last executing test programs:

1m17.916491342s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

1m5.258708328s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

54.232047065s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

41.092594131s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

26.230000612s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

6.961637938s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000e500"/24], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000100)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000500)='kyber_adjust\x00', r0}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r4=>r3})
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000002c0)={0x59, 0x7ff, 0x9, 0x8, 0x1, 0x81})
listen(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x7, 0x10, 0x3, 0x14000, {{0xc, 0x4, 0x1, 0x6, 0x30, 0x67, 0x0, 0x40, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x1c, 0xee, 0x0, 0x1, [0x8, 0x1000, 0x9, 0x4, 0x6, 0x1000]}]}}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc0000001a00000427bd7000fcdbdf25ac1414bb000000000000000000000000000000000000000000000000000000004e237fff4e2200000a00802011000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000004d52b000000ac1414bb0000000000000000000000001f000000000000000000000000000000ffffffffffffffff0200000000000000ff0f0000000000000100008000000000000200000000000008000000000000000000000000000080be06000000000000e3000000000000007e020000000000000900000000000000000000002dbd7000000000000a00010904000000000000000c001c00", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xfc}}, 0x0)
getgid()
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000c00))
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="300000002d000100000000000000000008000000", @ANYRES32=r8, @ANYBLOB="0b00008097000000000000000000000000000000000000009d3298370ef3f2a26f1b070bf73b83615f92c82e0f5921b6f7a7918e7dbc8f5601e4d4d090fefd46c820e24248713cf5c06e220907b14a67126e1c04813081f3074e13796cba1c8d5f7112132cb1d096548ab48edadebc1003589a7c7b38108f2e9eb5a9d890ba09b9b0874ecc2aa2a0463aebec8e53314d3eba013f8372b6e74506fe52afde6ccd7ad92d92b6acda9a4594924a8f4dc75671d16c69d6c44e36c27e628fadb6bfc4073fc690fe9e98d8c42170ed4938dc4b2ddbc9729a9dee7abdcec6416576e0e3cc582a91304bfc22ddb3154d2675bb4da84a25687e27abea102b58d7ac2da0ae4eea815ae9ac1c890689e9fc116f186f31bdcf1ee8ec683745358d2d40441c7a1f50b2fc7c435de58f28ff2645836ec139df31c9573cb37488007927aa93aa835f2e7f05b3488917c81a6c0b80bba11370ef48a0c77017bf26afeb97b1d454811690ce54aefe7c7ade7df563c09a93987e64d2353e4d738fd8fae85c9eba1905f34ef5898f9fb580ac6fa012"], 0x30}], 0x1}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
listen(r9, 0x5)
sendmmsg(r9, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000080)='}', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="c528b61305ab6f2840"], 0x10}}], 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000001280), &(0x7f00000012c0)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001300)={{{@in6=@ipv4={""/10, ""/2, @remote}, @in6}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001400)=0xe8)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

2.506472699s ago: executing program 3:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {}, [@CTA_FILTER={0x4}]}, 0x18}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$OSF_MSG_ADD(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)={0x964, 0x0, 0x5, 0x401, 0x0, 0x0, {0x0, 0x0, 0x9}, [{{0x254, 0x1, {{0x3, 0x1ff}, 0x0, 0x44, 0x0, 0x3, 0x1b, 'syz1\x00', "b16462e38b52e9879a3a9ffe3827966c3d4b21d1f3519513b755b7c28dccaa2d", "998f2f027d6c9bbdf819b558c85124778894e1c2c596fd8942ee0b323333e546", [{0x1, 0x40, {0x1, 0x7}}, {0x7fff, 0x101, {0x1, 0x31e0f67e}}, {0x3, 0x40, {0x2, 0x401}}, {0xebb2, 0x962, {0x0, 0x2}}, {0x80, 0x1, {0x3, 0x5}}, {0x800, 0x8, {0x3, 0x100}}, {0x8, 0x20, {0x1, 0x6}}, {0x40, 0xfe00, {0x3, 0x44dc}}, {0x2, 0x2, {0x2, 0xdd7e}}, {0xfffa, 0x3, {0x2}}, {0x22, 0xe7f, {0x0, 0x4}}, {0x3, 0x5491, {0x0, 0x80000000}}, {0xffff, 0x401}, {0x6, 0x9, {0x3, 0x3}}, {0x3, 0x6, {0x2, 0x2}}, {0x81, 0xf2, {0x1, 0x2}}, {0x5, 0x7, {0x3, 0x3d0}}, {0x8, 0x1f, {0x30fe3e3e9e73b6a7, 0x7fff}}, {0x1, 0x8, {0x0, 0x2}}, {0xf7c9, 0x7db, {0x2, 0x81}}, {0x40, 0x5, {0x2, 0x6}}, {0x9, 0x1, {0x2, 0x8001}}, {0xd1e2, 0x3, {0x0, 0x5d}}, {0x48, 0x1, {0x0, 0x10}}, {0xb1, 0x8976, {0x3, 0x7}}, {0x5, 0x9, {0x2, 0x4}}, {0x401, 0x7fff, {0x2, 0x7fffffff}}, {0x3, 0xf000, {0x0, 0xfffffffe}}, {0x81, 0x401, {0x3, 0x129}}, {0xffff, 0xf92, {0x0, 0x100}}, {0xee, 0x5, {0x3, 0x80}}, {0x6, 0x401, {0x1, 0x3}}, {0x0, 0x8, {0x0, 0x7}}, {0x3, 0x8001, {0x2, 0x4}}, {0xfff9, 0x8001, {0x2, 0x6}}, {0x4, 0x0, {0x0, 0x8}}, {0x217, 0x4, {0x3, 0x7fff}}, {0x3b2f, 0x1, {0x2, 0x8ff4}}, {0xa4c, 0x8, {0x0, 0x2}}, {0x4000, 0xffff}]}}}, {{0x254, 0x1, {{0x1, 0x2}, 0x2, 0x81, 0x7, 0x7, 0x8, 'syz1\x00', "10116502c20936627721139595269aabf12c2e1c2afe2432a05b655668dec376", "2c38dfe391ba596b23ef1052a3247269a7fdd357854a0c3e14ce50e0853e8446", [{0xdf75, 0x400, {0x1}}, {0x401, 0x0, {0x3, 0x21}}, {0x4, 0x6, {0x3, 0x3f}}, {0xfffc, 0x0, {0x1, 0xc0000000}}, {0xbdf, 0xff, {0x3, 0x72}}, {0x81, 0x81, {0x0, 0x4}}, {0x4, 0xffe0, {0x1, 0x10001}}, {0x0, 0x7, {0x3, 0x4}}, {0x5, 0xb457, {0x1, 0xca57}}, {0x150c, 0x9, {0x1, 0x7fff}}, {0x3f, 0xff, {0x3, 0x2}}, {0x4, 0x9, {0x1}}, {0x7, 0x8, {0x3, 0x8}}, {0x1, 0x3, {0x2, 0x2}}, {0x7, 0x1, {0x1, 0x8}}, {0xff, 0x3, {0x3, 0x1}}, {0x5, 0x9, {0x3, 0x9}}, {0x4, 0x40, {0x3, 0x1}}, {0x7, 0x2, {0x3, 0x6}}, {0x4, 0x9}, {0x100, 0x8, {0x0, 0x5}}, {0x400, 0x1000, {0x2, 0x800}}, {0x2, 0x1, {0x0, 0x26a}}, {0x9, 0x2, {0x2}}, {0x8000, 0x3, {0x0, 0xfffffffa}}, {0x2, 0x40, {0x2, 0x7}}, {0x6, 0x5, {0x2, 0x5}}, {0x7b0, 0x4, {0x3, 0xa0000000}}, {0x7fff, 0x7, {0x3, 0xd26}}, {0xee0c, 0xff11, {0x1, 0x1}}, {0x400, 0x9, {0x2, 0x8000}}, {0x6, 0x2, {0x0, 0x1}}, {0x9, 0x3, {0x0, 0x1}}, {0x8, 0xffff, {0x3, 0x4}}, {0x3, 0x9, {0x0, 0x2a}}, {0x401, 0x7299, {0x1}}, {0xfffd, 0xf720, {0x3, 0x10001}}, {0x5, 0x7fff, {0x0, 0x101}}, {0x5, 0x4, {0x0, 0x2}}, {0x6b21, 0x8a, {0x1, 0xfffffffe}}]}}}, {{0x254, 0x1, {{0x1, 0x3}, 0x81, 0x0, 0x9, 0x5, 0x28, 'syz0\x00', "4023fd2d098d83f0725a299c1a2dcc3d6e16e78733edf3ec9fab248964f0e42f", "5827710507d8be62849ab90d7369a107651f56ed423b6f64cc7c1b5b12e06c7e", [{0x8, 0x9, {0x1, 0x3}}, {0x6, 0x40, {0x3, 0x2}}, {0x2, 0x2, {0x2, 0xf0}}, {0x544, 0xfffc, {0x0, 0x3}}, {0xd97c, 0x9, {0x2, 0x4f7}}, {0x2, 0x829, {0x0, 0x9}}, {0xffff, 0xe3a, {0x1, 0x80000000}}, {0xffff, 0x4, {0x2}}, {0x7fff, 0x6, {0x1, 0xffffffff}}, {0x1, 0x9, {0x2, 0x7fff}}, {0x9, 0xde6, {0x2, 0x7}}, {0x65aa, 0xba6, {0x0, 0x2}}, {0x9, 0x7ff, {0x3, 0xf30}}, {0x8000, 0x1, {0x2, 0x786}}, {0x401, 0x1, {0x0, 0x9}}, {0xff}, {0x7ff, 0x8, {0x3, 0x8}}, {0x361d, 0xc46}, {0x8, 0x0, {0xcd90c835c23b07b5, 0x1}}, {0x7, 0x9}, {0x3ff, 0xc2, {0x1, 0x2}}, {0x0, 0x5, {0x2, 0x2ca}}, {0x3, 0x80, {0x1}}, {0x8001, 0x0, {0x3, 0x800}}, {0x8001, 0x20, {0x0, 0x22}}, {0x20, 0xb50, {0x2, 0xb40}}, {0x0, 0x81, {0x2}}, {0xffff, 0x7fff, {0x2, 0x6}}, {0x40, 0x3f, {0x0, 0x2}}, {0x8, 0x5, {0x2, 0x10001}}, {0x7ff, 0x357, {0x3, 0xffffff7f}}, {0x0, 0x1f, {0x2, 0x7fff}}, {0x7, 0x7a, {0x2, 0xffffffff}}, {0x5, 0x0, {0x0, 0x815e}}, {0x40, 0x9, {0x3, 0x9cb}}, {0x4, 0xff, {0x0, 0x4}}, {0x2, 0x1800, {0x3, 0xbd}}, {0x7, 0x100, {0x0, 0x7}}, {0x1000, 0x81, {0x0, 0x6}}, {0xa43, 0x7, {0x1, 0x6}}]}}}, {{0x254, 0x1, {{}, 0x1, 0x0, 0xf6f7, 0x7, 0x1c, 'syz1\x00', "7aaf1734e2b2568052450fad48f231ff7ff9c55c85c82921552404ec94375257", "eb499b225248d2e06c1f3aae39f108137f20c834a2f1d22107c5fe6dfce8b543", [{0x9, 0x0, {0x0, 0xffffffff}}, {0x0, 0x6a9e, {0x1, 0x7}}, {0x101, 0x0, {0x0, 0x4}}, {0x30d, 0x80, {0x1, 0x3}}, {0x4, 0x5, {0x0, 0x7}}, {0x1ff, 0x27, {0x3, 0x3}}, {0x3, 0x9, {0x2}}, {0x7fff, 0x800, {0x2, 0x80000001}}, {0xb6, 0x2d4, {0x3, 0x4}}, {0x9, 0x80, {0x1}}, {0x8, 0x8001, {0x0, 0x200}}, {0x401, 0x8, {0x0, 0x80}}, {0x3, 0x0, {0x2}}, {0x101, 0x7, {0x0, 0xfff}}, {0x0, 0x9, {0x2, 0x7}}, {0x1, 0x5, {0x2, 0xffff85d8}}, {0x3, 0x7, {0x0, 0x9}}, {0x0, 0xfff, {0x3}}, {0x31, 0xe9, {0x3, 0x7}}, {0x200, 0x5, {0x0, 0x3}}, {0x0, 0x0, {0x0, 0x91}}, {0x9, 0x0, {0x2, 0x80}}, {0xe172}, {0x7, 0x4, {0x0, 0x6}}, {0x20, 0xffff, {0x3, 0x101}}, {0x5, 0x818, {0x0, 0x9}}, {0x100, 0x400, {0x1, 0xffff0001}}, {0xfd, 0x746, {0x0, 0x3}}, {0x93, 0x3, {0x2, 0x20}}, {0x6, 0x0, {0x0, 0x80}}, {0x4}, {0x7d, 0x0, {0x1, 0x400}}, {0x600, 0x4, {0x2, 0x4afa}}, {0x5, 0x200, {0x1, 0xc1}}, {0x2, 0x5, {0x3, 0x5}}, {0x401, 0x0, {0x2, 0x1}}, {0x2, 0x3f, {0x2, 0x1}}, {}, {0x1, 0x1, {0x2}}, {0x9, 0x9, {0x2, 0x10000}}]}}}]}, 0x964}, 0x1, 0x0, 0x0, 0x800}, 0x40)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0)
r7 = socket(0x1, 0x803, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r9}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x781}]}, 0x34}}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x7, 0x0, 0x0)

2.205508724s ago: executing program 3:
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000940)="d7", 0x1}], 0x1}, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x88)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x7, 0x4) (async)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x7, 0x4)
socket$can_raw(0x1d, 0x3, 0x1) (async)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'erspan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'erspan0\x00', <r5=>0x0})
sendto$packet(r3, &(0x7f00000002c0)="02030500d3fc030000004788031c09101128", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000300)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}], 0x90}, 0x8000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x14, &(0x7f0000001080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000c00000085000000030000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = socket(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r12 = openat$cgroup_ro(r11, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r12, 0x40305828, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x1ffff})
ioctl$FS_IOC_RESVSP(r12, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xa01f})
r13 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37}}}]}, 0x78}}, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x33, &(0x7f0000000000), 0x5}, 0x0) (async)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x33, &(0x7f0000000000), 0x5}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r15=>0x0})
socket$netlink(0x10, 0x3, 0x0) (async)
r16 = socket$netlink(0x10, 0x3, 0x0)
writev(r16, &(0x7f0000000180)=[{&(0x7f0000000400)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) (async)
writev(r16, &(0x7f0000000180)=[{&(0x7f0000000400)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r15, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.928914614s ago: executing program 0:
r0 = socket(0x0, 0x803, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000008001f0ffff000000000001000014000100"], 0x54}}, 0x0)

