last executing test programs:

19.129477818s ago: executing program 3 (id=620):
r0 = socket$packet(0x11, 0x2, 0x300) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000280)={0x58, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @auth={{{}, {0xd}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, 0x0, 0x0, @void}}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x800}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]]}, 0x58}}, 0x0) (async)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x28, 0x9, 0x0, 0x7ffff020}, {0x6, 0x0, 0x0, 0x4}]}, 0x10) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair(0x1e, 0x3, 0x4, &(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f00000000c0)=0x4, 0x4) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r7)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB="84010000", @ANYRES16=r8, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b800800090000000000080009000000000008000a000000000008000a000000000008000a0000000002"], 0x184}}, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_delrule={0x1c, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0x1c}}, 0x0)

19.007787816s ago: executing program 3 (id=621):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @remote}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2e}}}}, &(0x7f00000003c0)=0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x8c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @empty}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x10, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}]}]}]}, 0x8c}}, 0x0)

18.036287626s ago: executing program 3 (id=634):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85100000010000009500000000000000850000007600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) (async)
unshare(0x28000400)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, 0x0, 0x15) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r1}, 0x8)
r2 = accept4(r0, 0x0, 0x0, 0x0) (async, rerun: 64)
pipe(&(0x7f00000045c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}) (rerun: 64)
vmsplice(r4, &(0x7f0000002480)=[{&(0x7f00000001c0)="9718b7b35f0f5725d440a340664128463b2edda3", 0x1e}], 0x1, 0x0)
r5 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) (async)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000010f9210402001fb30bce0ab161"], 0x4c}}, 0x0) (async)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24004000}, 0x4000000) (async)
setsockopt$inet_int(r5, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4) (async, rerun: 64)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) (rerun: 64)
splice(r3, 0x0, r5, 0x0, 0xe8, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
sendmsg$nl_route_sched_retired(r2, &(0x7f000001be80)={0x0, 0x0, &(0x7f000001be40)={&(0x7f0000000240)=@newtaction={0x200, 0x30, 0x800, 0x0, 0x0, {}, [{0x1ec, 0x1, [@m_ipt={0x1ac, 0x0, 0x0, 0x0, {{0x8}, {0x184, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8}, @TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}, @TCA_IPT_TARG={0x49, 0x6, {0x7f, 'mangle\x00', 0x1, 0xfff, "f951fabdcbbe5deee9e2759c89a68ca19a86c92d5f104db955925a1fc8caba"}}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_TARG={0xe1, 0x6, {0x4, 'mangle\x00', 0x80, 0x7, "3c03d93c75e10354489d4351f8c15af3fd1c960a1c324edd2ae839ed7bbdc3eae7f8f923d7a88f1dd4bca352433bde074cbae258ffc2b92b4835089489f4913cbf1956c321d073d195a37249cff3fb0cdb16713bb093ab1471e91e6748b0e7b7bee1d002403921c88131cb19202dd434614e4ea0970acfcf0556a513c325b57e9b8325588582dc5298233df5f2e1343388782ed597ac2568c6d1f1e09b8efc5d3990cf1c066ed67a05492aecf376f387f51f0dbd5484ab"}}]}, {0x4}, {0xc}, {0xc}}}, @m_ipt={0x3c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x11, 0x6, "f46756d0da560b4c8eabc516cc"}, {0xc}, {0xc}}}]}]}, 0x200}}, 0x0) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r3)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB="40000000a581a84172c271d17eb00f109a9570d8a6024d533991676e2a07b6ef3005c7f532758230a59826af09dfd62ac6cf3874b688eecc15c08860007873c10e8186ddd4181bec6edf0eaa86d430e89242ed44a0b605394c128dd563a4811dfd5f708c2bd7dc24637578a6a322ad2453860c56b6dc369a3dc7f05a3c0b1e322bf8eb8e81e08f691fe28cb94d35d6cbabbfb1d39487908f58912020f27d01cddc1a9d7b0f98fc2394da87b9ec49c764cc081ff7a471c1e3d6cde791ce8a36b5ec82137d2b71e53c0ae7010f56d77bcd153ffb164c46a18a776acbf6d6a8d1b53b12d0646d8eec5a2faa69", @ANYRES16=r6, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r8, @ANYBLOB="0a000600080211000001000018005080110001004abee339084eeef16f162471f4000000"], 0x40}}, 0x0) (async, rerun: 64)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01"], 0x7c}}, 0x0) (async, rerun: 64)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000040)={'team0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32=r10, @ANYBLOB="440002804000010024000100"], 0x60}, 0x1, 0xf000}, 0x0) (async)
ioctl$FIONCLEX(r7, 0x5450)

17.917438156s ago: executing program 4 (id=635):
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0xa, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000611228000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x101, 0x4)
sendmmsg$inet6(r0, &(0x7f0000001480)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x95, @loopback, 0x5}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/161, 0x19}}], 0x1, 0x12141, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

17.717579748s ago: executing program 3 (id=638):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r1, {0xffe0}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_CT_LABELS={0x14, 0x61, "cc4751af6e86592f024d38f66dbc1702"}, @TCA_FLOWER_KEY_CT_LABELS_MASK={0x14, 0x62, "2f8d8d8aae11218b7b82869677d78fda"}]}}]}, 0x5c}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=@newsa={0x144, 0x10, 0x1, 0x0, 0x0, {{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}, 0xffffff49}}, @sec_ctx={0xc, 0x8, {0x8}}]}, 0x144}}, 0x0)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0xfff, 0xb3, 0x48, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r3}, @generic={0x66}, @initr0, @exit, @alu={0x4, 0x0, 0x2, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17.569321319s ago: executing program 4 (id=640):
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, 0x3f9, 0x4, 0x70bd2b, 0x25dfdbfe, {}, ["", ""]}, 0x18}}, 0xc890) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030017000b63d25a80648c2594f92e24fc60100c034002000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

17.479388058s ago: executing program 3 (id=641):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=<r4=>r2, @ANYBLOB="010000000000000000004400000010000300", @ANYBLOB], 0x4c}}, 0x0)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000030000001c00018008000700", @ANYRES32=0x0, @ANYBLOB="080003007f000001080006"], 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0x7, &(0x7f0000000040)=ANY=[@ANYRESHEX=r4, @ANYBLOB="000000000900000018", @ANYRES32=r5, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000100)={0x11, 0x0, r7}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1\x00', <r8=>0x0})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r5, 0x4, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r8}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000880}, 0x20000801)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

