth0_macvtap: left promiscuous mode
[  449.489100][ T6001] veth1_vlan: left promiscuous mode
[  449.494839][ T6001] veth0_vlan: left promiscuous mode
[  449.548230][T17769] x_tables: unsorted underflow at hook 3
[  449.699494][ T5127] Bluetooth: hci1: command tx timeout
[  449.869353][ T5127] Bluetooth: hci0: command tx timeout
[  449.875512][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  450.170248][ T6001] team0 (unregistering): Port device team_slave_1 removed
[  450.228072][ T6001] team0 (unregistering): Port device team_slave_0 removed
[  450.901964][ T5127] Bluetooth: hci2: command tx timeout
[  450.970251][T17749] chnl_net:caif_netlink_parms(): no params data found
[  451.279667][T17782] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  451.300668][T17723] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.308357][T17723] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.315782][T17723] bridge_slave_0: entered allmulticast mode
[  451.323424][T17723] bridge_slave_0: entered promiscuous mode
[  451.382947][T17723] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.402851][T17723] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.410156][T17723] bridge_slave_1: entered allmulticast mode
[  451.428507][T17784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.439558][T17723] bridge_slave_1: entered promiscuous mode
[  451.478912][T17749] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.487645][T17749] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.495146][T17749] bridge_slave_0: entered allmulticast mode
[  451.503504][T17749] bridge_slave_0: entered promiscuous mode
[  451.512028][T17749] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.519296][T17749] bridge0: port 2(bridge_slave_1) entered disabled state
[  451.527491][T17749] bridge_slave_1: entered allmulticast mode
[  451.539817][T17749] bridge_slave_1: entered promiscuous mode
[  451.578182][T17723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  451.591112][T17723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  451.688433][T17749] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  451.707652][T17723] team0: Port device team_slave_0 added
[  451.726355][T17723] team0: Port device team_slave_1 added
[  451.772642][ T5127] Bluetooth: hci1: command tx timeout
[  451.781025][T17749] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  451.781592][ T2916] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.879245][T17792] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[  451.932250][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.940546][ T5127] Bluetooth: hci0: command tx timeout
[  451.958847][T17749] team0: Port device team_slave_0 added
[  451.974142][T17723] batman_adv: batadv0: Adding interface: batadv_slave_0
[  451.981254][T17723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.007709][T17723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.048791][T17749] team0: Port device team_slave_1 added
[  452.115791][ T6001] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.140207][T17723] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.148842][T17723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.176744][T17723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.245300][T17749] batman_adv: batadv0: Adding interface: batadv_slave_0
[  452.255076][T17749] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.281446][T17749] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.369352][ T6001] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.407605][T17749] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.415438][T17749] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.441606][T17749] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.461457][T17753] chnl_net:caif_netlink_parms(): no params data found
[  452.515564][ T6001] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.660706][ T6001] bond0: (slave netdevsim0): Releasing backup interface
[  452.675654][ T6001] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.720288][T17723] hsr_slave_0: entered promiscuous mode
[  452.741757][T17723] hsr_slave_1: entered promiscuous mode
[  452.815987][T17749] hsr_slave_0: entered promiscuous mode
[  452.852601][T17749] hsr_slave_1: entered promiscuous mode
[  452.881157][T17749] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  452.902016][T17749] Cannot create hsr debugfs directory
[  452.972972][ T5127] Bluetooth: hci2: command tx timeout
[  453.116871][T17815] SET target dimension over the limit!
[  453.159819][T17753] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.180074][T17753] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.206259][T17753] bridge_slave_0: entered allmulticast mode
[  453.224022][T17753] bridge_slave_0: entered promiscuous mode
[  453.241855][T17753] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.249203][T17753] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.271456][T17753] bridge_slave_1: entered allmulticast mode
[  453.290583][T17753] bridge_slave_1: entered promiscuous mode
[  453.496744][T17753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.542360][T17835] FAULT_INJECTION: forcing a failure.