1.823734028s ago: executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}], 0x1c)
pipe(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x1a, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_RAW={0x8}, @TCA_CAKE_FLOW_MODE={0x0, 0x5, 0x2}]}}]}, 0x48}}, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000240)={0x28, 0x0, 0xffffffff, @hyper}, 0x10, 0x800)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB='-', @ANYRESDEC=r7, @ANYRESDEC], 0x44)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1}, 0x90)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)
ppoll(0x0, 0x0, &(0x7f0000000500)={0x0, 0x3938700}, &(0x7f0000003dc0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r5}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'syztnl2\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x7800, 0x0, 0x0, 0x80, {{0x15, 0x4, 0x0, 0x4, 0x54, 0x66, 0x0, 0xb0, 0x0, 0x0, @loopback, @empty, {[@lsrr={0x83, 0xb, 0x7e, [@multicast1, @loopback]}, @timestamp_prespec={0x44, 0x2c, 0xa9, 0x3, 0xa, [{@multicast1, 0x3}, {@private=0xa010100, 0x1}, {@remote, 0x6}, {@loopback, 0x1936}, {@dev={0xac, 0x14, 0x14, 0x36}, 0x20}]}, @lsrr={0x83, 0x7, 0xf1, [@multicast2]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000140))

1.734304152s ago: executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$netlink(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
listen(r1, 0x81)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_channels={0x10}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r4, 0x0, 0x70bd2b, 0x4, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(r3, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x38, r4, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x75adc41b, 0x1a}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x89}, 0x24000000)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x34, r4, 0x0, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xfffffff9, 0x1}}}}, [@NL80211_ATTR_REASON_CODE={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ec0f4aef314d"}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8914, &(0x7f0000000040)={'bond0\x00', 0x400})
getpeername$packet(r2, &(0x7f0000000cc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000d00)=0x14)
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f0000000780)={&(0x7f0000000980)=ANY=[@ANYBLOB="20000004130a01030000000000000000010000e794874a74738e4655030c0006400000140900000005d0723de324dd78f2b1c145e6fb71bfc79d8d07e2769c5b18fca4bb294362b42c7e98beccb6d4fdc64cb29ddaa8ba065da3b54dddac64cde301f19cc22ef87c904cd248e1a1fd32b554dad090a8547d24113fdc29483160c0f20000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20004090}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000006c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r6, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x30}, @void, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x40004)
sendmsg$NL80211_CMD_ABORT_SCAN(r5, &(0x7f0000000840)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000dc0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="2822809cdf4bbe7149b30259c92469d2e3091ad98edf01db2a58a2df1c375f91042eca76c45b23c737289c82b29bb0", @ANYBLOB="000426bd7000fbdbdf257200000008000300", @ANYRES32=r8, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x6)
sendmsg$NL80211_CMD_GET_MPATH(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, r4, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0x16}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x28014044)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x14b}, {&(0x7f0000000280)=""/85, 0x53}, {&(0x7f0000000fc0)=""/4096, 0x84}, {&(0x7f0000000400)=""/106, 0x464}, {&(0x7f0000000740)=""/73, 0x60}, {&(0x7f0000000200)=""/77, 0x630}, {&(0x7f00000007c0)=""/154, 0x4a}, {&(0x7f0000000100)=""/16, 0x2ac}], 0x298, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000a40)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x40, 0x7, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x809b}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x67}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x73}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x880}, 0x4005)

1.682514741s ago: executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002500)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c295122a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e720c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1940d55289f668c423fcbb31ae91864c882313151741a67538c9689df8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6c64c382680fdc8f7eeafce2e993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc1d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfc8c00000000000000afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983155851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x16, &(0x7f0000000000)='/proc/0\x00\xff\xff\xff\xd9_,\xae\xf4t\x00AE\xf44'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x1c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x18, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x8}]}]}, @ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x3c}}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0x97}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0)

1.556573837s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r1, &(0x7f0000000400)=[{&(0x7f00000004c0)=""/248, 0xf8}], 0x87, 0x7000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000dc0)='rcu_utilization\x00', r0}, 0x5e)

1.527890418s ago: executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r2, 0x125, 0x0, 0x0, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}}, 0x0) (fail_nth: 4)

1.148937941s ago: executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000004f00)={0x0, 0x0, &(0x7f0000004ec0)={&(0x7f0000004f40)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x7c}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3, 0x48}, @timestamp={0x44, 0xc, 0x5, 0x0, 0x0, [0x0, 0x0]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)

1.080283409s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xe0, 0x3, 0x8, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x22eb}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7fff}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xc}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x1b6ea53e}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x9bb2}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x86dd}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8035}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}]}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$kcm(0x11, 0x2, 0x300)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x11c, 0x9, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x20}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_ADT={0x68, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x35}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0xffffffff00000000}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @multicast}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x80}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x9}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x8}}]}, @IPSET_ATTR_DATA={0x74, 0x7, 0x0, 0x1, [@IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0xfffffffffffffffa}, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x2}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x8}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xed}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x40}, @IPSET_ATTR_IFACE={0x14, 0x17, 'vlan0\x00'}, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x9}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x10001}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x11c}, 0x1, 0x0, 0x0, 0x4000054}, 0x4)
r4 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000440)={{0x3, @rose}, [@remote, @null, @rose, @bcast, @remote, @null, @bcast, @rose]}, &(0x7f00000004c0)=0x48, 0x0)
getsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000500)=0x6eca, &(0x7f0000000540)=0x4)
close(r2)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x20)

678.48812ms ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0000f5", 0x14, 0x6, 0x0, @remote, @remote, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

626.614098ms ago: executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00', 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000003700)=[{{0x0, 0xf000000d, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/126, 0x7e}], 0x1}}], 0x2, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="9e685760794f93d5148a96de6f79285dad5de4da19e0a4d207b64f033a3f27c70bc955fd75", 0x25}], 0x1, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x5}], 0x18}, 0x0)

619.226649ms ago: executing program 3:
r0 = socket(0x0, 0x803, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000008001f0ffff000000000001000014000100"], 0x54}}, 0x0)

585.833274ms ago: executing program 2:
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x7, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x3b}, @ldst={0x1, 0x3, 0x1, 0x8, 0x6, 0x2, 0xffffffffffffffef}, @map_fd={0x18, 0x9, 0x1, 0x0, r1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='contention_end\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x20000000}, 0x48)
bind$qrtr(r0, 0x0, 0x0)

512.833881ms ago: executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x4c, r1, 0x1, 0x60, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_FRAME={0x1c, 0x33, @data_frame={@msdu=@type10={{}, {}, @from_mac, @device_b, @broadcast}, @a_msdu}}]}, 0x4c}}, 0x0)

474.622971ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071123f000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)

435.822626ms ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000000)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}]]}, 0x30}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000006740)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000cc0)="955b2edc3a78b5ed4e6cde440c026c6f7d564fd23050fc27ecbaff4fc23674f59ca3dd3acb05e48c0449feb1699cc987105b7b5ea7a0106ddc4226cc77aa0b8e00e3311ff8b790d6965f8ffdc026f10384c9492b7c79021f33af475ca7b72cbd87583c2ab3c6106fd9e4546c61b214e56e5ae9d0dd3b8578a095af8719296019c64391c35e0388fd968d63059a6c2a7166dd28ddebacb0dfb9aab1caf9078429b3e3a850b469901a30ccc2fa9d37772aaef2001cdaf5544526b20afb913166a7aabd961358655684e2e7f7f49269f35b9c4a8dbc53f16ee3fa36c5297fdb077a37058288389060be93c98fb42ba819bd458795a4e798abd68d62697bc95e5e05a6d26207792356c656f8f6f00100000080edd1cb8e60c82953db7fdd9f034a97b88b0971bffcde7aa3ba7dab90a7a31b83cecf56192b760f4299a04a08fbfd071c286a6b087b8954c72db7c64b7c15d5ed0ad613df2be4f6a712ad0821ea1978317e34f01cd4186fa72222463f9c8e499176584539ba96f389", 0x179}, {&(0x7f0000003380)="cb0a966b58b85d94526d04efb1a7750ff6a1edca75e04c0246f46fcf70f67414ae9539ccbfe27b8fc7bee1202a1e6cb365e0182517f74e37cf53fdc250b10151b675aa5126c9da88d4121a91d78a8f8ac1a536b3b7e93fa03560696174d0c8852366b751b3a4b284fc19ebac33e899d561ce631585e79c993bc72347c27e73f7854c302b08fd2debbebefe2ebd536d0d3d2a036feb3378ae9e512cc76d404a0329744a8d11ee5665e00f92cd4eb8c3ef50c3af0e2b57baabcb79eea1b0aea587478d87b4fa1fd8125fbe63e507e18b67a8ef09f830115a3cc88abd6d6bcdd982cea39bb7add3cb9fe46dc096d53a0400d14c27b74d2faf3af7bae418cc0122acca0eaff55a4c264d191a7beab70232b772d66459", 0x114}], 0x2}}, {{0x0, 0xfffffffffffffce5, &(0x7f0000000040)=[{&(0x7f0000000ec0)="bdb2600dc8d5d5b93e2de4213650aea3e35a128eaae97adbc821d6c68024e8ba1e7345e3680438f90cb68df4187da1848e88d85bdaff0a01a24b19b1674d4fdf74099172ed178e2dfa4d1c5d144a754f32f2b56cdc9103b2997a1e0d95fcaee24d775873c71c8d236f7f83560b25ea91b0d7841783123793a5121898de23da6f33664650c138cd7aef41e86f6ee4cc95a98b78ebd117b6d5c312c0e8c18ac15aa3d1e4ae6ef06af64ee5fe7962595f8eb66298ee32178596deb0968bb1252f62e3df4d1872bbfe80263bb459cf62116795aad3ce3d73aa270b4097f15c619835d8a4895482676799643fdfbe50a9ce29893fdf3423700af9920dd0a84e4a92c3b86a9d781793a9a1519bb136b0e9ec242bbce698f6c7114cd9da8dc885c8a1a8988dcf14c08a005ace31a2609ab549c8c7e619b4b299809c22e81e1b04e1e65b98efe6251f3bcb43fd3f5071e1b8aba34569e52d74996031593cb741887f90d356317ad4252fbcd7d81578d5f02628adaa39df2a00417c080d46fa5f8d16dc4a088b6b618e324f6f82830d38c912e6849cc1d41a7ae0a7e945c02161bcc4ab600ad505f5d195b3f673e0de3ff8bcd9257bbdd1447d30c50963461ae865f6c0111986549bad9c4f2636f74059876d068d6552f79ad830a6028f73c90690df2ef4131eaf229a4a3c1f37e123c5d21c15aa325ee6f51bc051f45ff7f03d8318e9b89b3001000f10e41ba1d7c27dd38e7c3cd643af39a68a5d91680e0200000071e3b14fb650691a874f1bf4aee0ee35cb2079f00e085e34bc96b30975e99bb52b40c09a4112f95e39406b581756162bee17371d209f08709b0859f0a2bf41f1d26856a677ae034a529f5e3d5eed923723732e69c024be9f0a84f8aedbf9f9d8e14621f01d482e393a88be9b3b12dc2e9a6ad2e1e745609934f2ba9c35748619f15a8e2e33c131200ea237621e35ac3113dd53bf41e187d5484c7091ee733ca79f269cd42198600a543588e69c250d4f8871e99e9ed8aee530f4384f901f7d62dd3af3aca3b8d2a5aa954477e337eb5c75d77f8c0980395120ff31f8c9e54f9376b87b160c55e685b79fd95d715297e3a6a01a341f971294a7c3cb376374a303f0", 0x31f}], 0x1}}], 0x3, 0x2000c048)
sendto$inet(r4, &(0x7f0000000140)="e9", 0x1, 0x60040040, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="f6efe491b1b73a3b88a74051e42b3a870900b82b8fa904f852ab504a1769bf22bfbbc957126c5743611400449112137433e6c849c25b74bbff98ffba3bc3e822fab4c950895b80e5e1db5342bca25eefb2892e76b2aeaf8241c130d814a4ab76", @ANYRES16=r2, @ANYBLOB="000827bd7000fedbdf252800000008000300", @ANYRES32=r5, @ANYBLOB="04005f00e8002a0005df07d780f477e2a22f758bd27b9b0029c3d978dccb5870b693d6a11840d824922eacd62de5c567cadeaae15563f8004cb3bb6feb77593f7bc6aad07edf2621d151626b5e532e6e5a722890aaf94541635e1932992b6a2374814691cd7b4b78c4a20360f767b601900c9f64b88b27508784827deabfb24365785bf9a293766855a27f18784de6ecc6f29bc43110be603af5e2aa636f6d01eb994386b9be47a4c36bfc85ba8518774da69454b12820f2d232ac9040b0d5029be942b2841a6231198093e0ad21b6f0c559a4659b27cd78de8afbf4527e1c8e8a89870c5d5c9b340110016b1500340082abba45c58ed0c891f76979f54a6ccaa400000006003600eec10000ea002a00720603030303030337dc04077bbf17a34e03a3ed798362c21c07f13c93addc1a2236e5dc09f8fecfe495c8abdb1a41bd6c09f9255397dd578974d4174255a7e65c853abfa45715b75f3d91f006a645742ce87c548c240c8eb1795a8c0226d9f0d7eef977ef3dea30f09a05e0f5b5ac1623b8a04ba33cce0480f815a1cdfed44f174f67db030511524f4ed0010a26d03e331bd8b69f11590227439901bed8386677889c738e710d7b8c933c2da4e3dd4b1ecfb3ae4d0d8037b445291831bb28da0114e98edaa22f7ac8ad9b2c5a2cdf485f159a87bf67020621e8b677f04502067b7c8efed9fe0000220034006907d806cffc2ec01ce8aa97c5b0834903c10a32e6574700540d4431afce0000"], 0x238}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101080000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff08000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a0b0400000000000000009f291bf748000480440001800a00010072616e6765000000340008000140000000000800024000000000040004801c0003801500010073de9a9dab8d0bb48ce6ecb580061af5210000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a0000"], 0x9c}}, 0x0)

401.893523ms ago: executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
socket$rds(0x15, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
write$bt_hci(0xffffffffffffffff, 0x0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r4, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r4, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x18, r2, 0x1, 0x0, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000580)=ANY=[@ANYBLOB="f8000000100001000000000000000000fe800000000000000000000000000000ac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000003300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000001000080ffffffff000000000000000000000000000000000000000000000000000000000200000000000000000000000800160000000000"], 0xf8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x8400, 0x2, 0x8, 0x1206, r0, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1, 0xf}, 0x46)
socket$inet6_tcp(0xa, 0x1, 0x0)

337.567335ms ago: executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="30000000390009000000000000000010020000000000000010000180c9b6c6a3304743a6"], 0x30}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000020240), 0x10010)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'erspan0\x00'})
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89ed, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x11c, 0x4, 0x0, 0x74efdfe049b861ab)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYBLOB, @ANYRES32, @ANYBLOB="0a00060008021100000000002c0050800400050011000100cabee339084eeef16f162471f4000000080007000000000005"], 0x54}}, 0x0)
unshare(0x6020400)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0)
sendto$phonet(0xffffffffffffffff, &(0x7f00000000c0)="d6", 0x1, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f0000000000)={0xcb8abed, 0xffbffffffffffff8})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x0, 0x15}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x90)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r2, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"])
bind$qrtr(r2, &(0x7f0000000000)={0x2a, 0x2, 0x4001}, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}}, 0x0)

295.974075ms ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0xc000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0)

259.687138ms ago: executing program 3:
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}], 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x7b000000, &(0x7f0000000040), 0x10)