17.395484616s ago: executing program 4 (id=644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x10, &(0x7f0000000180)=@raw=[@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0xf20d, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000000200)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xb8, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}]}]}]}, 0xb8}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

17.135499599s ago: executing program 4 (id=646):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket(0x15, 0x5, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) (async)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) (async)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) (async)
getsockopt(r1, 0x200000000114, 0x2715, 0x0, &(0x7f0000000040)) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) (async)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@hci={0x1f, 0xffffffffffffffff, 0x1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000380)="46310f3a62022ffdeba93ec529e7", 0xe}], 0x1, 0x0, 0x0, 0x2f00}, 0xf00}], 0x1, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000009c0)=ANY=[@ANYBLOB="1828000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES16=r0, @ANYRES64=0x0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f000000b0c0)={0xa, 0x0, 0x0, @mcast2, 0x20}, 0x1c) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x3a) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x30, r6, 0x300, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'veth0_to_hsr\x00'}}]}]}, 0x30}}, 0x0) (async)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000a00)={0x224, r6, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7ff}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x34}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3b0}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_BEARER={0x118, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5740, @dev={0xfe, 0x80, '\x00', 0x12}, 0x8}}, {0x14, 0x2, @in={0x2, 0x4e20, @empty}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4e29}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'sit0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xf, @local, 0x7}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x0, @empty, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xfffffff9, @mcast1, 0x7}}}}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7a}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xbca}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffffaadc}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xb79}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x50}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x800}, 0x24000000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1400}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_ERSPAN_VER={0x5, 0x1, 0x2}}}}]}, 0x38}}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90324fc6004001c000a000200053582c137153e37000c0480fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a060f0200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c100000000200ffffffff", 0x58}], 0x1) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

17.011563667s ago: executing program 3 (id=648):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet(0x2, 0x3, 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r1 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r1, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5f, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r3, &(0x7f0000000100)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000000), 0x4c00}], 0x1}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)=""/4106, 0x5a8}], 0x10}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000100)={'broute\x00', 0x0, 0x3, 0x2b, [0xfc, 0x70, 0x7fc, 0x8, 0xae70, 0x5], 0x4, &(0x7f0000000080)=[{}, {}, {}, {}], &(0x7f00000001c0)=""/43}, &(0x7f0000000180)=0x78)

16.813972662s ago: executing program 4 (id=651):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x70bd28, 0x25dfdbff}, 0x1c}}, 0x4)

16.651702572s ago: executing program 4 (id=654):
unshare(0x68040200)
unshare(0x14000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a0000000000006f0000000005001b003a00000008000300", @ANYRES32], 0x2c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
unshare(0x68040200) (async)
unshare(0x14000000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a0000000000006f0000000005001b003a00000008000300", @ANYRES32], 0x2c}}, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)

4.269573576s ago: executing program 0 (id=680):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp0\x00', {0x2}, 0x5})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f00000000c0)={0x1d, @broadcast, 0x4e23, 0x0, 'none\x00', 0x10, 0x9, 0x4c}, 0x2c)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000140)={0xd0002005})
ppoll(&(0x7f0000000200)=[{r7, 0x1}], 0x1, 0x0, 0x0, 0x3)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r3, @ANYBLOB="0100ffffffff000000000100000008000100", @ANYRES32=r2, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300400000000400040008"], 0xcc}, 0x1, 0xf000}, 0x0)

3.658713406s ago: executing program 1 (id=684):
r0 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockname(r1, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x2000000, 0xc, 0xfffffffffffffcd0, 0x2, [@func={0x3, 0x0, 0x0, 0xc, 0x2}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async)
bind$inet(r0, &(0x7f0000000540)={0x2, 0x4e22, @multicast2}, 0x10) (async)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) (async)
close(r3) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000000000000100002c000000030a0102000000000000fe7d5f4500000900010073797a30000000000900030073797a300000000054000000060a010400000000000000000100000008000b40000000002c00b780280001800a0001006c696d6974000000180002800c0001400000000000000000080004403f9fee2815cdc4092470000000010900010073797a3000000000140000001100010000000000000000000000000a00000048f8139fe3df45da3efdc466c6d34d24ae7b9fd43bf4625665a26bb7d1611a93ca1b4e28325d6df50934f4bac5ac48c426da89b0e834ea1394e3cbf6fdbad9fb2cdfdd8d9e4243bccefcd25d5502f0a5bcfcbb931341805e54ac4abc9756487dcf41fc98412914a80c55"], 0xc8}}, 0x0)
sendto$inet(r0, &(0x7f0000000300)="b2", 0x1, 0x8005, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000500)=@gcm_256={{0x304}, "5ab3b7ccb150a4f8", "8b7e476094455a04734bd3fb730c41e0c041d250e01cac4ec428a91297175f10", "fa058e9c", "368e39a22013f3c2"}, 0x38) (async)
unshare(0x62040200)
socket(0x15, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e00000056bc000006000000a200000080900000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="0000000002000000010000000100000000000000", @ANYRES32=r2, @ANYBLOB="be77fc2aa32f91c51b4eeec5b5b31e96002a3c02c27bcaaaae872082fa2844313499b1e7ce8249ae1638a2b395cf6e441163d82a49c37d95d3057abecb4932dc454aecd6f791f9a544d9a0f9c81968d3a38c44c9f2f88c65e17fbde4b2af2a48c65eae5404451a9f270805485d42d263da75deec75cf577fe35180dbb432f6359747579f54e38ec5f50c808c23dfaab2d3917a849833372733122f316f5bb160583df6418e7908eab9b7aa5665999e86787036832ae1e1f80e64820c2c5d66fbc0d92cfd984f113c"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x0, 0x8, 0x6, 0x20482, r5, 0x5, '\x00', 0x0, r2, 0x2, 0x3, 0x1, 0x7, @void, @value, @void, @value}, 0x50) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r6, &(0x7f0000000180), 0x2, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="000000000080000000a1150969f137e8e70000006e5c0f7e11ec24696b11cbb429db518e006c8fb6b3cc067e32f6eeaffb3d997e82aba0b05309ec89c4c14c97f7aa1b38248c6cd61d11b6d39c8960fd4623dd4eb442ab2ff9bb429bd9915eaa89c8bf21979a1d", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="00000000000000000000000000f900000000000060856e9b55c09049029148bb714ac04f8ba42473f8ff4d52cfc695a2c78a0bc915f8d5cad93d8a9e3229b08be5f4285c3dc576f7c564ebcd9ac4db7665100000000000000000000000005ca4000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

