last executing test programs:

2.865197011s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='*\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd}]}, 0x24}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040), 0x4) (async, rerun: 32)
sendto$inet6(r2, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c) (async, rerun: 32)
sendmmsg$inet6(r2, &(0x7f0000009c40)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000200)="17", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000900)="88", 0x1}], 0x1}}], 0x2, 0x400c404) (async)
listen(r1, 0xfff)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000140)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x12, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @rand_addr, {[@timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@broadcast}, {@loopback}, {@local}, {@local}, {}]}, @generic={0x0, 0x5, "5fbeb9"}]}}}}}) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000140000140600fc8000000000000000fe8000000000000000000000000000aa00004e2200000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0) (async)
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f00000004c0)={<r3=>0x0, "728343ad33a971568df7f4977ac38b07"}) (async)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x170, r4, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x104, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xf2, 0x3, "44ddf43923db2f198b81e4b37243a63a21d752a33a8e3ad30e5814a4d9ed5def04a0607ea018d8363abef17cf30371bd3efb7d53fb0832bc39e8aab18d501a51954ba9f833cd0ac4eb6735c029b3d6a6f2d9ab4b5b80fe51c3954ee11611884c75f8614dce999f4bdc5500e006388a36746b4186ddfc7bc13c6724b5f282a2bd19c5ae7b0940cab6ba34d71ced0ea8f18a46182ae4af252c61e32f86d54c00bc2658b69c6b416e9b20981ec840998a73a16b4c1ef6cdbd5cb5b58033eb5ac161cdc438f08e153a64ed50c34d7a01c99b86dd593cc78a36795158f68a7b16ea1e2722cbae03d02e9ef9c5c68932c1"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4caf}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x800}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x24f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x800}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8a}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc60d}]}]}, 0x170}, 0x1, 0x0, 0x0, 0x8001}, 0x40)
ioctl$BTRFS_IOC_DEV_REPLACE(r1, 0xca289435, &(0x7f00000014c0)={0x0, 0x1ff, @start={r3, 0x1, "520b7f16cf5e39e84e1397141e5f433c869c84cd930810ed5368aedb5192bad629e1a79e25c8c4d72364ae0a38aae644cf2d2b0252761de0cc25a9aeaba432612743c205ebad7590a373fa99fd1ad4e107eee58abb5aa10ecaa6f353d69f09478ea89b305ac49610733bccc2c33a97a662f86f005e9ee47b332d4c5c797d4e423d5461226c05e97b6a992ba8a002c49d64cc96fa1e170aa86766926b1616c2f5f82ffb147cee35f9ed22a5c42748bd3fd579c425fd1033128c3deaf6976a2784f65aedd0c2576c5718495dcb026d296585521c36560f1fea36aab85e32ab1df59da69f94369f87695de3f479a0fbec317e80f1ba50e510375d99d26fe417ced57b2e21eb9565aca51b910f80a5d94cd221230abe6fc7039a80064a784c5d86c77174253eaa4bbbd739a8a64735f7f0374e38ce7ed958392294ea99a715affbc5084debb665782cd4ba9d974b45c0b86c9bd074a0313c0d5740ca8e082da22f185aaca564726448812abfb1b4990d6315ba4eddf60786353935ac2cd45f3b628ca108cc10ab57d3ad882e441bb194856d43c29a8c771b05eb20aebf70b074a856ceb46cf5f6a6efa977d0328ccb63822a151c9037c368a4734fb091203eb4a6ae589d36f64401d2c8de4290ccb41f52fb007be6413f6c31c99b58cbe218ed599d87edbb422ca0bbd643b281c0c08f7d55afb155c9e4ac41f40b213c66c2c3eb529d918274c97b3c37a224b8bc8e5856d58ad686864a16037149bb1fa104ac191036c2f63c128d15f82bf5b775cfc844a29976a697c1edf8ee81abfe343e2a8f6afbd9402040db76ff976b1b52169b45bf30c6a7c5103522e1cf3b8a10398ba10a781ae743fe6b245b6bd8dead6870deb6b4de79396c83529ce9d89a024654e48df661ed02becc5e589de4b6647f467f31bacd0a1f87c837a0d331ddefbfe3f6adb006c8863aecaca95f1b47bd8b8556b045b33e284f98b4ba4f6b23082cd4aa11d3b04deafc597917af1b73545bd55a09a7c79d9495297c06f52a9f094903628f4f629e534629e79c62c7006ce5dd8abd6a1de7da5a3649223cd51d98d782857684aac6d1b819a52e17b1e564ae7f02c0cc62b67f85fc8dc9758c1b4f26b5dc4c3078a649deb66e1cbaa687220e2d119f6353f94d4b32774ca3e454e921edbee148380adc37495656d276259e2f2a5b0debec9390055112d49869dbff69e470c1ed51b23c2abcdb3e73debb30e9865ec32d82d9560a0205a561b5502b0bee37502ada1d2384275a8c449020cffa368b32c6c5e0c65af8eff242378ccb137a0b887ea5846f97b39df23e6a7d23af7850917e24a6f9c24743ed73ed23745fbb9db05dea17b08c9819df79011fbd1690ea6460b0a755713193aec3dbf0d28fbd62fb1173d849ec68d604353945509ecf70a652eaef156f4c14074a2237b1e08e335971", "8049e0c0f36f62e9fb59ad9a9314e289395c8df5dea8d22418552e5b5e0258fb8057c56c0b0559d06f79b0ddc816b9e6b510800a758689a00f67cb988c1e9625ed0708bafe24a415799f426d929d02ef89793e62770edce7621a7df89e6e615d0c4289b5f850256958bfbafa9774d8fd532e2e24f9927fc0dc0397958524bfece320fa319b192a20f44f90d1c7d171df117d16dc3742c45ef98aa1860c06e620a2d1f8865e5d89a26759393b4e256b95a5b9946c2ec87bb7ae5183c9ac6568a565e7a3aec5519b8be53e71528fd6238433df3402b714046611fa1de1c64db36622cf89319279406f180fef1cc91b925f112409aa3613290534947d21ac1a7129021bf5732292e0c237363e780cb0ff627634032f2c16788ebda56a804be0ffdee3b3733c1052fc2dfa725ed523fc97ed24fd5eba97ab0fa2d3d109003f666a000f9dace3d176f26e7e9a2535b673f9f05c362945901cbc7b98fe15c617586fba092fa755135d728a6664db495a55ede6599a0cfe4213a04c1e340bea733ebdb6b4c14be8cb81b58eeeeda2fae97f710b1e5a6c9e15f0024b0eb231d90ad2aea92867d3e9525de1f48955988c729f96ec72b5a590f0395df387d71a278d0161965181f7074aeaf8653d0c15b14c86bb73a76b8d0563167da7791d8f9c2cacfaa8ac8e6b7993d8e3fe9d9c2ce3a6a6140e5e11c2cc691f4554ea24976dc24e8b2a13af164715b336d97d8526fb4552143471460869614507407dd5e79b6324618cfa8f137c304bd48e1fa80aca31f236700f7661371800248cea5c6e7048fb458356fa0194f4dcfbad7243775beb2e7cd94d24a4f7050827d3fcb1f3970cc951793a3cf71cb5f205b8d54599a8dbf9e2a916962486fde5818ae095bf3a4cb3506e3e1e0617049be310c6cf11d4012c2572c634ccc06e5522c4f6b9862e197fa45f1227156bc2ba057cea501fc3760cc1372266ca4bf72f44430f074e37fad4fca32ffb6b9ee116a2b5b241d2b29c65ffb4c480a5f19acaaad569d4a19bd50b729f93a19c281e8e3771f70aee566d9e8c0c26c26ba3bb5736dd893e2339e98dc7b7df57972029f3c1acad245fe6932ee330e3a71b4510916ae42b004ed260aef7791b15f4cebafdd1ec7eef27767287a8956b2e92cb9134b2e6883c89d118e458584099a8f4b058703d9bda79378bdb5b57a760a537a71ee23042ef6524765c587ef54398c789e5cb5e093b2a00470c2bc8ad3d6c23332d81c35d40c5e489dad8c55c8ad335d8f9127bfd3e6ae336e3a1746b9dd99dc2133eb7e2cfd0513b6b2d341073179d3661c3a05f1bef3da2127001963c6da5877f369e7b0017371ce6c6cb66cabbdda86abaaba8ea50a88ce8ba563d3bfaadb18262c1eabe2c45f0591bb3760f6871734f5998c20bcf8a1a461790faff3fb21921da452328e3f8291c47b474"}, [0x1, 0x5, 0x0, 0x3, 0x77, 0x8, 0x3, 0x3, 0x4, 0x5, 0x80, 0x3, 0x7fffffffffffffff, 0x4, 0x2, 0x8, 0x3, 0x2, 0x1f, 0x800, 0x1ff, 0x3, 0x7, 0x400, 0x5, 0x2, 0x101, 0xfffffffffffffc44, 0x2, 0x8d61, 0x4, 0x8, 0x8, 0x45e50c59, 0x6, 0xa7, 0x4, 0x4, 0x8000, 0x7, 0x0, 0x400, 0x1, 0xfffffffffffffc01, 0xaaa, 0x6, 0x7, 0x9, 0x7, 0x80000000, 0x1, 0xfaa0e6f, 0x9, 0xffffffff, 0xffffffffffffffff, 0x6, 0x3, 0x4, 0xffffffffffffffff, 0xffffffffffff8696, 0xde84, 0x81, 0x4, 0x4]})
syz_emit_ethernet(0x66, &(0x7f0000000140)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x30, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa}, @timestamp={0x8, 0xa, 0x0, 0xfffffffe}]}}}}}}}}, 0x0)

2.725623816s ago: executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000)='%', 0x1, 0x4004001, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r5 = socket$inet6(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000100)="bd", 0x1, 0x0, &(0x7f0000000400)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
close(r5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
write$tun(r6, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000580)=<r7=>0x0)
socket$netlink(0x10, 0x3, 0x0)
r8 = getgid()
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f00000005c0)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast1}}, &(0x7f00000006c0)=0xe8)
r11 = getgid()
sendmsg$unix(r5, &(0x7f0000000800)={&(0x7f0000000200)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000440)="6d60781f2c83a95207f5b292a605c5701e45d159887f81744938fb2a082441ac26e2cb00bb436de661b87280000747044ca831b8494860e45089ecf98ca42d0246a5ced9eefd1d253a140cacddf7ead148b84423ddcb815ab580c1f1fa48ca6530fe2bb7bbd53e75098cc20d39172923b969ab8be2cfa13fb789073f599029ae4c85846ec5b5cd4aca243877f498e666787babeabb15a0887e8d0f241c78a1c2c564134c2b5515224b0d1ef63ffceaf2c2460c6c51a9ce2190b3babd5e9c41765414cd3af2b09e91941089cd77eb1fede2d5f6a47dc7520f609ae30fb566b8f19c69", 0xe2}], 0x1, &(0x7f0000000700)=[@rights={{0x2c, 0x1, 0x1, [r3, r4, r2, r4, 0xffffffffffffffff, r5, r3]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @rights={{0x1c, 0x1, 0x1, [r0, r1, r6]}}, @cred={{0x1c, 0x1, 0x2, {r7, 0x0, r8}}}, @rights={{0x20, 0x1, 0x1, [r1, r2, r9, r3]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r10, r11}}}], 0x100, 0x40000c1}, 0x1)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000002280)=[{{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000008c0)="9c0945a285ed531c7034e5f9c5d5edd102a9c9bb3fa294dbaefa3b579b193eb03ffb9c43c8cca93eb435d8bcf97f8c3fa6", 0x31}], 0x1, &(0x7f0000001c00)=ANY=[@ANYBLOB="14000000000000000000000002000000050000000000000014000000000000000000000002000000008000000000000014000000000000000000000002000000ff03000000000000100000000000000000000000070000001c"], 0x78}}], 0x1, 0x40805)

2.258109994s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa00, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

1.626803023s ago: executing program 4:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GCAUSEDIAG(r1, 0x89e6, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000fc0)=0x1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, 0x0, 0x4040)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x28, r2, 0x300, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x8094)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo}}}}, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000108500000008000000bc0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x49}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000200)=0x8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2f}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x25, &(0x7f00000000c0)={r8, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0)