124.764609ms ago: executing program 3:
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev}, @dest_unreach={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaacce39067774286dd604dd308000b2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa2c"], 0x0)
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@private}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

73.251865ms ago: executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000040)=0x37, 0x4)
setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000000)={@empty, @dev={0xac, 0x14, 0x14, 0x29}, @broadcast}, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x78, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1b, 0x24, [{0x24, 0x1}, {0x16, 0x1}, {0x12, 0x1}, {0x10}, {0x1, 0x1}, {0x48, 0x1}, {0x48}, {0x4}, {0x12, 0x1}, {0xc}, {0x19}, {0x36}, {0x36}, {0x30, 0x1}, {0x4}, {0x1b}, {0xc, 0x1}, {0x18, 0x1}, {0x2}, {0x1b, 0x1}, {0x3, 0x1}, {0x1}, {0x6}]}, @NL80211_ATTR_KEYS={0x30, 0x51, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "a7fd4531296b6353d1f3e08847"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_SEQ={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, @NL80211_ATTR_SSID={0x5, 0x34, @random="81"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}]]}, 0x78}}, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004a00003c0000000000069078e0000002ac1414bb441405671f43790000000000ac1414000000000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5cc2000090780000"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000040)=0x37, 0x4) (async)
setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000000)={@empty, @dev={0xac, 0x14, 0x14, 0x29}, @broadcast}, 0xc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x78, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1b, 0x24, [{0x24, 0x1}, {0x16, 0x1}, {0x12, 0x1}, {0x10}, {0x1, 0x1}, {0x48, 0x1}, {0x48}, {0x4}, {0x12, 0x1}, {0xc}, {0x19}, {0x36}, {0x36}, {0x30, 0x1}, {0x4}, {0x1b}, {0xc, 0x1}, {0x18, 0x1}, {0x2}, {0x1b, 0x1}, {0x3, 0x1}, {0x1}, {0x6}]}, @NL80211_ATTR_KEYS={0x30, 0x51, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "a7fd4531296b6353d1f3e08847"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_SEQ={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, @NL80211_ATTR_SSID={0x5, 0x34, @random="81"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}]]}, 0x78}}, 0x0) (async)
listen(r0, 0x0) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004a00003c0000000000069078e0000002ac1414bb441405671f43790000000000ac1414000000000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5cc2000090780000"], 0x0) (async)

0s ago: executing program 4:
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_pktinfo(r0, 0x0, 0x29, 0xffffffffffffffff, &(0x7f0000000040)=0x36)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000440)={'wlan0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x4}})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in=@multicast1, @in6=@mcast1}}, {{@in6=@mcast1}, 0x0, @in=@remote}}, 0xe8)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000005900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRES16=r2], 0x4b0}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000456422d8b704000000000000850000005800000095"], 0x0}, 0x90)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000007"], 0xd)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r7, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="740000004900010000000000000000000a000000", @ANYRES32, @ANYBLOB="00000000140001"], 0x74}}, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000300)=ANY=[@ANYRESHEX, @ANYBLOB='f'], 0x44)
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r10, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x0, 0x8000, 0x4a9}, 0x1c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$BTRFS_IOC_DEV_INFO(r4, 0xd000941e, &(0x7f0000001b00)={0x0, "8204fe8989917abbc0f2726a9bdb7f83"})
unshare(0x0)

kernel console output (not intermixed with test programs):