3.341009656s ago: executing program 1 (id=687):
socket$tipc(0x1e, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400000015000100000000000000000005"], 0x1c}}, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xf0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socket(0x11, 0x800000003, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="4d7e00c30000000000002700000008000200", @ANYRES16=r3], 0x1c}, 0x4, 0x700000000000000}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000000c0)={<r5=>0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1d}}}}, &(0x7f00000001c0)=0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000200)={r5, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}}, 0xf, 0xfff8}, &(0x7f00000002c0)=0x90)
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r4, &(0x7f0000000400)={0x1d, r7, 0x2}, 0x18)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r7}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))

3.159256495s ago: executing program 1 (id=689):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, 0x0, 0x0)
getsockname$packet(r5, 0x0, &(0x7f00000000c0))
connect$inet6(0xffffffffffffffff, &(0x7f0000000600)={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x30}, 0x4}, 0x1c)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newlink={0x68, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @sit={{0x8}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3f}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e20}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x800000f0}, @IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0x8}, @IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @dev}, @IFLA_IPTUN_TOS={0x5, 0x5, 0xc9}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r5, 0x89f8, &(0x7f0000000480)={'tunl0\x00', &(0x7f00000012c0)})
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0}}], 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0000fe140009050000000000000000020100fe", @ANYRES32=r3, @ANYBLOB="1400060000000000000400f0000000000000000008000200ac1414aa0800010000000000"], 0x3c}}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r6, &(0x7f0000000440)=[{&(0x7f0000000000)="9d1a13725d2ac496d8524b29015cb6177fb70266cdc1eb7946d14ecd1f78270c68e3f287a9b3e6a3488c9316058279eedbd33508792be7a7593d9ba300e8fa232b1aa6fc7d44445a36ab8bbc3a444413723bb8ae3cfff5b54875408f8466dbae9712e91f093fac4ce3", 0x69}, {&(0x7f0000000100)="3769b1010037e8a9ae43aeb3b548006a10d9c0e698b8c6691fab1c1a020361621d101a1f7e7025966793befc048be74f16a9dacc57eb770f36672b415dc746636a3642063b6d12c7a6aff9b6f49639a73a0fb7c7b211072597e0f0bc8c61a754cb46c24460fd60526ac2dcef7c464378bd5eee2ab75f308755636caf8b9c6c4d1305a9a083df98286683c72d6c0061b801593821b6d721dcddcfe23eaf7269f3633fa93065de979b306529e992133b79f0980c71367bf895bbaed6c9a803f5", 0xbf}, {&(0x7f00000002c0)="118d07e6f540da3183027c81dfd4ddc1700904286a13c66e82d09dfa2135a3f6a429bf83206af569932ffac91416f5a740ecff9da01d19b59d727af01d4e6581a615b0", 0x43}, {&(0x7f0000000240)="d1", 0x1}], 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000480)=@ringbuf={{}, {}, {}, [@btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @exit, @cb_func={0x18, 0x6, 0x4, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x67)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018000280140003"], 0x50}}, 0x0)
r9 = gettid()
syz_open_procfs$namespace(r9, &(0x7f0000000200)='ns/pid_for_children\x00')

2.965640517s ago: executing program 0 (id=690):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000001c0)={r1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x1e, 0x80005, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_IDLE(r5, 0x103, 0x7, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8}]}}]}, 0x3c}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="02829c3c32c6387a0d002cbd7000ffdbdf25", @ANYRES32=r10, @ANYBLOB="0a000900aaaaaaaaaabb0000050037000100000005003300020000000800310026e70000050030000000000008002c000c00000005003000000000000500300005000000"], 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x4084)
socket(0x2, 0x80805, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

2.559430985s ago: executing program 2 (id=692):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0], <r0=>0x0, 0x21, &(0x7f0000000200)=[{}, {}], 0x10, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0xd7, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r1, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000c7000000950000"], &(0x7f0000000300)='GPL\x00', 0x4, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES64=0x0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000240)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000054000000030a01030000000000000000050000000900010073797a30000000000900030073797a3200000000280004800800024000000000080001"], 0xb0}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, 0x2, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x10)

2.475778408s ago: executing program 0 (id=693):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1008}}, 0x20}}, 0x0)