1.439317005s ago: executing program 4:
socket(0xb, 0x3, 0xfff)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
unshare(0x400)
r0 = epoll_create1(0x0)
epoll_create1(0x0)
r1 = socket(0x18, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000340)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2, 0x0, {0x0, 0x0, 0xaab362c61ab63344}}, 0x18)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xfe, 0x0, 0x0, 0xfd, 0x9}, [@RTA_METRICS={0x7, 0x8, 0x0, 0x1, "8980e1"}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000240))
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x1}})
socket$inet6(0xa, 0x80002, 0x0)
socket(0x2, 0x80805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a9c000000020a0101000000000000000002000006080002400000000050000600dcf6d062f3a85507d870eb47ecab5330b88a6763054c11a8051fd97cde0e9c9d258cdfda62ebd97ce02d64f97d5a2ee99f47ac0290d6ad52e6cf2deea17d4aa5e1f9e197a712370329b3b5e1080002400000000025000600031b554afc970c452f90b135b27c8f75e3933e4a0bd7543e9c60ed4c954bfdf01a000000cc010000180a01080000000000000000020000010900020073797a3200000000ac0103806800038014000100766c616e3000000000000000000000001400010076657468305f746f5f627269646765001400010067656e65766531000000000000000000140001006e7230000000000000000000000000001400010076657468305f746f5f627269646765000800024000000002080002407fffffff680003801400010076657468305f746f5f626f6e640000001400010069703665727370616e30000000000000140001006272696467655f736c6176655f310000140001006d6163766c616e3100000000000000001400010070696d36726567300000000000000000080002400000074d080002400000e0f8b800038014000100626f6e645f736c6176655f30000000001400010069703665727370616e300000000000001400010076657468305f746f5f62726964676500140001007465616d3000000000000000000000001400010073797a6b616c6c6572300000000000001400010076657468315f746f5f626f6e640000001400010073797a5f74756e00000000000000000014000100626174616476300000000000000000001400010073797a5f74756e000000000000000000481000000b0a010800000000000000000000000204100d4027d4274bf230b09b85e6e1e7e3cef3383a26708611696df12b1c26e86fa7ccdee316a41b7d11965880b0980d147285578dcb2f6727cb7eb4350463037ae8bcf3ee1086401850d512b3cbb00b09f6cc031fdf13f82be8b19483ccd2e36c91659d437bb1fb4192670403c03fc5712be9bbd88c616c982624e80a293854a2ab38405f9f2a5ac8b2f967d33f9fe0b531cb3b7857784204aab7f724e44d750685e3dd440f637b236bb835807dcbf8589d2c39eb5c51f75ee13bec13f49708c169cd65cd09069ceb7dd492514c46ad76ee6e9ae21cdbce6efa10a771b8652588fa11caa26c5d5b420a695e806a5b464b4838630797a847902756dd9618f287b0054bfd00dae5cadfa02fa836f3e03de41618db15406e9ea1655b549d0dafcd8b67d46d2dca64d8b7034e527f4c9d9d41d6befa23568181a06c5ceb3ecdfcedba931841102cea57301413ffa09f759ccd50fb60bcf87e390c3025dff5a83e7806afb6c04a1162dc948f66fb3a64c6b37a13a49da06c2f66dd6d2927e58e399e5fdc3d111038b06488ee70207f176f68e453e1ebbcee140eed06fc053f287e3c40a27e61867547925dd5f017fee8ee320871d076f1fb7ced4723cf51c5d3dde323eb93a94ddf2f0a059dd9ad13cc2b1519d62b7f2a6045437453cb9e152ffbee67cf1b890272f5903edfd8d80357af53ab226b694a7e3e86db096633d3bcf8681299e109cef139b1f52964c0d3780d25e65b899b3ba02fc2daf4bd7c04451858152639dc4ca917b6aff2b8f9dc259e498d65ae6b67fb52f2881fb1e28b5867448e3ac7097d2f31baacf616618a8f7af0b02544a525630032f9c833bb030a1f9d70f59bee906d940420ed1809ade9e1789f7636c72ab7028df8bb77d6a30743a9ca1f2f22ae36c5af17757b3e996be6c76a8f4465dc8eede669ebf2eb093c0a5d796a93fa3c9101c7d99e1206fc0b2b9d1b539aa9f3351a357b0e6974e3d1cc5ac46d0e13f2a2f7bd80af27d31105984f0f0ca66c36af4cc8312986e3d64c20cdc152178a1e55ba0df66dbb9fddb40fb01f330b94e17ab5fa3bf6d7fcbd51cdb6d98fffaf78adfa62f2943ee6b19eb550053fd3cc6520e99793311677b56a81cf8fb3c157a4423d1a3faf870fc84bf38e4783c01bf9287786b1bf9a2ab2424b27439f2f51d7c45795fcf27d314ce69fb38dc79ecea02676c1e103d3ad7a7d162bf5fc2244800b2edfd328706aafe44804b389d0b12efe0b35697b42b5165db66de073e464928e90b991470df62241a48580891952782fb8651c7361b90b9658a15a82d15592c7e61efb7deb928b7fd8d8ae75ca50f3bbcb0df8fe7e07af3a83314dd214e5bb5612afc5e20aa4d9a985466e690aaf802109d42ba9d60d624aa4f82c4d1eb7a5e614d5b6a24a06fa46b50521a23dd3793363a813f372fac75bf150539e949209290d12cf2c0dd6e5ab83d527a905f0abf49b4186c1e504b98f81d83b99e821ac952bee356cdf2a44e17f9ba6ba32ecb7e986b16e0a4d9c3ec4395a5e620dc38eefb9b66589989d816195f649af097acf164b329e632651ee444fb14d6ed06dc0dad76ceb46c3a62688a2fc877f975de4b0cd09d490a575afc83c5e2aed661d5a46b5ba2722741edab5a644d28fde4b60e58119d94229994f8a8533bf47929781a9ea645c33d5eb49868609c69f28f6b892fae0e62f38ee9dab1c48cd49635bbd87bfebfb11072cf090b323a883993e9dbde40b6a3cb8adab1d534f669d8bb9e645d1204aa7e8707848120e8870b2fa4693cd7dc0a88e544205a42e70b49d79647afb3c4725f96e05f3f90da3ed4788c8245f882039a0f0a8b106484336bdf793a3b21cf1ae94f60a52de91e5e2061ed0f95d5d18bc4fb67765af40edbd44514172f77c1f29a92b514e75598d6af6ee3d43eaf4ac3d8655ef4e186f85495f8228c9783dc7dd49d7efa39554f0203a368da9726b9d02be7910a75732b048d63ca021cb0cb85b9f6dc0a25783e1eb095f45d2cc667ac24c266125ddeae402e0b610b77a7e0b5774757fef3d13fa5d1533bdf76bcc672fe050695fb17c05e8e3a902e672cd085799e8d2e6afd0d29efb925ac9bc28663dc61e89a7fd93968ce82ccd2d7775527833dbee4fa2d3d880ef04e99eaaed94ab60f307d1e96d9159c644c22cb1c8fbab3b19d41add52a43b0590342f88f43bc52da8a9892546dfb8d302dfdad3246b2add799a2df874b14ee53d199c77dec6c8bbf641ae4a0ade0399ab05e4ce14ff63c34a4d82802b72fc2c6bd0e32a90be85a41a0a7092237187429ec8f722fd00174a55ba20b9146c0172243f188b3a0a77c40bfffeace20367717cd0eed941e7ccb997a8d77c2c025a9043feece2358d2626d3391706f7de32fafdb5e6efae974ffe8832f01260ce88f61c269aee7db0cd5bea19e132a862bacfa08a81cbcad50d956357122bd606d80c5c38fb9d46c759d0ef465daecd48b00f44dabe38bb55d80f84e44adb5ca0d430ecd02275d848124e4651b87b1183667482611a6b1771aed30307206997a97a8edbaf0cba507ed6bc0c98f7349ad9c4f063ab9b0797c217f41a830543f11e395cacceca79f770c0c3e53e6024d88996ed7d5f123d07cc82ebbcc285ae38343e53bdd37b90fedf3ed2628ebd8db7054fa05bdb8580a4f53880e1613069002964804f42b53fabc52476d375f4c0aabc1d08bb6876d683cdad2ae0fdad93a3ec55450261b3f4f812e02916af642732a36709d130bb313476ff1da3f363c031492da7538a20ddddecdb39f2357076674f1da165a170f970a57a4699b1f72b0a98064f2491aabc02587e80000159d0a5e7ae303e0c81d1dae7e924dda7a1fd1b8deb079326c5c7980027a475fea69701bdc6b11ad0d3032ce8ff8ccc52a92cf19072a3877dbf309ed5691a9f6b3601ba00092c0ae098ef635264488915f0901c6dbf73c135499799f18cd41c81c1cb617ac536f0435ab2a5c49d383937b694ffc6d839c156df0141f06b2dd9506de6a2400628c04f2c41d5c00cf09b5d3af9a78b202df2ff178a11d924c1741c265d12a9b28ac72ffa88418aa0f89a3ea0d23a45e9167c6db65c139c692508a6c56989e49ba050e0654ca0fef6ae3e151228712fd0d3dab45b4cf0b91b1a2813858731b88bcb6f4aad1dddf53630f41204e1e269c242e07e2daa04e76a8645975ed92e71098220126beca3ce111628d87e86d20078f12e2befb65f000dbd5ef4ae99dc4e87e8bd7915745fe7ffb0d7651007668ab4e2d8b5be50b3f944eaa6ae84528fac60132e09488a06ab6acc71b1970d08920c6565067edfb7bd23538fe7c3bdd9cc7c034d7f6e05ec720010b8675c1e6c36aab10612b833fab713e48af1b3c718663b5b9bdcc1f673f0c36f34faba048f1ccee1d8cd097cc0ac7c19889291d4d26b7c84d88e07ae4d28cd3f457a5f177b4c065f5891a8f2f9024d8536fb62785bd13267758eaabe28968826e78e55fe9dc8385973cc71632cded1583dfca3ca2dc1d02caf5f35ff41283afc7b587d85b09639db0e258958e3026b09a6e8d3994000717daa5754b077b2114a83f22a01c684b60be4d40763fe84f727c68dffb12a3a0a4922ea5c242d5f1eb0b0c1b4dfe209f5db73dd57f2603a21f2e547dc7856842b1a8448ae2ef52d3fdd9c9dd98fea96fb84a5d9c64ae2842b6bcecb823cf5b7c34b72e6d758c6a1e100fb30e5df4bc4d40f29134706061417760e5fff5edc32e7c582d916e41bfa44e036341ea4588a0ac3d85a0c5fcbdc0a62da6bfb74059848d9c270bc6ccb24f5062f7923ad4191df3eba2125a19fd9fceac00645c1924082f6a2b3444eb6963b87bded90623f330af4bd5590ecae93c461775574f73ea4f0f9a8a00e472339ce6cb677f54a564eeec22cc6e946d866eaaf18a2b5902f6320000a09aecbe383fa064747ba0dde2a17eeeb61b3684de1d71af1485bb4e6622507ec4921a761f533363dd9b570e0fa0de4fe7d374cde487946c43548e6986dd5642520fb35e7976b1505d4cbbfe118c60c98b1f2b21660b38475fa770800f3181c9610c56918f49b54434c52553d6da9f276629d3758d35e40f4aac9c12dd3ac91893e87a6ed05c5eedb1e6666e99115bf7a402ac9de5fe5ea8ebb86ad51b89e38cc21e5120b36a97b147279040711feaddf404f7329f27884edf236fc7abe942dbe28271214a0e9b5511c25b2f73cf289095be63f05ca7bc67871b4a8c87b8fa5d07e4c04dc7203f95b315a04130d85c8c6b11ccef3a05257ff474cc7b6d3d2c6513375366fa6a52f2977b930dc36c27892b2fba7ce30093102aac015df11918d7d951fdbfed507bfa84646f97c1ebb99d35dac4d85324e7032e1a4e331b026bc44337d78751844f59e41bbf97cd149e48aaf79de3753a112fed86d0cc053967063ed626a6428aa37779ffb3d8cb7fffcf09e74c4ee101c61e142fd7c8f47b6cbdcd386ca9777840f01a989accb23ae1f6fe030e8e10ff7aa36b897bcea14ab9908296f20f71d3d8188684b71444d3c4311926bc89737a1774796ae6fbbca5c7094b79816150bf274b5d3d282c14ecdbd40052f2d272b16f714517b01e5de0274631f3f013a4aaab1fa96160c33d23e6700dcde18e1e6d5dd6557a65f9c5ce64839821eebf2e8a781d022f58d5895118de876d5150f6c9066356f384b715e2c652bd600b23e0ab8c71e920cff49e9054ee20e82cd6fc3367e151d3d859d6d176339e1a4d087549f04e8272bfa31207352832d7a55de60c75c9753d1eb5c9dd153ed387b5c613259e85ab9e64b37d74281d11655af4b3c439c7fd254e19fb2beeb461145d5ba21475a3b96b3dd779d2cb5491420641311bd49454a8f221aa188d4406a15187f4d24fce2c9d3aed5b021434bfbdb8680aba2b27bff704b645c69d353d7fc84bc328ce4c499ebecdc64bcd3d231eff1ea744be61e7f9400556ee057fcc8ab1c32ec1af1167ab76492fa9e7db58de91d611f35386d804467c5d10a0a89e5eeea4e8a62e94fde5bad719b09c58889f647de6b6d9474071f704cedc3cfb60f89e9b5f921e2835b21308863e836c01116067cb9d03038d33bd47ad98fd5cd2e125f4072bc91b06f2151922335de1556af9870d9ac9e4c35efe2ce04e6c486f864e9fc848ff1d45184ad211f156306e8e0498d6a645c921acfc55cc964bf17f1f2548453fcece2c6cbd0005b4b9148f25fca080892793bdf79e58e9e5a70e8c68c967d57075c8a00430cf363851284b9484d6b205f23d5ec0e37cc6b218531ad6540af2ae21952773cfc0263595a71c79bea95d9946d27c1167b33933099a659fc86686e834d8fa82b6023048e4f382db18d2b2a9750aaad37a1793e94a7a625ade03b9ea0bda1b8f288b402141c9df5ae8621f002aa80fe4d1678ce0c9e7d219f0b53d0e02267478ae0bf1aab03d5e53cb014cbf03533fe5c060e8bd84b5500135051266bcac74ee06ea6b94190b1ac46f446155021e856cebeae796b6f613342a281175b7cc042c34778e092ce3b5b0e74568ceac5600d9df50c4e84413a079a1e53453283ef9f1a18af611747ce99be6217bbd21109204c693d18be8473edc2e61fa80d7ba167daab0501f1de9e631c6bf644b49faf5cec9fa9c5b7724bff15aa80c509b9dcbb37460e0eecf39c865cb17cf2c762eca658dcafc14f9f6bb79d550cdc33cf04da9f8d19604879adc6bd0f9726b7c8971fca4502abd8ceb94e4531da5026165221260c529a82dfa281ab2d8cdd511cbc110457e51dd668f399080003400000002008000640ffffff0008000340000000410800084000000000080008400000000008000540000000161400000011000100"/4824], 0x12d8}, 0x1, 0x0, 0x0, 0x1}, 0x18c4)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000180)=0xffffffffffffffff, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))

1.331726023s ago: executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x4, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_DATA={0x0, 0x3, "45f03ddbd8aa8987fe6255b1f0ce25722d4fbc3e175fdc7e099d8e96fb9e1684b3ce5ba5138c0597ab9dbe76c14ef51028ce0cbae0c1f2a920ddddc3faa3406091ba1969da904569a5ef5112d5b196a9c9326e7d3812d3d5ea0aa140"}}}}]}, 0x38}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000009240)={&(0x7f0000000600)=@newtfilter={0x2c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@TCA_CHAIN={0x8}]}, 0x2c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r8, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x28, r5, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_COOKIE={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008800}, 0x20000800)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x4, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_DATA={0x0, 0x3, "45f03ddbd8aa8987fe6255b1f0ce25722d4fbc3e175fdc7e099d8e96fb9e1684b3ce5ba5138c0597ab9dbe76c14ef51028ce0cbae0c1f2a920ddddc3faa3406091ba1969da904569a5ef5112d5b196a9c9326e7d3812d3d5ea0aa140"}}}}]}, 0x38}}, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000009240)={&(0x7f0000000600)=@newtfilter={0x2c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@TCA_CHAIN={0x8}]}, 0x2c}}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r8, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) (async)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x28, r5, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_COOKIE={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008800}, 0x20000800) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

1.070518187s ago: executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000040)=ANY=[@ANYRES16=r1, @ANYRESHEX=r0, @ANYRES64=r0], &(0x7f0000000000)='GPL\x00', 0x3, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x90)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip_vti0\x00', 0x10)
write$binfmt_aout(r0, &(0x7f0000000480)=ANY=[], 0x594)

1.003122177s ago: executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a00)=@mangle={'mangle\x00', 0x44, 0x6, 0x4d8, 0x0, 0x388, 0x278, 0x1e0, 0x1e0, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0xd}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @TTL={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

983.684526ms ago: executing program 4:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async, rerun: 64)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) (rerun: 64)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f00000000c0)=0x41) (async, rerun: 64)
pwritev(r1, &(0x7f0000000940)=[{&(0x7f0000000480)="80fd02000040", 0x6}, {&(0x7f0000000740)="d5a5", 0x2}], 0x2, 0x0, 0x0) (async, rerun: 64)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'geneve0\x00'}) (async)
getsockname(0xffffffffffffffff, &(0x7f00000003c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x80) (async)
unshare(0x20000400)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000980)=@filter={'filter\x00', 0xe, 0x4, 0x350, 0xffffffff, 0xf8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, &(0x7f00000001c0), {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0xff, 0xff, 'sit0\x00', 'ip6erspan0\x00', {}, {0xff}, 0x21, 0x2, 0x6d}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@socket0={{0x20}}, @common=@set={{0x40}, {{0x3, [0x6, 0x3, 0x3, 0x4, 0x4, 0x2], 0x6, 0x2}}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x5}}}, {{@uncond, 0x0, 0xb0, 0x120, 0x0, {}, [@common=@set={{0x40}, {{0x2, [0x0, 0x3, 0x0, 0x4, 0x1, 0x2], 0x3, 0x3}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x8e, 0x5, 0x6, 0x0, 0x0, "e6272e971b753a01d78227e6ca4021a587ac8850811cd65730e79f9e508844880d099de2dd5f9de4af2502c27c3388edae89042dc7379ddfcaed5acc889b08ef"}}}, {{@ip={@loopback, @rand_addr=0x64010102, 0xffffff00, 0xff, 'syzkaller0\x00', 'vlan0\x00', {0xff}, {0xff}, 0x88, 0x2, 0x416a0088d5298d94}, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x0, 0x1}, {0x0, 0x5, 0x2}, 0x101, 0xfffffff8}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200, 0x0) (async)
r4 = socket$inet6(0xa, 0x2, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00', <r5=>0x0})
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) (async)
ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000300)={@empty, 0x5a, r5}) (async)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100)={0x0, 0x0, 0x401}, 0xc)
syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), r2) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r7 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) (rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18030000000000000000000000000000851000000600000018100000", @ANYRES32=r7, @ANYBLOB="0000000000000000660000000000000018000000000000000000000000000000950000000000000007030000000000009500000000000000cb25f23160256e2069c24792d33df7c66d9cec3404a151d5633f62872a387a3ce29d3bce0d50c7216336a31c4a5bbbd11bd8bd4ef0d99fafafb90f185f04f761db61e2af03f2620ac3a0c6341e5f09de0cf74c84"], &(0x7f0000000000)='GPL\x00'}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000340)) (async, rerun: 64)
r8 = socket$alg(0x26, 0x5, 0x0) (rerun: 64)
bind$alg(r8, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) (async)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmmsg$alg(r9, &(0x7f000001f300)=[{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f000001b640)="3cc94c36cb1b778f9477e601047a06ed98cc8555f31809f56a918c1b4a2e74581f", 0x21}], 0x1, &(0x7f0000001640)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r9, &(0x7f0000003000)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000180)=""/137, 0x89}, {&(0x7f0000000380)=""/57, 0x39}, {&(0x7f0000000240)=""/136, 0x88}], 0x3}}], 0x1, 0x0, 0x0)

971.855419ms ago: executing program 3:
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000082c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000003e00)={0xac, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x4a}, @NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@beacon_params, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x3ff, 0x81, 0xa0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x4}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x1, 0x5, 0x1]}]}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CSA_IES={0x24, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xc, 0xba, [0x0, 0xf801, 0x7ff, 0x20]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x12, 0xbb, [0x20, 0xbc, 0x5, 0xfffd, 0x20, 0x0, 0x0]}]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1b4}], @NL80211_ATTR_CSA_IES={0x8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x4}]]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fffffff}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5}]]}, 0xac}, 0x1, 0x0, 0x0, 0x40481}, 0x200448c0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f00000000c0), 0x4)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0xb8, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x82, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x6, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430"}, {0x0, 0x7, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a705"}, {}]}}}}}}, 0x0)
unshare(0x20000400)
r2 = socket(0x0, 0x803, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000180)={'gretap0\x00', &(0x7f0000000100)={'syztnl0\x00', <r3=>0x0, 0x40, 0x0, 0xde6a, 0x1f, {{0x16, 0x4, 0x1, 0x1, 0x58, 0x66, 0x0, 0x3, 0x4, 0x0, @loopback, @empty, {[@lsrr={0x83, 0x1f, 0x78, [@multicast2, @remote, @dev={0xac, 0x14, 0x14, 0x10}, @broadcast, @private=0xa010101, @local, @remote]}, @timestamp={0x44, 0x24, 0x78, 0x0, 0x9, [0xfffffff7, 0x8, 0x6, 0x5, 0x8, 0x462, 0x5, 0x80]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@can_delroute={0x9c, 0x19, 0x100, 0x70bd2a, 0x25dfdbff, {0x1d, 0x1, 0x5}, [@CGW_MOD_AND={0x15, 0x1, {{{0x3, 0x1, 0x1, 0x1}, 0x3, 0x1, 0x0, 0x0, "1abf5a8ef3c93a82"}, 0x5}}, @CGW_MOD_XOR={0x15, 0x3, {{{0x0, 0x1, 0x0, 0x1}, 0x1, 0x2, 0x0, 0x0, "9c993824cf7ca95e"}, 0x2}}, @CGW_MOD_SET={0x15, 0x4, {{{0x2, 0x1, 0x1}, 0x0, 0x3, 0x0, 0x0, "9305c840c763ca3d"}, 0x2}}, @CGW_MOD_AND={0x15, 0x1, {{{0x1, 0x1, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "a706a6a6ace989cd"}, 0x4}}, @CGW_MOD_OR={0x15, 0x2, {{{0x2, 0x0, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "db4421216a8fe8e6"}, 0x5}}, @CGW_LIM_HOPS={0x5, 0xd, 0x8}, @CGW_DST_IF={0x8, 0xa, r3}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="000000000000000018200000", @ANYRES32, @ANYBLOB="000000feffffffffffffff00fcffff51"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x63}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

888.925743ms ago: executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e00000001b0001000000000000000000fc000000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00080024000800000000000c0015"], 0xe0}}, 0x0) (async)
sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e00000001b0001000000000000000000fc000000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00080024000800000000000c0015"], 0xe0}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, &(0x7f0000000080)={0x1, 0x3c539df7974695dc, 0x15})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000020240), 0x10010) (async)
write$binfmt_script(r4, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r4, 0x0)
ioctl$FS_IOC_GETFSMAP(r4, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"])
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{}, {0xffffffff}]})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0xf}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0xf}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c9, &(0x7f0000000100))
ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, &(0x7f0000000200)={0x3, 0x9})

827.469937ms ago: executing program 1:
bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000611450000000000004000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000910000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r2}, 0x10)
unshare(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x2, 0x8, 0x8}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r3 = socket(0x29, 0x1, 0x4)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f00000005c0)={<r4=>r3})
socket$alg(0x26, 0x5, 0x0)
r5 = accept$alg(r4, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=[@assoc={0x18, 0x117, 0x4, 0x9}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}], 0x60, 0x1}, 0x4000001)
write$binfmt_script(r5, &(0x7f0000000600), 0xfec8)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="9f5c7e7d010000000024000000050000000800000000000002030000000f1c00000000000b01000000030000000000000c04000000002e2e300000000000000000"], 0x0, 0x41}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x31}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22}, 0x80)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r4, &(0x7f0000000740)={&(0x7f0000000680), 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x5, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x5}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x30008804)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r8, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})
ioctl$sock_inet_SIOCSARP(r8, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @broadcast}, 'syz_tun\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000d00)=ANY=[@ANYBLOB="1802000004bce44b00000000000000000000008500000036000000950000000083778cfed767fddf42992cb89bcb375bf60ed0db946232762d7a2f54dd43ed1844f8bfe5f6029acb9a73661b3912a246173e9ea52524a88837aea735d7f225faf6bbf2b6c81daf5f21e8dc6ff594aee5594cef075f945c9b48ce69bc4a5ab68e6f5fe3e6aabe644c773568fe1a1d3069b4e885ff5b4a30f05dacdab2829a305e6812114ed6dfa0f829a64c8138675da99934b2aae1fe3fc7590b4c64fb6f4fb9c4c735b6a226b6b88487a1df6ecd8a19462f46188adb81e1e5d7f7517f441f6c40e74bb2e02d59a7d554d75c752d727e87e0f48eb7e4daa367757145253e43b004cfe8c53d143ddd199b680016865c", @ANYRES32=r6, @ANYRESOCT, @ANYBLOB="4a37c9ddf92f09d0de3c0dad1188f1991ddbb82c4707794a90c942d75568901afcb40db5151fb67660d84c8aadf8240862d548", @ANYRES8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000640)={0x3, 0x1, 0x1})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)