: 0000000000000004
[  158.109530][ T8815] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  158.109542][ T8815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.109555][ T8815] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  158.109587][ T8815]  </TASK>
[  158.297947][ T8423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.326279][ T8423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.368710][ T8423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.403984][ T8423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.551300][ T8423] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.605969][ T8423] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.634309][ T8423] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.654688][ T8423] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.738207][ T8857] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  158.892424][ T8861] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  159.368285][ T8887] Driver unsupported XDP return value 0 on prog  (id 345) dev N/A, expect packet loss!
[  159.455639][ T3900] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.496757][ T3900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.614218][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.650338][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.762054][ T8906] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  160.166749][ T8922] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  160.179664][ T8922] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  160.190063][ T8922] netlink: 16074 bytes leftover after parsing attributes in process `syz-executor.2'.
[  160.193659][   T29] audit: type=1804 audit(1719093264.284:14): pid=8892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/225/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0
[  160.203174][ T8922] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  160.248366][   T29] audit: type=1800 audit(1719093264.334:15): pid=8892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="cgroup.controllers" dev="sda1" ino=1958 res=0 errno=0
[  160.277190][ T8922] bond0: entered allmulticast mode
[  160.302665][ T8928] xt_CT: You must specify a L4 protocol and not use inversions on it
[  160.331978][ T8922] bond_slave_0: entered allmulticast mode
[  160.364067][ T8922] bond_slave_1: entered allmulticast mode
[  160.866515][ T8953] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  161.043358][ T8963] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  161.894153][ T9001] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  162.233663][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.268600][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  162.281948][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  162.305934][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  162.321483][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  162.331442][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  162.348908][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  162.392107][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.525088][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.638426][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.662316][ T9020] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  162.693467][ T9020] macvtap1: entered promiscuous mode
[  162.703128][ T9020] team0: entered promiscuous mode
[  162.708213][ T9020] team_slave_0: entered promiscuous mode
[  162.739278][ T9020] team_slave_1: entered promiscuous mode
[  162.755725][ T9020] macvtap1: entered allmulticast mode
[  162.761822][ T9020] team0: entered allmulticast mode
[  162.767115][ T9020] team_slave_0: entered allmulticast mode
[  162.779677][ T9020] team_slave_1: entered allmulticast mode
[  162.786924][ T9020] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  162.833237][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.208980][   T51] bridge_slave_1: left allmulticast mode
[  163.217416][   T51] bridge_slave_1: left promiscuous mode
[  163.238358][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.261254][   T51] bridge_slave_0: left allmulticast mode
[  163.279979][   T51] bridge_slave_0: left promiscuous mode
[  163.291386][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.519509][ T9054] tipc: Can't bind to reserved service type 0
[  163.740620][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  163.755460][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  163.768430][   T51] bond0 (unregistering): Released all slaves
[  163.806118][ T9046] net veth1_virt_wifi �������: renamed from virt_wifi0
[  163.832757][ T9053] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  164.102782][ T9008] chnl_net:caif_netlink_parms(): no params data found
[  164.459227][ T5119] Bluetooth: hci3: command tx timeout
[  164.537999][ T9008] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.554613][ T9008] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.565674][ T9008] bridge_slave_0: entered allmulticast mode
[  164.595498][ T9008] bridge_slave_0: entered promiscuous mode
[  164.619013][ T9008] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.639436][ T9008] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.653337][ T9008] bridge_slave_1: entered allmulticast mode
[  164.673896][ T9008] bridge_slave_1: entered promiscuous mode
[  164.727263][   T51] hsr_slave_0: left promiscuous mode
[  164.743373][   T51] hsr_slave_1: left promiscuous mode
[  164.769799][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.798945][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.830359][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.837845][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.895400][   T51] veth1_macvtap: left promiscuous mode
[  164.901420][   T51] veth0_macvtap: left promiscuous mode
[  164.908276][   T51] veth1_vlan: left promiscuous mode
[  164.913811][   T51] veth0_vlan: left promiscuous mode
[  165.424300][   T51] team0 (unregistering): Port device team_slave_1 removed
[  165.463232][   T51] team0 (unregistering): Port device team_slave_0 removed
[  165.850974][ T9126] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  165.937205][ T9119] sit0: entered promiscuous mode
[  165.954952][ T9119] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  165.977346][ T9119] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'.
[  166.067958][ T9008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.084195][ T9008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.240592][ T9008] team0: Port device team_slave_0 added
[  166.284265][ T9008] team0: Port device team_slave_1 added
[  166.359188][ T9136] vlan2: entered promiscuous mode
[  166.457861][ T9008] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.479583][ T9008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.538151][ T9008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.539041][ T5119] Bluetooth: hci3: command tx timeout
[  166.586666][ T9008] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.613960][ T9008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.715390][ T9008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.777274][ T9152] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  166.828197][ T9161] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ΰ»Rΰ.Θ””y™l‰²ΰφό;{²49ή.0πS&–
[  166.916861][ T9008] hsr_slave_0: entered promiscuous mode
[  166.927409][ T9008] hsr_slave_1: entered promiscuous mode
[  166.933950][ T9008] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  166.942035][ T9008] Cannot create hsr debugfs directory
[  167.073566][ T9169] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  167.426309][ T9186] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  167.679108][ T9200] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  168.275150][ T9240] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  168.566216][ T9008] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  168.595906][ T9008] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  168.619692][ T5119] Bluetooth: hci3: command tx timeout
[  168.644224][ T9008] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  168.665475][ T9254] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  168.675602][ T9008] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  168.677898][ T9254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  168.693836][ T9254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  168.715206][ T9254] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  168.729983][ T9259] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  168.740627][ T9259] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.4'.
[  169.037360][ T9008] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.126051][ T9272] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  169.187911][ T9272] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  169.219398][ T9008] 8021q: adding VLAN 0 to HW filter on device team0
[  169.282582][ T5189] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.289782][ T5189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.340747][ T9291] sctp: [Deprecated]: syz-executor.2 (pid 9291) Use of struct sctp_assoc_value in delayed_ack socket option.
[  169.340747][ T9291] Use struct sctp_sack_info instead
[  169.368190][ T5189] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.375443][ T5189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.762516][ T9308] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  169.976350][ T9008] 8021q: adding VLAN 0 to HW filter on device batadv0
[  170.172105][ T9008] veth0_vlan: entered promiscuous mode
[  170.235219][ T9008] veth1_vlan: entered promiscuous mode
[  170.388622][ T9008] veth0_macvtap: entered promiscuous mode
[  170.433141][ T9008] veth1_macvtap: entered promiscuous mode
[  170.546508][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.567891][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.593242][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.624388][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.651119][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.681523][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.698948][ T5119] Bluetooth: hci3: command tx timeout
[  170.735873][ T9008] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.813280][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.852036][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.878842][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.908796][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.923799][ T9008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.935565][ T9008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.955676][ T9008] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.980707][ T9362] __nla_validate_parse: 1 callbacks suppressed
[  170.980727][ T9362] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  171.075770][ T9359] mac80211_hwsim hwsim4 ������: renamed from wlan1
[  171.113248][ T9008] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.122466][ T9008] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.136977][ T9008] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.146394][ T9008] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.397525][ T9380] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  171.407547][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.424965][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.507105][ T2898] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.559104][ T2898] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.577260][ T9392] syzkaller0: entered allmulticast mode
[  171.644865][ T9392] syzkaller0 (unregistering): left allmulticast mode
[  171.655111][ T9396] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  171.768546][ T9399] syz-executor.2 (9399) used greatest stack depth: 18640 bytes left
[  171.869388][ T9405] FAULT_INJECTION: forcing a failure.
[  171.869388][ T9405] name failslab, interval 1, probability 0, space 0, times 0
[  171.882411][ T9405] CPU: 1 PID: 9405 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  171.892854][ T9405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  171.903036][ T9405] Call Trace:
[  171.906315][ T9405]  <TASK>
[  171.909241][ T9405]  dump_stack_lvl+0x241/0x360
[  171.914017][ T9405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.919215][ T9405]  ? __pfx__printk+0x10/0x10
[  171.923841][ T9405]  should_fail_ex+0x3b0/0x4e0
[  171.928544][ T9405]  ? skb_clone+0x20c/0x390
[  171.932984][ T9405]  should_failslab+0x9/0x20
[  171.937505][ T9405]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  171.942892][ T9405]  skb_clone+0x20c/0x390
[  171.947142][ T9405]  ? dev_queue_xmit_nit+0x220/0xc10
[  171.952341][ T9405]  dev_queue_xmit_nit+0x419/0xc10
[  171.957401][ T9405]  ? dev_queue_xmit_nit+0x2b/0xc10
[  171.962515][ T9405]  ? validate_xmit_skb+0x9f9/0x1120
[  171.967718][ T9405]  dev_hard_start_xmit+0x15f/0x7e0
[  171.972834][ T9405]  ? __pfx_validate_xmit_skb+0x10/0x10
[  171.978297][ T9405]  __dev_queue_xmit+0x1b0e/0x3d30
[  171.983332][ T9405]  ? __dev_queue_xmit+0x2d2/0x3d30
[  171.988451][ T9405]  ? __pfx___dev_queue_xmit+0x10/0x10
[  171.993824][ T9405]  ? __copy_skb_header+0x437/0x5b0
[  171.998936][ T9405]  ? __asan_memcpy+0x40/0x70
[  172.003524][ T9405]  ? __copy_skb_header+0x437/0x5b0
[  172.008637][ T9405]  ? __skb_clone+0x454/0x6c0
[  172.013248][ T9405]  ? skb_clone+0x240/0x390
[  172.017756][ T9405]  __netlink_deliver_tap+0x54d/0x7c0
[  172.023049][ T9405]  ? netlink_deliver_tap+0x2e/0x1b0
[  172.028242][ T9405]  netlink_deliver_tap+0x19d/0x1b0
[  172.033354][ T9405]  netlink_unicast+0x7be/0x990
[  172.038134][ T9405]  ? __pfx_netlink_unicast+0x10/0x10
[  172.043437][ T9405]  ? __virt_addr_valid+0x183/0x520
[  172.048557][ T9405]  ? __check_object_size+0x49c/0x900
[  172.053845][ T9405]  ? bpf_lsm_netlink_send+0x9/0x10
[  172.058965][ T9405]  netlink_sendmsg+0x8e4/0xcb0
[  172.063736][ T9405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.069022][ T9405]  ? __import_iovec+0x536/0x820
[  172.073869][ T9405]  ? aa_sock_msg_perm+0x91/0x160
[  172.078809][ T9405]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  172.084088][ T9405]  ? security_socket_sendmsg+0x87/0xb0
[  172.089546][ T9405]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.094830][ T9405]  __sock_sendmsg+0x221/0x270
[  172.099513][ T9405]  ____sys_sendmsg+0x525/0x7d0
[  172.104287][ T9405]  ? __pfx_____sys_sendmsg+0x10/0x10
[  172.109584][ T9405]  __sys_sendmsg+0x2b0/0x3a0
[  172.114180][ T9405]  ? __pfx___sys_sendmsg+0x10/0x10
[  172.119290][ T9405]  ? vfs_write+0x7c4/0xc90
[  172.123741][ T9405]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  172.130243][ T9405]  ? do_syscall_64+0x100/0x230
[  172.135019][ T9405]  ? do_syscall_64+0xb6/0x230
[  172.139697][ T9405]  do_syscall_64+0xf3/0x230
[  172.144198][ T9405]  ? clear_bhb_loop+0x35/0x90
[  172.148882][ T9405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.154858][ T9405] RIP: 0033:0x7fc2dfa7d0a9
[  172.159275][ T9405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  172.178882][ T9405] RSP: 002b:00007fc2e07dd0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  172.187294][ T9405] RAX: ffffffffffffffda RBX: 00007fc2dfbb3f80 RCX: 00007fc2dfa7d0a9
[  172.195265][ T9405] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  172.203240][ T9405] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  172.211206][ T9405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.219278][ T9405] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  172.227360][ T9405]  </TASK>
[  173.347020][ T9463] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  173.443488][ T9466] syzkaller0: entered allmulticast mode
[  173.554523][ T9466] syzkaller0 (unregistering): left allmulticast mode
[  173.931160][ T9488] syzkaller1: entered promiscuous mode
[  173.948154][ T9488] syzkaller1: entered allmulticast mode
[  174.521596][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.586635][ T9523] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  175.177934][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.306965][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.329985][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  175.343302][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  175.352940][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  175.381839][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  175.396660][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  175.410605][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  175.482804][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.581296][ T9573] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  175.624025][ T9573] Bluetooth: MGMT ver 1.22
[  175.822357][   T51] bridge_slave_1: left allmulticast mode
[  175.834348][   T51] bridge_slave_1: left promiscuous mode
[  175.846307][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.865569][   T51] bridge_slave_0: left allmulticast mode
[  175.878373][   T51] bridge_slave_0: left promiscuous mode
[  175.894980][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.356215][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.368546][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.380823][   T51] bond0 (unregistering): Released all slaves
[  176.436854][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  176.722684][ T9566] chnl_net:caif_netlink_parms(): no params data found
[  177.208470][ T9637] netlink: 212 bytes leftover after parsing attributes in process `syz-executor.4'.
[  177.357448][ T9643] openvswitch: netlink: Key type 7982 is out of range max 32
[  177.398133][   T51] hsr_slave_0: left promiscuous mode
[  177.420104][   T51] hsr_slave_1: left promiscuous mode
[  177.441124][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.461771][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.474677][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.483632][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.499149][ T5119] Bluetooth: hci3: command tx timeout
[  177.507467][   T51] veth1_macvtap: left promiscuous mode
[  177.513737][   T51] veth0_macvtap: left promiscuous mode
[  177.519711][   T51] veth1_vlan: left promiscuous mode
[  177.525103][   T51] veth0_vlan: left promiscuous mode
[  177.607795][ T9663] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  177.984825][   T51] team0 (unregistering): Port device team_slave_1 removed
[  178.027107][   T51] team0 (unregistering): Port device team_slave_0 removed
[  178.381353][ T9566] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.392899][ T9566] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.410712][ T9566] bridge_slave_0: entered allmulticast mode
[  178.439920][ T9566] bridge_slave_0: entered promiscuous mode
[  178.507915][ T9566] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.516822][ T9664] netlink: 232 bytes leftover after parsing attributes in process `syz-executor.2'.
[  178.526579][ T9566] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.541148][ T9566] bridge_slave_1: entered allmulticast mode
[  178.560224][ T9566] bridge_slave_1: entered promiscuous mode
[  178.652349][ T9566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.679643][ T9566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.829752][ T9566] team0: Port device team_slave_0 added
[  178.854371][ T9566] team0: Port device team_slave_1 added
[  178.918264][ T9566] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.935578][ T9566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.989165][ T9566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.013057][ T9566] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.026099][ T9566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.053145][ T9566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.066722][ T9689] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  179.093689][   T29] audit: type=1804 audit(1719093283.184:16): pid=9689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir112024444/syzkaller.Yyk6jY/311/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  179.211504][ T9566] hsr_slave_0: entered promiscuous mode
[  179.227745][ T9566] hsr_slave_1: entered promiscuous mode
[  179.249812][ T9566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  179.257811][ T9566] Cannot create hsr debugfs directory
[  179.420159][ T9705] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  179.589208][ T5119] Bluetooth: hci3: command tx timeout
[  179.894254][ T9739] x_tables: ip_tables: icmp match: only valid for protocol 1
[  180.471335][ T9566] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  180.503574][ T9566] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  180.539648][ T9566] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  180.551789][ T9765] vcan0: tx drop: invalid da for name 0x0000000000000001
[  180.573172][ T9566] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  180.808265][ T9566] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.907062][ T9566] 8021q: adding VLAN 0 to HW filter on device team0
[  180.941921][ T9778] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  180.968230][ T5112] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.975417][ T5112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.026152][ T5112] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.033481][ T5112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.051696][ T9784] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  181.174465][ T9789] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  181.221746][ T9789] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  181.253410][ T9789] syz-executor.4 (9789) used greatest stack depth: 18296 bytes left
[  181.367547][ T9800] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  181.643463][ T9566] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.669289][ T5119] Bluetooth: hci3: command tx timeout
[  181.722132][ T9566] veth0_vlan: entered promiscuous mode
[  181.761545][ T9566] veth1_vlan: entered promiscuous mode
[  181.841098][ T9566] veth0_macvtap: entered promiscuous mode
[  181.882372][ T9566] veth1_macvtap: entered promiscuous mode
[  181.977831][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.007796][   T29] audit: type=1800 audit(1719093286.094:17): pid=9829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1950 res=0 errno=0
[  182.015691][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.069037][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.074660][   T29] audit: type=1804 audit(1719093286.144:18): pid=9829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/262/memory.events" dev="sda1" ino=1950 res=1 errno=0
[  182.101487][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.145410][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.157102][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.170562][   T29] audit: type=1804 audit(1719093286.154:19): pid=9829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/262/memory.events" dev="sda1" ino=1950 res=1 errno=0