2.460959705s ago: executing program 2 (id=694):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000340)={0xf}, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000)={0x0, <r5=>0x0}, &(0x7f0000000040)=0xc)
sendmsg$netlink(r4, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000002c0)={0x18, 0x69, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x2f, 0x0, 0x0, @str=':,*\x00'}]}, 0x18}, {&(0x7f0000001200)={0x10, 0x2, 0x300, 0x70bd25, 0x25dfdbfe}, 0x10}, {&(0x7f00000000c0)={0x14, 0x34, 0x100, 0x70bd2b, 0x25dfdbfc, "", [@typed={0x4, 0x5f}]}, 0x14}, {&(0x7f00000001c0)={0xe0, 0x14, 0xe00, 0x70bd28, 0x25dfdbfd, "", [@typed={0x8, 0x138, 0x0, 0x0, @fd}, @nested={0xc8, 0xb3, 0x0, 0x1, [@generic="685a23101f816e89e6c38f62918652b69ef471ce52ae7f66025cc69c8ac8debfeba568b7fcbcdd56db5f79e4a9c609d19956a0a3c2a47a878d6a1d0d3d544300dae8729a98920e172b579026a55bea10f1f7bb24027bbfb6b514626ee8341aa7b69938278872f2c4469a8bbdf662904172acf59381aeb5b3152a2d83543d2a80cd132965097912513c7b7f8d7b03f96ddf271cabb5b47140b32d568a6fa33df89ad635f3bba582bf26b97211257eacfc3c90c408e45566e2563dccbf", @typed={0x8, 0x36, 0x0, 0x0, @uid=r5}]}]}, 0xe0}, {&(0x7f0000001240)={0x1050, 0x22, 0x800, 0x70bd29, 0x25dfdbfc, "", [@generic="81a027cdef53fb0588c51069b42075e92c73d10c0c7d14b3c20c7db9262838c04ac6379e1e41be9a9a14a357f39907399dc7f1bcc34bd4e0d6eb8e", @typed={0x1004, 0x3e, 0x0, 0x0, @binary="889fdd8c33b50406296b84a9942fd6ad4d32945a4768e6d707a797745cc1d28096744badc3b0a1645e5a2c5d4a458fcfc81ef2210fcffd7da7f1fa3d331d9b5fc6891897f455c854a4582128d195626d60b7311bbbf7d38f4c220c54ef01f5948a8171f92204bb49e62b96a669c0d2ef6c14222b6d4e25fe30ca32fb3dd372425242e99460627276bb755852bec181b5fa0dcc9006ef265bb3ff84ba7bfd9a52b234d7ff9eaf507d09342da4e3bc190b531e074fcd2aab87bd8020c373d459dc9b3384f96bd01c66ac065a86a8b6e845284f5eb82fe91e5fbf59ef33ccebb6f47224ecb04d37c663e70639b253f7accc29b98136331caf16a315984743433fb60812c5a59c6fdb83080df9b2e071f21efdb320aaa05d1b0e803cbcc02514bc51b146a0748163149b8c79e84ba1b24c4124d46ce684f9a35d0ae0195216bd57b54e751b2fb1d3d7e2d30dd3507a00dd1a1bdc40e188ee3ca66212d39daec223a3ab3a26f15c66c55b52542a94407d5d97cd2024f0eed46f3550e7cc55c828768bfe03325067efee4ccc1f1d2e00c69983ac07625e7d8cd64383c7f26d0581cdfe6f2035045151b55df9d140435415113ea9a6cede393c76413acd800185baa8a7497198d707f74593474f8b833f713f23484a3d5ee4876198348046dad6bc274f5551fb2ace6a1caf5a92115d6b8c169715d4ce2a3278927b2a898e2f2fd382ec148de2432abe1e52e08b28f2bc751868686926f51e40776657024b928ce846fe7ddbf9972e678a66e688b11750742cf52d709c1c15e2cf5c1f89b87d8986a7eb1aa36e506e132ac5300b89d1d4d664d93981659677b32d30286fc317c045c065baf86874978df46612e6bc68cd856f71d63f946d59433dcd03eac9865513fef40b18cee8a19039cd8f7d44179b58f83faaf024411f656d963dc65d504b9b255f0dc59e57b445e17b9ba5efc30267ee2db6a03cf1fb24e1028005262f454aa99cbf1b9ff0e3f4865d6cd174e9c257a915bc6c9d05252cf6765d794ac856b2b3926532de9dc156fe1d0d8dd2059b5871215c21e10219f4c5d0afdf4d8c5a06dfc9ccedd36cd982f69caf572d71eb49dfd50a1cddb06dd545dbd2004e9cc71551b49cec6291c63ba7236db188f449742e6f4edc9428814dc749bfd5bc7d0207689f191a21ea53dc46b662583c0b743553d1a49bdaa16d1e2acddbc853cc15148c6cebfe2701055237353d2221a389b264be18daa309d1b29b75a2cea7e17c89d621b877b315d06edfc946ec366a39a25422c878fe53e244ed43aea8d05bd4f20d46b5c51fd615f64740a31117d75129b6413b4da72746f1ec438d6e429e86260b9a68dc929858c1803356aa9967ada3e177bde40b8ec4522ad64438263c1238e2a818eebc05f41479c2957aa74b8fef356099c8915b29989a81e400fad8866957e04292253254cf52bea2ef23a1a16c45896f9acc0da950c431692f59b22c94f02947a2f3e4a7b3688c2b5e838d0d06389afed94b471927d3dba3b38c5fb070c483c0490763939dfd21dcd033270a199e7e73e8445462e657703ff1876cdff722675f86de04608b700a5804bb0f422d7df5d611f445417db98e3789b4ae8ccfb1e29a1272d2705b1882fd53e5f755a97f04925593c9f89fcafe53ff69c0f0e18d6fc636c86d660c0a1d4f387aa53238cb46c71a5b968a432670b06728d71d118e7039a4c13eb43b57fe2a49d61023f697e2dafc49ecdc958e831e1f31ee7aac97ed8f8bcdad1efe20b9548950c2940a778c983d30db6a62aab689f2cbf3e6b44e4225381f45a10b143627d4c4fc4075960d817e84215635d1d3c4c81f68ec4b0905a40e8aaf022fad3002dd181b09d6a9ac95e4a819119e29c6067527d940c1999ecddc760d9d1844e16876b927b8229221a5a14c2058596eac01295c8e2ee9e26a6b47551dd7598206c86c6373b5bfcc2d843c374cdaa567420aa7a0822494e119e238a3ba80e9a02640c07efe23ba3effbe2f3bf31f37a4d758b9d1e7ffbe48991eb33fe7a53f562d568f0addf643b3310aa1d8368b90dae5e6a2048fb9bea5b745ef1b61e9c2796492d10ab28a81cfa74bdcad92f050b0f9ccd12a5399fa1750598d121a5abb5fd56f558a6b91cece60658edeaff10b41cf6224e524b4a2512c52b81346d2b2a24ec7a1ca1c1c9df68a90cc5f66378d4fa1a569734a224b0fffea1417dce3d668287e5d30cd0bcdc2c6e9b09c4f012c05f269291a2a54ec7ec29b52e99d2d8a61be41adc0b6c9752133665e389fa5389a29e2624f3f911003d4b4cad3a0efaa18109c24cbfefa737352043754fe6d9b8aec36221f8f07a5e813cf7720deff433192a18d35ad895d2fe0f22d7fbde254c444dacd202e6fe73efe49c692cf911d5980a88be1db019d3cbb816208a2cdfcb0951eddfbead418ab12b8e9a638c1fb9a33eaa1b247bd36b47bc93a345ddfa250b0ee468097823b