742.50806ms ago: executing program 3:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GCAUSEDIAG(r1, 0x89e6, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000fc0)=0x1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, 0x0, 0x4040)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x28, r2, 0x300, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x8094)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo}}}}, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000108500000008000000bc0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x49}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000200)=0x8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2f}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x25, &(0x7f00000000c0)={r8, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0)

710.974768ms ago: executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="8db4c6d3916872c4d26e8e39f30e9ce9ab2f204389cf53c6", 0x18) (async)
r3 = accept$alg(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000680)=""/6, 0x6}, {&(0x7f0000000740)=""/125, 0x7d}], 0x2}}], 0x1, 0x0, 0x0) (async)
sendfile(r3, r1, 0x0, 0x10000a006) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22}, 0x48) (async)
r5 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="4eaa000000000000711019000000000095000000000000000f78e9450100858b3b14c85ecaa6966b3a604e53c5b0e7bf2c93eb3988c0ac06fba0e7c60c18f160e8d1b54a"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000040)=0xe5, 0x4) (async)
listen(r5, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r4, &(0x7f0000000240), &(0x7f0000000080)=@tcp=r5}, 0x20) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000040801010000000000000000050000011400048008000140000000040800014080000000060002400015000005000300060000000c0004800800054000000000de741901ce97eb8dfbcac3df"], 0x44}, 0x1, 0x0, 0x0, 0x18010}, 0x20000004) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000900)={r4, &(0x7f00000008c0)}, 0x20)

704.125173ms ago: executing program 1:
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x44}}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000007"], 0xd)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143ffd, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x20000400)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, &(0x7f0000000180), 0x20000000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb2}}, &(0x7f0000000480)='GPL\x00'}, 0x80)

576.337238ms ago: executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, &(0x7f0000000080)={0x0, 0xa00, "00fa00"})

519.388754ms ago: executing program 0:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000071105e000000000806000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc4, &(0x7f0000000400)=""/196, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x7}, 0x10}, 0x90)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r0)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x1}, 0x14}}, 0x0) (async)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e24, 0x1000}, 0x1c) (async)
listen(r2, 0x80080400)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10) (async)
getsockopt$inet_int(r3, 0x10d, 0x6, &(0x7f00000003c0), &(0x7f0000000240)=0x4) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000080)={'ip6gre0\x00', 0x0, 0x4, 0x3f, 0x6, 0x6, 0x12, @dev={0xfe, 0x80, '\x00', 0x31}, @private2, 0x7800, 0x20, 0x4, 0x2}}) (async)
r4 = socket$pppoe(0x18, 0x1, 0x0) (async)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_TIMEOUT(r5, 0x0, 0x48a, &(0x7f0000000080)={0x81, 0x93c4, 0x8001}, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0xfffffffffffffe3d, 0x6, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x401}, 0x4001)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) (async)
connect$pppoe(r4, &(0x7f0000000000)={0x18, 0x0, {0x2, @remote, 'team_slave_1\x00'}}, 0x1e) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x7, 0x4, 0x300, 0x1, 0x2150, 0x1}, 0x48) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f00000005c0)=0x20000000000003, 0x12) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x0, 0x0, 0x0, 0x80007}, 0x48) (async)
socket$kcm(0x29, 0x0, 0x0) (async)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000040)={0x18, 0x0, {0x2, @remote, 'veth1_to_team\x00'}}, 0x1e) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{0xffffffffffffffff, <r10=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r10}, 0x4)

442.829891ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000800)='='}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001300)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xf46, 0x40e42, 0x1, 0x1, 0xffffffffffffffff, 0x81, '\x00', r1, r2, 0x0, 0x3, 0x2, 0x5}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(r3, 0x0, 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.self_freezing\x00', 0x0, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0xe0000000, 0xffe000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000020000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d26b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f0000000000000000b2728a0481e9f0da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad3e328a100000000b515a1000000000000000eb2e9c15b6c8f6198282df27badac8507bc7d202e0990e0"], &(0x7f0000000340)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xffff0000, 0xf0, 0x0, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x4, 0x5, 0x0, 0x80000001, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, 0x1, 0x0, 0x7, 0x1}})
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x891b, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0xc0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000004c0)='hybla\x00', 0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000780)={&(0x7f0000000580), 0xc, &(0x7f0000000740)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x34, 0x18, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x5}, @NFT_OBJECT_CONNLIMIT=@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}}, @NFT_MSG_NEWRULE={0x14}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x8000)

442.100049ms ago: executing program 1:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x268, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x40, 0x2, [@TCA_FLOWER_KEY_ARP_OP={0x5}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_TCP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}]}}, @filter_kind_options=@f_route={{0xa}, {0x1d4, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x1b8, 0x6, [@m_ife={0xdc, 0x0, 0x0, 0x0, {{0x8}, {0x64, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x3c, 0x6, [@IFE_META_TCINDEX={0x6}, @IFE_META_PRIO={0x8}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x8}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8}]}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_PARMS={0x1c}]}, {0x53, 0x6, "68f33c84b776915719434abe46a9ad66388de7f727e754e0482910d008dee0199b585271d39abe13f7c59928211ea2eea798182b0caf370760e543f9c63a2fafb29bde21d4a4166ea1d1c4e6f61174"}, {0xc}, {0xc}}}, @m_nat={0xd8, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @loopback}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @rand_addr, @broadcast}}]}, {0x60, 0x6, "ef93daeef78df7f9a037a0d7a2f92a1cc341deabba437fc636cbf66a843bc4e0304e79be1f16cfa199b042be92c52b0490cb3ccc8a115bd7fba1ddd4a3ea8aa011548c0a44af30d92f016d58b7280bd34278777199f7793bcc30f7c7"}, {0xc}, {0xc}}}]}]}}]}, 0x268}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x36c}, {&(0x7f00000007c0)=""/154, 0xc0}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

388.35748ms ago: executing program 3:
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000080))
bind$rds(r1, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10)
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r1)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x20000010)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000280)={0x7, <r5=>0x0}, 0x8)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000002c0)=""/46, 0x2e}, {&(0x7f0000000300)=""/120, 0x78}], 0x2, 0x7fffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='host1x_syncpt_wait_check\x00', r2}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000540)={'syztnl0\x00', &(0x7f0000000480)={'syztnl1\x00', <r6=>0x0, 0x8000, 0x7800, 0x0, 0x1, {{0x19, 0x4, 0x3, 0x23, 0x64, 0x68, 0x0, 0x83, 0x6, 0x0, @loopback, @private=0xa010100, {[@lsrr={0x83, 0x2b, 0x36, [@multicast2, @broadcast, @broadcast, @local, @rand_addr=0x64010100, @multicast1, @private=0xa010101, @multicast1, @local, @multicast1]}, @timestamp_addr={0x44, 0xc, 0xc0, 0x1, 0xb, [{@loopback}]}, @end, @ssrr={0x89, 0x17, 0x1d, [@private=0xa010102, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @noop]}}}}})
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0xb8, 0x12, 0x4, 0x70bd25, 0x25dfdbfe, {0xd, 0xd7, 0xff, 0x0, {0x4e20, 0x4e22, [0x3, 0x6, 0x7, 0x100], [0x2, 0x101, 0x4a, 0x800], r6, [0x7, 0x7fff]}, 0x1ff, 0x3}, [@INET_DIAG_REQ_BYTECODE={0x69, 0x1, "f25d713b451763818a7456dfe3916fcbd467f49a12047fb038d5a2a109e5218a6a18953a4157a06dfa3409471369bbb2eb4613d4382353b49af6123c138538213242edf54785e2b99d56680966a17e4701f8b03b9ab9f0d2ed010499609e728c4162d907ed"}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000006c0), r7)
r8 = openat$cgroup_ro(r0, &(0x7f0000000700)='net_prio.prioidx\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x10, 0x22, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xd8000, 0x0, 0x0, 0x0, 0x4b1}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_fd={0x18, 0xb, 0x1, 0x0, r1}, @generic={0x20, 0x7, 0x7, 0xe6, 0x40}, @map_fd={0x18, 0x2, 0x1, 0x0, r2}, @map_fd={0x18, 0x3, 0x1, 0x0, r1}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @ldst={0x3, 0x2, 0x4, 0x8, 0x9, 0x6, 0xfffffffffffffff0}, @map_val={0x18, 0xb, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000880)='GPL\x00', 0x448, 0x0, 0x0, 0x40f00, 0x6, '\x00', r6, 0x29, r1, 0x8, &(0x7f00000008c0)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, r5, r2, 0x8, &(0x7f0000000900)=[r1], &(0x7f0000000940)=[{0x5, 0x4, 0x2, 0x5}, {0x5, 0x2, 0xf, 0x1}, {0x4, 0x1, 0x7}, {0x2, 0x4, 0xc, 0xb}, {0x4, 0x4, 0x3, 0xa}, {0x0, 0x2, 0xa, 0x7}, {0x2, 0x5, 0x0, 0x1}, {0x4, 0x5, 0xe, 0xa}], 0x10, 0x7}, 0x90)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000b00)={'wpan4\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000b40)={'wpan4\x00', <r12=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r9, &(0x7f0000000c00)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x30, r10, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r12}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x10000080)
syz_genetlink_get_family_id$nbd(&(0x7f0000000c40), r9)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000c80)={0x9}, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000cc0)={<r13=>0xffffffffffffffff})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000d00)={0x5}, 0x8)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), r1)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, &(0x7f0000000dc0)={'wlan1\x00', <r15=>0x0})
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x4c, r14, 0x10, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r15}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x44800)
write$cgroup_int(r8, &(0x7f0000000f00)=0x4, 0x12)
sendmsg$NL80211_CMD_SET_QOS_MAP(r7, &(0x7f0000001040)={&(0x7f0000000f40), 0xc, &(0x7f0000001000)={&(0x7f0000000f80)={0x58, 0x0, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x4, 0x3}, {0x6, 0x5}, {0x9, 0x6}, {0x80, 0x3}, {0xe5, 0x5}, {0x5, 0x6}, {0x6, 0x3}, {0xff, 0x5}, {0x80, 0x5}, {0x96, 0x4}, {0x20, 0x7}, {0x80, 0x6}, {0xc4, 0x6}, {0x3, 0x3}, {0x9, 0x1}], "ea21b6fe3d16c2b9"}}, @NL80211_ATTR_QOS_MAP={0x16, 0xc7, {[{0x4, 0x3}, {0x0, 0x7}, {0x34, 0x2}, {0x4, 0x5}, {0x4, 0x4}], "d76285fd0f671583"}}]}, 0x58}}, 0x880)

347.430212ms ago: executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a00)=@mangle={'mangle\x00', 0x44, 0x6, 0x4d8, 0x0, 0x388, 0x278, 0x1e0, 0x1e0, 0x468, 0x468, 0x468, 0x468, 0x468, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0xd}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @TTL={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

282.526449ms ago: executing program 3:
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000200000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r1, 0x0, 0x20000000}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYRES16, @ANYBLOB="02002dbd7000ffdbdf250a000000080001007063690011000200303030303a30303a31302e300000000008000300000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000300010000000e0001006e657464657673696d"], 0xd4}}, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x15, &(0x7f00000003c0)=@raw={'raw\x00', 0x4001, 0x3, 0x208, 0x180, 0x0, 0x148, 0x0, 0x148, 0x218, 0x240, 0x240, 0x218, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268)
sendmsg$inet(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000040)=0x193a, 0x4)
recvmmsg(r2, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)
r3 = accept(r2, &(0x7f0000000200)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, &(0x7f0000000280)=0x80)
setsockopt$CAIFSO_REQ_PARAM(r3, 0x116, 0x80, &(0x7f0000000640)="b3d84191ea4fd951d335cdc880dbeef4624a3638484de83207e803f22a5b8d336ada10acc2be288cd356f05037f40eb2c23458a6d630629ec5a5ba06ab18363006", 0x41)

278.920488ms ago: executing program 1:
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000082c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000000c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000003e00)={0xac, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x4a}, @NL80211_ATTR_CSA_IES={0x20, 0xb9, 0x0, 0x1, [@beacon_params, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x3ff, 0x81, 0xa0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x4}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x1, 0x5, 0x1]}]}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CSA_IES={0x24, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xc, 0xba, [0x0, 0xf801, 0x7ff, 0x20]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x12, 0xbb, [0x20, 0xbc, 0x5, 0xfffd, 0x20, 0x0, 0x0]}]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1b4}], @NL80211_ATTR_CSA_IES={0x8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x4}]]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fffffff}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5}]]}, 0xac}, 0x1, 0x0, 0x0, 0x40481}, 0x200448c0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f00000000c0), 0x4)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0xb8, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x82, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x6, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430"}, {0x0, 0x7, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a705"}, {}]}}}}}}, 0x0)
unshare(0x20000400)
r2 = socket(0x0, 0x803, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000180)={'gretap0\x00', &(0x7f0000000100)={'syztnl0\x00', <r3=>0x0, 0x40, 0x0, 0xde6a, 0x1f, {{0x16, 0x4, 0x1, 0x1, 0x58, 0x66, 0x0, 0x3, 0x4, 0x0, @loopback, @empty, {[@lsrr={0x83, 0x1f, 0x78, [@multicast2, @remote, @dev={0xac, 0x14, 0x14, 0x10}, @broadcast, @private=0xa010101, @local, @remote]}, @timestamp={0x44, 0x24, 0x78, 0x0, 0x9, [0xfffffff7, 0x8, 0x6, 0x5, 0x8, 0x462, 0x5, 0x80]}]}}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@can_delroute={0x9c, 0x19, 0x100, 0x70bd2a, 0x25dfdbff, {0x1d, 0x1, 0x5}, [@CGW_MOD_AND={0x15, 0x1, {{{0x3, 0x1, 0x1, 0x1}, 0x3, 0x1, 0x0, 0x0, "1abf5a8ef3c93a82"}, 0x5}}, @CGW_MOD_XOR={0x15, 0x3, {{{0x0, 0x1, 0x0, 0x1}, 0x1, 0x2, 0x0, 0x0, "9c993824cf7ca95e"}, 0x2}}, @CGW_MOD_SET={0x15, 0x4, {{{0x2, 0x1, 0x1}, 0x0, 0x3, 0x0, 0x0, "9305c840c763ca3d"}, 0x2}}, @CGW_MOD_AND={0x15, 0x1, {{{0x1, 0x1, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "a706a6a6ace989cd"}, 0x4}}, @CGW_MOD_OR={0x15, 0x2, {{{0x2, 0x0, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "db4421216a8fe8e6"}, 0x5}}, @CGW_LIM_HOPS={0x5, 0xd, 0x8}, @CGW_DST_IF={0x8, 0xa, r3}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="000000000000000018200000", @ANYRES32, @ANYBLOB="000000feffffffffffffff00fcffff51"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x63}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

226.697655ms ago: executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0) (async)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000200)={0x1d, r3}, 0x10)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xc, [@func={0xc, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x3e, 0x61, 0x61, 0x30, 0x61, 0x61, 0x2e, 0x61, 0x0, 0x50]}}, &(0x7f0000000280)=""/114, 0x30, 0x72, 0x1, 0x8}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x6, 0xff, 0x4, 0x0, 0x1, 0x0, '\x00', r3, r5, 0x1, 0x4, 0x2, 0x8}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) (async)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)={0x3c, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x3c}}, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendto(r8, &(0x7f0000000280), 0xffffffffffffffa3, 0x0, &(0x7f00000001c0)=@in, 0x80)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r6) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r6)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x44, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x25, 0x33, @action={{{}, {}, @device_b}, @addba_resp}}]}, 0x44}}, 0x0)

165.165801ms ago: executing program 3:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f00000001c0), 0x4)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x1, 0x7fff, 0x3, 0x80000000, 0x9e7})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_ARP_ALL_TARGETS={0x8, 0x1e}]}}}]}, 0x44}, 0x1, 0x2000000000000000}, 0x0)

148.174602ms ago: executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="00032bab120000000c0099"], 0x28}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$kcm(0x10, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
gettid()
sendmsg$DEVLINK_CMD_RELOAD(r3, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002f80), 0x0, 0x4008014)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xa00, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000010008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r4, 0x65, 0x2, &(0x7f0000000000)=0x5, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r5=>0x0})
bind$can_raw(r4, &(0x7f0000000140)={0x1d, r5}, 0x10)
bind$can_raw(r4, &(0x7f00000000c0), 0x10)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)

112.666767ms ago: executing program 2:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x6000, &(0x7f00000003c0)={&(0x7f0000000400)={0x38, 0xb, 0x6, 0x3, 0x0, 0x0, {0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}]}, 0x38}}, 0x0)

1.50044ms ago: executing program 3:
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x31, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
unshare(0x20000400)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002a00000084000000000000009500000000000000"], &(0x7f0000000100)='syzkaller\x00'}, 0x90)
socket$packet(0x11, 0x3, 0x300)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
connect$inet6(r1, &(0x7f00000004c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
getgid()
syz_emit_ethernet(0x10d, &(0x7f00000008c0)=ANY=[@ANYBLOB="000000000000aaaaaaaaaabb0004ab00099d21500017fdaf31536ae3a4f0fe077267921866e4dc7a8f41dc773c2f004fc3538ab7aecad295e280169efcbebd2917321e3f797ba618d5a84050129f4ba1fc7a2519b4d50da326c485babaa6195aeec5aefb85345638a8b9de8f0f82eeb157d3278ea6758de409ff6c3c12a69b1e140d62684ce3ac6d4af493fef7d2fb40ea1de2f02cf82ecfb913051ee19440ab173cfae67c9cd2641c7343a3c650fbdce72d43831477bdba3b3090567f60e09879bdfb35fcd9f0183f5e09943180acf09f53402ae08089d066864c392aa0baad770e8a3820f6e4c43a49364f843c3ff1c9db38fca3542dbe8c3eda057e95667e9aee091cebcabec206a93bd206703ccf254b3296a2715fc8c794f2379f275d84fb0bad"], &(0x7f0000000440)={0x1, 0x1, [0x22, 0x662, 0x156, 0x27d]})
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x11a, 0x0, 0x0, 0x0)
listen(r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
unshare(0x4000000)
setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x68, &(0x7f00000006c0), 0x4)
socket(0x0, 0x4, 0x400)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)