[  182.198095][ T9566] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.227230][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.255227][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.287355][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.298115][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.308868][ T9566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.327887][ T9566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.360233][ T9566] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.440562][ T9566] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.490563][ T9566] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.513330][ T9566] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.550191][ T9566] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.825421][  T953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.859890][  T953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.942721][ T9875] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  182.954366][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.978816][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.313390][ T9895] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  183.352954][ T9895] FAULT_INJECTION: forcing a failure.
[  183.352954][ T9895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.384945][ T9895] CPU: 1 PID: 9895 Comm: syz-executor.2 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  183.395405][ T9895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.405568][ T9895] Call Trace:
[  183.408865][ T9895]  <TASK>
[  183.411840][ T9895]  dump_stack_lvl+0x241/0x360
[  183.416547][ T9895]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.421769][ T9895]  ? __pfx__printk+0x10/0x10
[  183.426413][ T9895]  ? snprintf+0xda/0x120
[  183.430686][ T9895]  should_fail_ex+0x3b0/0x4e0
[  183.435393][ T9895]  _copy_to_user+0x2f/0xb0
[  183.439920][ T9895]  simple_read_from_buffer+0xca/0x150
[  183.445321][ T9895]  proc_fail_nth_read+0x1e9/0x250
[  183.450374][ T9895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.455944][ T9895]  ? rw_verify_area+0x514/0x6b0
[  183.460819][ T9895]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.466387][ T9895]  vfs_read+0x204/0xbd0
[  183.470568][ T9895]  ? __pfx_lock_release+0x10/0x10
[  183.475620][ T9895]  ? __pfx_vfs_read+0x10/0x10
[  183.480320][ T9895]  ? __fget_files+0x29/0x470
[  183.484930][ T9895]  ? __fget_files+0x3f6/0x470
[  183.489626][ T9895]  ksys_read+0x1a0/0x2c0
[  183.493872][ T9895]  ? __pfx_ksys_read+0x10/0x10
[  183.498627][ T9895]  ? do_syscall_64+0x100/0x230
[  183.503397][ T9895]  ? do_syscall_64+0xb6/0x230
[  183.508073][ T9895]  do_syscall_64+0xf3/0x230
[  183.512588][ T9895]  ? clear_bhb_loop+0x35/0x90
[  183.517268][ T9895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.523162][ T9895] RIP: 0033:0x7fdd7a87bd4c
[  183.527571][ T9895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48
[  183.547173][ T9895] RSP: 002b:00007fdd7b5530c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.555593][ T9895] RAX: ffffffffffffffda RBX: 00007fdd7a9b3f80 RCX: 00007fdd7a87bd4c
[  183.563554][ T9895] RDX: 000000000000000f RSI: 00007fdd7b553130 RDI: 0000000000000005
[  183.571515][ T9895] RBP: 00007fdd7b553120 R08: 0000000000000000 R09: 0000000000000000
[  183.579487][ T9895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.587478][ T9895] R13: 000000000000000b R14: 00007fdd7a9b3f80 R15: 00007ffc423b2038
[  183.595467][ T9895]  </TASK>
[  183.669930][ T9901] syzkaller1: entered promiscuous mode
[  183.675453][ T9901] syzkaller1: entered allmulticast mode
[  184.064840][ T9920] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  184.239675][   T29] audit: type=1800 audit(1719093288.334:20): pid=9928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1950 res=0 errno=0
[  184.295211][   T29] audit: type=1804 audit(1719093288.374:21): pid=9928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/272/memory.events" dev="sda1" ino=1950 res=1 errno=0
[  184.327497][   T29] audit: type=1804 audit(1719093288.384:22): pid=9928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/272/memory.events" dev="sda1" ino=1950 res=1 errno=0
[  184.887724][ T9965] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  185.334576][ T9972] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  185.460256][  T953] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.327350][ T5113] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  186.345154][ T5113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  186.353510][ T5113] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  186.362915][ T5113] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  186.375566][ T5113] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  186.385834][ T5113] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  186.543250][ T5113] Bluetooth: hci0: command 0x0406 tx timeout
[  186.549480][ T4491] Bluetooth: hci2: command 0x0406 tx timeout
[  186.555515][ T4491] Bluetooth: hci1: command 0x0406 tx timeout
[  186.707121][  T953] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.813722][  T953] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.971262][  T953] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.989901][T10048] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  187.051877][T10048] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  187.070705][T10051] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  187.087733][T10048] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  187.106916][T10048] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  187.116488][T10048] FAULT_INJECTION: forcing a failure.
[  187.116488][T10048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.133554][T10048] CPU: 0 PID: 10048 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  187.144093][T10048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  187.154166][T10048] Call Trace:
[  187.157460][T10048]  <TASK>
[  187.160406][T10048]  dump_stack_lvl+0x241/0x360
[  187.165114][T10048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.170342][T10048]  ? __pfx__printk+0x10/0x10
[  187.174955][T10048]  ? __pfx_lock_release+0x10/0x10
[  187.179996][T10048]  ? __lock_acquire+0x1346/0x1fd0
[  187.185042][T10048]  should_fail_ex+0x3b0/0x4e0
[  187.189746][T10048]  _copy_from_user+0x2f/0xe0
[  187.194361][T10048]  kstrtouint_from_user+0xc6/0x190
[  187.199502][T10048]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  187.205253][T10048]  ? __pfx_lock_acquire+0x10/0x10
[  187.210337][T10048]  proc_fail_nth_write+0xaa/0x2d0
[  187.215396][T10048]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  187.221315][T10048]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.226999][T10048]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.232669][T10048]  vfs_write+0x2a2/0xc90
[  187.236952][T10048]  ? __pfx_vfs_write+0x10/0x10
[  187.241745][T10048]  ? __fget_files+0x29/0x470
[  187.246366][T10048]  ? __fget_files+0x3f6/0x470
[  187.251085][T10048]  ksys_write+0x1a0/0x2c0
[  187.255443][T10048]  ? __pfx_ksys_write+0x10/0x10
[  187.260318][T10048]  ? do_syscall_64+0x100/0x230
[  187.265106][T10048]  ? do_syscall_64+0xb6/0x230
[  187.269809][T10048]  do_syscall_64+0xf3/0x230
[  187.274336][T10048]  ? clear_bhb_loop+0x35/0x90
[  187.279133][T10048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.285054][T10048] RIP: 0033:0x7fc2dfa7bdef
[  187.289488][T10048] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[  187.309117][T10048] RSP: 002b:00007fc2e07dd0c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  187.317561][T10048] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc2dfa7bdef
[  187.325556][T10048] RDX: 0000000000000001 RSI: 00007fc2e07dd130 RDI: 0000000000000004
[  187.333641][T10048] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  187.341643][T10048] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  187.349640][T10048] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  187.357658][T10048]  </TASK>
[  187.380202][  T953] bridge_slave_1: left allmulticast mode
[  187.394902][  T953] bridge_slave_1: left promiscuous mode
[  187.421821][  T953] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.460229][  T953] bridge_slave_0: left allmulticast mode
[  187.465982][  T953] bridge_slave_0: left promiscuous mode
[  187.473687][  T953] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.538010][T10074] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  188.016011][  T953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.028476][  T953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.041769][  T953] bond0 (unregistering): Released all slaves
[  188.077907][T10014] chnl_net:caif_netlink_parms(): no params data found
[  188.277013][T10106] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  188.290358][T10106] FAULT_INJECTION: forcing a failure.
[  188.290358][T10106] name failslab, interval 1, probability 0, space 0, times 0
[  188.308139][T10106] CPU: 0 PID: 10106 Comm: syz-executor.2 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  188.318684][T10106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  188.328801][T10106] Call Trace:
[  188.332101][T10106]  <TASK>
[  188.335057][T10106]  dump_stack_lvl+0x241/0x360
[  188.339762][T10106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.344992][T10106]  ? __pfx__printk+0x10/0x10
[  188.349621][T10106]  should_fail_ex+0x3b0/0x4e0
[  188.354331][T10106]  ? __alloc_skb+0x1c3/0x440
[  188.358948][T10106]  should_failslab+0x9/0x20
[  188.363483][T10106]  kmem_cache_alloc_node_noprof+0x71/0x320
[  188.369333][T10106]  ? br_get_link_af_size_filtered+0xdb/0xd30
[  188.375350][T10106]  __alloc_skb+0x1c3/0x440
[  188.379802][T10106]  ? __pfx___alloc_skb+0x10/0x10
[  188.384777][T10106]  ? if_nlmsg_size+0x53a/0x7a0
[  188.389574][T10106]  rtmsg_ifinfo_build_skb+0x84/0x260
[  188.394901][T10106]  rtnetlink_event+0x1b1/0x260
[  188.399694][T10106]  notifier_call_chain+0x19f/0x3e0
[  188.404840][T10106]  __netdev_upper_dev_unlink+0x2ba/0x8e0
[  188.410509][T10106]  ? __pfx___netdev_upper_dev_unlink+0x10/0x10
[  188.416693][T10106]  ? unregister_netdevice_queue+0x26b/0x370
[  188.422619][T10106]  ? netdev_upper_dev_unlink+0x84/0xd0
[  188.428114][T10106]  netdev_upper_dev_unlink+0x92/0xd0
[  188.433428][T10106]  ? __pfx_netdev_upper_dev_unlink+0x10/0x10
[  188.439441][T10106]  ? ipvlan_link_delete+0x2b7/0x310
[  188.444670][T10106]  ? __pfx_ipvlan_link_delete+0x10/0x10
[  188.450332][T10106]  rtnl_dellink+0x51a/0x8e0
[  188.454905][T10106]  ? __pfx_rtnl_dellink+0x10/0x10
[  188.459972][T10106]  ? __kernel_text_address+0xd/0x40
[  188.465255][T10106]  ? __pfx_lock_release+0x10/0x10
[  188.470393][T10106]  ? __pfx___mutex_lock+0x10/0x10
[  188.475476][T10106]  ? __pfx_rtnl_dellink+0x10/0x10
[  188.480542][T10106]  rtnetlink_rcv_msg+0x89b/0x1180
[  188.485595][T10106]  ? rtnetlink_rcv_msg+0x208/0x1180
[  188.490821][T10106]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  188.496315][T10106]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  188.499187][   T53] Bluetooth: hci3: command tx timeout
[  188.502321][T10106]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  188.502355][T10106]  ? __local_bh_enable_ip+0x168/0x200
[  188.519589][T10106]  ? lockdep_hardirqs_on+0x99/0x150
[  188.524819][T10106]  ? __local_bh_enable_ip+0x168/0x200
[  188.530223][T10106]  ? dev_hard_start_xmit+0x773/0x7e0
[  188.535715][T10106]  ? __dev_queue_xmit+0x2d2/0x3d30
[  188.540861][T10106]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  188.546877][T10106]  ? __dev_queue_xmit+0x2d2/0x3d30
[  188.552030][T10106]  ? __dev_queue_xmit+0x16c9/0x3d30
[  188.557279][T10106]  ? __dev_queue_xmit+0x2d2/0x3d30
[  188.562432][T10106]  ? ref_tracker_free+0x643/0x7e0
[  188.567518][T10106]  netlink_rcv_skb+0x1e3/0x430
[  188.572332][T10106]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  188.577826][T10106]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  188.583175][T10106]  ? netlink_deliver_tap+0x2e/0x1b0
[  188.588415][T10106]  netlink_unicast+0x7f0/0x990
[  188.593219][T10106]  ? __pfx_netlink_unicast+0x10/0x10
[  188.598618][T10106]  ? __virt_addr_valid+0x183/0x520
[  188.603751][T10106]  ? __check_object_size+0x49c/0x900
[  188.609056][T10106]  ? bpf_lsm_netlink_send+0x9/0x10
[  188.614168][T10106]  netlink_sendmsg+0x8e4/0xcb0
[  188.618934][T10106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.624214][T10106]  ? __import_iovec+0x536/0x820
[  188.629058][T10106]  ? aa_sock_msg_perm+0x91/0x160
[  188.634007][T10106]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  188.639494][T10106]  ? security_socket_sendmsg+0x87/0xb0
[  188.644981][T10106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.650287][T10106]  __sock_sendmsg+0x221/0x270
[  188.654998][T10106]  ____sys_sendmsg+0x525/0x7d0
[  188.659808][T10106]  ? __pfx_____sys_sendmsg+0x10/0x10
[  188.665247][T10106]  __sys_sendmsg+0x2b0/0x3a0
[  188.669872][T10106]  ? __pfx___sys_sendmsg+0x10/0x10
[  188.675012][T10106]  ? vfs_write+0x7c4/0xc90
[  188.679506][T10106]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  188.685862][T10106]  ? do_syscall_64+0x100/0x230
[  188.690743][T10106]  ? do_syscall_64+0xb6/0x230
[  188.695448][T10106]  do_syscall_64+0xf3/0x230
[  188.699978][T10106]  ? clear_bhb_loop+0x35/0x90
[  188.704682][T10106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.710604][T10106] RIP: 0033:0x7fdd7a87d0a9
[  188.715037][T10106] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  188.734668][T10106] RSP: 002b:00007fdd7b5530c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.743116][T10106] RAX: ffffffffffffffda RBX: 00007fdd7a9b3f80 RCX: 00007fdd7a87d0a9
[  188.751117][T10106] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  188.759113][T10106] RBP: 00007fdd7b553120 R08: 0000000000000000 R09: 0000000000000000
[  188.767108][T10106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.775110][T10106] R13: 000000000000000b R14: 00007fdd7a9b3f80 R15: 00007ffc423b2038
[  188.783312][T10106]  </TASK>
[  188.976356][T10139] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  189.068608][T10139] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  189.079750][T10134] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  189.132636][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  189.155897][T10014] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.170097][T10014] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.178092][T10014] bridge_slave_0: entered allmulticast mode
[  189.186403][T10014] bridge_slave_0: entered promiscuous mode
[  189.196578][T10014] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.204204][T10014] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.224820][T10014] bridge_slave_1: entered allmulticast mode
[  189.236122][T10014] bridge_slave_1: entered promiscuous mode
[  189.302979][T10014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.326886][T10014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.469136][T10160] netlink: zone id is out of range
[  189.474310][T10160] netlink: zone id is out of range
[  189.491789][  T953] hsr_slave_0: left promiscuous mode
[  189.501937][  T953] hsr_slave_1: left promiscuous mode
[  189.514973][T10160] netlink: zone id is out of range
[  189.521302][  T953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.544309][T10160] netlink: zone id is out of range
[  189.555769][  T953] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.578249][T10160] netlink: zone id is out of range
[  189.634011][  T953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.656036][  T953] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.664222][T10160] netlink: set zone limit has 4 unknown bytes
[  189.734955][  T953] veth1_macvtap: left promiscuous mode
[  189.749332][  T953] veth0_macvtap: left promiscuous mode
[  189.759566][  T953] veth1_vlan: left promiscuous mode
[  189.777463][  T953] veth0_vlan: left promiscuous mode
[  190.472634][  T953] team0 (unregistering): Port device team_slave_1 removed
[  190.511310][  T953] team0 (unregistering): Port device team_slave_0 removed
[  190.548939][   T53] Bluetooth: hci3: command tx timeout
[  191.027809][T10156] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  191.060229][T10014] team0: Port device team_slave_0 added
[  191.215442][T10014] team0: Port device team_slave_1 added
[  191.309876][T10220] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  191.328926][T10014] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.344409][T10014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.380458][T10014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.407879][T10226] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  191.437378][T10231] netlink: 892 bytes leftover after parsing attributes in process `syz-executor.3'.
[  191.449908][T10014] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.463360][T10014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.497414][T10014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.582031][T10014] hsr_slave_0: entered promiscuous mode
[  191.607530][T10014] hsr_slave_1: entered promiscuous mode
[  191.629949][T10014] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.649370][T10014] Cannot create hsr debugfs directory
[  191.695411][T10229] syzkaller0: entered allmulticast mode
[  192.009960][T10259] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  192.037189][T10259] vlan2: entered promiscuous mode
[  192.042634][T10259] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  192.057652][T10259] mac80211_hwsim hwsim10 wlan0: left promiscuous mode
[  192.401322][T10276] ip_vti0: entered promiscuous mode
[  192.407037][T10276] vlan3: entered promiscuous mode
[  192.415997][T10276] ip_vti0: left promiscuous mode
[  192.590460][T10281] netlink: 54 bytes leftover after parsing attributes in process `syz-executor.0'.
[  192.623265][   T53] Bluetooth: hci3: command tx timeout
[  193.167814][T10280] syzkaller1: entered promiscuous mode
[  193.173753][T10280] syzkaller1: entered allmulticast mode
[  193.671931][T10311] netlink: 'syz-executor.0': attribute type 46 has an invalid length.
[  193.681275][T10311] netlink: 212868 bytes leftover after parsing attributes in process `syz-executor.0'.
[  193.897522][T10014] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  193.925119][T10014] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  193.974221][T10014] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  194.060357][T10014] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  194.121470][T10329] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  194.336620][T10014] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.487472][T10335] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  194.521090][T10014] 8021q: adding VLAN 0 to HW filter on device team0
[  194.574427][ T5189] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.581676][ T5189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.656679][ T5189] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.663939][ T5189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.707979][   T53] Bluetooth: hci3: command tx timeout
[  194.714156][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  194.720624][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  194.908071][T10362] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  195.003947][T10362] batman_adv: batadv1: Adding interface: netdevsim0
[  195.018961][T10362] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (130) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.045306][T10362] batman_adv: batadv1: Interface activated: netdevsim0
[  195.054152][T10369] ieee802154 phy0 wpan0: encryption failed: -22
[  195.185799][T10375] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.212816][T10375] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.283406][T10014] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.387611][T10014] veth0_vlan: entered promiscuous mode
[  195.412264][T10014] veth1_vlan: entered promiscuous mode
[  195.488259][T10014] veth0_macvtap: entered promiscuous mode
[  195.515056][T10014] veth1_macvtap: entered promiscuous mode
[  195.548625][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.572856][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.584196][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.605190][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.615879][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.628005][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.642878][T10014] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.671590][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.687782][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.699387][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.715437][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.744580][T10014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.771162][T10014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.787090][T10014] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.807944][T10014] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.818432][T10014] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.836929][T10014] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.856623][T10014] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.881367][T10391] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.4'.
[  195.929485][T10391] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  195.946788][T10391] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  196.002843][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.022998][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.064058][ T3900] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.086900][ T3900] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.177288][T10401] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'.
[  196.276108][T10408] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  196.324930][T10408] batman_adv: batadv1: Interface deactivated: netdevsim0
[  196.333177][T10408] batman_adv: batadv1: Removing interface: netdevsim0
[  196.342031][T10408] batman_adv: batadv2: Adding interface: netdevsim0
[  196.348961][T10408] batman_adv: batadv2: The MTU of interface netdevsim0 is too small (130) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.377963][T10408] batman_adv: batadv2: Interface activated: netdevsim0