[  453.542360][T17835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.562523][T17835] CPU: 0 PID: 17835 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  453.573096][T17835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  453.583195][T17835] Call Trace:
[  453.586501][T17835]  <TASK>
[  453.589456][T17835]  dump_stack_lvl+0x241/0x360
[  453.594188][T17835]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.599436][T17835]  ? __pfx__printk+0x10/0x10
[  453.604045][T17835]  ? __pfx_lock_release+0x10/0x10
[  453.609103][T17835]  should_fail_ex+0x3b0/0x4e0
[  453.613795][T17835]  _copy_from_iter+0x1f6/0x1960
[  453.618646][T17835]  ? __virt_addr_valid+0x183/0x520
[  453.623778][T17835]  ? __pfx_lock_release+0x10/0x10
[  453.628818][T17835]  ? __alloc_skb+0x28f/0x440
[  453.633417][T17835]  ? __pfx__copy_from_iter+0x10/0x10
[  453.638709][T17835]  ? __virt_addr_valid+0x183/0x520
[  453.643832][T17835]  ? __virt_addr_valid+0x183/0x520
[  453.648953][T17835]  ? __virt_addr_valid+0x44e/0x520
[  453.654074][T17835]  ? __check_object_size+0x49c/0x900
[  453.659404][T17835]  netlink_sendmsg+0x73d/0xcb0
[  453.664188][T17835]  ? __pfx_netlink_sendmsg+0x10/0x10
[  453.669481][T17835]  ? __import_iovec+0x536/0x820
[  453.674337][T17835]  ? aa_sock_msg_perm+0x91/0x160
[  453.679289][T17835]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  453.684586][T17835]  ? security_socket_sendmsg+0x87/0xb0
[  453.690063][T17835]  ? __pfx_netlink_sendmsg+0x10/0x10
[  453.695360][T17835]  __sock_sendmsg+0x221/0x270
[  453.700050][T17835]  ____sys_sendmsg+0x525/0x7d0
[  453.704838][T17835]  ? __pfx_____sys_sendmsg+0x10/0x10
[  453.710161][T17835]  __sys_sendmsg+0x2b0/0x3a0
[  453.714765][T17835]  ? __pfx___sys_sendmsg+0x10/0x10
[  453.719886][T17835]  ? vfs_write+0x7c4/0xc90
[  453.724351][T17835]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  453.730688][T17835]  ? do_syscall_64+0x100/0x230
[  453.735469][T17835]  ? do_syscall_64+0xb6/0x230
[  453.740161][T17835]  do_syscall_64+0xf3/0x230
[  453.744683][T17835]  ? clear_bhb_loop+0x35/0x90
[  453.749379][T17835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.755285][T17835] RIP: 0033:0x7f6d9ec7d0a9
[  453.759717][T17835] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  453.779327][T17835] RSP: 002b:00007f6d9fab50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  453.787767][T17835] RAX: ffffffffffffffda RBX: 00007f6d9edb3f80 RCX: 00007f6d9ec7d0a9
[  453.795749][T17835] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  453.803729][T17835] RBP: 00007f6d9fab5120 R08: 0000000000000000 R09: 0000000000000000
[  453.811731][T17835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.819708][T17835] R13: 000000000000000b R14: 00007f6d9edb3f80 R15: 00007ffd9121d5c8
[  453.827702][T17835]  </TASK>
[  453.836344][ T3656] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.844481][ T3656] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.861943][ T5127] Bluetooth: hci1: command tx timeout
[  453.871686][T17753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.921687][T17837] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  453.929032][T17837] IPv6: NLM_F_CREATE should be set when creating new route
[  453.967528][ T6001] bridge_slave_1: left allmulticast mode
[  453.974231][ T6001] bridge_slave_1: left promiscuous mode
[  453.980038][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.994907][ T6001] bridge_slave_0: left allmulticast mode
[  454.000604][ T6001] bridge_slave_0: left promiscuous mode
[  454.011796][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.019778][ T5127] Bluetooth: hci0: command tx timeout
[  454.204310][T17844] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.332344][ T2916] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.606470][T17848] SET target dimension over the limit!
[  454.706733][ T6001] bond2 (unregistering): (slave bridge3): Releasing backup interface
[  454.725892][ T6001] bridge3 (unregistering): left promiscuous mode
[  454.979669][ T2916] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.014741][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  455.027358][ T6001] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  455.041740][ T6001] bond0 (unregistering): Released all slaves
[  455.052450][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.060942][ T5127] Bluetooth: hci2: command tx timeout
[  455.082635][ T6001] bond1 (unregistering): Released all slaves
[  455.100850][ T6001] bond2 (unregistering): Released all slaves
[  455.124883][ T6001] bond3 (unregistering): (slave bond_slave_0): Releasing active interface
[  455.141986][ T6001] bond_slave_0: left promiscuous mode
[  455.151474][ T6001] bond3 (unregistering): Released all slaves
[  455.194760][T17843] FAULT_INJECTION: forcing a failure.
[  455.194760][T17843] name failslab, interval 1, probability 0, space 0, times 0
[  455.207715][T17843] CPU: 1 PID: 17843 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  455.218265][T17843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  455.228367][T17843] Call Trace:
[  455.231670][T17843]  <TASK>
[  455.234630][T17843]  dump_stack_lvl+0x241/0x360
[  455.239375][T17843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  455.244621][T17843]  ? __pfx__printk+0x10/0x10
[  455.249263][T17843]  should_fail_ex+0x3b0/0x4e0
[  455.253982][T17843]  ? __alloc_skb+0x1c3/0x440
[  455.258622][T17843]  should_failslab+0x9/0x20
[  455.263151][T17843]  kmem_cache_alloc_node_noprof+0x71/0x320
[  455.269030][T17843]  __alloc_skb+0x1c3/0x440
[  455.273480][T17843]  ? __dev_queue_xmit+0x16c9/0x3d30
[  455.278708][T17843]  ? __pfx___alloc_skb+0x10/0x10
[  455.283662][T17843]  ? netlink_ack_tlv_len+0x6e/0x200