522.897µs ago: executing program 1:
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180200002020702500000000002020207b0af8ff00000000bda100000000000026010000f8ffffffb702000008000000b703000000000000850000004b00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, &(0x7f00000090c0)=[{{&(0x7f00000002c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)
vmsplice(r0, &(0x7f0000002480), 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @loopback}}, {{0xa, 0x4e24, 0x0, @empty}}}, 0x108)
socket$inet(0x2, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$phonet(0x23, 0x2, 0x1)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="1802000000000000000000000000181300000000", @ANYRES32=r3, @ANYRESHEX=r3], &(0x7f0000000280)='GPL\x00'}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001f00)=@bloom_filter={0x1e, 0x8, 0x7, 0x5, 0x8ae, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x220e, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x48)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0), 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, r3, 0x7fffffff, '\x00', 0x0, r5, 0x14, 0x0, 0x8}, 0x48)

0s ago: executing program 0:
r0 = socket$inet(0x2, 0x0, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GCAUSEDIAG(r1, 0x89e6, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000fc0)=0x1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, 0x0, 0x4040)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x28, r2, 0x300, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x8094)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @echo}}}}, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000108500000008000000bc0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x49}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000200)=0x8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2f}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x25, &(0x7f00000000c0)={r8, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

tdir1215790860/syzkaller.nC6ExD/296/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  336.213835][T15734] bridge0: entered promiscuous mode
[  336.390124][T15733] bridge0: left promiscuous mode
[  336.619997][   T29] audit: type=1804 audit(1718214234.231:104): pid=15760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3009446128/syzkaller.I7fkaZ/607/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  336.701153][ T5173] IPVS: starting estimator thread 0...
[  336.733908][T15765] tun0: tun_chr_ioctl cmd 2148553947
[  336.817355][T15766] IPVS: using max 18 ests per chain, 43200 per kthread
[  336.935339][T15769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.044081][T15782] bridge0: entered promiscuous mode
[  337.095136][T15786] __nla_validate_parse: 4 callbacks suppressed
[  337.095156][T15786] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  337.235719][T15781] bridge0: left promiscuous mode
[  337.280526][T15791] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'.
[  337.430811][   T29] audit: type=1804 audit(1718214235.051:105): pid=15797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3698369521/syzkaller.wuRKFq/64/memory.events" dev="sda1" ino=1967 res=1 errno=0
[  338.390226][   T29] audit: type=1804 audit(1718214236.011:106): pid=15829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3009446128/syzkaller.I7fkaZ/611/memory.events" dev="sda1" ino=1955 res=1 errno=0
[  338.726201][T15843] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  338.748530][T15843] netlink: 9348 bytes leftover after parsing attributes in process `syz-executor.1'.
[  338.766527][T15843] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  338.780611][T15848] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  338.805160][T15846] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  339.003650][T15857] netlink: 516 bytes leftover after parsing attributes in process `syz-executor.0'.
[  339.038887][T15857] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  339.114603][T15863] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  339.139331][T15863] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  339.158025][T15863] ipvlan1: entered promiscuous mode
[  339.183785][T15863] team0: Device ipvlan1 failed to register rx_handler
[  339.233895][   T29] audit: type=1804 audit(1718214236.851:107): pid=15875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3009446128/syzkaller.I7fkaZ/614/memory.events" dev="sda1" ino=1965 res=1 errno=0
[  339.307431][T15874] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  339.329706][T15874] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  339.371447][T15877] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.1'.
[  339.397744][T15877] tipc: Enabled bearer <eth:bridge0>, priority 16
[  339.436612][T15881] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  339.444850][T15881] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  339.478970][T15884] xt_CT: You must specify a L4 protocol and not use inversions on it
[  339.935244][   T29] audit: type=1804 audit(1718214237.551:108): pid=15906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3698369521/syzkaller.wuRKFq/70/memory.events" dev="sda1" ino=1958 res=1 errno=0
[  339.986406][ T5120] Bluetooth: hci3: command 0x0406 tx timeout
[  340.082061][T15907] delete_channel: no stack
[  340.325768][T15923] bridge0: port 3(team0) entered blocking state
[  340.336201][T15924] xt_CT: You must specify a L4 protocol and not use inversions on it
[  340.347945][T15923] bridge0: port 3(team0) entered disabled state
[  340.371976][   T29] audit: type=1107 audit(1718214237.971:109): pid=15926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='û§
[  340.371976][   T29] ã¿ÓªüU
[  340.371976][   T29] þ•JÌ�Ù$·SØ6C½T•ÿ²ƒAáºs
[  340.371976][   T29] 3ÁuÒ‘C$d{OGÍšŠïà*4îsÜÎÌtŽï�ûáíµÁ¡‰$ZøN»¤
[  340.371976][   T29] ðÙªÁã߯ᷯèB
[  340.371976][   T29] úÞ3‚�ënèÂ-#Úôq¶^vÚ_TPÚ„šP­5”–ÀùoeQ'
[  340.374994][T15923] team0: entered allmulticast mode
[  340.419369][T15923] team_slave_0: entered allmulticast mode
[  340.442253][T15923] team_slave_1: entered allmulticast mode
[  340.462197][T15923] team0: entered promiscuous mode
[  340.469290][T15923] team_slave_0: entered promiscuous mode
[  340.478971][T15923] team_slave_1: entered promiscuous mode
[  340.632417][T15941] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  340.742565][T15948] pim6reg: entered allmulticast mode
[  340.800142][T15954] nftables ruleset with unbound chain
[  340.948103][T15947] pim6reg: left allmulticast mode
[  341.087055][T15968] xt_CT: You must specify a L4 protocol and not use inversions on it
[  342.039029][T16005] xt_CT: You must specify a L4 protocol and not use inversions on it
[  342.451730][T16032] __nla_validate_parse: 2 callbacks suppressed
[  342.451763][T16032] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  342.452984][T16031] FAULT_INJECTION: forcing a failure.
[  342.452984][T16031] name failslab, interval 1, probability 0, space 0, times 0
[  342.538296][T16031] CPU: 0 PID: 16031 Comm: syz-executor.1 Not tainted 6.10.0-rc2-syzkaller-00724-g45403b12c29c #0
[  342.548887][T16031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  342.558986][T16031] Call Trace:
[  342.562294][T16031]  <TASK>
[  342.565251][T16031]  dump_stack_lvl+0x241/0x360
[  342.569994][T16031]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.575284][T16031]  ? __pfx__printk+0x10/0x10
[  342.579934][T16031]  ? netlink_insert+0x10b7/0x14b0
[  342.585007][T16031]  should_fail_ex+0x3b0/0x4e0
[  342.589725][T16031]  ? __alloc_skb+0x1c3/0x440
[  342.594348][T16031]  should_failslab+0x9/0x20
[  342.598896][T16031]  kmem_cache_alloc_node_noprof+0x71/0x320
[  342.604740][T16031]  __alloc_skb+0x1c3/0x440
[  342.609173][T16031]  ? __pfx___alloc_skb+0x10/0x10
[  342.614116][T16031]  ? netlink_autobind+0xd6/0x2f0
[  342.619060][T16031]  ? netlink_autobind+0x2b0/0x2f0
[  342.624105][T16031]  netlink_sendmsg+0x631/0xcb0
[  342.628907][T16031]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.634237][T16031]  ? aa_sock_msg_perm+0x91/0x160
[  342.639188][T16031]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  342.644587][T16031]  ? security_socket_sendmsg+0x87/0xb0
[  342.650093][T16031]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.655406][T16031]  __sock_sendmsg+0x221/0x270
[  342.660279][T16031]  sock_write_iter+0x2dd/0x400
[  342.665087][T16031]  ? __pfx_sock_write_iter+0x10/0x10
[  342.670395][T16031]  ? bpf_lsm_file_permission+0x9/0x10
[  342.675786][T16031]  ? security_file_permission+0x7f/0xa0
[  342.681473][T16031]  vfs_write+0xa72/0xc90
[  342.685732][T16031]  ? __pfx_sock_write_iter+0x10/0x10
[  342.691054][T16031]  ? __pfx_vfs_write+0x10/0x10
[  342.695852][T16031]  ksys_write+0x1a0/0x2c0
[  342.700236][T16031]  ? __pfx_ksys_write+0x10/0x10
[  342.705102][T16031]  ? do_syscall_64+0x100/0x230
[  342.709885][T16031]  ? do_syscall_64+0xb6/0x230
[  342.714574][T16031]  do_syscall_64+0xf3/0x230
[  342.719092][T16031]  ? clear_bhb_loop+0x35/0x90
[  342.723773][T16031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.729680][T16031] RIP: 0033:0x7f4428c7cea9
[  342.734104][T16031] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  342.753730][T16031] RSP: 002b:00007f4429a3a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  342.762155][T16031] RAX: ffffffffffffffda RBX: 00007f4428db3f80 RCX: 00007f4428c7cea9
[  342.770153][T16031] RDX: 000000000000033a RSI: 0000000020000040 RDI: 0000000000000003
[  342.778145][T16031] RBP: 00007f4429a3a120 R08: 0000000000000000 R09: 0000000000000000
[  342.786114][T16031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.794085][T16031] R13: 000000000000004d R14: 00007f4428db3f80 R15: 00007fff4395e9a8
[  342.802084][T16031]  </TASK>
[  343.464127][T16073] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  344.056184][T16109] netlink: 'syz-executor.0': attribute type 23 has an invalid length.
[  344.097815][T16109] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  344.137700][T16109] bridge0: port 3(gretap0) entered disabled state
[  344.144466][T16109] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.155502][T16113] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  344.171685][T16109] bridge0: entered promiscuous mode
[  344.231916][T16113] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  344.275908][T16113] vlan2: entered promiscuous mode
[  344.296850][T16113] ip6gretap0: entered promiscuous mode
[  344.340841][T16113] ip6gretap0: left promiscuous mode
[  344.524537][T16123] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  344.538547][T16126] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  344.612373][T16134] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  344.638235][T16134] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  344.689696][T16134] netlink: 191416 bytes leftover after parsing attributes in process `syz-executor.3'.
[  344.703368][T16134] netlink: zone id is out of range
[  344.915892][T16149] bridge0: entered promiscuous mode
[  345.227931][T16146] bridge0: left promiscuous mode
[  345.312018][T16170] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  345.353466][T16173] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  345.740095][T16199] netlink: 'syz-executor.0': attribute type 23 has an invalid length.
[  346.234153][T16217] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  346.243506][T16217] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  346.253104][T16217] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  346.262424][T16217] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  346.302957][T16225] FAULT_INJECTION: forcing a failure.
[  346.302957][T16225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.336144][T16225] CPU: 0 PID: 16225 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00724-g45403b12c29c #0
[  346.346714][T16225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  346.356810][T16225] Call Trace:
[  346.360125][T16225]  <TASK>
[  346.363089][T16225]  dump_stack_lvl+0x241/0x360
[  346.367830][T16225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.373085][T16225]  ? __pfx__printk+0x10/0x10
[  346.377727][T16225]  ? __pfx_lock_release+0x10/0x10
[  346.382803][T16225]  should_fail_ex+0x3b0/0x4e0
[  346.387529][T16225]  _copy_from_iter+0x1f6/0x1960
[  346.392419][T16225]  ? __virt_addr_valid+0x183/0x520
[  346.397556][T16225]  ? __pfx_lock_release+0x10/0x10
[  346.402597][T16225]  ? __alloc_skb+0x28f/0x440
[  346.407195][T16225]  ? __pfx__copy_from_iter+0x10/0x10
[  346.412494][T16225]  ? __virt_addr_valid+0x183/0x520
[  346.417634][T16225]  ? __virt_addr_valid+0x183/0x520
[  346.422775][T16225]  ? __virt_addr_valid+0x44e/0x520
[  346.427897][T16225]  ? __check_object_size+0x49c/0x900
[  346.433204][T16225]  netlink_sendmsg+0x743/0xcb0
[  346.437999][T16225]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.443301][T16225]  ? aa_sock_msg_perm+0x91/0x160
[  346.448250][T16225]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  346.453565][T16225]  ? security_socket_sendmsg+0x87/0xb0
[  346.459126][T16225]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.464442][T16225]  __sock_sendmsg+0x221/0x270
[  346.469248][T16225]  sock_write_iter+0x2dd/0x400
[  346.474073][T16225]  ? __pfx_sock_write_iter+0x10/0x10
[  346.479399][T16225]  do_iter_readv_writev+0x5a4/0x800
[  346.484624][T16225]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  346.490379][T16225]  ? bpf_lsm_file_permission+0x9/0x10
[  346.495770][T16225]  ? security_file_permission+0x7f/0xa0
[  346.501327][T16225]  ? rw_verify_area+0x1d2/0x6b0
[  346.506197][T16225]  vfs_writev+0x395/0xbe0
[  346.510571][T16225]  ? __pfx_vfs_writev+0x10/0x10
[  346.515436][T16225]  ? vfs_write+0x7c4/0xc90
[  346.519895][T16225]  ? __fget_files+0x29/0x470
[  346.524530][T16225]  do_writev+0x1b1/0x350
[  346.528877][T16225]  ? __pfx_do_writev+0x10/0x10
[  346.533650][T16225]  ? do_syscall_64+0x100/0x230
[  346.538456][T16225]  ? do_syscall_64+0xb6/0x230
[  346.543189][T16225]  do_syscall_64+0xf3/0x230
[  346.547728][T16225]  ? clear_bhb_loop+0x35/0x90
[  346.552423][T16225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.558350][T16225] RIP: 0033:0x7f4edd07cea9
[  346.562795][T16225] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  346.582593][T16225] RSP: 002b:00007f4edde000c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  346.591029][T16225] RAX: ffffffffffffffda RBX: 00007f4edd1b3f80 RCX: 00007f4edd07cea9
[  346.599012][T16225] RDX: 0000000000000001 RSI: 0000000020000300 RDI: 0000000000000003
[  346.606990][T16225] RBP: 00007f4edde00120 R08: 0000000000000000 R09: 0000000000000000
[  346.614989][T16225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.622976][T16225] R13: 000000000000000b R14: 00007f4edd1b3f80 R15: 00007fff0b62eef8
[  346.630975][T16225]  </TASK>
[  347.002019][T16249] x_tables: duplicate underflow at hook 4
[  348.029998][T16306] __nla_validate_parse: 5 callbacks suppressed
[  348.030019][T16306] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  349.020724][T16354] af_packet: tpacket_rcv: packet too big, clamped from 708 to 4294967272. macoff=96
[  349.215687][T16366] tun0: tun_chr_ioctl cmd 2148553947
[  349.408285][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  350.197908][ T5120] Bluetooth: hci0: command 0x0401 tx timeout
[  351.397558][T16471] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  352.048546][T16495] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  352.435928][T16526] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  352.696676][T16526] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  352.764347][T16543] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  352.947871][T16552] xt_hashlimit: invalid rate
[  353.101069][T16566] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  353.120554][T16567] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  353.155714][T16564] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  353.459515][T16582] delete_channel: no stack
[  353.784976][T16599] syz_tun: entered promiscuous mode
[  353.983515][T16599] syz_tun: left promiscuous mode
[  354.598287][T16629] netlink: 'syz-executor.4': attribute type 17 has an invalid length.
[  355.080154][T16658] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  355.324405][T16669] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  355.729320][T16697] sctp: [Deprecated]: syz-executor.4 (pid 16697) Use of int in max_burst socket option.
[  355.729320][T16697] Use struct sctp_assoc_value instead
[  355.880293][T16707] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.2'.
[  355.915417][T16707] Êü: entered promiscuous mode
[  356.139240][T16723] tipc: Started in network mode
[  356.145621][T16723] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  356.163853][T16723] tipc: Enabled bearer <udp:syz0>, priority 0
[  356.175442][T16725] sctp: [Deprecated]: syz-executor.2 (pid 16725) Use of int in max_burst socket option.
[  356.175442][T16725] Use struct sctp_assoc_value instead
[  356.333451][T16731] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  356.351971][T16731] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[  356.383612][T16731] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[  356.394511][T16733] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  356.404529][T16729] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  356.565924][T16736] syz_tun: entered promiscuous mode
[  356.571651][T16736] macvlan2: entered promiscuous mode
[  357.099894][T16761] syz_tun: entered promiscuous mode
[  357.117368][T16761] syz_tun: left promiscuous mode
[  357.276445][ T5173] tipc: Node number set to 4269801488
[  358.003830][T16802] x_tables: duplicate underflow at hook 3
[  358.330365][T16812] unsupported nlmsg_type 40
[  358.513596][T16820] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  358.584871][T16820] vlan2: entered promiscuous mode
[  358.605352][T16820] team0: entered promiscuous mode
[  358.616691][T16820] team_slave_0: entered promiscuous mode
[  358.629496][T16820] team_slave_1: entered promiscuous mode
[  358.658889][T16820] team0: left promiscuous mode
[  358.664113][T16820] team_slave_0: left promiscuous mode
[  358.671862][T16820] team_slave_1: left promiscuous mode
[  358.719785][T16828] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.1'.
[  359.050258][T16851] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  359.309845][T16863] syz_tun: entered promiscuous mode
[  359.338009][T16863] syz_tun: left promiscuous mode
[  359.419419][ T4491] Bluetooth: hci1: link tx timeout
[  359.425193][T16865] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  359.425229][T16865] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  359.437019][ T4491] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  359.465943][T16873] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  359.845794][T16889] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  359.955601][T16891] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  360.105745][T16900] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  360.754265][T16918] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  360.780243][T16918] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  360.860791][T16887] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  361.476939][ T4491] Bluetooth: hci1: command 0x0405 tx timeout
[  361.958684][T16987] Â: renamed from pim6reg1
[  362.868441][T17034] bridge2: entered promiscuous mode
[  362.873706][T17034] bridge2: entered allmulticast mode
[  363.467416][T17065] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  363.475732][   T29] audit: type=1804 audit(1718214261.081:110): pid=17065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3698369521/syzkaller.wuRKFq/138/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  363.523529][T17065] __nla_validate_parse: 6 callbacks suppressed
[  363.523553][T17065] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  363.535178][T17060] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  363.571205][T17065] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  363.572169][   T29] audit: type=1800 audit(1718214261.081:111): pid=17065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1964 res=0 errno=0
[  363.604326][T17065] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  363.616521][T17060] openvswitch: netlink: Key type 29 is not supported
[  363.858090][T17083] netlink: 'syz-executor.1': attribute type 64 has an invalid length.
[  363.902305][T17083] netlink: 164 bytes leftover after parsing attributes in process `syz-executor.1'.
[  364.521893][T17116] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  364.607440][T17116] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  364.637607][T17116] openvswitch: netlink: Key type 29 is not supported
[  364.725811][T17120] syzkaller0: entered promiscuous mode
[  364.748158][T17120] syzkaller0: entered allmulticast mode
[  364.880706][T17131] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'.
[  364.924278][T17131] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'.
[  365.106433][T17146] netlink: 'syz-executor.4': attribute type 33 has an invalid length.
[  365.131145][T17145] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  365.184145][T17145] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[  365.468241][T17156] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  366.597303][ T5120] Bluetooth: hci1: command 0x0405 tx timeout
[  368.592007][T17197] __nla_validate_parse: 2 callbacks suppressed
[  368.592039][T17197] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  368.613337][T17199] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 49 (only 8 groups)
[  368.645681][T17201] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  368.663847][T17201] netlink: 'syz-executor.3': attribute type 19 has an invalid length.
[  368.731833][T17208] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  368.801465][T17213] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  368.958278][T17223] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  369.001487][T17225] batadv0: entered promiscuous mode
[  369.039909][T17225] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  369.545803][T17254] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  369.566728][T17254] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes.
[  369.746485][T17262] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  369.945473][T17273] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  370.208571][T17273] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  370.228653][T17275] netlink: 'syz-executor.3': attribute type 21 has an invalid length.
[  370.247565][T17275] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  370.270917][T17279] netlink: 'syz-executor.3': attribute type 21 has an invalid length.
[  370.295025][T17279] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  370.313009][T17288] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  372.546032][T17401] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  372.591639][T17401] batman_adv: batadv0: Adding interface: team0
[  372.647398][T17401] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  372.736291][T17401] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  372.770031][T17400] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  373.545727][T17431] bond0: (slave wlan1): Releasing backup interface
[  373.585336][T17431] team0: Port device wlan1 added
[  373.619358][T17437] __nla_validate_parse: 10 callbacks suppressed
[  373.619381][T17437] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  373.844854][T17446] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  373.862764][T17449] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  373.907730][T17449] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  373.990006][T17451] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[  374.017432][T17451] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  374.301418][T17463] syzkaller0: entered promiscuous mode
[  374.317081][T17463] syzkaller0: entered allmulticast mode