[  197.200669][ T5114] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  197.217138][ T5114] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  197.227397][ T5114] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  197.236747][ T5114] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  197.246089][ T5114] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  197.254219][ T5114] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  197.345098][ T3900] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.473192][ T3900] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.490821][T10456] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  197.565497][T10459] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  197.575880][T10459] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  197.618078][ T3900] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.772659][ T3900] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.920604][T10445] chnl_net:caif_netlink_parms(): no params data found
[  198.121151][ T3900] bridge_slave_1: left allmulticast mode
[  198.128138][ T3900] bridge_slave_1: left promiscuous mode
[  198.134152][ T3900] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.160575][ T3900] bridge_slave_0: left allmulticast mode
[  198.174889][ T3900] bridge_slave_0: left promiscuous mode
[  198.183897][ T3900] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.931665][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  198.940622][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  198.948556][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  198.965444][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  198.973398][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  198.980773][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  199.139872][ T3900] bond1 (unregistering): (slave bridge12): Releasing backup interface
[  199.148985][ T3900] bridge12 (unregistering): left promiscuous mode
[  199.339152][ T5119] Bluetooth: hci1: command tx timeout
[  199.443244][ T3900] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.452287][ T3900] bond_slave_0: left allmulticast mode
[  199.466084][ T3900] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.475213][ T3900] bond_slave_1: left allmulticast mode
[  199.482655][ T3900] bond0 (unregistering): Released all slaves
[  199.497993][ T3900] bond1 (unregistering): Released all slaves
[  199.524298][T10504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:2b) already exists on: netdevsim0
[  199.534770][T10504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.552858][T10504] macvlan2: entered promiscuous mode
[  199.635509][T10445] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.651823][T10445] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.666854][T10445] bridge_slave_0: entered allmulticast mode
[  199.678285][T10445] bridge_slave_0: entered promiscuous mode
[  199.705635][ T3900] Κό: left promiscuous mode
[  199.760198][T10445] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.761261][T10520] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.778781][T10520] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.783881][T10445] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.795731][T10520] netlink: 'syz-executor.0': attribute type 6 has an invalid length.
[  199.797118][T10445] bridge_slave_1: entered allmulticast mode
[  199.806925][T10520] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  199.836599][T10445] bridge_slave_1: entered promiscuous mode
[  199.841429][T10520] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.888898][T10523] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.914106][ T3900] tipc: Left network mode
[  199.994589][T10445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.046407][T10445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.181129][T10532] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  200.241112][T10445] team0: Port device team_slave_0 added
[  200.301791][T10445] team0: Port device team_slave_1 added
[  200.469413][T10545] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  200.485487][T10445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.492886][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.524854][T10445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.607411][T10445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.616781][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.643919][T10445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.795927][T10445] hsr_slave_0: entered promiscuous mode
[  200.815481][T10445] hsr_slave_1: entered promiscuous mode
[  200.829341][T10445] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.840602][T10558] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  200.848895][T10445] Cannot create hsr debugfs directory
[  200.860174][T10558] netlink: 9388 bytes leftover after parsing attributes in process `syz-executor.0'.
[  200.914544][ T3900] hsr_slave_0: left promiscuous mode
[  200.927879][ T3900] hsr_slave_1: left promiscuous mode
[  200.942079][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.957504][ T3900] batman_adv: batadv0: Removing interface: batadv_slave_0
[  200.968210][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.976116][ T3900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.982247][T10562] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.006470][ T3900] team0: left allmulticast mode
[  201.011503][ T3900] team_slave_0: left allmulticast mode
[  201.017244][ T3900] team_slave_1: left allmulticast mode
[  201.019289][ T5119] Bluetooth: hci3: command tx timeout
[  201.024377][ T3900] team0: left promiscuous mode
[  201.033081][ T3900] team_slave_0: left promiscuous mode
[  201.038640][ T3900] team_slave_1: left promiscuous mode
[  201.045036][ T3900] veth1_macvtap: left promiscuous mode
[  201.050756][ T3900] veth0_macvtap: left promiscuous mode
[  201.056402][ T3900] veth1_vlan: left promiscuous mode
[  201.419126][ T5119] Bluetooth: hci1: command tx timeout
[  201.494406][ T3900] team0 (unregistering): Port device team_slave_1 removed
[  201.540805][ T3900] team0 (unregistering): Port device team_slave_0 removed
[  201.956078][T10562] team0: Port device virt_wifi0 added
[  202.332244][T10506] chnl_net:caif_netlink_parms(): no params data found
[  202.469078][T10592] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  202.477665][T10592] netlink: 9388 bytes leftover after parsing attributes in process `syz-executor.4'.
[  202.645047][T10506] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.658903][T10506] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.666306][T10506] bridge_slave_0: entered allmulticast mode
[  202.682990][T10506] bridge_slave_0: entered promiscuous mode
[  202.702477][T10597] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  202.712183][T10597] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[  202.735634][T10597] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  202.745051][T10597] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  202.753890][T10597] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  202.762690][T10597] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  202.782583][T10597] vxlan0: entered promiscuous mode
[  202.823797][T10506] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.831833][T10506] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.839452][T10506] bridge_slave_1: entered allmulticast mode
[  202.846323][T10506] bridge_slave_1: entered promiscuous mode
[  202.951857][T10607] nftables ruleset with unbound chain
[  202.960799][ T3900] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.009682][T10506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.051071][T10506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.093113][ T3900] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.103690][ T5119] Bluetooth: hci3: command tx timeout
[  203.179033][T10506] team0: Port device team_slave_0 added
[  203.195389][T10506] team0: Port device team_slave_1 added
[  203.243692][ T3900] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.407445][ T3900] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.455300][T10506] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.465779][T10506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.495052][T10631] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  203.498161][T10506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.508922][ T5119] Bluetooth: hci1: command tx timeout
[  203.521849][T10506] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.528957][T10506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.556315][T10631] netlink: 9388 bytes leftover after parsing attributes in process `syz-executor.0'.
[  203.579903][T10506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.771226][T10506] hsr_slave_0: entered promiscuous mode
[  203.800451][T10506] hsr_slave_1: entered promiscuous mode
[  203.829027][T10506] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  203.836636][T10506] Cannot create hsr debugfs directory
[  203.857057][T10445] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  203.897584][T10445] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  203.946551][T10445] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  203.957935][T10445] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  204.200351][ T3900] bridge_slave_1: left allmulticast mode
[  204.212003][ T3900] bridge_slave_1: left promiscuous mode
[  204.219834][ T3900] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.231492][ T3900] bridge_slave_0: left allmulticast mode
[  204.237272][ T3900] bridge_slave_0: left promiscuous mode
[  204.259360][ T3900] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.644658][ T3900] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.656480][ T3900] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.671720][ T3900] bond0 (unregistering): Released all slaves
[  204.904026][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  204.923552][T10679] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  205.178762][ T5119] Bluetooth: hci3: command tx timeout
[  205.372629][ T3900] hsr_slave_0: left promiscuous mode
[  205.418998][ T3900] hsr_slave_1: left promiscuous mode
[  205.428266][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.443909][ T3900] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.468550][ T3900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.480061][T10706] FAULT_INJECTION: forcing a failure.
[  205.480061][T10706] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  205.488437][T10710] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  205.495034][ T3900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.515651][T10706] CPU: 0 PID: 10706 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  205.526199][T10706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  205.536265][T10706] Call Trace:
[  205.539544][T10706]  <TASK>
[  205.542471][T10706]  dump_stack_lvl+0x241/0x360
[  205.547160][T10706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.552880][T10706]  ? __pfx__printk+0x10/0x10
[  205.557472][T10706]  ? validate_chain+0x11e/0x5900
[  205.562418][T10706]  should_fail_ex+0x3b0/0x4e0
[  205.567132][T10706]  prepare_alloc_pages+0x1da/0x5d0
[  205.572250][T10706]  __alloc_pages_noprof+0x166/0x6c0
[  205.577445][T10706]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  205.583182][T10706]  alloc_pages_mpol_noprof+0x3e8/0x680
[  205.588827][T10706]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  205.594813][T10706]  vma_alloc_folio_noprof+0xf3/0x1f0
[  205.600107][T10706]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  205.606089][T10706]  ? do_raw_spin_unlock+0x13c/0x8b0
[  205.611290][T10706]  folio_prealloc+0x31/0x170
[  205.616138][T10706]  do_wp_page+0x11cc/0x52f0
[  205.620667][T10706]  ? __pfx_do_wp_page+0x10/0x10
[  205.625520][T10706]  ? __pfx_lock_acquire+0x10/0x10
[  205.630542][T10706]  ? do_raw_spin_lock+0x14f/0x370
[  205.635675][T10706]  handle_pte_fault+0x117e/0x7090
[  205.640701][T10706]  ? __pfx_validate_chain+0x10/0x10
[  205.645905][T10706]  ? __pfx_handle_pte_fault+0x10/0x10
[  205.651274][T10706]  ? __lock_acquire+0x1346/0x1fd0
[  205.656501][T10706]  ? __pfx_lock_release+0x10/0x10
[  205.661526][T10706]  handle_mm_fault+0x10df/0x1ba0
[  205.666492][T10706]  ? __pfx_handle_mm_fault+0x10/0x10
[  205.671786][T10706]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  205.678115][T10706]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  205.683399][T10706]  exc_page_fault+0x2b9/0x8c0
[  205.688172][T10706]  asm_exc_page_fault+0x26/0x30
[  205.693051][T10706] RIP: 0010:__put_user_nocheck_4+0x7/0x20
[  205.698859][T10706] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[  205.718486][T10706] RSP: 0018:ffffc900099978f8 EFLAGS: 00050246
[  205.724567][T10706] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000200066f0
[  205.732536][T10706] RDX: ffff88807b279e00 RSI: 0000000000000000 RDI: 00000000ffffffff
[  205.740502][T10706] RBP: ffffc90009997a70 R08: ffffffff894d2e53 R09: 1ffffffff1f5b3f5
[  205.748465][T10706] R10: dffffc0000000000 R11: fffffbfff1f5b3f6 R12: dffffc0000000000
[  205.756523][T10706] R13: 0000000000000000 R14: 0000000000000000 R15: 00000000200066c0
[  205.764496][T10706]  ? ____sys_recvmsg+0x2a3/0x470
[  205.769447][T10706]  ____sys_recvmsg+0x2b9/0x470
[  205.774218][T10706]  ? __pfx_____sys_recvmsg+0x10/0x10
[  205.779528][T10706]  do_recvmmsg+0x474/0xae0
[  205.783949][T10706]  ? __pfx_lock_release+0x10/0x10
[  205.789058][T10706]  ? __pfx_do_recvmmsg+0x10/0x10
[  205.794006][T10706]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  205.799906][T10706]  ? ksys_write+0x23e/0x2c0
[  205.804410][T10706]  ? __pfx_lock_release+0x10/0x10
[  205.809445][T10706]  ? vfs_write+0x7c4/0xc90
[  205.813868][T10706]  ? __mutex_unlock_slowpath+0x21d/0x750
[  205.819768][T10706]  ? __fget_files+0x3f6/0x470
[  205.824454][T10706]  __x64_sys_recvmmsg+0x199/0x250
[  205.829483][T10706]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  205.835036][T10706]  ? do_syscall_64+0x100/0x230
[  205.839806][T10706]  ? do_syscall_64+0xb6/0x230
[  205.844483][T10706]  do_syscall_64+0xf3/0x230
[  205.848986][T10706]  ? clear_bhb_loop+0x35/0x90
[  205.853666][T10706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.859653][T10706] RIP: 0033:0x7fc2dfa7d0a9
[  205.864061][T10706] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  205.883751][T10706] RSP: 002b:00007fc2e07dd0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  205.892248][T10706] RAX: ffffffffffffffda RBX: 00007fc2dfbb3f80 RCX: 00007fc2dfa7d0a9
[  205.900300][T10706] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000007
[  205.908263][T10706] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  205.916226][T10706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.924188][T10706] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  205.932164][T10706]  </TASK>
[  205.947624][ T5119] Bluetooth: hci1: command tx timeout
[  206.014404][ T3900] veth1_macvtap: left promiscuous mode
[  206.042628][ T3900] veth0_macvtap: left promiscuous mode
[  206.065327][ T3900] veth1_vlan: left promiscuous mode
[  206.073791][ T3900] veth0_vlan: left promiscuous mode
[  206.716826][ T3900] team0 (unregistering): Port device team_slave_1 removed
[  206.754926][ T3900] team0 (unregistering): Port device team_slave_0 removed
[  207.266311][ T5119] Bluetooth: hci3: command tx timeout
[  207.285119][T10445] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.603619][T10445] 8021q: adding VLAN 0 to HW filter on device team0
[  207.705755][  T930] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.712979][  T930] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.760903][  T930] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.768170][  T930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.064199][   T29] audit: type=1800 audit(1719093312.154:23): pid=10778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1954 res=0 errno=0
[  208.348382][T10792] Bluetooth: MGMT ver 1.22
[  208.368131][T10792] Bluetooth: hci3: invalid length 0, exp 2 for type 10
[  208.420953][T10506] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  208.444073][T10506] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  208.464282][T10506] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  208.514496][T10506] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  208.693159][T10445] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.772638][T10802] vlan0: entered promiscuous mode
[  208.777718][T10802] vlan0: entered allmulticast mode
[  208.991679][T10445] veth0_vlan: entered promiscuous mode
[  209.018536][T10445] veth1_vlan: entered promiscuous mode
[  209.081221][T10506] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.110099][T10506] 8021q: adding VLAN 0 to HW filter on device team0
[  209.136948][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.144217][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.205119][T10445] veth0_macvtap: entered promiscuous mode
[  209.228235][   T29] audit: type=1800 audit(1719093313.314:24): pid=10823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="memory.events" dev="sda1" ino=1949 res=0 errno=0
[  209.280485][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.287782][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.323529][T10445] veth1_macvtap: entered promiscuous mode
[  209.412164][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  209.445918][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.461268][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.471703][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.482532][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.495039][T10445] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.650187][T10837] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  209.658102][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.695680][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.705695][T10445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.716539][T10445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.736878][T10445] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.747965][T10838] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  209.799283][T10445] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.829291][T10445] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.838045][T10445] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.865281][T10445] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.993920][T10858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  210.105495][   T29] audit: type=1800 audit(1719093314.194:25): pid=10864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1954 res=0 errno=0
[  210.117066][T10506] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.204910][T10860] bridge16: port 1(gretap2) entered blocking state
[  210.212404][T10860] bridge16: port 1(gretap2) entered disabled state
[  210.223601][T10860] gretap2: entered allmulticast mode
[  210.233980][T10860] gretap2: entered promiscuous mode
[  210.328117][ T1279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.339227][ T1279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.476711][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.486194][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.533982][T10506] veth0_vlan: entered promiscuous mode
[  210.742218][T10506] veth1_vlan: entered promiscuous mode
[  210.934991][T10506] veth0_macvtap: entered promiscuous mode
[  210.974003][   T29] audit: type=1800 audit(1719093315.064:26): pid=10900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1960 res=0 errno=0
[  211.000637][T10506] veth1_macvtap: entered promiscuous mode
[  211.063009][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.082414][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.094640][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.135247][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.145642][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  211.163827][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.191158][T10506] batman_adv: batadv0: Interface activated: batadv_slave_0
[  211.248224][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.273060][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.294050][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.307717][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.333492][T10506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.363219][T10506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.410740][T10506] batman_adv: batadv0: Interface activated: batadv_slave_1
[  211.460223][T10506] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.499843][T10506] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.508588][T10506] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.524228][T10506] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.597160][T10929] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  211.774215][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.788000][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.864093][T10500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.882080][T10500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.017196][T10943] can: request_module (can-proto-0) failed.
[  212.359782][T10957] tap0: tun_chr_ioctl cmd 1074025672
[  212.368529][T10957] tap0: ignored: set checksum enabled
[  212.413844][T10965] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  212.466838][    C1] vxcan0: j1939_tp_txtimer: 0xffff888029eba800: tx aborted with unknown reason: -2
[  212.478681][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888029eb9400: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)
[  212.497967][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888029eba800: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250)
[  212.624107][T10971] hsr_slave_0: left promiscuous mode
[  212.633856][T10971] hsr_slave_1: left promiscuous mode
[  213.494836][T11005] can: request_module (can-proto-0) failed.
[  213.611256][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.672044][T11010] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  213.880579][   T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  213.889291][   T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  213.897915][   T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  213.913089][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  213.928195][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  213.944993][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  214.390514][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  214.401500][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  214.410137][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  214.419825][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  214.427864][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  214.435316][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  214.521968][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.676722][T11027] gretap1: entered promiscuous mode
[  214.700317][T11027] gretap1: entered allmulticast mode