6369b9beae1dee09d3ad4db2c980fc18fea9a5ed570bba25b9b3d5d8157b4c1e3d95962efb45bcfc299007ddc9175d80e81947ae4e9d89f82252b5f079e82eab0d2f2e510b14a18e8c79eb7c7a9741ba2de9fb3400f372725a8748af4cab79a3ba5252b75dbb4d22e6597bb9ebae35cc7816ffcb2d53ffd740eab10ca1a76b18b8476b86a4d9abba6ec1fea65f8fb5281e855238ec2ad5c17edcd9bc8db74a037817608fe6562d1bcb8dca4f3e2865b1527ef87891317d28093708c867756f22fcfcbd683b1dd527362dbb93f4d9500109e3a095e6ea28ffc95aaa05190fc5e408a802d780dffb500379028151b1a9a1452f4eef3680de283ea5da8a24d7dc9f4f96b46cf4b5467fc991716c45a351c13b2299f5b2ce5592e02b661e99c83e45b21c5de5d4fc4a10521043dfb60bbfff5048366f6487d597e20f330c6c82d603372e08620f385f025db424c0a30369fe53590cdbe4fb655188584b16d01391580a87770d4e5aafd247c9dcd21bdd79480320e030674fc68ff1497e61dea05087f9cbce1211ff06a125088c7c29be4461a24814cbeddb67fa5b142b71f181dbc42708996a14cf013ee9fc3a098999850dca62c8fddee882330d35b6e47a9215e373eed0e115bebbdee74ae5c97f30eb9055635af508e1566f5018900ad385e954d5bdad7435d695410f667f7504148338360de056d5ee7a863c399b2111585792b515a76ece35c410bbe0321038ad340b7f41c4342ad70a0bc4a35e929ab48a8fc084e82bc443ebae1389b748f99b667b00337f6587a2f9faa671ee3fca8b236a110932dca8268270caccb1e55329b88a7f00683dc0eedab0b34bfba457253fcd680d17bbf9d20538fed50b1496cd2c9002af74ce19088069851ca2f14d68fcb7dd9a4edc76244cef1ff92647783c2039a040791daf9af828f4dbf8056458695291d1991fe08e6af3734690a509323c09ae223c995e87415bc531ac86b4033d405f1c1a26b92b0b698d88eea293af5e8efa72b9fe351495fcc999578671ea49a3d8c1eaffcfb39bc5304ebfef9988ad07d928f59a9f0a98131ee9220d2d4e17fc50979cc6ad030946130688d94a7609a910ad8d38a04b5ecd47c3a99986a7d030073ca9ff52fffe40388036536bebb594726019cf16ed43b508bd8ed058bf7f6e24020b004583f2fc74a8f33ff0732d699a60f9695d864ec115a557d5bc30c90820336d5df2076ea34225b74047a8e77aef0102c9894e64e56465f4a4dcd512dead5f9549cb6318d279c8fc58fc0c674d001409b3634bbb2eff530592c94f3f5868a8a389560f9d55dd189b9b08ce56bdac9dad7e1b45dff34cbe5d61b89a8b469026308bf40d598924a104c7642e4b4060404d81757fbafdb20beacd42e4365759c984cbfe3cb6bb0455168144b54cebebec8cd7db37adf7d95bc0b071754dd41072920a6aa049811058f2aca7b25be25e18957baf3036167bcaeb026b5f597c97e18fa3f75c2a46182d8d28ca713826946232b2e0a86f4e58c98a0ad955408a5120d54fa6ab2e531c883292e4dbf8b57c0459e0efc0092e360fca04974705e27e41cec79e21960aa148b68f83f13b484ae5689734fd123347a0b752f4d238a7ffd82cc60d75fc776f1baeed40435112122cc51cebc45ebe446807c7e42077795633f0b1d9e6bc86fbb03859bc82d9be58d1e5637830bf50a1d8bcf2c1489bbecac358a650207edec957d3f32ee52b8df605f549947476dea6c693522f60e628daaf1dc3a5c16fdaf6d8526309631ed797d2e63466f764aa96fd5a7bd9ae08ddbc850b6d65462a213e6a00c9e3ad7efcf74d0cf091acfb0eb3bddea7b0e4f3bbfe793e4ea7bb99c39f6a6c7eb2caee54ef51e0c5b78d58f3e070b4fe12131510e77e6202657c6d9f9d17b82492875d19b346ba745a3ebf4c3c3e9560e1fcd7484d19cb06e3f9061d35bfe9157aa1f116900c7a6e13fdefdece4ae13c3754214385f4e4ba97323d4bb37ef4233eaa66aa0819a742b3512b0535fdec06adbfb275151d2d0a9fddc1d26737a7f73a118911d94f9c4e3828a8d12c5286f489868bfaf2c52ed86be6d401755819049ba8c38bbfcd8de2f5b506e344bdfcb0c940c4d8ec8b4ec0adad47f0a7a31f905f97ade73de462810f61f06e2dfc6b1cb248bb867f3b5c3c44034c42c2329863492f6cb47a6a0327b2453a77e09bcbb9646ff40f2228d800feea351fb0b78543d6fb2454fc4bfab4ce62b84bce8a37af62e921471d741dde016d485d49f6f2f9b45eff00fd74553d39137347fb5dc82a99e05c6e8c46512514a3c0d0a52feb3c133dde3661e2947a36190f82e820c25575d41e88f820af71cb3e44080c5b73acae6f7ab6a6b7a6c563068196143e88ce797e35b7cbdd684eeee2a4478d6890d0e1a5752e796efe1ccaa90bf7e2323c3f3f40f40853a8173b70ce324a19e2e209e5c5ced5df5a5d63d67d1a1ca22dab0ed7d350c264ec939a58f22d75fff2ab3df31a52d605b1a839850c6c8b58ae6a04b0d611041a2e963c68cbe8ec1f6655289f8c071357659ed46d0354ed1a7f245aabe5ed3678d3105347312303cfb38ef99e8ffceb1418716d7574c9dce6440ab5a3bc24ff04190ea0763d3caf2421ed411280c0b91a03a983d66618df5aa471cba8bc3cbc8609e1ba846335b1b1fc26acd818dc54bb9836e3d10fb1738d84d69b2106f9dcafa0303c35d0ddafec559e741f63280ddad8e667fe23312479c05a86c0c380623408b90b41d1a61eaecd631a55d698e8fe8652c28cae2fe18523c872ccb9edc3474475e115d0c740b6cc47b6e030578514ce172b3960ad0095fb1f195d070953c9c415f49513c9cd9a9751eab83d7e58db0c2e47eb83f76273ebf958fca58f68f432bc481647dfd3c3ffa6a51539e8eb53b67cce64109d143ea55adfae2a87f9d9863e0aba4205c9463484c0026f71ad0305b606094e1568c1cb6457396267e97762d91f1abc64708006d4694d51a361e4669a1d0267ac6aab903d9f8acd0740f47640ed8722a8db11f307bbfb1471b626893094ffbedb154c7cb58a1bcd27ff7c949934ce072f622b13c7ac97465af528aa54fe9eee1cac392404015e41aa4581f7b7e8d547817b1b6bb90ee5c0c47dd78946f21fb518a17b76f8fcfbb245242e50ab67654c7ed4107160dbafabef4fa5dcbfacfb2553b0607822bc8bffb84fa6c440e2697d68b95c08a8cd89d8bdaf0b6f8978fa17aade0b2265ca69edf54a36445a1d2a90ca85ca04bbdafe72d408d7f24f86f2223fc206ff3fe5e60a423c946b"}]}, 0x1050}], 0x5}, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d2000000000f0ff000700000008000300", @ANYRES32=r2, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500040000001400040073"], 0x58}}, 0x0)