[  374.382631][T17473] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  374.463796][T17473] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.493904][T17473] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.659831][T17476] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  374.670470][T17476] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  375.292431][T17492] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  375.365562][T17493] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  377.184658][T17495] netlink: 9412 bytes leftover after parsing attributes in process `syz-executor.3'.
[  377.500148][T17486] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  377.516542][T17497] netlink: 'syz-executor.3': attribute type 12 has an invalid length.
[  377.659925][T17504] pim6reg1: entered promiscuous mode
[  377.665285][T17504] pim6reg1: entered allmulticast mode
[  377.688034][T17505] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  377.696754][T17505] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.2'.
[  377.719224][T17504] x_tables: unsorted underflow at hook 3
[  378.162809][T17533] netlink: 'syz-executor.4': attribute type 12 has an invalid length.
[  378.471384][T17549] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  378.843324][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  378.850052][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  379.273385][T17594] __nla_validate_parse: 8 callbacks suppressed
[  379.273404][T17594] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  379.764734][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  379.948572][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  379.977437][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  380.185774][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  380.239488][T17618] vxlan1: entered promiscuous mode
[  380.252498][T17618] vxlan1: entered allmulticast mode
[  380.332700][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  380.348409][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  380.358634][T17604] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  380.403212][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  380.506045][T17613] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  381.222531][T17647] bridge1: port 1(bridge_slave_1) entered listening state
[  382.015491][T17699] tipc: Started in network mode
[  382.021871][T17699] tipc: Node identity 52e49b591647, cluster identity 4711
[  382.031302][T17699] tipc: Enabled bearer <eth:netdevsim0>, priority 0
[  383.158600][   T45] tipc: Node number set to 1151572825
[  383.798613][T17772] tipc: Enabled bearer <eth:netdevsim0>, priority 0
[  383.845916][T17781] IPVS: sync thread started: state = BACKUP, mcast_ifn = team0, syncid = 0, id = 0
[  383.869446][T17780] xt_TCPMSS: Only works on TCP SYN packets
[  384.029606][T17771] syzkaller1: entered promiscuous mode
[  384.042493][T17771] syzkaller1: entered allmulticast mode
[  384.770611][T17825] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  384.814956][T17830] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[  384.847768][T17830] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  384.878624][T17830] __nla_validate_parse: 5 callbacks suppressed
[  384.878642][T17830] netlink: 648 bytes leftover after parsing attributes in process `syz-executor.3'.
[  384.899535][T17825] team0: Port device netdevsim0 added
[  385.792350][T17871] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  385.875283][T17875] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  386.000409][T17822] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  386.137674][T17891] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  386.167853][T17891] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  386.329857][T17899] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  386.391500][T17899] vlan2: entered promiscuous mode
[  386.432259][T17899] team0: entered promiscuous mode
[  386.472903][T17899] team_slave_0: entered promiscuous mode
[  386.501805][T17899] team_slave_1: entered promiscuous mode
[  386.516297][T17899] mac80211_hwsim hwsim25 wlan1: entered promiscuous mode
[  386.552393][T17899] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  386.556155][T17910] IPVS: length: 79 != 24
[  386.594810][T17899] team0: left promiscuous mode
[  386.612861][T17899] team_slave_0: left promiscuous mode
[  386.641740][T17899] team_slave_1: left promiscuous mode
[  386.653236][T17899] mac80211_hwsim hwsim25 wlan1: left promiscuous mode
[  386.668808][T17899] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  387.014876][T17931] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.4'.
[  387.173105][   T29] audit: type=1804 audit(1718214284.791:112): pid=17939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3698369521/syzkaller.wuRKFq/183/cgroup.controllers" dev="sda1" ino=1945 res=1 errno=0
[  388.080680][T17984] team_slave_0: entered promiscuous mode
[  388.207460][T17946] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  388.489944][T17983] team_slave_0: left promiscuous mode
[  388.652103][T18012] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  389.173591][T18036] bridge0: entered promiscuous mode
[  389.491464][T18034] bridge0: left promiscuous mode
[  390.052176][T18080] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode active-backup(1)
[  391.255126][T18092] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  392.713097][T18148] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  392.745805][T18148] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  393.033519][T18162] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  393.583846][T18178] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  393.626083][T18178] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  393.660369][T18178] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  394.013406][T18195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.170399][T18202] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  394.202846][T18202] netlink: 'syz-executor.2': attribute type 39 has an invalid length.
[  394.249622][T18206] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  394.261823][T18206] netlink: 666 bytes leftover after parsing attributes in process `syz-executor.0'.
[  394.271841][T18160] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  394.289372][T18205] bridge2: port 1(gretap1) entered blocking state
[  394.311233][T18205] bridge2: port 1(gretap1) entered disabled state
[  394.321864][T18205] gretap1: entered allmulticast mode
[  394.334764][T18205] gretap1: entered promiscuous mode
[  394.359484][T18202] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  394.374988][T18202] netlink: 'syz-executor.2': attribute type 39 has an invalid length.
[  396.304473][T18245] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  396.351773][T18246] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  396.366533][T18246] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  396.584469][T18258] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'.
[  396.611451][T18258] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'.
[  396.798920][T18268] netlink: 220 bytes leftover after parsing attributes in process `syz-executor.2'.
[  398.389244][T18282] bond_slave_0: entered promiscuous mode
[  398.395489][T18282] bond_slave_1: entered promiscuous mode
[  398.491623][T18282] macsec1: entered allmulticast mode
[  398.511981][T18282] bond0: entered allmulticast mode
[  398.547500][T18282] bond_slave_0: entered allmulticast mode
[  398.553294][T18282] bond_slave_1: entered allmulticast mode
[  398.585256][T18282] bond0: left allmulticast mode
[  398.591481][T18282] bond_slave_0: left allmulticast mode
[  398.612521][T18282] bond_slave_1: left allmulticast mode
[  398.622708][T18282] bond_slave_0: left promiscuous mode
[  398.628224][T18282] bond_slave_1: left promiscuous mode
[  399.145208][T18305] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  399.236089][T18313] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  399.477695][T18326] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  399.489708][T18326] netlink: 59 bytes leftover after parsing attributes in process `syz-executor.4'.
[  399.647790][T18326] netlink: 59 bytes leftover after parsing attributes in process `syz-executor.4'.
[  399.690940][T18329] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  401.427759][T18413] __nla_validate_parse: 41 callbacks suppressed
[  401.427779][T18413] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  401.666065][T18422] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  401.673360][T18417] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1025 (only 8 groups)
[  401.694244][T18361] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  401.777124][T18422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  401.825879][T18422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.083664][T18429] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  402.250901][T18431] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  402.283832][T18431] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  402.495784][T18437] bridge_slave_1: left allmulticast mode
[  402.509639][T18437] bridge_slave_1: left promiscuous mode
[  402.539008][T18437] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.576762][T18437] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  403.691923][T18457] syzkaller0: entered promiscuous mode
[  403.703460][T18473] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  403.716691][T18457] syzkaller0: entered allmulticast mode
[  403.935633][ T7371] syzkaller0: tun_net_xmit 48
[  403.984489][T18453] syzkaller0: delete flow: hash 3697622770 index 1
[  404.584812][T18497] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  406.016483][T18474] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  406.530177][T18518] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  406.568368][T18518] bond1: entered promiscuous mode
[  406.576885][   T29] audit: type=1800 audit(1718214304.191:113): pid=18524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1951 res=0 errno=0
[  406.617061][T18526] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  406.630719][T18526] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  406.638097][T18526] IPv6: NLM_F_CREATE should be set when creating new route
[  406.645381][T18526] IPv6: NLM_F_CREATE should be set when creating new route
[  407.077967][T18550] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  407.105400][T18550] netlink: 120 bytes leftover after parsing attributes in process `syz-executor.0'.
[  407.442506][T18562] veth0_vlan: entered allmulticast mode
[  407.533819][T18562] infiniband syz0: set down
[  407.561639][T18559] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  407.701173][T18567] delete_channel: no stack
[  407.788511][T18576] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  407.806091][T18576] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  407.828660][T18576] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  407.851575][T18576] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  408.249431][T18611] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  408.566187][T18635] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  408.908299][T18642] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  409.608249][T18652] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[  410.022521][T18682] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  410.233970][T18692] netlink: 'syz-executor.2': attribute type 16 has an invalid length.
[  410.262873][T18692] netlink: 'syz-executor.2': attribute type 17 has an invalid length.
[  411.310308][T18726] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  411.541039][T18744] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  411.903210][T18763] syzkaller0: entered allmulticast mode
[  412.047673][T18764] tun0: tun_chr_ioctl cmd 2147767519
[  412.723380][ T7369] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.161901][T18761] syzkaller0: left allmulticast mode
[  413.163960][T18785] __nla_validate_parse: 1 callbacks suppressed
[  413.163978][T18785] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  413.229759][ T4491] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  413.240698][ T4491] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  413.249376][ T4491] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  413.281015][ T7369] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.301102][ T4491] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  413.310963][ T4491] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  413.319028][ T4491] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  413.404471][T18797] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  413.552134][ T7369] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.649509][ T7369] tipc: Resetting bearer <eth:netdevsim0>
[  413.772877][ T7369] tipc: Disabling bearer <eth:netdevsim0>
[  413.855099][ T7369] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.288002][ T7369] team0: left allmulticast mode
[  414.292916][ T7369] team_slave_0: left allmulticast mode
[  414.331529][ T7369] team_slave_1: left allmulticast mode
[  414.347685][ T7369] team0: left promiscuous mode
[  414.357991][ T7369] team_slave_0: left promiscuous mode
[  414.367792][ T7369] team_slave_1: left promiscuous mode
[  414.373581][ T7369] bridge0: port 3(team0) entered disabled state
[  414.422611][ T7369] bridge_slave_1: left allmulticast mode
[  414.448902][ T7369] bridge_slave_1: left promiscuous mode
[  414.467257][ T7369] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.528217][ T7369] bridge_slave_0: left allmulticast mode
[  414.533932][ T7369] bridge_slave_0: left promiscuous mode
[  414.568021][ T7369] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.212578][ T7369] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  415.387838][ T7369] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  415.396819][ T4491] Bluetooth: hci4: command tx timeout
[  415.408504][ T7369] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  415.423388][ T7369] bond0 (unregistering): Released all slaves
[  415.448928][T18802] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  415.524664][T18851] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  415.697286][ T7369] tipc: Disabling bearer <udp:syz0>
[  415.722574][ T7369] tipc: Left network mode
[  416.114390][T18787] chnl_net:caif_netlink_parms(): no params data found
[  416.642154][T18896] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  416.692852][T18787] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.720231][T18787] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.738470][T18787] bridge_slave_0: entered allmulticast mode
[  416.758563][T18787] bridge_slave_0: entered promiscuous mode
[  416.794584][T18787] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.817321][T18787] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.844930][T18787] bridge_slave_1: entered allmulticast mode
[  416.866192][T18787] bridge_slave_1: entered promiscuous mode
[  416.909074][ T7369] hsr_slave_0: left promiscuous mode
[  416.936972][ T7369] hsr_slave_1: left promiscuous mode
[  416.944349][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  416.952036][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.961833][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.971369][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_1
[  417.002816][ T7369] veth1_macvtap: left promiscuous mode
[  417.009542][ T7369] veth0_macvtap: left promiscuous mode
[  417.015182][ T7369] veth1_vlan: left promiscuous mode
[  417.021769][ T7369] veth0_vlan: left promiscuous mode
[  417.476421][ T4491] Bluetooth: hci4: command tx timeout
[  417.792965][ T7369] team0 (unregistering): Port device team_slave_1 removed
[  417.843437][ T7369] team0 (unregistering): Port device team_slave_0 removed
[  418.448740][T18929] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  418.569606][T18787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.637761][T18787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.932243][T18787] team0: Port device team_slave_0 added
[  418.975493][T18787] team0: Port device team_slave_1 added
[  419.118970][T18948] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  419.151433][T18787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.178927][T18787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.212360][T18787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.234583][T18787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.241754][T18787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.279923][T18787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.360462][ T5120] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  419.381355][ T5120] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  419.390591][ T5120] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  419.412256][ T5120] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  419.421525][ T5120] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  419.440053][ T5120] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  419.514935][T18787] hsr_slave_0: entered promiscuous mode
[  419.522089][T18787] hsr_slave_1: entered promiscuous mode
[  419.556475][ T4491] Bluetooth: hci4: command tx timeout
[  419.716115][ T7369] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  419.728211][ T7369] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.852519][ T7369] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  419.870198][ T7369] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.984201][T18973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  420.030833][ T7369] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  420.060405][ T7369] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.459175][T18983] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  420.489886][ T7369] gretap0: left allmulticast mode
[  420.495053][ T7369] gretap0: left promiscuous mode
[  420.503866][ T7369] bridge0: port 3(gretap0) entered disabled state
[  420.513461][ T7369] bridge_slave_0: left allmulticast mode
[  420.519306][ T7369] bridge_slave_0: left promiscuous mode
[  420.525113][ T7369] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.575290][ T7369] veth1_to_bond: left allmulticast mode
[  420.594233][ T7369] veth1_to_bond: left promiscuous mode
[  420.614089][ T7369] bridge3: port 1(veth1_to_bond) entered disabled state
[  420.729586][T18991] xt_NFQUEUE: number of total queues is 0
[  421.144859][ T7369] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  421.480249][ T4491] Bluetooth: hci2: command tx timeout
[  421.569722][ T7369] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.582123][ T7369] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.595027][ T7369] bond0 (unregistering): Released all slaves
[  421.610127][ T7369] bond1 (unregistering): Released all slaves
[  421.636438][ T4491] Bluetooth: hci4: command tx timeout
[  421.662105][T18989] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  421.821206][T18958] chnl_net:caif_netlink_parms(): no params data found
[  421.858300][T19002] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'.
[  421.897120][T19002] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  421.917585][T19002] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  422.099723][T18787] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  422.115558][T18787] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  422.249887][T19017] veth1_macvtap: left allmulticast mode
[  422.255750][T19017] veth1_macvtap: left promiscuous mode
[  422.296594][T19017] bridge0: port 2(macsec0) entered disabled state
[  422.344586][T18787] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  422.414629][T19013] veth1_macvtap: entered promiscuous mode
[  422.424346][T19013] veth1_macvtap: entered allmulticast mode
[  422.455319][T19013] bridge0: port 2(macsec0) entered blocking state
[  422.462006][T19013] bridge0: port 2(macsec0) entered forwarding state
[  422.563476][T18787] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  422.689287][T18958] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.707066][T18958] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.714320][T18958] bridge_slave_0: entered allmulticast mode
[  422.738987][T18958] bridge_slave_0: entered promiscuous mode
[  422.752830][T18958] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.760304][T18958] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.767859][T18958] bridge_slave_1: entered allmulticast mode
[  422.775173][T18958] bridge_slave_1: entered promiscuous mode
[  422.812291][T19023] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  422.859328][T19016] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  423.139293][T18958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  423.188024][T18958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  423.204981][T19033] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  423.457774][T18958] team0: Port device team_slave_0 added
[  423.512263][ T7369] hsr_slave_0: left promiscuous mode
[  423.521263][ T7369] hsr_slave_1: left promiscuous mode
[  423.529359][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_0
[  423.539559][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  423.547792][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_1
[  423.559962][ T4491] Bluetooth: hci2: command tx timeout
[  423.574487][ T7369] veth0_macvtap: left promiscuous mode
[  423.581175][ T7369] veth1_vlan: left promiscuous mode
[  423.856502][ T7371] smc: removing ib device syz0
[  424.106050][ T7369] team0 (unregistering): Port device team_slave_1 removed
[  424.149586][ T7369] team0 (unregistering): Port device team_slave_0 removed
[  424.587680][T18958] team0: Port device team_slave_1 added
[  424.952862][T18958] batman_adv: batadv0: Adding interface: batadv_slave_0
[  424.965490][T18958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.004021][T18958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  425.061268][T19045] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  425.187424][T18958] batman_adv: batadv0: Adding interface: batadv_slave_1
[  425.194434][T18958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.224347][T18958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  425.632240][T18958] hsr_slave_0: entered promiscuous mode
[  425.640301][ T4491] Bluetooth: hci2: command tx timeout
[  425.659771][T18958] hsr_slave_1: entered promiscuous mode
[  425.701046][T18958] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  425.721809][T18958] Cannot create hsr debugfs directory
[  425.793846][T18787] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.047542][T18787] 8021q: adding VLAN 0 to HW filter on device team0
[  426.158173][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.165305][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.195036][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.202271][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state
[  426.620881][T19066] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  426.941745][T18787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.130310][T18958] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  427.145776][T18787] veth0_vlan: entered promiscuous mode
[  427.164502][T18958] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  427.181136][T18787] veth1_vlan: entered promiscuous mode
[  427.189234][T18958] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  427.205539][T18958] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  427.372817][T18787] veth0_macvtap: entered promiscuous mode
[  427.393013][T18787] veth1_macvtap: entered promiscuous mode
[  427.453249][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.464307][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.478723][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.489982][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.501684][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.514801][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.532337][T18787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  427.550310][T19088] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  427.564257][T18958] 8021q: adding VLAN 0 to HW filter on device bond0