[  214.805847][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.934618][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  214.962061][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  214.971609][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  214.988485][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  214.996353][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  215.005881][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  215.084285][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.386637][T11013] chnl_net:caif_netlink_parms(): no params data found
[  215.467415][T11051] pim6reg: entered allmulticast mode
[  215.548022][T11051] pim6reg: left allmulticast mode
[  215.597565][T11057] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  215.615982][T11024] chnl_net:caif_netlink_parms(): no params data found
[  215.674156][   T11] bridge_slave_1: left allmulticast mode
[  215.686260][   T11] bridge_slave_1: left promiscuous mode
[  215.692353][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.723460][   T11] bridge_slave_0: left allmulticast mode
[  215.730748][   T11] bridge_slave_0: left promiscuous mode
[  215.737198][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.792450][T11063] can: request_module (can-proto-0) failed.
[  215.981043][   T53] Bluetooth: hci2: command tx timeout
[  216.098274][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.114480][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.125797][   T11] bond0 (unregistering): Released all slaves
[  216.241902][T11013] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.253941][T11013] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.264454][T11013] bridge_slave_0: entered allmulticast mode
[  216.272296][T11013] bridge_slave_0: entered promiscuous mode
[  216.286143][T11013] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.293685][T11013] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.302815][T11013] bridge_slave_1: entered allmulticast mode
[  216.310189][T11013] bridge_slave_1: entered promiscuous mode
[  216.404761][T11013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.454646][T11013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.500128][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.507402][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.514927][T11024] bridge_slave_0: entered allmulticast mode
[  216.524978][T11024] bridge_slave_0: entered promiscuous mode
[  216.535073][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.544482][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.549291][   T53] Bluetooth: hci3: command tx timeout
[  216.560575][T11024] bridge_slave_1: entered allmulticast mode
[  216.572551][T11024] bridge_slave_1: entered promiscuous mode
[  216.627178][T11013] team0: Port device team_slave_0 added
[  216.711499][T11013] team0: Port device team_slave_1 added
[  216.732062][   T11] hsr_slave_0: left promiscuous mode
[  216.738260][   T11] hsr_slave_1: left promiscuous mode
[  216.744878][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.752744][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.761476][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.769328][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.795389][   T11] veth1_macvtap: left promiscuous mode
[  216.804742][   T11] veth0_macvtap: left promiscuous mode
[  216.817097][   T11] veth1_vlan: left promiscuous mode
[  216.826185][   T11] veth0_vlan: left promiscuous mode
[  217.110473][   T53] Bluetooth: hci0: command tx timeout
[  217.124885][   T29] audit: type=1800 audit(1719093321.214:27): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1941 res=0 errno=0
[  217.260856][   T53] Bluetooth: hci4: command 0x0405 tx timeout
[  217.656005][   T11] team0 (unregistering): Port device team_slave_1 removed
[  217.704794][   T11] team0 (unregistering): Port device team_slave_0 removed
[  218.063499][ T5119] Bluetooth: hci2: command tx timeout
[  218.132827][T11024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  218.148494][T11024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  218.348199][T11024] team0: Port device team_slave_0 added
[  218.373360][T11107] can: request_module (can-proto-0) failed.
[  218.402753][T11013] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.414828][T11013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.440965][T11013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.453904][T11110] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  218.481326][T11024] team0: Port device team_slave_1 added
[  218.513379][T11013] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.525197][T11013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.554627][T11013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.628804][ T5119] Bluetooth: hci3: command tx timeout
[  218.695498][T11024] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.710732][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.736822][T11024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.780416][T11013] hsr_slave_0: entered promiscuous mode
[  218.795224][T11013] hsr_slave_1: entered promiscuous mode
[  218.805596][T11013] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.816231][T11013] Cannot create hsr debugfs directory
[  218.832265][T11024] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.839442][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.866501][T11024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.892071][T11035] chnl_net:caif_netlink_parms(): no params data found
[  219.109549][T11024] hsr_slave_0: entered promiscuous mode
[  219.117610][T11024] hsr_slave_1: entered promiscuous mode
[  219.131520][T11024] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.166273][T11024] Cannot create hsr debugfs directory
[  219.181482][ T5119] Bluetooth: hci0: command tx timeout
[  219.395336][T11035] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.408934][T11035] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.424185][T11035] bridge_slave_0: entered allmulticast mode
[  219.433961][T11035] bridge_slave_0: entered promiscuous mode
[  219.466663][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.517866][T11035] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.534778][T11035] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.544705][T11035] bridge_slave_1: entered allmulticast mode
[  219.552292][T11035] bridge_slave_1: entered promiscuous mode
[  219.616512][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.674671][T11035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.812803][T11013] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  219.827693][T11013] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.884789][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.917373][T11035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  220.016722][T11013] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.027698][T11013] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.056197][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.087415][T11035] team0: Port device team_slave_0 added
[  220.139030][ T5119] Bluetooth: hci2: command tx timeout
[  220.169039][T11013] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.179457][T11013] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.194681][T11035] team0: Port device team_slave_1 added
[  220.311029][T11013] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  220.350244][T11013] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.414892][T11035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.441270][T11035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.485035][T11035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.527034][T11035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.537804][T11035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.564030][T11035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.699355][ T5119] Bluetooth: hci3: command tx timeout
[  220.724283][T11035] hsr_slave_0: entered promiscuous mode
[  220.741773][T11035] hsr_slave_1: entered promiscuous mode
[  220.748132][T11035] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  220.759433][T11035] Cannot create hsr debugfs directory
[  220.821202][   T11] bridge_slave_1: left allmulticast mode
[  220.826905][   T11] bridge_slave_1: left promiscuous mode
[  220.840000][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.852712][   T11] bridge_slave_0: left allmulticast mode
[  220.858396][   T11] bridge_slave_0: left promiscuous mode
[  220.864952][T11191] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  220.879081][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.933013][   T11] gretap2: left allmulticast mode
[  220.951554][   T11] gretap2: left promiscuous mode
[  220.956711][   T11] bridge16: port 1(gretap2) entered disabled state
[  220.977188][   T11] bridge_slave_1: left allmulticast mode
[  220.984867][   T11] bridge_slave_1: left promiscuous mode
[  220.993056][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.003092][   T11] bridge_slave_0: left allmulticast mode
[  221.012500][   T11] bridge_slave_0: left promiscuous mode
[  221.018262][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.259095][ T5119] Bluetooth: hci0: command tx timeout
[  221.471696][   T11] dvmrp0 (unregistering): left allmulticast mode
[  222.221138][ T5119] Bluetooth: hci2: command tx timeout
[  222.779008][ T5119] Bluetooth: hci3: command tx timeout
[  223.338870][ T5119] Bluetooth: hci0: command tx timeout
[  223.521171][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.532368][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.544425][   T11] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  223.556577][   T11] bond0 (unregistering): Released all slaves
[  223.705377][   T11] Κό: left promiscuous mode
[  223.785251][   T11] ΙΆΖ£0GCTw
: left promiscuous mode
[  223.824671][T11013] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  223.873345][   T11] ΙΆΖ£0GC¦: left promiscuous mode
[  223.895327][T11013] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  223.927584][T11013] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  223.941008][T11216] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  224.015310][T11216] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  224.026354][T11013] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  224.056269][   T11] tipc: Left network mode
[  224.162615][T11221] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  224.277718][T11013] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.381356][T11013] 8021q: adding VLAN 0 to HW filter on device team0
[  224.431473][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.438597][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.452538][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.459766][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.617983][T11013] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  224.772288][T11233] netlink: 'syz-executor.0': attribute type 8 has an invalid length.
[  224.891008][   T11] hsr_slave_0: left promiscuous mode
[  224.897699][   T11] hsr_slave_1: left promiscuous mode
[  224.907374][T11237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.919310][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.926834][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  224.932233][T11237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.945040][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.947881][T11237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.962094][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.967847][T11237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.984441][   T11] hsr_slave_0: left promiscuous mode
[  224.990756][   T11] hsr_slave_1: left promiscuous mode
[  225.019736][   T11] veth1_macvtap: left promiscuous mode
[  225.025407][   T11] veth0_macvtap: left promiscuous mode
[  225.031148][   T11] veth1_vlan: left promiscuous mode
[  225.041325][   T11] veth1_macvtap: left promiscuous mode
[  225.048475][   T11] veth0_macvtap: left promiscuous mode
[  225.054240][   T11] veth1_vlan: left promiscuous mode
[  225.676424][   T11] team0 (unregistering): Port device team_slave_1 removed
[  225.736295][T11253] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  226.456491][   T11] team0 (unregistering): Port device team_slave_1 removed
[  226.823180][T11024] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  226.833717][T11024] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  226.846910][T11024] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  226.915364][T11251] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  226.966654][T11024] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  227.024524][T11013] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.192673][T11035] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  227.204272][T11035] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  227.218209][T11035] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  227.246507][T11035] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  227.315083][T11013] veth0_vlan: entered promiscuous mode
[  227.371477][T11013] veth1_vlan: entered promiscuous mode
[  227.447612][T11024] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.528431][T11024] 8021q: adding VLAN 0 to HW filter on device team0
[  227.537821][T11013] veth0_macvtap: entered promiscuous mode
[  227.575263][  T930] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.582483][  T930] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.603742][  T930] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.610954][  T930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.625636][T11013] veth1_macvtap: entered promiscuous mode
[  227.646337][T11013] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.657815][T11013] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.667908][T11013] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.678948][T11013] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.690118][T11013] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.697718][T11271] batadv_slave_0: entered allmulticast mode
[  227.725814][T11272] pim6reg: entered allmulticast mode
[  227.737059][T11013] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.750428][T11013] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.760725][T11013] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.771364][T11013] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.783662][T11013] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.836455][T11274] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  227.857650][T11013] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.875832][T11013] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.885126][T11013] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.900134][T11013] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.917072][   T29] audit: type=1800 audit(1719093331.994:28): pid=11276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1948 res=0 errno=0
[  228.043005][T11035] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.131374][T11035] 8021q: adding VLAN 0 to HW filter on device team0
[  228.168308][ T3900] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.188947][  T930] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.196116][  T930] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.210989][ T3900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.336626][  T930] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.343923][  T930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.406395][T11288] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  228.463397][  T953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.476582][T11024] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.485225][  T953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.621369][T11295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.631041][T11295] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.646396][T11295] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  228.657979][T11295] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  228.766970][T11035] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  228.795380][   T29] audit: type=1800 audit(1719093332.884:29): pid=11303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1949 res=0 errno=0
[  228.851176][   T29] audit: type=1804 audit(1719093332.884:30): pid=11303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3486444059/syzkaller.ZMlukg/54/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  228.917879][   T29] audit: type=1804 audit(1719093332.884:31): pid=11303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3486444059/syzkaller.ZMlukg/54/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  228.933115][T11024] veth0_vlan: entered promiscuous mode
[  228.957940][   T29] audit: type=1800 audit(1719093332.984:32): pid=11307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1955 res=0 errno=0
[  229.013512][T11024] veth1_vlan: entered promiscuous mode
[  229.168223][T11024] veth0_macvtap: entered promiscuous mode
[  229.181620][T11035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.208451][T11024] veth1_macvtap: entered promiscuous mode
[  229.373569][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.379849][T11325] FAULT_INJECTION: forcing a failure.
[  229.379849][T11325] name failslab, interval 1, probability 0, space 0, times 0
[  229.396783][T11325] CPU: 0 PID: 11325 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  229.407311][T11325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  229.408761][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.417360][T11325] Call Trace:
[  229.417370][T11325]  <TASK>
[  229.417379][T11325]  dump_stack_lvl+0x241/0x360
[  229.417413][T11325]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.417437][T11325]  ? __pfx__printk+0x10/0x10
[  229.447995][T11325]  should_fail_ex+0x3b0/0x4e0
[  229.452714][T11325]  ? skb_clone+0x20c/0x390
[  229.457155][T11325]  should_failslab+0x9/0x20
[  229.461691][T11325]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  229.467187][T11325]  skb_clone+0x20c/0x390
[  229.467762][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.471441][T11325]  ? dev_queue_xmit_nit+0x220/0xc10
[  229.471470][T11325]  dev_queue_xmit_nit+0x419/0xc10
[  229.471492][T11325]  ? dev_queue_xmit_nit+0x2b/0xc10
[  229.471516][T11325]  ? validate_xmit_skb+0x9f9/0x1120
[  229.471543][T11325]  dev_hard_start_xmit+0x15f/0x7e0
[  229.471568][T11325]  ? __pfx_validate_xmit_skb+0x10/0x10
[  229.508794][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.512979][T11325]  __dev_queue_xmit+0x1b0e/0x3d30
[  229.527861][T11325]  ? __dev_queue_xmit+0x2d2/0x3d30
[  229.533016][T11325]  ? __pfx___dev_queue_xmit+0x10/0x10
[  229.538417][T11325]  ? __copy_skb_header+0x437/0x5b0
[  229.543564][T11325]  ? __asan_memcpy+0x40/0x70
[  229.548187][T11325]  ? __copy_skb_header+0x437/0x5b0
[  229.553332][T11325]  ? __skb_clone+0x454/0x6c0
[  229.557958][T11325]  ? skb_clone+0x240/0x390
[  229.562406][T11325]  __netlink_deliver_tap+0x54d/0x7c0
[  229.563612][T11024] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.567741][T11325]  ? netlink_deliver_tap+0x2e/0x1b0
[  229.567765][T11325]  netlink_deliver_tap+0x19d/0x1b0
[  229.567787][T11325]  netlink_unicast+0x7be/0x990
[  229.590028][T11325]  ? __pfx_netlink_unicast+0x10/0x10
[  229.595344][T11325]  ? __virt_addr_valid+0x183/0x520
[  229.600481][T11325]  ? __check_object_size+0x49c/0x900
[  229.605791][T11325]  ? bpf_lsm_netlink_send+0x9/0x10
[  229.610933][T11325]  netlink_sendmsg+0x8e4/0xcb0
[  229.615732][T11325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.621065][T11325]  ? __import_iovec+0x536/0x820
[  229.625948][T11325]  ? aa_sock_msg_perm+0x91/0x160
[  229.630914][T11325]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  229.636219][T11325]  ? security_socket_sendmsg+0x87/0xb0
[  229.641701][T11325]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.647003][T11325]  __sock_sendmsg+0x221/0x270
[  229.651700][T11325]  ____sys_sendmsg+0x525/0x7d0
[  229.656493][T11325]  ? __pfx_____sys_sendmsg+0x10/0x10
[  229.661819][T11325]  __sys_sendmsg+0x2b0/0x3a0
[  229.666437][T11325]  ? __pfx___sys_sendmsg+0x10/0x10
[  229.671564][T11325]  ? vfs_write+0x7c4/0xc90
[  229.676050][T11325]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  229.682398][T11325]  ? do_syscall_64+0x100/0x230
[  229.687188][T11325]  ? do_syscall_64+0xb6/0x230
[  229.691891][T11325]  do_syscall_64+0xf3/0x230
[  229.696417][T11325]  ? clear_bhb_loop+0x35/0x90
[  229.701208][T11325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.707118][T11325] RIP: 0033:0x7fc2dfa7d0a9
[  229.711537][T11325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  229.731157][T11325] RSP: 002b:00007fc2e07dd0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  229.739571][T11325] RAX: ffffffffffffffda RBX: 00007fc2dfbb3f80 RCX: 00007fc2dfa7d0a9
[  229.747540][T11325] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000e
[  229.755509][T11325] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  229.763475][T11325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.771439][T11325] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  229.779427][T11325]  </TASK>
[  229.809689][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.829057][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.859601][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.878478][  T783] IPVS: starting estimator thread 0...
[  229.899280][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.913301][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.925389][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.940803][T11024] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.971124][T11325] vlan2: entered promiscuous mode
[  229.979774][T11328] IPVS: using max 24 ests per chain, 57600 per kthread
[  229.987638][T11325] bridge0: entered promiscuous mode
[  230.000771][T11325] vlan2: entered allmulticast mode
[  230.005916][T11325] bridge0: entered allmulticast mode
[  230.016218][T11325] bridge0: left allmulticast mode
[  230.030058][T11325] bridge0: left promiscuous mode
[  230.110011][T11317] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  230.182210][T11024] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.199191][T11024] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.207931][T11024] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.217955][T11024] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.564376][   T29] audit: type=1800 audit(1719093334.654:33): pid=11342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1944 res=0 errno=0
[  230.672706][T11035] veth0_vlan: entered promiscuous mode
[  230.684577][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.707167][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.743648][T11345] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  230.763439][   T29] audit: type=1800 audit(1719093334.854:34): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1944 res=0 errno=0