808.440553ms ago: executing program 0 (id=695):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="8d88eb93b41b0000000000000000000000008000000000000000000000000000000062a26aad7895cfbd783d9aa35325ea3723f3afb66a86dde7088bd5c2a1a07f50e4af8eaa66a09645f9cd27170f572ec2aa50", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="8d88eb93b41b0000000000000000000000008000000000000000000000000000000062a26aad7895cfbd783d9aa35325ea3723f3afb66a86dde7088bd5c2a1a07f50e4af8eaa66a09645f9cd27170f572ec2aa50", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'team0\x00', <r3=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000380)={'gretap0\x00', <r4=>r3, 0x700, 0x1, 0xd, 0x7, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x65, 0x0, 0x7, 0x0, 0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x12}, {[@end]}}}}})
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000a050}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x98, r2, 0x10, 0x70bd27, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x7c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r4}}}]}}]}, 0x98}, 0x1, 0x0, 0x0, 0x5}, 0x8884)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x41}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

801.417334ms ago: executing program 1 (id=696):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
connect$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x2, {0x1, 0xf0, 0x3}}, 0x18)
socketpair(0x11, 0x3, 0xa2b, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getpeername$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, &(0x7f0000000100)=0x10)
setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, &(0x7f0000000140)={0x2, 0x4e23, @multicast2}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2)
sendmsg$NL80211_CMD_UPDATE_FT_IES(r3, &(0x7f0000001380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001340)={&(0x7f0000000200)={0x112c, r4, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x56a, 0x13}}}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x5}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x80}, @NL80211_ATTR_IE={0x10e6, 0x2a, [@mesh_id={0x72, 0x6}, @chsw_timing={0x68, 0x4, {0x4, 0xfff}}, @channel_switch={0x25, 0x3, {0x0, 0x9, 0x7f}}, @supported_rates={0x1, 0x2, [{0x0, 0x1}, {0x18}]}, @measure_req={0x26, 0x3e, {0x5, 0xf7, 0x3, "1784676dc78a3ea222d81747316175ae798657bd399fdc983813012e7d8d2507e04065b3e40d45474c65447b04c937415f2d53e198bafb3667dd93"}}, @peer_mgmt={0x75, 0x4, {0x0, 0xc027, @void, @void, @void}}, @erp={0x2a, 0x1, {0x0, 0x1}}, @preq={0x82, 0x78, {{0x1, 0x1, 0x0, 0x0, 0x1}, 0x80, 0x3, 0x0, @device_a, 0x3, @value=@broadcast, 0x7, 0x200, 0x8, [{{0x1}, @broadcast, 0x4}, {{0x1}, @broadcast, 0x8000}, {{0x1}, @broadcast, 0x4}, {{0x1, 0x0, 0x1}, @broadcast, 0x3}, {{0x1, 0x0, 0x1}, @device_b, 0x5}, {{}, @device_a, 0xec5}, {{}, @broadcast, 0x2}, {{}, @device_a, 0x6}]}}, @supported_rates={0x1, 0x1, [{0x5, 0x1}]}, @measure_req={0x26, 0x1003, {0x7, 0x9, 0x3, "71fbc3bf269b48662768543d99d696897a440bd878719150b956370ea4e5a3d86208452c11c9e60b656c0939bf54f05a64f970951e2440e71b7eff25ed662f32ff3eb615c011d52ce6b9ad01c8e59bceb201f1405aecf88d86072f8c79218fc716fa5d1ae3f836360c7252b38d49fbba3859d95529fdfb543a5435a06f457300ada975cb5a6141274cb4e686d839fd92130c5d57602318bfeecb751d6ea03800cb08673161d3d46125dfe9ac73676b81c2b73d9ed6ce7727d89045d5388d31dd4d8eb3e68b21e85af51c50de420f343d586e7ae762dea9666360505fb47ac89e9c88b2e359a06d1c86eee6a24c600d9d63488e2fd70f4931284f2955839c0ffe5053c109f62cf6e54ecd3cb102b9f243135b34b3fa3e1fafd3eef292e0bbafaed1aca58186f2f7e80df3f614a6dcf9a407df966b34f20a4bbf4a794f810cb934d669c3a7d67e5193c8b339fb5b5443c3fb29dc36c59232d3762e13cc440e7475a7cf3bd20863f18c30effd7e7cd2721f2795491c91bbfe3e09d86456c2e3a948150a0c5a298974f6102a1234a49b40ddcc5fd4eae368ecf223ccb803ac41894e7796b1891e92580e365ed349cde5cbff90244146b7b0819bde76c98dd8350e442bf9f3f9a7c0bc3f9d313f379bd41755df68caa6d983b084840ef09273faec9757f4c0e5ac5fd13fd4054bbfe8f22e7a21503413b36478e98ceed91410bf37460d29381c930f109cebc8d524b59b8904b62082069e8a68a06e5d22761123cd183bc8d7426e0e7052c1ab96120208c6aaaee7eef32799852ede18332cc3bcd96f9de58111a6961e03afabeadbc6ec334f47cd593692faca6eb4a1633e3b2737b5bebfe803d20df8593bcb6baca3db97eeb9b3a8b44499b3abe268fda2631fabd4286cc15be577c764aa131224aab23e0e42869f2a7e69718f75104fff9bd4ce3f1c837594fcb895d2acd1cd81e948103b5069d60c75171fde1565