[  427.591494][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.604621][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.615491][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.651262][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.684473][T18787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.703754][T18787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.717929][T18787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  427.721171][ T4491] Bluetooth: hci2: command tx timeout
[  427.752361][T19094] Bluetooth: hci0: load_link_keys: too big key_count value 17408
[  427.756125][T18958] 8021q: adding VLAN 0 to HW filter on device team0
[  427.777490][T18787] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  427.786851][T18787] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  427.795570][T18787] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  427.809559][T18787] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  427.832143][T19092] vxcan3: entered promiscuous mode
[  427.838696][T19092] vxcan3: entered allmulticast mode
[  427.887173][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.894362][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state
[  427.904558][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.911760][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state
[  428.064318][T19099] netdevsim netdevsim1 netdevsim0: Caught tx_queue_len zero misconfig
[  428.270396][ T7371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.301849][ T7371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.432205][ T7352] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.451182][ T7352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  428.530178][ T7369] IPVS: stop unused estimator thread 0...
[  428.810331][T18958] 8021q: adding VLAN 0 to HW filter on device batadv0
[  428.838257][T19097] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  428.863503][T19115] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  429.059770][T18958] veth0_vlan: entered promiscuous mode
[  429.159258][T19102] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  429.231339][T18958] veth1_vlan: entered promiscuous mode
[  429.434383][T18958] veth0_macvtap: entered promiscuous mode
[  429.468719][T18958] veth1_macvtap: entered promiscuous mode
[  429.531132][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  429.554778][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.579948][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  429.605757][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.630408][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  429.643542][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.653489][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  429.664187][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.676687][T18958] batman_adv: batadv0: Interface activated: batadv_slave_0
[  429.688651][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  429.702646][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.713915][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  429.726501][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.736572][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  429.747556][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.757699][T18958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  429.759890][T19139] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  429.768282][T18958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.770109][T18958] batman_adv: batadv0: Interface activated: batadv_slave_1
[  429.786246][T19139] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  429.814818][T19139] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  429.912981][T18958] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  429.929031][T18958] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  429.938292][T18958] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  429.953451][T18958] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  429.991530][T19145] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  430.291409][ T7369] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  430.322315][ T7371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  430.322889][ T7369] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.339099][ T7371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  431.207517][T19180] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  431.237395][T19180] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  431.267073][T19180] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.4'.
[  431.408118][T19190] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  431.418626][T19185] xt_cluster: node mask cannot exceed total number of nodes
[  431.821105][T19201] FAULT_INJECTION: forcing a failure.
[  431.821105][T19201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.846665][T19201] CPU: 0 PID: 19201 Comm: syz-executor.2 Not tainted 6.10.0-rc2-syzkaller-00724-g45403b12c29c #0
[  431.857236][T19201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  431.867320][T19201] Call Trace:
[  431.868859][T19177] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  431.870623][T19201]  <TASK>
[  431.882952][T19201]  dump_stack_lvl+0x241/0x360
[  431.887678][T19201]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.892913][T19201]  ? __pfx__printk+0x10/0x10
[  431.897557][T19201]  ? snprintf+0xda/0x120
[  431.901843][T19201]  should_fail_ex+0x3b0/0x4e0
[  431.906657][T19201]  _copy_to_user+0x2f/0xb0
[  431.911117][T19201]  simple_read_from_buffer+0xca/0x150
[  431.916542][T19201]  proc_fail_nth_read+0x1e9/0x250
[  431.921633][T19201]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.927221][T19201]  ? rw_verify_area+0x514/0x6b0
[  431.932130][T19201]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  431.937714][T19201]  vfs_read+0x204/0xbd0
[  431.941900][T19201]  ? __pfx_lock_release+0x10/0x10
[  431.946964][T19201]  ? __pfx_vfs_read+0x10/0x10
[  431.951678][T19201]  ? __fget_files+0x29/0x470
[  431.956417][T19201]  ? __fget_files+0x3f6/0x470
[  431.961136][T19201]  ksys_read+0x1a0/0x2c0
[  431.965406][T19201]  ? __pfx_ksys_read+0x10/0x10
[  431.970196][T19201]  ? do_syscall_64+0x100/0x230
[  431.974974][T19201]  ? do_syscall_64+0xb6/0x230
[  431.979678][T19201]  do_syscall_64+0xf3/0x230
[  431.984197][T19201]  ? clear_bhb_loop+0x35/0x90
[  431.988896][T19201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.994797][T19201] RIP: 0033:0x7f473fa7bb4c
[  431.999235][T19201] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48
[  432.018958][T19201] RSP: 002b:00007f474077f0c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  432.027395][T19201] RAX: ffffffffffffffda RBX: 00007f473fbb3f80 RCX: 00007f473fa7bb4c
[  432.035368][T19201] RDX: 000000000000000f RSI: 00007f474077f130 RDI: 0000000000000006
[  432.043339][T19201] RBP: 00007f474077f120 R08: 0000000000000000 R09: 0000000000000000
[  432.051321][T19201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.059398][T19201] R13: 000000000000000b R14: 00007f473fbb3f80 R15: 00007ffe2fcf8d38
[  432.067391][T19201]  </TASK>
[  432.181384][T19155] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  432.674990][T19229] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  432.717069][T19229] netlink: 203156 bytes leftover after parsing attributes in process `syz-executor.4'.
[  432.994882][T19244] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  433.004318][T19244] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  433.015344][T19244] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  433.401506][T19273] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  433.439382][T19273] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.1'.
[  433.539986][T19256] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  433.919616][T19295] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  433.936976][T19295] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  433.996974][T19295] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  434.267210][T19262] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  434.657387][T19332] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  434.714092][T19335] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  434.731735][T19335] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.3'.
[  434.769387][T19337] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  434.808785][T19337] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  435.434425][T19380] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  435.456827][T19380] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  435.769053][T19398] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  436.174901][T19420] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  436.190278][T19420] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  436.226924][T19422] nbd: must specify at least one socket
[  436.249840][T19422] nbd: must specify an index to disconnect
[  440.285597][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  440.292557][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  443.208221][T19453] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  443.237367][T19453] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  443.261371][T19453] __nla_validate_parse: 11 callbacks suppressed
[  443.261392][T19453] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.0'.
[  443.599729][T19474] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  444.005374][T19498] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  444.027512][T19504] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  444.035661][T19504] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  444.060465][T19504] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  444.224291][T19507] sctp: [Deprecated]: syz-executor.0 (pid 19507) Use of int in max_burst socket option deprecated.
[  444.224291][T19507] Use struct sctp_assoc_value instead
[  444.476082][T19526] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  444.654335][T19540] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  444.673744][T19540] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  444.699751][T19540] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  445.118424][T19569] sctp: [Deprecated]: syz-executor.2 (pid 19569) Use of int in max_burst socket option deprecated.
[  445.118424][T19569] Use struct sctp_assoc_value instead
[  445.351519][T19582] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  445.602746][T19603] bridge0: entered promiscuous mode
[  445.944068][T19595] bridge0: left promiscuous mode
[  446.175938][T19641] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  446.222626][T19645] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.1'.
[  446.223065][T19640] sctp: [Deprecated]: syz-executor.0 (pid 19640) Use of int in max_burst socket option deprecated.
[  446.223065][T19640] Use struct sctp_assoc_value instead
[  446.273509][T19645] bond0: entered promiscuous mode
[  446.298847][T19645] bond_slave_0: entered promiscuous mode
[  446.325800][T19645] bond_slave_1: entered promiscuous mode
[  446.343118][T19645] bridge0: entered promiscuous mode
[  446.427978][T19651] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  446.612329][T19634] bond0: left promiscuous mode
[  446.637301][T19634] bond_slave_0: left promiscuous mode
[  446.643002][T19634] bond_slave_1: left promiscuous mode
[  446.666051][T19634] bridge0: left promiscuous mode
[  446.730244][T19667] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  446.752810][T19667] vlan2: entered promiscuous mode
[  446.776632][T19667] team0: entered promiscuous mode
[  446.783681][T19667] team_slave_0: entered promiscuous mode
[  446.806723][T19667] team_slave_1: entered promiscuous mode
[  446.821624][T19667] team0: left promiscuous mode
[  446.830191][T19667] team_slave_0: left promiscuous mode
[  446.840453][T19667] team_slave_1: left promiscuous mode
[  446.929610][T19673] team0: entered promiscuous mode
[  446.939262][T19673] team_slave_0: entered promiscuous mode
[  446.947086][T19673] team_slave_1: entered promiscuous mode
[  446.955289][T19673] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  446.978171][T19673] team0: left promiscuous mode
[  446.993218][T19673] team_slave_0: left promiscuous mode
[  447.007368][T19673] team_slave_1: left promiscuous mode
[  447.051743][T19681] bridge0: entered promiscuous mode
[  447.295261][T19680] bridge0: left promiscuous mode
[  447.590107][T19711] sctp: [Deprecated]: syz-executor.3 (pid 19711) Use of int in max_burst socket option deprecated.
[  447.590107][T19711] Use struct sctp_assoc_value instead
[  448.468947][T19753] __nla_validate_parse: 2 callbacks suppressed
[  448.468966][T19753] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  448.881591][T19779] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.981547][T19785] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  448.998892][T19785] ip6tnl1: entered promiscuous mode
[  449.004384][T19785] ip6tnl1: entered allmulticast mode
[  449.232247][   T29] audit: type=1804 audit(1718214346.851:114): pid=19798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir947645878/syzkaller.UnCKV1/265/cgroup.controllers" dev="sda1" ino=1950 res=1 errno=0
[  449.345559][T19802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.423689][T19807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.509937][T19807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.528681][T19815] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  449.670716][T19817] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  449.702424][T19817] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.3'.
[  450.138250][T19825] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  450.157886][T19825] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  450.177855][T19825] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.4'.
[  450.188693][ T5120] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  450.199767][ T5120] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  450.208579][ T5120] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  450.224644][ T5120] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  450.234196][ T5120] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  450.241782][ T5120] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  450.473733][ T2910] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.741493][ T2910] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.872649][T19859] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  450.907154][T19857] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  450.932019][T19857] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.3'.
[  450.969089][ T2910] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.064798][T19867] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  451.097821][T19867] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  451.120744][T19867] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.2'.
[  451.341315][ T2910] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.663510][T19828] chnl_net:caif_netlink_parms(): no params data found
[  451.881184][ T2910] bridge_slave_1: left allmulticast mode
[  451.921007][ T2910] bridge_slave_1: left promiscuous mode
[  451.977029][ T2910] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.150457][ T2910] bridge_slave_0: left allmulticast mode
[  452.180891][ T2910] bridge_slave_0: left promiscuous mode
[  452.237201][ T2910] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.276571][ T5120] Bluetooth: hci2: command tx timeout
[  453.093119][ T2910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.105215][ T2910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  453.117937][ T2910] bond0 (unregistering): Released all slaves
[  453.142383][T19900] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  453.375178][T19918] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  453.389347][T19918] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  453.432533][T19828] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.452710][T19828] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.466527][T19828] bridge_slave_0: entered allmulticast mode
[  453.491050][T19828] bridge_slave_0: entered promiscuous mode
[  453.508915][T19921] IPVS: Unknown mcast interface: vcan0
[  453.518080][T19923] __nla_validate_parse: 2 callbacks suppressed
[  453.518100][T19923] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  453.566743][T19828] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.584356][T19828] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.603552][T19828] bridge_slave_1: entered allmulticast mode
[  453.615454][T19828] bridge_slave_1: entered promiscuous mode
[  453.624855][T19916] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  453.931150][T19828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  454.020168][ T2910] hsr_slave_0: left promiscuous mode
[  454.032746][ T2910] hsr_slave_1: left promiscuous mode
[  454.050978][ T2910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  454.061474][ T2910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  454.070563][ T2910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  454.087265][ T2910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.151684][ T2910] veth1_macvtap: left promiscuous mode
[  454.157635][ T2910] veth0_macvtap: left promiscuous mode
[  454.163431][ T2910] veth1_vlan: left promiscuous mode
[  454.169074][ T2910] veth0_vlan: left promiscuous mode
[  454.357949][ T5120] Bluetooth: hci2: command tx timeout
[  454.985401][ T2910] team0 (unregistering): Port device team_slave_1 removed
[  455.035684][ T2910] team0 (unregistering): Port device team_slave_0 removed
[  455.518163][T19828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  455.591983][T19943] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  455.615526][T19950] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  455.692713][T19828] team0: Port device team_slave_0 added
[  455.734751][T19828] team0: Port device team_slave_1 added
[  455.739882][T19956] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  455.766923][T19956] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  455.781306][T19956] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  455.899793][T19828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.919360][T19828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.976325][T19828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  456.012414][T19828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  456.039647][T19828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  456.077025][T19828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  456.279137][T19828] hsr_slave_0: entered promiscuous mode
[  456.286722][T19828] hsr_slave_1: entered promiscuous mode
[  456.293320][T19828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  456.301097][T19828] Cannot create hsr debugfs directory
[  456.323182][T19954] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  456.438259][ T5120] Bluetooth: hci2: command tx timeout
[  457.137507][T19992] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  457.145614][T19996] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  457.165245][T19996] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  457.175749][T19996] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  457.512705][T20012] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  457.570490][T19828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  457.594625][T19828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  457.633659][T20012] vlan3: entered promiscuous mode
[  457.640728][T20012] veth1: entered promiscuous mode
[  457.646122][T20012] vlan3: entered allmulticast mode
[  457.652907][T20012] veth1: entered allmulticast mode
[  457.663989][T20012] veth1: left allmulticast mode
[  457.670280][T20012] veth1: left promiscuous mode
[  457.746373][T19828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  457.761338][T19828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  458.042078][T20034] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  458.092509][T19828] 8021q: adding VLAN 0 to HW filter on device bond0
[  458.142840][T19828] 8021q: adding VLAN 0 to HW filter on device team0
[  458.159648][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.166840][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state
[  458.199025][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.206317][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state
[  458.317994][T19828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  458.516888][ T5120] Bluetooth: hci2: command tx timeout
[  458.563058][T20029] __nla_validate_parse: 1 callbacks suppressed
[  458.563081][T20029] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  458.653724][T20051] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  458.669751][T20051] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  458.689699][T20051] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  458.718747][T19828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  458.982399][T19828] veth0_vlan: entered promiscuous mode
[  459.060855][T19828] veth1_vlan: entered promiscuous mode
[  459.172535][T19828] veth0_macvtap: entered promiscuous mode
[  459.202143][T19828] veth1_macvtap: entered promiscuous mode
[  459.260286][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  459.302250][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.320828][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  459.344095][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.370021][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  459.381220][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.391503][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  459.402857][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.415045][T19828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  459.452970][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  459.465438][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.479307][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  459.498761][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.511465][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  459.522801][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.532766][T19828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  459.543331][T19828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  459.577570][T19828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  459.620355][T19828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  459.643400][T19828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  459.659901][T20086] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  459.668482][T19828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  459.677311][T20086] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  459.685420][T20086] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  459.695119][T19828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  459.715093][T20087] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  459.955421][ T2910] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  459.981145][ T2910] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  460.071027][ T7371] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  460.095606][ T7371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  460.637131][T20128] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  460.645409][T20128] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  460.654197][T20128] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  460.744049][T20133] bridge0: entered promiscuous mode
[  460.806872][T20136] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  460.890701][T20104] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  460.924022][T20131] bridge0: left promiscuous mode