[  455.288872][T17843]  netlink_ack+0x13f/0xa30
[  455.293326][T17843]  netlink_rcv_skb+0x262/0x430
[  455.298120][T17843]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  455.303612][T17843]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  455.308933][T17843]  ? netlink_deliver_tap+0x2e/0x1b0
[  455.314148][T17843]  netlink_unicast+0x7f0/0x990
[  455.318938][T17843]  ? __pfx_netlink_unicast+0x10/0x10
[  455.324243][T17843]  ? __virt_addr_valid+0x183/0x520
[  455.329375][T17843]  ? __check_object_size+0x49c/0x900
[  455.334679][T17843]  ? bpf_lsm_netlink_send+0x9/0x10
[  455.339808][T17843]  netlink_sendmsg+0x8e4/0xcb0
[  455.344597][T17843]  ? __pfx_netlink_sendmsg+0x10/0x10
[  455.349893][T17843]  ? __import_iovec+0x536/0x820
[  455.354751][T17843]  ? aa_sock_msg_perm+0x91/0x160
[  455.359715][T17843]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  455.365040][T17843]  ? security_socket_sendmsg+0x87/0xb0
[  455.370544][T17843]  ? __pfx_netlink_sendmsg+0x10/0x10
[  455.375840][T17843]  __sock_sendmsg+0x221/0x270
[  455.380535][T17843]  ____sys_sendmsg+0x525/0x7d0
[  455.385329][T17843]  ? __pfx_____sys_sendmsg+0x10/0x10
[  455.390644][T17843]  __sys_sendmsg+0x2b0/0x3a0
[  455.395268][T17843]  ? __pfx___sys_sendmsg+0x10/0x10
[  455.400399][T17843]  ? vfs_write+0x7c4/0xc90
[  455.404870][T17843]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  455.411216][T17843]  ? do_syscall_64+0x100/0x230
[  455.416025][T17843]  ? do_syscall_64+0xb6/0x230
[  455.420731][T17843]  do_syscall_64+0xf3/0x230
[  455.425277][T17843]  ? clear_bhb_loop+0x35/0x90
[  455.430008][T17843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.435926][T17843] RIP: 0033:0x7f6d9ec7d0a9
[  455.440357][T17843] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  455.459981][T17843] RSP: 002b:00007f6d9fab50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  455.468408][T17843] RAX: ffffffffffffffda RBX: 00007f6d9edb3f80 RCX: 00007f6d9ec7d0a9
[  455.476386][T17843] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  455.484364][T17843] RBP: 00007f6d9fab5120 R08: 0000000000000000 R09: 0000000000000000
[  455.492343][T17843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.500318][T17843] R13: 000000000000000b R14: 00007f6d9edb3f80 R15: 00007ffd9121d5c8
[  455.508311][T17843]  </TASK>
[  455.550230][ T6001] Κό: left promiscuous mode
[  455.592896][T17753] team0: Port device team_slave_0 added
[  455.778920][T17723] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.822870][T17753] team0: Port device team_slave_1 added
[  455.933269][ T5127] Bluetooth: hci1: command tx timeout
[  455.954234][T17723] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.015815][T17753] batman_adv: batadv0: Adding interface: batadv_slave_0
[  456.023286][T17753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.054651][T17753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  456.117527][T17723] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.141965][T17862] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  456.150230][T17862] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  456.169586][T17753] batman_adv: batadv0: Adding interface: batadv_slave_1
[  456.180722][T17753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.209054][T17753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  456.357022][T17723] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.532632][T17753] hsr_slave_0: entered promiscuous mode
[  456.615269][T17753] hsr_slave_1: entered promiscuous mode
[  456.642351][T17753] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  456.650705][T17753] Cannot create hsr debugfs directory
[  456.742439][ T6001] hsr_slave_0: left promiscuous mode
[  456.754504][ T6001] hsr_slave_1: left promiscuous mode
[  456.774488][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  456.793109][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0
[  456.813114][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  456.820565][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1
[  456.839841][ T6001] dummy0: left allmulticast mode
[  456.851953][ T6001] dummy0: left promiscuous mode
[  456.857712][ T6001] veth1_macvtap: left promiscuous mode
[  456.872050][ T6001] veth0_macvtap: left promiscuous mode
[  456.877727][ T6001] veth1_vlan: left promiscuous mode
[  456.884111][T17874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  456.892276][ T6001] veth0_vlan: left promiscuous mode
[  456.900436][ T2905] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.212262][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.220829][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.229132][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.237508][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.245824][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.254120][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.262523][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.270842][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.105071][T17870] smc: net device lo applied user defined pnetid SYZ2
[  458.113315][T17873] smc: net device lo erased user defined pnetid SYZ2
[  458.606025][T17749] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  458.723819][T17749] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  458.767245][T17749] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  458.805043][T17749] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  458.869046][T17723] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  458.890685][T17723] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  458.900433][T17900] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'.