ea4c6a5dade1f9ed3f243eeee78e0d302a57d6d4ef469e054e1cf7a214f693d3d1af7c0ed5c4ff543425071aabfc396a94c8cc708d00a4b44c2109c51fc00a4923ba6021f2f982888196e788c69ec9769b4c7c7c41f9fd4ac70fea0a37e92d319d0eb1e678d7926a060e2887e45ebdbf3b648545612687b6af3a211875d3b2120a4a8ccaa7623360cb489394b50c1cc5ba7f8dd0593db72c145920efc84753d9006d77d6ea83a209d7506288df193cf05366f72e6b4a10f373e242f1bccb472e5d4b685289699b5e352fa63b82c19ed87ca47f5dc3b2b4bfd7f64defc386af2462933064e71477052e76a8d0fc3942ae0bab53de97c968f9ba3b262e8c0b01bf9d128f5ebdb70b8b3cdf6f67a34fce13e3661edc7dd4764309d0e03d2df0677287ec3a801d0550aa5f77a66b982420a508764abdeca224d33f178df40dcfc9f16e410a56bf0496553e6bb361d3551ede92f0a02b20821ec4cf39476923a414930374828ac16df3f1446ecfa649d51a6d6839e3c83c57405d11df92d80c696cad51af5e72ddb81b479b5c99f35749d9fed1f33cbb45c8b268747eac0c7e42fbf6daca3fc4176666f048a769318cb30f28fdb50901daa1a3250f76dbcb294e765f676489c546a612e736e1f1b2447e77de415f542efd375189525cc82c6a61d9d205406159cc619735d07e8d6cf373319900297f63b32fe2d13bc070733fb1dba6ed46d28b94568851fd8c481f88c8d66d6c41ed274c776bb3408078231286b7cbb54785c9b1a540389eef48a7a1d8037997329e798e5f8bf0d5dee117fa0d3570a5a34a19fd082599683cd023c7b9a0977258891a910f6d6d61b382d240e9bb092afd4e4d0c1a6f5de80e272ef731d53eeada4872d15f72420d3b11e49ddca8eb1ce548b88d3bac748219fa3dd545d400751e1feb73816d6769a522b9b46293fcb932152fb4c85134ff5c0772aa48b89642564780be15b12eff32b2a01abae4ad37ae9c82d96d0baa3437fdbf29e60db2c3ecaaeaebce5cc22257f96786f6918129ce2afb9130981cd1e5f17e38872694529211bb96848dab8ef06d55b3474c320778ff6ae75638b9219e494f8c7ba22f0ce5753dd5a44afb343f7e05ebd0f734b9d4937790e7d6a0e2e6bbfbe5b15e347035a5497b6564182eecdf0b2e50fc660cc796868d0564b9667eaede513dbc401bf881e2e26602dfd48f6a5c2fc8783ea902b647d29d9ba94dd11b25220efc9e7048dacb22825e792dc94c551e5ea45d2a255a6577220ad2bab4a6a909be82b06167a3355ab10fec8b100d070c9e3743428074dff00ad7abd21c06f50fd24026ed595d36b1d28c206d46c52b17bedbbb0ac5e108edb206f59dcfd9fc7534274de71a77d9da19cb1c8ac6100a2996935f61225f87a30616f81fbc4b51b060f5627565896fc343990d9b7df170c0337d005f92572821fc74d553f722fa08c37049e7117ad90c8a7b482ffc6a729d02db099496aabce4e88c80dd25f2c28462ae38940d0390aee17128fcab12265cbf836374d28e71aa129b3596bb58d37e5feafc8f8c2b4ab56fd79f7ad6f1ed902ce4a987ed8316396bb7ff6b1daef3250535e57f962903bf3e50db2ac6f42eabd9dab2e6f6128b7163bbfd687570ed2d22d73b8fc89ee8c40312dfb09bcba1b73e2e2753ac80a03e804b77285b33d4c0ad35aa9bcc9b06ee5e77395f54ef47decadc6b243ba769502130752f9575bd5decfcc6965237b26860f41430aeb477d91e1f44332fd20414878d4d368404e550fd97097d810ed209106e7f9d4175ffb4445dae948a943e3815789869a2ef9cb879cac056a613153ed32a740806983cb4ed70a7f7849353461735af802dbc9458abb49ef63e81968a40aaaed8d78c78b915e3d707be0994c147fd420eee2a4aad8253d6f6868d24f537be2a2604100c1aca92f1758ef712a0ed29f83ec4267e69325cf08efc2a59bb8366eb3ee92399c31c3aeeba130ebaeb96de33c1e6c1dadf0a0e4be88b3f8df1d67ce9e948819e3e2988e403264e2cee28bd795d5f7a1ddf747e4920d58e6306405f200793b8629d39ebdfac52146da38a08c40a7a7a1155db694cb3fe07c9ecaf9b5e3e7bea931b024a26ebf0b8afd57232afc8d658bd355bce81acd6642db62473195e438b11848741d989f260ffdce0bc409ca43784d2f56b4a08f2c04611c435e5df2fce065a9335d48538af00c745c8c744e2020e70dc3b57c16f5d6d6c1134bf769038e52aec0a16c156c6249ca139ca6b23283dd9ae78583d912ecdd85b5499c0005eeb7e2a83b2684daeaf216a0d122248ff19cf8b137a02ef68039d1c3659f5a836c480443cf08738b90e414803441131aba7fb7155cffcbda4bc9c5cbedbdfd40c1e99636e821d76fdeaa08c0b12a5421bfffe282618712e70049bc6c8384f4f4d0a4ac31d0637a4ebc8cebd3fcb3db586dd68d21e6b76d655d3abf465328bffa926eb308e4f42c68a782da7ac04d4ae6918b6f33ed9ef8ad97cb2e751e34a94780ffc6383222d2c76a3ad019c9c7592184cbeba31dca524f84f5d54191b958ceb154fae608f86b05c11684239657b54ed2bf3575acb27bceb1761bc59f876f859dc2c90206e87947472f5fa5f6b437a7688e3c1f58897d029d0350a21d70be022dd82365d0de3d2d066e250f3be3baf9c166448eada597b62ed824bdf1519bb84b30740320bfe9642af1bd2ccb687b13c8f6f35e3332f08ce444fecf6db1b9eaa64bddf495c8e055266049a9ecdc9091fb9a0ed396408aa9bf3225fb73117b54e35c9911a9ba7694011f1c5be06fc76cdb63da6b3ac0361fda64b35a97eb5614f4afaa3c1d87e849140698a2727184cd98831f97c76db82537b4ea991964c554da7413fd841ff3eb6c8a57060af43c5b157847aada3f7bc8f7ce30d21a3302df5b585aa99dd2eb9929bda66192496109e41f1b8fa148d8d7a48c003a077e066e7092e3d7e45bbe06cc089946b21cfceb68e37fb12cc44ecc12a966914beaecf8bfa0f249b7f7af8cf05b0f14bbe7c4265f4d3ed8066ffa319e12b1736d2ee0ab6f6