[  461.595310][T20169] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  461.605313][T20169] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  461.619254][T20169] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  461.708297][T20174] bridge0: entered promiscuous mode
[  461.722817][T20171] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  461.839309][T20173] bridge0: left promiscuous mode
[  461.853794][T20179] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  462.604282][T20217] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  462.631758][T20217] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  462.843641][T20226] bridge0: entered promiscuous mode
[  463.054588][T20225] bridge0: left promiscuous mode
[  463.265704][T20247] Bluetooth: hci3: unsupported parameter 64512
[  463.296550][T20247] Bluetooth: hci3: invalid len left 4, exp >= 120
[  463.631894][T20271] __nla_validate_parse: 33 callbacks suppressed
[  463.631919][T20271] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  463.998276][T20278] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  464.184235][T20287] bridge0: entered promiscuous mode
[  464.271816][T20263] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  464.356079][T20286] bridge0: left promiscuous mode
[  464.373869][T20273] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  465.182737][T20328] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  465.451065][T20341] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  466.023094][T20367] syz-executor.2[20367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  466.023485][T20367] syz-executor.2[20367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  466.201771][T20349] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  467.465640][T20436] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'.
[  467.477662][T20437] netlink: 'syz-executor.2': attribute type 62 has an invalid length.
[  468.042928][T20446] netlink: 'syz-executor.4': attribute type 20 has an invalid length.
[  468.230057][T20439] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  468.857632][T20485] IPVS: Scheduler module ip_vs_sip not found
[  468.874985][T20494] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  468.908457][T20488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  468.921302][T20494] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  468.945840][T20494] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.4'.
[  468.960019][T20488] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  469.598172][T20527] bridge4: entered promiscuous mode
[  469.606837][T20527] bridge4: entered allmulticast mode
[  469.802256][T20533] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  470.035574][T20543] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  470.054615][T20543] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  470.074894][T20543] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  470.094149][T20515] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  470.185990][T20551] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  470.207371][T20551] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.1'.
[  470.429993][T20561] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  470.453678][T20559] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  471.078473][T20585] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  471.099579][T20585] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  471.114295][T20585] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  471.569912][T20611] bridge0: entered promiscuous mode
[  471.776527][T20610] bridge0: left promiscuous mode
[  471.900822][T20627] netlink: set zone limit has 8 unknown bytes
[  472.032511][T20589] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  472.291394][T20640] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  472.652391][T20657] bridge0: entered promiscuous mode
[  473.014934][T20656] bridge0: left promiscuous mode
[  473.248060][T20678] validate_nla: 1 callbacks suppressed
[  473.248089][T20678] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  473.296386][T20678] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  473.394185][T20687] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  473.965820][T20692] __nla_validate_parse: 5 callbacks suppressed
[  473.965840][T20692] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  474.175404][T20713] bridge0: entered promiscuous mode
[  474.213335][T20715] mac80211_hwsim hwsim40 wlan0: entered promiscuous mode
[  474.231315][T20715] macvlan2: entered promiscuous mode
[  474.394959][T20712] bridge0: left promiscuous mode
[  474.423918][T20722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  474.436512][T20721] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  474.453848][T20721] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  474.476915][T20721] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.0'.
[  474.908346][T20747] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  474.931105][T20747] netlink: 101600 bytes leftover after parsing attributes in process `syz-executor.2'.
[  475.094482][T20751] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  475.268973][T20762] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  475.314434][T20765] bridge0: entered promiscuous mode
[  475.456939][T20763] bridge0: left promiscuous mode
[  475.514893][T20753] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  475.540074][T20772] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  475.548916][T20772] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  475.557344][T20772] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  475.928816][T20775] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  475.987512][T20783] tap0: tun_chr_ioctl cmd 1074025677
[  476.003412][T20783] tap0: linktype set to 769
[  476.190435][T20783] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  476.315469][T20798] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  476.402523][T20799] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  476.414193][T20802] bridge0: entered promiscuous mode
[  476.542896][T20800] bridge0: left promiscuous mode
[  476.748013][T20812] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  477.170014][T20827] syzkaller0: entered allmulticast mode
[  477.275342][T20827] pim6reg1: entered promiscuous mode
[  477.293781][T20827] pim6reg1: entered allmulticast mode
[  478.013005][T20850] bridge_slave_1: left allmulticast mode
[  478.045527][T20850] bridge_slave_1: left promiscuous mode
[  478.063167][T20850] bridge1: port 1(bridge_slave_1) entered disabled state
[  478.113877][T20850] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  478.178522][T20850] IPVS: stopping master sync thread 19045 ...
[  478.743149][T20887] bridge0: entered promiscuous mode
[  478.938611][T20886] bridge0: left promiscuous mode
[  479.027330][T20899] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  479.101446][T20901] validate_nla: 6 callbacks suppressed
[  479.101470][T20901] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  479.159676][ T7371] wlan1: Trigger new scan to find an IBSS to join
[  479.168277][T20901] bond2: entered promiscuous mode
[  479.280308][T20901] 8021q: adding VLAN 0 to HW filter on device bond3
[  479.296734][T20901] bond2: (slave bond3): Enslaving as an active interface with a down link
[  479.305440][T20906] __nla_validate_parse: 6 callbacks suppressed
[  479.305459][T20906] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  479.371744][T20906] bond2 (unregistering): (slave bond3): Releasing active interface
[  479.408791][T20906] bond2 (unregistering): Released all slaves
[  479.443553][   T29] audit: type=1800 audit(1718214377.061:115): pid=20921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1949 res=0 errno=0
[  479.527508][T20925] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  479.531805][   T29] audit: type=1804 audit(1718214377.091:116): pid=20921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1572703615/syzkaller.ojlxYy/40/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  479.578215][   T29] audit: type=1804 audit(1718214377.101:117): pid=20921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1572703615/syzkaller.ojlxYy/40/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  479.608539][   T29] audit: type=1804 audit(1718214377.101:118): pid=20921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1572703615/syzkaller.ojlxYy/40/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  479.649069][T20923] sch_fq: defrate 0 ignored.
[  479.655541][   T29] audit: type=1804 audit(1718214377.191:119): pid=20928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1572703615/syzkaller.ojlxYy/40/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  479.689416][   T29] audit: type=1804 audit(1718214377.191:120): pid=20928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1572703615/syzkaller.ojlxYy/40/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  479.732824][T20929] bridge0: entered promiscuous mode
[  479.784663][T20925] bond6: (slave vcan1): The slave device specified does not support setting the MAC address
[  479.807924][T20925] bond6: (slave vcan1): Setting fail_over_mac to active for active-backup mode
[  479.858925][T20925] bond6: (slave vcan1): making interface the new active one
[  479.897849][T20925] bond6: (slave vcan1): Enslaving as an active interface with an up link
[  479.963569][T20926] bridge0: left promiscuous mode
[  480.154251][T20955] bridge_slave_1: left allmulticast mode
[  480.174938][T20955] bridge_slave_1: left promiscuous mode
[  480.187872][T20955] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.200122][T20955] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  480.234685][T20965] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  480.343174][T20972] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  480.387190][T20974] x_tables: duplicate underflow at hook 2
[  480.468911][T20972] bond2: entered promiscuous mode
[  480.608279][T20972] 8021q: adding VLAN 0 to HW filter on device bond3
[  480.619058][T20972] bond2: (slave bond3): Enslaving as an active interface with a down link
[  480.631785][T20979] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  480.674879][T20979] bond2 (unregistering): (slave bond3): Releasing active interface
[  480.720559][   T29] audit: type=1800 audit(1718214378.341:121): pid=20992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1940 res=0 errno=0
[  480.757401][   T29] audit: type=1804 audit(1718214378.371:122): pid=20992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir227626099/syzkaller.MB0NUZ/123/memory.events" dev="sda1" ino=1940 res=1 errno=0
[  480.787547][   T29] audit: type=1804 audit(1718214378.371:123): pid=20992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir227626099/syzkaller.MB0NUZ/123/memory.events" dev="sda1" ino=1940 res=1 errno=0
[  480.829798][T20979] bond2 (unregistering): Released all slaves
[  480.861325][   T29] audit: type=1804 audit(1718214378.371:124): pid=20992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir227626099/syzkaller.MB0NUZ/123/memory.events" dev="sda1" ino=1940 res=1 errno=0
[  481.399673][T21002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  481.537571][T21011] bridge_slave_1: left allmulticast mode
[  481.547087][T21011] bridge_slave_1: left promiscuous mode
[  481.552961][T21011] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.570978][T21011] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  481.609325][T21016] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  481.749755][T21025] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  481.910970][T21036] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'.
[  482.115241][T21040] tipc: Failed to remove unknown binding: 66,1,1/0:2217618857/2217618859
[  482.145031][T21040] tipc: Failed to remove unknown binding: 66,1,1/0:2217618857/2217618859
[  482.165107][T21044] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  482.271843][T21043] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'.
[  482.308292][T21056] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  482.316755][T21056] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  482.324978][T21056] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  482.409408][T21058] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  482.615329][T21069] vlan2: entered promiscuous mode
[  482.649198][T21069] bond0: entered promiscuous mode
[  482.654368][T21069] bond_slave_0: entered promiscuous mode
[  482.687779][T21069] bond_slave_1: entered promiscuous mode
[  482.714344][T21069] bond0: left promiscuous mode
[  482.724031][T21069] bond_slave_0: left promiscuous mode
[  482.742747][T21069] bond_slave_1: left promiscuous mode
[  482.877910][T21068] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  483.190622][T21089] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  483.244790][T21089] team0: Port device wlan1 removed
[  483.271114][T21089] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  483.296750][T21088] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  483.335367][T21087] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  483.351385][T21087] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  483.522795][T21103] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  483.541736][T21103] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  483.634242][T21110] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  484.119597][ T1098] wlan1: Trigger new scan to find an IBSS to join
[  484.333627][T21105] __nla_validate_parse: 5 callbacks suppressed
[  484.333650][T21105] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  484.420783][T21132] validate_nla: 2 callbacks suppressed
[  484.420805][T21132] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  484.505216][T21132] bond1: entered promiscuous mode
[  484.535690][T21140] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  484.564306][T21140] bond1 (unregistering): Released all slaves
[  484.710459][T21135] bond1 (unregistering): Released all slaves
[  484.784499][T21145] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.3'.
[  485.097994][ T1098] wlan1: Creating new IBSS network, BSSID 00:00:00:00:ff:ff
[  485.213979][T21159] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  485.385992][T21172] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  485.412132][T21172] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  485.435828][T21172] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  486.685057][T21209] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  486.729387][T21211] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  486.748187][T21211] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  486.771932][T21211] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  486.799066][T21174] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  487.397084][T21228] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  487.405311][T21228] netlink: 'syz-executor.2': attribute type 39 has an invalid length.
[  487.939363][T21251] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  487.964161][T21251] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  487.981744][T21255] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  487.989409][T21251] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  488.437162][ T5120] Bluetooth: hci1: command 0x0405 tx timeout
[  488.654980][T21292] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  489.397058][T21309] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  489.425480][T21333] __nla_validate_parse: 7 callbacks suppressed
[  489.425503][T21333] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  489.464919][T21334] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  489.484848][T21338] validate_nla: 3 callbacks suppressed
[  489.484869][T21338] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  489.485406][T21333] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  489.491023][T21338] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  489.491046][T21338] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.3'.
[  490.454395][T21350] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  490.627137][T21365] netlink: 'syz-executor.3': attribute type 13 has an invalid length.
[  490.665065][T21372] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  490.674099][T21372] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  490.674735][T21365] veth0_macvtap: left promiscuous mode
[  490.688119][T21372] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.2'.
[  490.705279][T21365] macvtap0: entered promiscuous mode
[  490.735005][T21365] macvtap0: refused to change device tx_queue_len
[  491.033760][T21392] netlink: 288 bytes leftover after parsing attributes in process `syz-executor.1'.
[  491.418576][T21364] dccp_close: ABORT with 32 bytes unread
[  491.481794][T21411] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  491.499213][T21411] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  491.520688][T21411] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.2'.
[  492.077803][T21434] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  492.177145][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  492.177164][   T29] audit: type=1804 audit(1718214389.791:129): pid=21439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir227626099/syzkaller.MB0NUZ/155/cgroup.controllers" dev="sda1" ino=1936 res=1 errno=0
[  492.254333][T21443] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  492.270930][T21443] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  492.291089][T21443] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  492.672636][T21475] bridge0: entered promiscuous mode
[  492.838272][T21472] bridge0: left promiscuous mode
[  493.167785][T21488] xt_cluster: you have exceeded the maximum number of cluster nodes (2684354560 > 32)
[  493.442143][T21492] netlink: 88156 bytes leftover after parsing attributes in process `syz-executor.1'.
[  494.077985][T21515] 8021q: adding VLAN 0 to HW filter on device team0
[  494.124723][T21515] bond0: (slave team0): Enslaving as an active interface with an up link
[  494.516448][ T4491] Bluetooth: hci0: command 0x0401 tx timeout
[  494.588857][T21539] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  494.619395][T21538] Bluetooth: hci3: invalid len left 7, exp >= 258
[  494.641710][T21539] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  494.655119][T21539] gretap1: entered promiscuous mode
[  494.662458][T21539] gretap1: entered allmulticast mode
[  494.991892][T21560] veth1_macvtap: left promiscuous mode
[  495.020770][T21560] macsec0: entered promiscuous mode
[  495.027415][T21560] macsec0: entered allmulticast mode
[  495.059423][T21569] veth1_macvtap: entered promiscuous mode
[  495.084888][T21570] __nla_validate_parse: 3 callbacks suppressed
[  495.085015][T21570] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  495.093699][T21569] veth1_macvtap: entered allmulticast mode
[  495.112852][T21569] macsec0: left promiscuous mode
[  495.119874][T21569] macsec0: left allmulticast mode
[  495.125022][T21569] veth1_macvtap: left allmulticast mode
[  495.321400][T21541] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  495.559897][T21579] bridge0: entered promiscuous mode
[  496.108343][T21578] bridge0: left promiscuous mode
[  496.377741][T21592] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  496.417873][T21592] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'.
[  496.619921][T21609] tipc: Invalid UDP bearer configuration
[  496.619978][T21609] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  497.206674][T21634] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  497.227247][T21636] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  497.318363][T21636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  497.325707][T21636] IPv6: NLM_F_CREATE should be set when creating new route
[  497.464897][T21618] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  497.679140][T21659] sctp: [Deprecated]: syz-executor.1 (pid 21659) Use of int in max_burst socket option.
[  497.679140][T21659] Use struct sctp_assoc_value instead
[  498.501865][T21675] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  498.795093][T21695] validate_nla: 6 callbacks suppressed
[  498.795114][T21695] netlink: 'syz-executor.4': attribute type 21 has an invalid length.
[  499.175658][T21702] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  499.229242][T21702] veth1: entered promiscuous mode
[  499.234482][T21702] macvtap1: entered promiscuous mode
[  499.266097][T21702] macvtap1: entered allmulticast mode
[  499.288996][T21702] veth1: entered allmulticast mode
[  499.302774][T21704] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  499.312685][T21710] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  499.322222][T21704] veth1: left allmulticast mode
[  499.327681][T21704] veth1: left promiscuous mode
[  499.332658][T21704] macvtap1: left promiscuous mode
[  499.338618][T21704] macvtap1: left allmulticast mode
[  499.600732][T21723] netlink: zone id is out of range
[  499.726054][T21723] netlink: zone id is out of range
[  499.768065][T21723] netlink: zone id is out of range
[  499.778373][T21723] netlink: zone id is out of range
[  499.797422][T21723] netlink: zone id is out of range
[  499.822824][T21726] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  499.853119][T21723] netlink: zone id is out of range
[  499.855216][T21732] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  499.863683][T21723] netlink: zone id is out of range
[  499.907797][T21723] netlink: zone id is out of range
[  499.922656][T21723] netlink: zone id is out of range
[  499.935874][T21723] netlink: zone id is out of range
[  499.965804][T21736] xt_TPROXY: Can be used only with -p tcp or -p udp
[  500.132014][T21745] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  500.324078][T21759] __nla_validate_parse: 6 callbacks suppressed
[  500.324098][T21759] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  500.619610][T21782] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  500.712662][T21782] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  501.120627][T21810] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  501.239861][T21816] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  501.475997][T21827] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  501.509938][T21827] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  501.559502][T21825] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  501.724951][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  501.731501][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  502.172120][ T5120] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  502.183348][ T5120] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  502.192813][ T5120] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  502.204826][ T5120] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  502.221487][ T5120] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  502.232224][ T5120] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  502.301287][ T7369] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.480427][ T7369] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.644497][ T7369] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.802481][ T7369] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.848805][ T4491] Bluetooth: hci2: command tx timeout
[  502.943697][T21846] chnl_net:caif_netlink_parms(): no params data found
[  502.969746][ T7369] bridge_slave_1: left allmulticast mode
[  502.975707][ T7369] bridge_slave_1: left promiscuous mode
[  502.983249][ T7369] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.995948][ T7369] bridge_slave_0: left allmulticast mode
[  503.014473][ T7369] bridge_slave_0: left promiscuous mode
[  503.020414][ T7369] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.609139][T21892] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.2'.
[  503.794602][ T7369] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  503.817466][ T7369] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  503.831669][ T7369] bond0 (unregistering): Released all slaves