[  458.999003][T17723] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  459.028132][T17723] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  459.120661][T17905] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  459.344710][T17749] 8021q: adding VLAN 0 to HW filter on device bond0
[  459.435180][T17749] 8021q: adding VLAN 0 to HW filter on device team0
[  459.481622][ T5172] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.488848][ T5172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.537135][T17723] 8021q: adding VLAN 0 to HW filter on device bond0
[  459.552238][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.559404][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.601255][T17723] 8021q: adding VLAN 0 to HW filter on device team0
[  459.691294][ T5167] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.698616][ T5167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  459.713079][ T5167] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.720259][ T5167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  459.816814][T17753] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  459.900389][T17753] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  459.951337][T17753] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  459.966337][T17753] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  460.006021][T17920] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  460.148381][T17749] 8021q: adding VLAN 0 to HW filter on device batadv0
[  460.356010][T17749] veth0_vlan: entered promiscuous mode
[  460.370206][T17753] 8021q: adding VLAN 0 to HW filter on device bond0
[  460.424268][T17749] veth1_vlan: entered promiscuous mode
[  460.464250][T17753] 8021q: adding VLAN 0 to HW filter on device team0
[  460.489225][T17723] 8021q: adding VLAN 0 to HW filter on device batadv0
[  460.526759][ T5297] bridge0: port 1(bridge_slave_0) entered blocking state
[  460.534007][ T5297] bridge0: port 1(bridge_slave_0) entered forwarding state
[  460.565980][ T5288] bridge0: port 2(bridge_slave_1) entered blocking state
[  460.573189][ T5288] bridge0: port 2(bridge_slave_1) entered forwarding state
[  460.704466][T17749] veth0_macvtap: entered promiscuous mode
[  460.785927][T17749] veth1_macvtap: entered promiscuous mode
[  460.814326][T17723] veth0_vlan: entered promiscuous mode
[  460.899133][T17723] veth1_vlan: entered promiscuous mode
[  460.915165][T17946] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  460.915553][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  460.952928][T17946] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  460.962377][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.002368][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.022116][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.047073][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.060963][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.084542][T17749] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.098121][T17952] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  461.114634][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.138214][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.160241][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.193463][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.205084][T17749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.218134][T17749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.230217][T17749] batman_adv: batadv0: Interface activated: batadv_slave_1
[  461.279538][T17749] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  461.295429][T17749] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  461.313476][T17749] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  461.332104][T17749] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  461.367588][T17958] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[  461.381135][T17958] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  461.406739][T17723] veth0_macvtap: entered promiscuous mode
[  461.431383][T17723] veth1_macvtap: entered promiscuous mode
[  461.445932][T17753] 8021q: adding VLAN 0 to HW filter on device batadv0
[  461.587154][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.599071][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.621982][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.633164][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.643689][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.654319][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.664415][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  461.684310][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.696908][T17723] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.765312][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.793595][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.803903][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.814507][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.824527][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.835528][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.845458][T17723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  461.857027][T17723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  461.868997][T17723] batman_adv: batadv0: Interface activated: batadv_slave_1
[  461.900788][T17723] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  461.932920][T17723] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  461.952139][T17723] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  461.960989][T17723] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  461.990353][ T3656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  461.999883][ T3656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.067685][T17753] veth0_vlan: entered promiscuous mode
[  462.106374][ T6001] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.115112][ T6001] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.158730][T17753] veth1_vlan: entered promiscuous mode
[  462.310628][ T5983] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.332319][ T5983] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.351564][T17753] veth0_macvtap: entered promiscuous mode
[  462.442219][ T5983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.455122][T17753] veth1_macvtap: entered promiscuous mode
[  462.465211][ T5983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.552828][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  462.568885][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.582082][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  462.600587][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.618693][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  462.629533][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.649057][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  462.652766][ T5983] net_ratelimit: 79 callbacks suppressed
[  462.652786][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.660078][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.683846][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  462.695718][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.715134][T17753] batman_adv: batadv0: Interface activated: batadv_slave_0
[  462.727121][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.739256][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.749566][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.760329][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.770444][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.781239][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.805330][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.825530][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.835520][T17753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  462.846397][T17753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  462.879136][T17753] batman_adv: batadv0: Interface activated: batadv_slave_1
[  462.994094][T17753] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  463.013035][T17753] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  463.021781][T17753] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  463.052366][T17753] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  463.304226][ T2916] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.464534][T18001] ebt_among: wrong size: 2080 against expected 2280, rounded to 2280