[  230.765334][T11345] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  230.811421][   T29] audit: type=1804 audit(1719093334.884:35): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/404/memory.events" dev="sda1" ino=1944 res=1 errno=0
[  230.848442][   T29] audit: type=1804 audit(1719093334.884:36): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2236930678/syzkaller.0FSThI/404/memory.events" dev="sda1" ino=1944 res=1 errno=0
[  230.852391][T11345] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  230.885185][T11345] batadv_slave_0: entered promiscuous mode
[  230.958193][T11035] veth1_vlan: entered promiscuous mode
[  230.988091][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.031691][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.062224][T11035] veth0_macvtap: entered promiscuous mode
[  231.103923][T11035] veth1_macvtap: entered promiscuous mode
[  231.226926][T11353] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  231.252572][T11359] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  231.262617][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.280963][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.291192][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.301863][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.328208][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.334828][T11362] xt_TCPMSS: Only works on TCP SYN packets
[  231.355965][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.373114][T11035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.387024][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.397870][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.415370][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.426789][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.437307][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.447998][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.459045][T11035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.480017][T11035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.491801][T11035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.518209][T11035] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.536062][T11035] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.560079][T11035] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.577522][T11035] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.721277][  T953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.734968][  T953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.767552][T10500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.779324][T10500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.854875][T11383] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  231.938324][T11386] netlink: 228 bytes leftover after parsing attributes in process `syz-executor.2'.
[  231.998250][T11388] bridge_slave_0: default FDB implementation only supports local addresses
[  232.069893][T11392] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  232.078470][T11392] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'.
[  232.367603][T11418] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  232.424066][T11418] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.516519][T11418] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.601706][T11418] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.696465][  T953] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.826920][T11418] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.028265][   T29] audit: type=1800 audit(1719093337.114:37): pid=11432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1953 res=0 errno=0
[  233.064891][   T29] audit: type=1804 audit(1719093337.144:38): pid=11432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3486444059/syzkaller.ZMlukg/67/memory.events" dev="sda1" ino=1953 res=1 errno=0
[  233.092450][   T29] audit: type=1804 audit(1719093337.144:39): pid=11432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3486444059/syzkaller.ZMlukg/67/memory.events" dev="sda1" ino=1953 res=1 errno=0
[  233.268031][T11418] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.322126][T11418] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.365169][T11418] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.375084][T11435] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  233.405978][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  233.416564][T11418] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.427332][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  233.441857][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  233.451098][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  233.470820][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  233.487442][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  233.551019][  T953] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.686713][  T953] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.753065][  T953] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.782603][T11453] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'.
[  234.106002][T11436] chnl_net:caif_netlink_parms(): no params data found
[  234.121886][  T953] bridge_slave_1: left allmulticast mode
[  234.127912][  T953] bridge_slave_1: left promiscuous mode
[  234.134842][  T953] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.150111][  T953] bridge_slave_0: left allmulticast mode
[  234.163337][  T953] bridge_slave_0: left promiscuous mode
[  234.175745][  T953] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.179935][T11466] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  234.786517][  T953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.810447][  T953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.824483][  T953] bond0 (unregistering): Released all slaves
[  234.885786][T11466] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.131451][T11466] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.245336][T11495] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  235.258256][T11495] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.4'.
[  235.293478][T11466] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.370229][T11466] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[  235.384683][T11466] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.425582][T11436] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.435766][T11436] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.456175][T11436] bridge_slave_0: entered allmulticast mode
[  235.464094][T11436] bridge_slave_0: entered promiscuous mode
[  235.502000][  T953] hsr_slave_0: left promiscuous mode
[  235.510851][  T953] hsr_slave_1: left promiscuous mode
[  235.517484][  T953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.525184][  T953] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.536525][  T953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.544651][  T953] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.570473][  T953] veth1_macvtap: left promiscuous mode
[  235.576260][  T953] veth0_macvtap: left promiscuous mode
[  235.582581][ T5119] Bluetooth: hci3: command tx timeout
[  235.585505][  T953] veth1_vlan: left promiscuous mode
[  235.596294][  T953] veth0_vlan: left promiscuous mode
[  236.118289][  T953] team0 (unregistering): Port device team_slave_1 removed
[  236.164970][  T953] team0 (unregistering): Port device team_slave_0 removed
[  236.639444][T11436] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.646634][T11436] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.655608][T11436] bridge_slave_1: entered allmulticast mode
[  236.664009][T11436] bridge_slave_1: entered promiscuous mode
[  236.709905][T11509] netlink: 45 bytes leftover after parsing attributes in process `syz-executor.4'.
[  236.763832][T11436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.837501][T11466] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.874533][T11436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.914880][T11466] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.990415][T11466] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.051424][T11466] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.115956][T11436] team0: Port device team_slave_0 added
[  237.156509][T11436] team0: Port device team_slave_1 added
[  237.321317][T11436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.348802][T11436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.429695][T11436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.450854][T11436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.465148][T11436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.495394][T11436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.508210][T11538] hsr0: entered promiscuous mode
[  237.566902][T11542] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  237.640155][T11541] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  237.659174][ T5119] Bluetooth: hci3: command tx timeout
[  237.683828][T11436] hsr_slave_0: entered promiscuous mode
[  237.697220][T11436] hsr_slave_1: entered promiscuous mode
[  237.706025][T11436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  237.714532][T11436] Cannot create hsr debugfs directory
[  237.919111][T11562] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  238.008613][T11564] 
: renamed from bond0
[  238.139129][T11576] FAULT_INJECTION: forcing a failure.
[  238.139129][T11576] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.169151][T11576] CPU: 1 PID: 11576 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  238.179704][T11576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  238.189769][T11576] Call Trace:
[  238.193042][T11576]  <TASK>
[  238.195982][T11576]  dump_stack_lvl+0x241/0x360
[  238.200760][T11576]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.205953][T11576]  ? __pfx__printk+0x10/0x10
[  238.210543][T11576]  ? __pfx_lock_release+0x10/0x10
[  238.215569][T11576]  should_fail_ex+0x3b0/0x4e0
[  238.220263][T11576]  _copy_from_iter+0x1f6/0x1960
[  238.225129][T11576]  ? __virt_addr_valid+0x183/0x520
[  238.230242][T11576]  ? __pfx_lock_release+0x10/0x10
[  238.235265][T11576]  ? __alloc_skb+0x28f/0x440
[  238.239852][T11576]  ? __pfx__copy_from_iter+0x10/0x10
[  238.245129][T11576]  ? __virt_addr_valid+0x183/0x520
[  238.250235][T11576]  ? __virt_addr_valid+0x183/0x520
[  238.255428][T11576]  ? __virt_addr_valid+0x44e/0x520
[  238.260534][T11576]  ? __check_object_size+0x49c/0x900
[  238.265819][T11576]  netlink_sendmsg+0x73d/0xcb0
[  238.270585][T11576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.275863][T11576]  ? __import_iovec+0x536/0x820
[  238.280703][T11576]  ? aa_sock_msg_perm+0x91/0x160
[  238.285637][T11576]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  238.290912][T11576]  ? security_socket_sendmsg+0x87/0xb0
[  238.296370][T11576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.301645][T11576]  __sock_sendmsg+0x221/0x270
[  238.306317][T11576]  ____sys_sendmsg+0x525/0x7d0
[  238.311082][T11576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.316378][T11576]  __sys_sendmsg+0x2b0/0x3a0
[  238.320971][T11576]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.326076][T11576]  ? vfs_write+0x7c4/0xc90
[  238.330521][T11576]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.336853][T11576]  ? do_syscall_64+0x100/0x230
[  238.341612][T11576]  ? do_syscall_64+0xb6/0x230
[  238.346287][T11576]  do_syscall_64+0xf3/0x230
[  238.350783][T11576]  ? clear_bhb_loop+0x35/0x90
[  238.355459][T11576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.361349][T11576] RIP: 0033:0x7fc2dfa7d0a9
[  238.365757][T11576] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  238.385356][T11576] RSP: 002b:00007fc2e07dd0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.393764][T11576] RAX: ffffffffffffffda RBX: 00007fc2dfbb3f80 RCX: 00007fc2dfa7d0a9
[  238.401726][T11576] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  238.409688][T11576] RBP: 00007fc2e07dd120 R08: 0000000000000000 R09: 0000000000000000
[  238.417740][T11576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.425794][T11576] R13: 000000000000000b R14: 00007fc2dfbb3f80 R15: 00007ffc179eb938
[  238.433770][T11576]  </TASK>
[  239.236470][T11600] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  239.339185][T11605] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  239.368084][T11436] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  239.416223][T11436] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  239.468600][T11436] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  239.514314][T11436] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  239.638602][T11620] 
[  239.640972][T11620] ======================================================
[  239.647993][T11620] WARNING: possible circular locking dependency detected
[  239.655017][T11620] 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0 Not tainted
[  239.662133][T11620] ------------------------------------------------------
[  239.669151][T11620] syz-executor.2/11620 is trying to acquire lock:
[  239.675692][T11620] ffffffff8f5e6f48 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0
[  239.684772][T11620] 
[  239.684772][T11620] but task is already holding lock:
[  239.692140][T11620] ffff88801f92cc50 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x1c3/0xe50
[  239.702448][T11620] 
[  239.702448][T11620] which lock already depends on the new lock.
[  239.702448][T11620] 
[  239.712859][T11620] 
[  239.712859][T11620] the existing dependency chain (in reverse order) is:
[  239.721967][T11620] 
[  239.721967][T11620] -> #2 (&smc->clcsock_release_lock){+.+.}-{3:3}:
[  239.730589][T11620]        lock_acquire+0x1ed/0x550
[  239.735631][T11620]        __mutex_lock+0x136/0xd70
[  239.739253][ T5119] Bluetooth: hci3: command tx timeout
[  239.740652][T11620]        smc_switch_to_fallback+0x35/0xd00
[  239.751810][T11620]        smc_sendmsg+0x11f/0x530
[  239.756767][T11620]        __sock_sendmsg+0x221/0x270
[  239.761978][T11620]        ____sys_sendmsg+0x525/0x7d0
[  239.767277][T11620]        __sys_sendmmsg+0x3b2/0x740
[  239.772490][T11620]        __x64_sys_sendmmsg+0xa0/0xb0
[  239.777879][T11620]        do_syscall_64+0xf3/0x230
[  239.782921][T11620]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.789351][T11620] 
[  239.789351][T11620] -> #1 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  239.797108][T11620]        lock_acquire+0x1ed/0x550
[  239.802148][T11620]        lock_sock_nested+0x48/0x100
[  239.807448][T11620]        do_ipv6_setsockopt+0xbf3/0x3630
[  239.813103][T11620]        ipv6_setsockopt+0x5c/0x1a0
[  239.818336][T11620]        rawv6_setsockopt+0x327/0x740
[  239.823725][T11620]        do_sock_setsockopt+0x3af/0x720
[  239.829288][T11620]        __sys_setsockopt+0x1ae/0x250
[  239.829574][T11436] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.834662][T11620]        __x64_sys_setsockopt+0xb5/0xd0
[  239.834683][T11620]        do_syscall_64+0xf3/0x230
[  239.851803][T11620]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.855542][T11436] 8021q: adding VLAN 0 to HW filter on device team0
[  239.858244][T11620] 
[  239.858244][T11620] -> #0 (rtnl_mutex){+.+.}-{3:3}:
[  239.869717][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.872017][T11620]        validate_chain+0x18e0/0x5900
[  239.879130][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.884382][T11620]        __lock_acquire+0x1346/0x1fd0
[  239.896943][T11620]        lock_acquire+0x1ed/0x550
[  239.901979][T11620]        __mutex_lock+0x136/0xd70
[  239.907011][T11620]        do_ip_setsockopt+0x127d/0x3cd0
[  239.912576][T11620]        ip_setsockopt+0x63/0x100
[  239.917705][T11620]        smc_setsockopt+0x275/0xe50
[  239.918447][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.922898][T11620]        do_sock_setsockopt+0x3af/0x720
[  239.922921][T11620]        __sys_setsockopt+0x1ae/0x250
[  239.930136][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.935526][T11620]        __x64_sys_setsockopt+0xb5/0xd0
[  239.953618][T11620]        do_syscall_64+0xf3/0x230
[  239.958658][T11620]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.965093][T11620] 
[  239.965093][T11620] other info that might help us debug this:
[  239.965093][T11620] 
[  239.969375][T11436] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  239.975307][T11620] Chain exists of:
[  239.975307][T11620]   rtnl_mutex --> sk_lock-AF_INET6 --> &smc->clcsock_release_lock
[  239.975307][T11620] 
[  239.975340][T11620]  Possible unsafe locking scenario:
[  239.975340][T11620] 
[  239.975346][T11620]        CPU0                    CPU1
[  239.975351][T11620]        ----                    ----
[  240.017425][T11620]   lock(&smc->clcsock_release_lock);
[  240.022812][T11620]                                lock(sk_lock-AF_INET6);
[  240.029852][T11620]                                lock(&smc->clcsock_release_lock);
[  240.037758][T11620]   lock(rtnl_mutex);
[  240.041754][T11620] 
[  240.041754][T11620]  *** DEADLOCK ***
[  240.041754][T11620] 
[  240.049899][T11620] 1 lock held by syz-executor.2/11620:
[  240.055362][T11620]  #0: ffff88801f92cc50 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x1c3/0xe50
[  240.066097][T11620] 
[  240.066097][T11620] stack backtrace:
[  240.071988][T11620] CPU: 0 PID: 11620 Comm: syz-executor.2 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  240.082498][T11620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  240.092563][T11620] Call Trace:
[  240.095854][T11620]  <TASK>
[  240.098793][T11620]  dump_stack_lvl+0x241/0x360
[  240.103489][T11620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.108719][T11620]  ? print_circular_bug+0x130/0x1a0
[  240.113932][T11620]  check_noncircular+0x36a/0x4a0
[  240.118884][T11620]  ? __pfx_validate_chain+0x10/0x10
[  240.124094][T11620]  ? __pfx_check_noncircular+0x10/0x10
[  240.129568][T11620]  ? lockdep_lock+0x123/0x2b0
[  240.134257][T11620]  ? validate_chain+0x11e/0x5900
[  240.139207][T11620]  ? __pfx_validate_chain+0x10/0x10
[  240.144419][T11620]  validate_chain+0x18e0/0x5900
[  240.149296][T11620]  ? __pfx_validate_chain+0x10/0x10
[  240.154501][T11620]  ? mark_lock+0x9a/0x350
[  240.158847][T11620]  ? __lock_acquire+0x1346/0x1fd0
[  240.161296][T11436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.163868][T11620]  ? validate_chain+0x11e/0x5900
[  240.175558][T11620]  ? mark_lock+0x9a/0x350
[  240.179905][T11620]  __lock_acquire+0x1346/0x1fd0
[  240.184775][T11620]  lock_acquire+0x1ed/0x550
[  240.189287][T11620]  ? do_ip_setsockopt+0x127d/0x3cd0
[  240.194503][T11620]  ? __pfx_lock_acquire+0x10/0x10
[  240.199623][T11620]  ? __pfx___might_resched+0x10/0x10
[  240.204943][T11620]  ? mark_lock+0x9a/0x350
[  240.209375][T11620]  ? __lock_acquire+0x1346/0x1fd0
[  240.214415][T11620]  __mutex_lock+0x136/0xd70
[  240.218932][T11620]  ? do_ip_setsockopt+0x127d/0x3cd0
[  240.224158][T11620]  ? do_ip_setsockopt+0x127d/0x3cd0
[  240.229378][T11620]  ? __pfx___mutex_lock+0x10/0x10
[  240.234418][T11620]  ? __mutex_trylock_common+0x183/0x2e0
[  240.239978][T11620]  ? __pfx___might_resched+0x10/0x10
[  240.245280][T11620]  do_ip_setsockopt+0x127d/0x3cd0
[  240.246463][T11436] veth0_vlan: entered promiscuous mode
[  240.250313][T11620]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  240.250340][T11620]  ? __mutex_lock+0x2ef/0xd70
[  240.265802][T11620]  ? __pfx___might_resched+0x10/0x10
[  240.271103][T11620]  ? smc_setsockopt+0x1c3/0xe50
[  240.275974][T11620]  ? __pfx___mutex_lock+0x10/0x10
[  240.279796][T11436] veth1_vlan: entered promiscuous mode
[  240.280997][T11620]  ip_setsockopt+0x63/0x100
[  240.290934][T11620]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  240.296842][T11620]  smc_setsockopt+0x275/0xe50
[  240.301535][T11620]  ? __pfx_smc_setsockopt+0x10/0x10
[  240.306743][T11620]  ? aa_sock_opt_perm+0x79/0x120
[  240.311700][T11620]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  240.317257][T11620]  ? security_socket_setsockopt+0x87/0xb0
[  240.322994][T11620]  ? __pfx_smc_setsockopt+0x10/0x10
[  240.328215][T11620]  do_sock_setsockopt+0x3af/0x720
[  240.333260][T11620]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  240.337458][T11436] veth0_macvtap: entered promiscuous mode
[  240.338800][T11620]  ? __fget_files+0x29/0x470
[  240.338827][T11620]  ? __fget_files+0x3f6/0x470
[  240.338852][T11620]  __sys_setsockopt+0x1ae/0x250
[  240.358643][T11620]  __x64_sys_setsockopt+0xb5/0xd0
[  240.363563][T11436] veth1_macvtap: entered promiscuous mode
[  240.363665][T11620]  do_syscall_64+0xf3/0x230
[  240.373863][T11620]  ? clear_bhb_loop+0x35/0x90
[  240.378554][T11620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.384461][T11620] RIP: 0033:0x7f979147d0a9
[  240.388880][T11620] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  240.401351][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.408560][T11620] RSP: 002b:00007f97922040c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  240.408585][T11620] RAX: ffffffffffffffda RBX: 00007f97915b3f80 RCX: 00007f979147d0a9
2024/06/22 21:55:44 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  240.435336][T11620] RDX: 0000000000000026 RSI: 0000000000000000 RDI: 0000000000000004
[  240.436811][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.443298][T11620] RBP: 00007f97914ec074 R08: 000000000000000c R09: 0000000000000000
[  240.443311][T11620] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  240.443322][T11620] R13: 000000000000000b R14: 00007f97915b3f80 R15: 00007ffefd0101d8
[  240.443343][T11620]  </TASK>
[  240.542967][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.558678][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.591226][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.608880][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.630197][T11436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.661678][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.720456][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.741555][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.768695][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.788704][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.818837][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.838898][T11436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.861831][T11436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.882432][T11436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.904318][T11436] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.932531][T11436] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.948739][T11436] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.957472][T11436] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0