[  503.845966][ T7369] bond1 (unregistering): Released all slaves
[  504.064551][T21901] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.2'.
[  504.368670][ T4491] Bluetooth: hci4: command tx timeout
[  504.444905][T21846] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.453783][T21846] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.461934][T21846] bridge_slave_0: entered allmulticast mode
[  504.473701][T21846] bridge_slave_0: entered promiscuous mode
[  504.490885][T21926] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  504.542608][ T7369] hsr_slave_0: left promiscuous mode
[  504.559001][ T7369] hsr_slave_1: left promiscuous mode
[  504.574893][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  504.586121][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_0
[  504.610265][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.624939][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.664077][ T7369] veth1_macvtap: left promiscuous mode
[  504.670417][ T7369] veth1_vlan: left promiscuous mode
[  504.675727][ T7369] veth0_vlan: left promiscuous mode
[  505.304606][ T7369] team0 (unregistering): Port device team_slave_1 removed
[  505.352867][ T7369] team0 (unregistering): Port device team_slave_0 removed
[  505.852741][T21846] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.861158][T21846] bridge0: port 2(bridge_slave_1) entered disabled state
[  505.868511][T21846] bridge_slave_1: entered allmulticast mode
[  505.875644][T21846] bridge_slave_1: entered promiscuous mode
[  506.080346][T21846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  506.135745][T21846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  506.210433][T21967] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  506.369817][T21846] team0: Port device team_slave_0 added
[  506.424335][T21846] team0: Port device team_slave_1 added
[  506.437621][ T4491] Bluetooth: hci4: command tx timeout
[  506.513450][T21983] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  506.525216][T21983] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  506.547065][T21983] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  506.573189][T21979] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  506.602565][T21979] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  506.611110][T21979] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  506.619518][T21979] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  506.644278][T21982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  506.657472][T21985] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  506.662621][T21846] batman_adv: batadv0: Adding interface: batadv_slave_0
[  506.709002][T21846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.740292][T21846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  506.755605][T21846] batman_adv: batadv0: Adding interface: batadv_slave_1
[  506.794471][T21846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.911294][T21846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.472784][T21846] hsr_slave_0: entered promiscuous mode
[  507.500482][T21846] hsr_slave_1: entered promiscuous mode
[  507.534483][T22014] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  507.918719][T22037] bridge0: entered promiscuous mode
[  507.924927][T22040] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'.
[  508.132479][T22036] bridge0: left promiscuous mode
[  508.142842][T22047] xt_TPROXY: Can be used only with -p tcp or -p udp
[  508.517649][ T4491] Bluetooth: hci4: command tx timeout
[  508.548222][T22054] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  508.925977][T22071] bridge0: port 2(geneve1) entered blocking state
[  508.942463][T22071] bridge0: port 2(geneve1) entered disabled state
[  508.954569][T22071] geneve1: entered allmulticast mode
[  508.968525][T22071] geneve1: entered promiscuous mode
[  508.974781][T21846] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  509.015206][T21846] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  509.855602][T22079] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  509.880048][T22079] batman_adv: batadv0: Removing interface: team0
[  509.895376][T22079] 8021q: adding VLAN 0 to HW filter on device team0
[  509.912281][T22079] bond0: (slave team0): Enslaving as an active interface with an up link
[  509.929357][T22082] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  509.951592][T22082] bond0: (slave team0): Releasing backup interface
[  509.995881][T22082] bridge0: port 3(team0) entered blocking state
[  510.015467][T22082] bridge0: port 3(team0) entered disabled state
[  510.046105][T22082] team0: entered allmulticast mode
[  510.072175][T22082] team_slave_0: entered allmulticast mode
[  510.086353][T22082] team_slave_1: entered allmulticast mode
[  510.106109][T22082] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  510.120810][T22082] team0: entered promiscuous mode
[  510.126113][T22082] team_slave_0: entered promiscuous mode
[  510.143034][T22082] team_slave_1: entered promiscuous mode
[  510.150886][T22082] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  510.167548][T21846] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  510.193432][T22085] bridge0: entered promiscuous mode
[  510.267186][T21846] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  510.286063][T22084] bridge0: left promiscuous mode
[  510.583663][T21846] 8021q: adding VLAN 0 to HW filter on device bond0
[  510.603255][ T4491] Bluetooth: hci4: command tx timeout
[  510.633187][T22123] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  510.722096][T21846] 8021q: adding VLAN 0 to HW filter on device team0
[  510.801000][  T933] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.808285][  T933] bridge0: port 1(bridge_slave_0) entered forwarding state
[  510.830221][  T933] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.837670][  T933] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.854765][T22131] vlan2: entered promiscuous mode
[  510.861459][T22131] macvlan1: entered promiscuous mode
[  510.876659][T22131] vlan2: entered allmulticast mode
[  510.883062][T22131] macvlan1: entered allmulticast mode
[  510.892790][T22131] veth1_vlan: entered allmulticast mode
[  510.904497][T22131] macvlan1: left allmulticast mode
[  510.926421][T22131] veth1_vlan: left allmulticast mode
[  510.934546][T22131] macvlan1: left promiscuous mode
[  511.546292][T21846] 8021q: adding VLAN 0 to HW filter on device batadv0
[  511.711563][T21846] veth0_vlan: entered promiscuous mode
[  511.748250][T21846] veth1_vlan: entered promiscuous mode
[  511.833133][T21846] veth0_macvtap: entered promiscuous mode
[  511.862353][T21846] veth1_macvtap: entered promiscuous mode
[  511.883263][T22175] can: request_module (can-proto-0) failed.
[  511.940086][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  511.979330][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.022448][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.052828][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.087044][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.112810][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.138604][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.161839][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.200698][T21846] batman_adv: batadv0: Interface activated: batadv_slave_0
[  512.241103][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.270242][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.299403][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.310639][T22189] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  512.310687][T22189] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  512.365089][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.385729][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.405847][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.423993][T21846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.435997][T21846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.465185][T21846] batman_adv: batadv0: Interface activated: batadv_slave_1
[  512.489833][T22188] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  512.548637][T21846] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  512.564408][T21846] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  512.574166][T21846] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  512.602861][T21846] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  512.855407][T22204] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  512.992200][ T7369] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.027926][ T7369] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.154427][ T7369] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.181431][ T7369] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.339989][T22219] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  513.431019][T22225] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  513.462300][T22225] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.0'.
[  513.907013][T22229] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  514.174149][T22248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.187450][T22249] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  514.213765][T22245] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  514.242439][T22249] net_ratelimit: 4 callbacks suppressed
[  514.242460][T22249] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes.
[  514.541379][T22253] mac80211_hwsim hwsim27 wlan0 (unregistering): left allmulticast mode
[  514.661175][T22253] team0: Port device macvlan2 removed
[  516.045200][T22331] syzkaller1: entered promiscuous mode
[  516.080261][T22331] syzkaller1: entered allmulticast mode
[  516.537407][T22360] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  517.550312][T22394] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  517.749927][T22404] tipc: Started in network mode
[  517.754862][T22404] tipc: Node identity ffffffff, cluster identity 4711
[  517.764266][T22404] tipc: Node number set to 4294967295
[  517.842228][T22409] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  518.236949][T22419] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  518.289960][T22423] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  518.605730][T22442] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  518.699203][T22450] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.1'.
[  519.292328][T22465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  519.377831][T22465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  519.439514][T22486] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  519.457939][T22486] geneve1: left allmulticast mode
[  519.463105][T22486] geneve1: left promiscuous mode
[  519.473992][T22486] bridge0: port 2(geneve1) entered disabled state
[  519.488504][T22465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  519.516017][T22486] bridge_slave_0: left allmulticast mode
[  519.532998][T22486] bridge_slave_0: left promiscuous mode
[  519.544162][T22486] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.655437][T22489] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  519.694669][T22494] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  520.563856][T22535] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  520.614964][T22537] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  520.748875][T22542] Bluetooth: hci0: load_link_keys: too big key_count value 17408
[  521.319652][T22578] netlink: 'syz-executor.3': attribute type 30 has an invalid length.
[  521.333672][T22578] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[  521.353582][T22580] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  521.372204][T22580] netlink: 55 bytes leftover after parsing attributes in process `syz-executor.4'.
[  521.417896][T22580] 
[  521.420280][T22580] ======================================================
[  521.427319][T22580] WARNING: possible circular locking dependency detected
[  521.434357][T22580] 6.10.0-rc2-syzkaller-00724-g45403b12c29c #0 Not tainted
[  521.441490][T22580] ------------------------------------------------------
[  521.448529][T22580] syz-executor.4/22580 is trying to acquire lock:
[  521.454963][T22580] ffff888022b62768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_netdev_notifier_call+0x308/0x1490
[  521.465641][T22580] 
[  521.465641][T22580] but task is already holding lock:
[  521.473017][T22580] ffff88805dedcd20 (team->team_lock_key#10){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750
[  521.482813][T22580] 
[  521.482813][T22580] which lock already depends on the new lock.
[  521.482813][T22580] 
[  521.493234][T22580] 
[  521.493234][T22580] the existing dependency chain (in reverse order) is:
[  521.502370][T22580] 
[  521.502370][T22580] -> #1 (team->team_lock_key#10){+.+.}-{3:3}:
[  521.510678][T22580]        lock_acquire+0x1ed/0x550
[  521.515716][T22580]        __mutex_lock+0x136/0xd70
[  521.520754][T22580]        team_port_change_check+0x51/0x1e0
[  521.526622][T22580]        team_device_event+0x161/0x5b0
[  521.532116][T22580]        notifier_call_chain+0x19f/0x3e0
[  521.537775][T22580]        dev_close_many+0x33c/0x4c0
[  521.543010][T22580]        unregister_netdevice_many_notify+0x544/0x16b0
[  521.549866][T22580]        macvlan_device_event+0x7e0/0x870
[  521.555592][T22580]        notifier_call_chain+0x19f/0x3e0
[  521.561238][T22580]        unregister_netdevice_many_notify+0xd75/0x16b0
[  521.568113][T22580]        unregister_netdevice_queue+0x303/0x370
[  521.574357][T22580]        _cfg80211_unregister_wdev+0x162/0x560
[  521.580959][T22580]        ieee80211_if_remove+0x25d/0x3a0
[  521.586629][T22580]        ieee80211_del_iface+0x19/0x30
[  521.592105][T22580]        cfg80211_remove_virtual_intf+0x23f/0x410
[  521.598529][T22580]        genl_rcv_msg+0xb14/0xec0
[  521.603652][T22580]        netlink_rcv_skb+0x1e3/0x430
[  521.608975][T22580]        genl_rcv+0x28/0x40
[  521.613494][T22580]        netlink_unicast+0x7ea/0x980
[  521.618874][T22580]        netlink_sendmsg+0x8db/0xcb0
[  521.624171][T22580]        __sock_sendmsg+0x221/0x270
[  521.629386][T22580]        ____sys_sendmsg+0x525/0x7d0
[  521.634674][T22580]        __sys_sendmsg+0x2b0/0x3a0
[  521.639785][T22580]        do_syscall_64+0xf3/0x230
[  521.644820][T22580]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.651247][T22580] 
[  521.651247][T22580] -> #0 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  521.658989][T22580]        validate_chain+0x18e0/0x5900
[  521.664364][T22580]        __lock_acquire+0x1346/0x1fd0
[  521.669733][T22580]        lock_acquire+0x1ed/0x550
[  521.674754][T22580]        __mutex_lock+0x136/0xd70
[  521.679786][T22580]        cfg80211_netdev_notifier_call+0x308/0x1490
[  521.686390][T22580]        notifier_call_chain+0x19f/0x3e0
[  521.692056][T22580]        dev_open+0x13a/0x1b0
[  521.696754][T22580]        team_add_slave+0x9b3/0x2750
[  521.702069][T22580]        do_setlink+0xe70/0x41f0
[  521.707103][T22580]        rtnl_newlink+0x180b/0x20a0
[  521.712297][T22580]        rtnetlink_rcv_msg+0x89b/0x1180
[  521.717852][T22580]        netlink_rcv_skb+0x1e3/0x430
[  521.723151][T22580]        netlink_unicast+0x7ea/0x980
[  521.728439][T22580]        netlink_sendmsg+0x8db/0xcb0
[  521.733759][T22580]        __sock_sendmsg+0x221/0x270
[  521.738966][T22580]        ____sys_sendmsg+0x525/0x7d0
[  521.744276][T22580]        __sys_sendmsg+0x2b0/0x3a0
[  521.749425][T22580]        do_syscall_64+0xf3/0x230
[  521.754467][T22580]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.760892][T22580] 
[  521.760892][T22580] other info that might help us debug this:
[  521.760892][T22580] 
[  521.771378][T22580]  Possible unsafe locking scenario:
[  521.771378][T22580] 
[  521.778912][T22580]        CPU0                    CPU1
[  521.784275][T22580]        ----                    ----
[  521.789638][T22580]   lock(team->team_lock_key#10);
[  521.794678][T22580]                                lock(&rdev->wiphy.mtx);
[  521.801710][T22580]                                lock(team->team_lock_key#10);
[  521.809270][T22580]   lock(&rdev->wiphy.mtx);
[  521.813789][T22580] 
[  521.813789][T22580]  *** DEADLOCK ***
[  521.813789][T22580] 
[  521.821933][T22580] 2 locks held by syz-executor.4/22580:
[  521.827480][T22580]  #0: ffffffff8f5e74c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  521.837012][T22580]  #1: ffff88805dedcd20 (team->team_lock_key#10){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750
[  521.847226][T22580] 
[  521.847226][T22580] stack backtrace:
[  521.853122][T22580] CPU: 0 PID: 22580 Comm: syz-executor.4 Not tainted 6.10.0-rc2-syzkaller-00724-g45403b12c29c #0
[  521.863618][T22580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  521.873673][T22580] Call Trace:
[  521.876960][T22580]  <TASK>
[  521.879916][T22580]  dump_stack_lvl+0x241/0x360
[  521.884617][T22580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  521.889832][T22580]  ? print_circular_bug+0x130/0x1a0
[  521.895060][T22580]  check_noncircular+0x36a/0x4a0
[  521.900013][T22580]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  521.906183][T22580]  ? __pfx_check_noncircular+0x10/0x10
[  521.911672][T22580]  ? lockdep_lock+0x123/0x2b0
[  521.916359][T22580]  validate_chain+0x18e0/0x5900
[  521.921224][T22580]  ? mark_lock+0x9a/0x350
[  521.925594][T22580]  ? __pfx_stack_trace_save+0x10/0x10
[  521.931001][T22580]  ? __pfx_validate_chain+0x10/0x10
[  521.936311][T22580]  ? mark_lock+0x9a/0x350
[  521.940662][T22580]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  521.946656][T22580]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  521.952999][T22580]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  521.958896][T22580]  ? lockdep_hardirqs_on+0x99/0x150
[  521.964101][T22580]  ? mark_lock+0x9a/0x350
[  521.968437][T22580]  __lock_acquire+0x1346/0x1fd0
[  521.973301][T22580]  lock_acquire+0x1ed/0x550
[  521.977806][T22580]  ? cfg80211_netdev_notifier_call+0x308/0x1490
[  521.984057][T22580]  ? __pfx_lock_acquire+0x10/0x10
[  521.989083][T22580]  ? __pfx___might_resched+0x10/0x10
[  521.994376][T22580]  ? rtmsg_fib+0x3a3/0x630
[  521.998810][T22580]  __mutex_lock+0x136/0xd70
[  522.003318][T22580]  ? cfg80211_netdev_notifier_call+0x308/0x1490
[  522.009656][T22580]  ? __lock_acquire+0x1346/0x1fd0
[  522.014692][T22580]  ? cfg80211_netdev_notifier_call+0x308/0x1490
[  522.021120][T22580]  ? __pfx___mutex_lock+0x10/0x10
[  522.026162][T22580]  cfg80211_netdev_notifier_call+0x308/0x1490
[  522.032260][T22580]  ? __pfx_lock_release+0x10/0x10
[  522.037297][T22580]  ? __pfx_cfg80211_netdev_notifier_call+0x10/0x10
[  522.043906][T22580]  ? __pfx_arp_key_eq+0x10/0x10
[  522.048769][T22580]  ? neigh_lookup+0x417/0x500
[  522.053469][T22580]  ? __pfx_fib_magic+0x10/0x10
[  522.058244][T22580]  ? neigh_lookup+0xb1/0x500
[  522.062838][T22580]  ? __pfx_neigh_lookup+0x10/0x10
[  522.067868][T22580]  ? fib_rebalance+0x8e/0xed0
[  522.072548][T22580]  ? dev_get_flags+0x147/0x1d0
[  522.077333][T22580]  ? fib_sync_up+0x74b/0x7d0
[  522.081941][T22580]  ? igmp_netdev_event+0x7c/0x770
[  522.086990][T22580]  notifier_call_chain+0x19f/0x3e0
[  522.092120][T22580]  dev_open+0x13a/0x1b0
[  522.096290][T22580]  ? __pfx_dev_open+0x10/0x10
[  522.100998][T22580]  ? team_add_slave+0x686/0x2750
[  522.105945][T22580]  ? team_add_slave+0x8a0/0x2750
[  522.110893][T22580]  team_add_slave+0x9b3/0x2750
[  522.115674][T22580]  ? __pfx___dev_notify_flags+0x10/0x10
[  522.121245][T22580]  ? __dev_change_flags+0x515/0x6f0
[  522.126464][T22580]  ? __pfx_team_add_slave+0x10/0x10
[  522.131680][T22580]  ? __pfx___dev_change_flags+0x10/0x10
[  522.137242][T22580]  ? preempt_count_add+0x93/0x190
[  522.142272][T22580]  ? vprintk_emit+0x631/0x770
[  522.146974][T22580]  ? mutex_is_locked+0x12/0x50
[  522.151759][T22580]  do_setlink+0xe70/0x41f0
[  522.156204][T22580]  ? _printk+0xd5/0x120
[  522.160378][T22580]  ? __nla_validate_parse+0x2660/0x3090
[  522.165935][T22580]  ? __pfx__printk+0x10/0x10
[  522.170537][T22580]  ? __pfx_do_setlink+0x10/0x10
[  522.175420][T22580]  ? rcu_is_watching+0x15/0xb0
[  522.180194][T22580]  ? do_trace_netlink_extack+0x8b/0x1f0
[  522.185739][T22580]  ? __nla_validate_parse+0x27eb/0x3090
[  522.191296][T22580]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  522.196681][T22580]  ? rtnl_newlink+0xf2/0x20a0
[  522.201386][T22580]  ? __pfx___nla_validate_parse+0x10/0x10
[  522.207140][T22580]  ? validate_linkmsg+0x71e/0x900
[  522.212194][T22580]  rtnl_newlink+0x180b/0x20a0
[  522.216884][T22580]  ? rtnl_newlink+0x471/0x20a0
[  522.221772][T22580]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.226802][T22580]  ? do_raw_spin_unlock+0x13c/0x8b0
[  522.232017][T22580]  ? __mutex_lock+0x9a5/0xd70
[  522.236711][T22580]  ? __mutex_lock+0x527/0xd70
[  522.241415][T22580]  ? __pfx_rtnl_newlink+0x10/0x10
[  522.246454][T22580]  rtnetlink_rcv_msg+0x89b/0x1180
[  522.251499][T22580]  ? rtnetlink_rcv_msg+0x208/0x1180
[  522.256719][T22580]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.262215][T22580]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  522.268213][T22580]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  522.274567][T22580]  ? __local_bh_enable_ip+0x168/0x200
[  522.279952][T22580]  ? lockdep_hardirqs_on+0x99/0x150
[  522.285176][T22580]  ? __local_bh_enable_ip+0x168/0x200
[  522.290566][T22580]  ? dev_hard_start_xmit+0x773/0x7e0
[  522.295856][T22580]  ? __dev_queue_xmit+0x2d2/0x3d30
[  522.300975][T22580]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  522.306718][T22580]  ? __dev_queue_xmit+0x2d2/0x3d30
[  522.311848][T22580]  ? __dev_queue_xmit+0x16c9/0x3d30
[  522.317076][T22580]  ? __dev_queue_xmit+0x2d2/0x3d30
[  522.322215][T22580]  ? ref_tracker_free+0x643/0x7e0
[  522.327251][T22580]  netlink_rcv_skb+0x1e3/0x430
[  522.332037][T22580]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  522.337524][T22580]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  522.342840][T22580]  ? netlink_deliver_tap+0x2e/0x1b0
[  522.348057][T22580]  netlink_unicast+0x7ea/0x980
[  522.352833][T22580]  ? __pfx_netlink_unicast+0x10/0x10
[  522.358128][T22580]  ? __virt_addr_valid+0x183/0x520
[  522.363278][T22580]  ? __check_object_size+0x49c/0x900
[  522.368572][T22580]  ? bpf_lsm_netlink_send+0x9/0x10
[  522.373702][T22580]  netlink_sendmsg+0x8db/0xcb0
[  522.378490][T22580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.383795][T22580]  ? __import_iovec+0x536/0x820
[  522.388662][T22580]  ? aa_sock_msg_perm+0x91/0x160
[  522.393606][T22580]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  522.398894][T22580]  ? security_socket_sendmsg+0x87/0xb0
[  522.404365][T22580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  522.409654][T22580]  __sock_sendmsg+0x221/0x270
[  522.414345][T22580]  ____sys_sendmsg+0x525/0x7d0
[  522.419119][T22580]  ? __pfx_____sys_sendmsg+0x10/0x10
[  522.424419][T22580]  __sys_sendmsg+0x2b0/0x3a0
[  522.429016][T22580]  ? __pfx___sys_sendmsg+0x10/0x10
[  522.434152][T22580]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  522.440580][T22580]  ? do_syscall_64+0x100/0x230
[  522.445355][T22580]  ? do_syscall_64+0xb6/0x230
[  522.450048][T22580]  do_syscall_64+0xf3/0x230
[  522.454567][T22580]  ? clear_bhb_loop+0x35/0x90
[  522.459346][T22580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.465254][T22580] RIP: 0033:0x7f7bb4c7cea9
[  522.469679][T22580] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  522.489293][T22580] RSP: 002b:00007f7bb5a0e0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  522.497719][T22580] RAX: ffffffffffffffda RBX: 00007f7bb4db3f80 RCX: 00007f7bb4c7cea9
[  522.505697][T22580] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  522.513672][T22580] RBP: 00007f7bb4cebff4 R08: 0000000000000000 R09: 0000000000000000
2024/06/12 17:47:00 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  522.521651][T22580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.529628][T22580] R13: 000000000000004d R14: 00007f7bb4db3f80 R15: 00007ffec3e770f8
[  522.537621][T22580]  </TASK>
[  522.561020][T22580] team0: Port device virt_wifi0 added
[  523.324615][T22588] syz_tun (unregistering): left promiscuous mode