[  463.473435][ T2905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.481284][ T2905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.514518][T18002] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.541704][ T2916] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.549958][ T2916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.767522][ T2916] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.780097][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  464.736269][ T2916] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.852542][T18025] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  464.995041][ T2916] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.027692][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  465.039457][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  465.054355][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  465.086432][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  465.109989][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  465.126760][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  465.214074][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.223291][ T3656] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.238393][ T2916] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.269692][T18044] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  465.293129][T18044] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  465.383031][T18034] lo speed is unknown, defaulting to 1000
[  465.422619][T18034] caif0 speed is unknown, defaulting to 1000
[  465.495242][T18051] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  465.531244][T18051] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.651656][ T2916] bridge_slave_1: left allmulticast mode
[  465.664539][T18053] FAULT_INJECTION: forcing a failure.
[  465.664539][T18053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  465.671984][ T2916] bridge_slave_1: left promiscuous mode
[  465.709432][ T2916] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.712065][   T29] audit: type=1804 audit(1719132528.660:61): pid=18057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir485079833/syzkaller.ZcRHh3/5/cgroup.controllers" dev="sda1" ino=1954 res=1 errno=0
[  465.717442][T18053] CPU: 0 PID: 18053 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  465.753084][T18053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  465.763172][T18053] Call Trace:
[  465.766477][T18053]  <TASK>
[  465.769431][T18053]  dump_stack_lvl+0x241/0x360
[  465.774155][T18053]  ? __pfx_dump_stack_lvl+0x10/0x10
[  465.779393][T18053]  ? __pfx__printk+0x10/0x10
[  465.784036][T18053]  ? snprintf+0xda/0x120
[  465.788318][T18053]  should_fail_ex+0x3b0/0x4e0
[  465.793056][T18053]  _copy_to_user+0x2f/0xb0
[  465.797490][T18053]  simple_read_from_buffer+0xca/0x150
[  465.802882][T18053]  proc_fail_nth_read+0x1e9/0x250
[  465.807930][T18053]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  465.813487][T18053]  ? rw_verify_area+0x514/0x6b0
[  465.818349][T18053]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  465.823919][T18053]  vfs_read+0x204/0xbd0
[  465.828104][T18053]  ? __pfx_lock_release+0x10/0x10
[  465.833146][T18053]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  465.838710][T18053]  ? __pfx_vfs_read+0x10/0x10
[  465.843403][T18053]  ? __fget_files+0x29/0x470
[  465.848011][T18053]  ? __fget_files+0x3f6/0x470
[  465.852728][T18053]  ksys_read+0x1a0/0x2c0
[  465.857009][T18053]  ? __pfx_ksys_read+0x10/0x10
[  465.861793][T18053]  ? do_syscall_64+0x100/0x230
[  465.866580][T18053]  ? do_syscall_64+0xb6/0x230
[  465.871277][T18053]  do_syscall_64+0xf3/0x230
[  465.875800][T18053]  ? clear_bhb_loop+0x35/0x90
[  465.880491][T18053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.886418][T18053] RIP: 0033:0x7f6d9ec7bd4c
[  465.890840][T18053] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48
[  465.910453][T18053] RSP: 002b:00007f6d9fab50c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  465.918888][T18053] RAX: ffffffffffffffda RBX: 00007f6d9edb3f80 RCX: 00007f6d9ec7bd4c
[  465.926881][T18053] RDX: 000000000000000f RSI: 00007f6d9fab5130 RDI: 0000000000000005
[  465.934860][T18053] RBP: 00007f6d9fab5120 R08: 0000000000000000 R09: 0000000000000000
[  465.942839][T18053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.950817][T18053] R13: 000000000000000b R14: 00007f6d9edb3f80 R15: 00007ffd9121d5c8
[  465.958815][T18053]  </TASK>
[  465.984613][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  466.014444][   T29] audit: type=1804 audit(1719132528.680:62): pid=18057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir485079833/syzkaller.ZcRHh3/5/cgroup.controllers" dev="sda1" ino=1954 res=1 errno=0
[  466.081476][T16095] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  466.095906][T16095] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  466.104377][ T2916] bridge_slave_0: left allmulticast mode
[  466.110060][ T2916] bridge_slave_0: left promiscuous mode
[  466.118656][ T2916] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.126715][T16095] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  466.140865][T16095] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  466.150255][T16095] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  466.159263][T16095] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  466.572577][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  466.850781][ T2916] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.868017][ T2916] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.879711][ T2916] bond0 (unregistering): Released all slaves
[  467.187250][T18085] Bluetooth: MGMT ver 1.22
[  467.213390][   T53] Bluetooth: hci0: command tx timeout
[  467.247799][T18059] lo speed is unknown, defaulting to 1000
[  467.266605][T18059] caif0 speed is unknown, defaulting to 1000
[  467.668726][T18099] FAULT_INJECTION: forcing a failure.
[  467.668726][T18099] name failslab, interval 1, probability 0, space 0, times 0
[  467.691694][T18099] CPU: 0 PID: 18099 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  467.692411][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.702226][T18099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  467.702247][T18099] Call Trace:
[  467.702259][T18099]  <TASK>
[  467.702271][T18099]  dump_stack_lvl+0x241/0x360
[  467.702315][T18099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  467.736519][T18099]  ? __pfx__printk+0x10/0x10
[  467.741139][T18099]  ? netlink_insert+0x10b7/0x14b0
[  467.746193][T18099]  should_fail_ex+0x3b0/0x4e0
[  467.750895][T18099]  ? __alloc_skb+0x1c3/0x440
[  467.755497][T18099]  should_failslab+0x9/0x20
[  467.760013][T18099]  kmem_cache_alloc_node_noprof+0x71/0x320
[  467.765839][T18099]  __alloc_skb+0x1c3/0x440
[  467.770277][T18099]  ? __pfx___alloc_skb+0x10/0x10
[  467.775229][T18099]  ? netlink_autobind+0xd6/0x2f0
[  467.780189][T18099]  ? netlink_autobind+0x2b0/0x2f0
[  467.785235][T18099]  netlink_sendmsg+0x638/0xcb0
[  467.790023][T18099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.795321][T18099]  ? __import_iovec+0x536/0x820
[  467.800180][T18099]  ? aa_sock_msg_perm+0x91/0x160
[  467.805136][T18099]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  467.810428][T18099]  ? security_socket_sendmsg+0x87/0xb0
[  467.815906][T18099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.821212][T18099]  __sock_sendmsg+0x221/0x270
[  467.825934][T18099]  ____sys_sendmsg+0x525/0x7d0
[  467.830733][T18099]  ? __pfx_____sys_sendmsg+0x10/0x10
[  467.836050][T18099]  __sys_sendmsg+0x2b0/0x3a0
[  467.840660][T18099]  ? __pfx___sys_sendmsg+0x10/0x10
[  467.845785][T18099]  ? vfs_write+0x7c4/0xc90
[  467.850270][T18099]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  467.856618][T18099]  ? do_syscall_64+0x100/0x230
[  467.861405][T18099]  ? do_syscall_64+0xb6/0x230
[  467.866102][T18099]  do_syscall_64+0xf3/0x230
[  467.870652][T18099]  ? clear_bhb_loop+0x35/0x90
[  467.875348][T18099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.881272][T18099] RIP: 0033:0x7f332ce7d0a9
[  467.885705][T18099] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  467.905325][T18099] RSP: 002b:00007f332dc4f0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  467.913762][T18099] RAX: ffffffffffffffda RBX: 00007f332cfb3f80 RCX: 00007f332ce7d0a9
[  467.921754][T18099] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000004
[  467.929745][T18099] RBP: 00007f332dc4f120 R08: 0000000000000000 R09: 0000000000000000
[  467.937737][T18099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.945721][T18099] R13: 000000000000000b R14: 00007f332cfb3f80 R15: 00007fffe7292f08
[  467.953720][T18099]  </TASK>
[  468.012845][   T53] Bluetooth: hci4: command 0x0405 tx timeout
[  468.252082][ T5127] Bluetooth: hci2: command tx timeout
[  468.306703][ T2916] hsr_slave_0: left promiscuous mode
[  468.325188][ T2916] hsr_slave_1: left promiscuous mode
[  468.336524][T18113] FAULT_INJECTION: forcing a failure.
[  468.336524][T18113] name failslab, interval 1, probability 0, space 0, times 0
[  468.350177][T18113] CPU: 1 PID: 18113 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  468.353436][ T2916] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  468.360775][T18113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  468.360793][T18113] Call Trace:
[  468.360803][T18113]  <TASK>
[  468.360813][T18113]  dump_stack_lvl+0x241/0x360
[  468.373559][ T2916] batman_adv: batadv0: Removing interface: batadv_slave_0
[  468.378202][T18113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  468.401456][T18113]  ? __pfx__printk+0x10/0x10
[  468.406094][T18113]  ? __pfx___might_resched+0x10/0x10
[  468.411427][T18113]  should_fail_ex+0x3b0/0x4e0
[  468.416170][T18113]  should_failslab+0x9/0x20
[  468.420729][T18113]  __kmalloc_node_noprof+0xdf/0x440
[  468.425967][T18113]  ? kvmalloc_node_noprof+0x72/0x190
[  468.431290][T18113]  kvmalloc_node_noprof+0x72/0x190
[  468.436431][T18113]  xt_alloc_table_info+0x3d/0xa0
[  468.441417][T18113]  do_ip6t_set_ctl+0xba0/0x1270
[  468.446325][T18113]  ? __pfx___might_resched+0x10/0x10
[  468.451658][T18113]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  468.457002][T18113]  ? __pfx_lock_release+0x10/0x10
[  468.462094][T18113]  ? __mutex_unlock_slowpath+0x21d/0x750
[  468.467809][T18113]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  468.473840][T18113]  ? __pfx_aa_sk_perm+0x10/0x10
[  468.478783][T18113]  nf_setsockopt+0x295/0x2c0
[  468.483450][T18113]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  468.489380][T18113]  do_sock_setsockopt+0x3af/0x720
[  468.494458][T18113]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  468.500046][T18113]  ? __fget_files+0x29/0x470
[  468.504698][T18113]  ? __fget_files+0x3f6/0x470
[  468.509450][T18113]  __sys_setsockopt+0x1ae/0x250
[  468.514349][T18113]  __x64_sys_setsockopt+0xb5/0xd0
[  468.519422][T18113]  do_syscall_64+0xf3/0x230
[  468.523970][T18113]  ? clear_bhb_loop+0x35/0x90
[  468.528695][T18113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.534639][T18113] RIP: 0033:0x7f5a7b07d0a9
[  468.539086][T18113] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  468.558722][T18113] RSP: 002b:00007f5a7be550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  468.567165][T18113] RAX: ffffffffffffffda RBX: 00007f5a7b1b3f80 RCX: 00007f5a7b07d0a9
[  468.575161][T18113] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  468.583159][T18113] RBP: 00007f5a7be55120 R08: 000000000000ff4b R09: 0000000000000000
[  468.591159][T18113] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  468.599156][T18113] R13: 000000000000000b R14: 00007f5a7b1b3f80 R15: 00007ffeb831b608
[  468.607182][T18113]  </TASK>
[  468.614446][ T2916] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  468.622593][ T5983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.638428][ T2916] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.744448][    C1] 
[  468.746810][    C1] ======================================================
[  468.753821][    C1] WARNING: possible circular locking dependency detected
[  468.760823][    C1] 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0 Not tainted
[  468.767916][    C1] ------------------------------------------------------
[  468.774915][    C1] syz-executor.3/18124 is trying to acquire lock:
[  468.781335][    C1] ffff8880b9529430 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x18a/0x790
[  468.789954][    C1] 
[  468.789954][    C1] but task is already holding lock:
[  468.797302][    C1] ffff8880b952a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[  468.806173][    C1] 
[  468.806173][    C1] which lock already depends on the new lock.
[  468.806173][    C1] 
[  468.816559][    C1] 
[  468.816559][    C1] the existing dependency chain (in reverse order) is:
[  468.825554][    C1] 
[  468.825554][    C1] -> #1 (&base->lock){-.-.}-{2:2}:
[  468.832844][    C1]        lock_acquire+0x1ed/0x550
[  468.837859][    C1]        _raw_spin_lock_irqsave+0xd5/0x120
[  468.843657][    C1]        lock_timer_base+0x112/0x240
[  468.848957][    C1]        __mod_timer+0x1ca/0xeb0
[  468.853883][    C1]        queue_delayed_work_on+0x1ca/0x390
[  468.859684][    C1]        kvfree_call_rcu+0x47f/0x790
[  468.864969][    C1]        rtnl_register_internal+0x482/0x590
[  468.870855][    C1]        rtnl_register+0x36/0x80
[  468.875795][    C1]        ip_rt_init+0x2bd/0x360
[  468.880630][    C1]        ip_init+0xe/0x20
[  468.884967][    C1]        inet_init+0x3d8/0x580
[  468.889722][    C1]        do_one_initcall+0x248/0x880
[  468.895013][    C1]        do_initcall_level+0x157/0x210
[  468.900468][    C1]        do_initcalls+0x3f/0x80
[  468.905305][    C1]        kernel_init_freeable+0x435/0x5d0
[  468.911017][    C1]        kernel_init+0x1d/0x2b0
[  468.915885][    C1]        ret_from_fork+0x4b/0x80
[  468.920819][    C1]        ret_from_fork_asm+0x1a/0x30
[  468.926128][    C1] 
[  468.926128][    C1] -> #0 (krc.lock){..-.}-{2:2}:
[  468.933175][    C1]        validate_chain+0x18e0/0x5900
[  468.938544][    C1]        __lock_acquire+0x1346/0x1fd0
[  468.943923][    C1]        lock_acquire+0x1ed/0x550
[  468.948937][    C1]        _raw_spin_lock+0x2e/0x40
[  468.953953][    C1]        kvfree_call_rcu+0x18a/0x790
[  468.959230][    C1]        trie_delete_elem+0x546/0x6a0
[  468.964592][    C1]        bpf_prog_5186c38a4019a4cb+0x4a/0x4e
[  468.970561][    C1]        bpf_trace_run2+0x2ec/0x540
[  468.975754][    C1]        enqueue_timer+0x3ce/0x570
[  468.980857][    C1]        __mod_timer+0xa0e/0xeb0
[  468.985783][    C1]        call_timer_fn+0x18e/0x650
[  468.990892][    C1]        __run_timer_base+0x66a/0x8e0
[  468.996253][    C1]        run_timer_softirq+0xb7/0x170
[  469.001630][    C1]        handle_softirqs+0x2c4/0x970
[  469.006903][    C1]        __irq_exit_rcu+0xf4/0x1c0
[  469.012003][    C1]        irq_exit_rcu+0x9/0x30
[  469.016772][    C1]        sysvec_apic_timer_interrupt+0xa6/0xc0
[  469.022921][    C1]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  469.029418][    C1]        lockdep_init_map_type+0x25d/0x910
[  469.035212][    C1]        __d_alloc+0x27e/0x700
[  469.039965][    C1]        d_alloc+0x4b/0x190
[  469.044457][    C1]        lookup_one_qstr_excl+0xce/0x260
[  469.050077][    C1]        filename_create+0x297/0x540
[  469.055351][    C1]        do_symlinkat+0xf9/0x3a0
[  469.060284][    C1]        __x64_sys_symlinkat+0x99/0xb0
[  469.065735][    C1]        do_syscall_64+0xf3/0x230
[  469.070750][    C1]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.077155][    C1] 
[  469.077155][    C1] other info that might help us debug this:
[  469.077155][    C1] 
[  469.087366][    C1]  Possible unsafe locking scenario:
[  469.087366][    C1] 
[  469.094797][    C1]        CPU0                    CPU1
[  469.100145][    C1]        ----                    ----
[  469.105511][    C1]   lock(&base->lock);
[  469.109578][    C1]                                lock(krc.lock);
[  469.115898][    C1]                                lock(&base->lock);
[  469.122474][    C1]   lock(krc.lock);
[  469.126276][    C1] 
[  469.126276][    C1]  *** DEADLOCK ***
[  469.126276][    C1] 
[  469.134399][    C1] 5 locks held by syz-executor.3/18124:
[  469.139927][    C1]  #0: ffff88802f910420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[  469.149069][    C1]  #1: ffff888079fec000 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: filename_create+0x260/0x540
[  469.159707][    C1]  #2: ffffc90000a18c00 ((&app->join_timer)#2){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  469.169538][    C1]  #3: ffff8880b952a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[  469.178857][    C1]  #4: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540
[  469.188251][    C1] 
[  469.188251][    C1] stack backtrace:
[  469.194125][    C1] CPU: 1 PID: 18124 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  469.204609][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  469.214667][    C1] Call Trace:
[  469.217936][    C1]  <IRQ>
[  469.220773][    C1]  dump_stack_lvl+0x241/0x360
[  469.225450][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.230649][    C1]  ? print_circular_bug+0x130/0x1a0
[  469.235844][    C1]  check_noncircular+0x36a/0x4a0
[  469.240784][    C1]  ? __pfx_check_noncircular+0x10/0x10
[  469.246243][    C1]  ? lockdep_lock+0x123/0x2b0
[  469.250911][    C1]  ? mark_lock+0x9a/0x350
[  469.255247][    C1]  validate_chain+0x18e0/0x5900
[  469.260104][    C1]  ? __pfx_validate_chain+0x10/0x10
[  469.265298][    C1]  ? stack_depot_save_flags+0x6e4/0x830
[  469.270842][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  469.275861][    C1]  ? __pfx_lock_release+0x10/0x10
[  469.280880][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  469.286078][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  469.291969][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  469.298291][    C1]  ? stack_trace_save+0x118/0x1d0
[  469.303311][    C1]  ? mark_lock+0x9a/0x350
[  469.307640][    C1]  __lock_acquire+0x1346/0x1fd0
[  469.312493][    C1]  lock_acquire+0x1ed/0x550
[  469.317008][    C1]  ? kvfree_call_rcu+0x18a/0x790
[  469.321946][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  469.326973][    C1]  ? __phys_addr+0xba/0x170
[  469.331474][    C1]  _raw_spin_lock+0x2e/0x40
[  469.335975][    C1]  ? kvfree_call_rcu+0x18a/0x790
[  469.340907][    C1]  kvfree_call_rcu+0x18a/0x790
[  469.345667][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  469.351559][    C1]  ? __pfx_kvfree_call_rcu+0x10/0x10
[  469.356841][    C1]  ? longest_prefix_match+0x330/0x650
[  469.362209][    C1]  trie_delete_elem+0x546/0x6a0
[  469.367059][    C1]  ? bpf_trace_run2+0x1fc/0x540
[  469.371904][    C1]  bpf_prog_5186c38a4019a4cb+0x4a/0x4e
[  469.377369][    C1]  bpf_trace_run2+0x2ec/0x540
[  469.382069][    C1]  ? __pfx_bpf_trace_run2+0x10/0x10
[  469.387283][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[  469.393109][    C1]  ? __pfx_get_random_u32+0x10/0x10
[  469.398321][    C1]  enqueue_timer+0x3ce/0x570
[  469.402910][    C1]  __mod_timer+0xa0e/0xeb0
[  469.407320][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  469.413218][    C1]  ? __pfx___mod_timer+0x10/0x10
[  469.418167][    C1]  ? __get_random_u32_below+0x3e/0x90
[  469.423540][    C1]  call_timer_fn+0x18e/0x650
[  469.428125][    C1]  ? call_timer_fn+0xc0/0x650
[  469.432791][    C1]  ? __pfx_garp_join_timer+0x10/0x10
[  469.438074][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  469.443185][    C1]  ? __pfx_garp_join_timer+0x10/0x10
[  469.448468][    C1]  ? __pfx_garp_join_timer+0x10/0x10
[  469.453761][    C1]  ? __pfx_garp_join_timer+0x10/0x10
[  469.459042][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  469.464235][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  469.469426][    C1]  ? __pfx_garp_join_timer+0x10/0x10
[  469.474713][    C1]  __run_timer_base+0x66a/0x8e0
[  469.479562][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  469.484930][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  469.491273][    C1]  run_timer_softirq+0xb7/0x170
[  469.496116][    C1]  handle_softirqs+0x2c4/0x970
[  469.500874][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  469.505634][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  469.510911][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  469.516106][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  469.520687][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  469.525881][    C1]  irq_exit_rcu+0x9/0x30
[  469.530115][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  469.535743][    C1]  </IRQ>
[  469.538665][    C1]  <TASK>
[  469.541587][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  469.547568][    C1] RIP: 0010:lockdep_init_map_type+0x25d/0x910
[  469.553628][    C1] Code: df 84 c0 75 1a 4c 89 ff e8 e0 06 00 00 48 ba 00 00 00 00 00 fc ff df 84 c0 0f 84 f1 01 00 00 4c 89 e0 48 c1 e8 03 80 3c 10 00 <74> 12 4c 89 e7 e8 99 a6 89 00 48 ba 00 00 00 00 00 fc ff df 4d 89
[  469.573240][    C1] RSP: 0018:ffffc90004f7fb20 EFLAGS: 00000246
[  469.579305][    C1] RAX: 1ffff1100be57294 RBX: ffff88805f2b94c2 RCX: ffffffff947aa603
[  469.587271][    C1] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff88805f2b94c1
[  469.595237][    C1] RBP: ffffc90004f7fc00 R08: ffff88805f2b94b7 R09: 0000000000000000
[  469.603205][    C1] R10: ffff88805f2b94a8 R11: ffffed100be57297 R12: ffff88805f2b94a0
[  469.611172][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff9481b7f0
[  469.619167][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  469.624970][    C1]  ? __d_alloc+0x31/0x700
[  469.629292][    C1]  ? rcu_is_watching+0x15/0xb0
[  469.634053][    C1]  __d_alloc+0x27e/0x700
[  469.638289][    C1]  d_alloc+0x4b/0x190
[  469.642270][    C1]  lookup_one_qstr_excl+0xce/0x260
[  469.647377][    C1]  filename_create+0x297/0x540
[  469.652155][    C1]  ? __pfx_filename_create+0x10/0x10
[  469.657436][    C1]  ? __might_fault+0xaa/0x120
[  469.662104][    C1]  ? __pfx_lock_release+0x10/0x10
[  469.667141][    C1]  do_symlinkat+0xf9/0x3a0
[  469.671567][    C1]  ? __phys_addr_symbol+0x2f/0x70
[  469.676588][    C1]  ? __check_object_size+0x49c/0x900
[  469.681871][    C1]  ? __pfx_do_symlinkat+0x10/0x10
[  469.686894][    C1]  ? getname_flags+0x1fe/0x4f0
[  469.691659][    C1]  __x64_sys_symlinkat+0x99/0xb0
[  469.696592][    C1]  do_syscall_64+0xf3/0x230
[  469.701095][    C1]  ? clear_bhb_loop+0x35/0x90
[  469.705791][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.711681][    C1] RIP: 0033:0x7f5a7b07c827
[  469.716085][    C1] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0a 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  469.735679][    C1] RSP: 002b:00007ffeb831b8c8 EFLAGS: 00000202 ORIG_RAX: 000000000000010a
[  469.744080][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5a7b07c827
[  469.752040][    C1] RDX: 00007f5a7b0da80d RSI: 00000000ffffff9c RDI: 00007ffeb831b980
[  469.759998][    C1] RBP: 0000000000000001 R08: 0000000000000013 R09: 00007ffeb831b617
[  469.767973][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  469.775945][    C1] R13: 0000000000000000 R14: 00007ffeb831b980 R15: 0000000000000001
[  469.783930][    C1]  </TASK>
2024/06/23 08:48:52 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  469.793278][ T3656] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  469.825941][ T5127] Bluetooth: hci0: command tx timeout
[  469.830473][ T2916] veth1_macvtap: left promiscuous mode
[  469.857753][ T2916] veth0_macvtap: left promiscuous mode
[  469.864605][ T2916] veth1_vlan: left promiscuous mode
[  469.869927][ T2916] veth0_vlan: left promiscuous mode
[  470.333284][ T5127] Bluetooth: hci2: command tx timeout