aa991d6f12087c2a324a1323f81cc9f5904298f47a5b04afc150914247bf97677b794ba58af52d6be589b662ff44dc8313353887eebdd22ac158335fcd27f49de3249fa2b1b759bc5e2f72d97a16cf1ec0dc0b1d8a0f6dde2d281eb3af323a4efb7a963ae5bc703eee4f79baaf61084bbc5072bd9622412d9c286506fb246a73ec9f7b99ecd86cf40859bc36d867544cd068574a707042528e6da8b0fe90cffc1aa181e447e3845e3a23d85f58b60b5e88a4150fb4848d3e8f3f98a4243f3689727f083ddb1805a7f06c077426497e9efd6c176dcf955c1fa8db77b6b647deb2f2ba1d40f9bb8f6f2b32058950c71c4ab5400140a372482d5aca0de14a6758b4a3347c07165bb58124647cb226db36aa4e0464442cfd1fdde78b42891c51f8f686b0b11f88eecdf9aa21bbd5bcbd477a297101e375b3c562760661c14222225eb971421b59be24b47bb5176f0e693e59e5cdfef91d14a5db073d458b94fecad65ef3e809b3cdbf89b0f9dea565ecc2a983deadc543b400c02ae52b945859c6c62a05ad01c3e88845c83bf52e101ade0b602603844487cc8f54bf8bd3ec279d1dddea04ffb4b08134174d74a426cc460ca2ce4d8446458ad093e3a18ec0a80106014a7d949445c4f7c8b766b1f1fec86782eef5e3bf2e935350820254c974f0c0ddd6ad16ab855e028f088abb7b689e622d9f5e15fc8938727c4dd535b7467da2f44e1e30fa360e229373eea4f1e8a9496d9e490a9490a47585c4dc5d180ee464e8cc4a202598bda97252ad1258d2df30f1987df60b4a196462bedf6aa448b8579fc4f07cdb44b87654c2c4dd04a817f54b3ad741bf72a04fccb2870579c560e8f2033d1002993fd7261b613da85ef45b19f6e76265b77d80d9413b2665fc533e23cf8337bb701fe54ae1482ad835dcd9fb638d9bbe95134a9efb9ac35504b8c12f00c8b53c9e432abec69905eabb455efae8078f0e218faf5c350024d7611a428739083240b784791f0c9e51efc9f3bd56740814b7d573611f2dbe62d65b71b507fe88e1bc2c239cad0cb8dbbb1ec0c02835201d86eed8ec6f37b9894b4b64b904ae84a6f981e7729555ad2eecc3a406460a5ed3b587749d612b1813e427711bc875db2422993895e28c3803a697ade2d0003919b681b86584e90864593684d2ea0fd877b19bb9459668483032c0926d98a10593ee2471134062a30f455c5cba29c841ee9d74f4c4b44964aee1af70aeed5748690d2277266369a57d8ea0547a0ccb16705133b127a19516f8e4ac777caf25b3f9eb81d396ecaba38a4cfb93964b3e7fe659e2498fffb56aa92c935d9d8f2efae5c9e1794b6704522e04b592a351e3f2bb5cceaa3fa83bdb6610990a9e2034ff4ce74177ae5f4aa1f7aab58f1ec30375cbfd401b3b9d155cce7cb467d2db0a83cc6988bb775c39e0a502583c9eab2d34d5ce0822ef39e4dce055925706875132cbeb84517a5637e36dd6edc9a650c49ff218797f3d55c8dd0911ac8ff40abd599b53b6ed8817e5e1027797578ab87e16e59f1483476e0fa584ccf899b1724925d500ea0e35926c9dff76af6287bcb6d2ffc9fc4604862f0694f8eea6c95873d3d57f41ea798891a67dbdc614597a37786d02cbcbe978117bfe4f6ed0461389c122ba6a9713e58000bb409c0417419fa18f3da3f72759b188a73263f0dfd023803f59f931154187bbe46f8c7c50a0cc3efc7f08b99f67c8"}}]}, @NL80211_ATTR_IE={0x9, 0x2a, [@channel_switch={0x25, 0x3, {0x0, 0x99, 0x5}}]}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x6}]}, 0x112c}}, 0x4048084)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f00000013c0)={<r5=>0x0}, &(0x7f0000001400)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000001440)={r5, @in={{0x2, 0x4e22, @private=0xa010101}}}, 0x84)
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000001500)={'filter\x00', 0xc0, "9c20385880c0d99c9dd47801f37f2798f0cf30b19d60f6ef1e56e85ca38a3f9a8ac21ab5a9921a8a87873e9aa8309f43eabc6a0a6e3f3397f66fb7d6cc06c1944d146aa8e559b4512eeeba3150d38175d534d441bb55eb0073bd73b02d7b2db1327cd20a9cb9463390b3afb6388afcc1cd048f1d1aa812111db44ebee55fa6369c94e03a69a7e8364c1ef72e1d090d46d19ae1731c77b1aa978b2401ef1a98dc45eddae18753219d573c8f9d146d3332c175bf1ddac80137f816aaa08a6ea1e2"}, &(0x7f0000001600)=0xe4)
sendmsg$NL80211_CMD_DEL_KEY(r3, &(0x7f0000001780)={&(0x7f0000001640)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001740)={&(0x7f0000001680)={0xa0, r4, 0x8, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "c779b4c7e2"}]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x24, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "cfeaad5d40eeb1e7c40be46bf5"}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x1}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY_SEQ={0xb, 0xa, "99192d27e1de5a"}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_SEQ={0xc, 0xa, "8d7be7915f9ec747"}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "b5a120553918e9e0a72e840b95"}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8094}, 0x4000000)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000017c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7a, r1})
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000001800), &(0x7f0000001840)=0x4)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
pipe(&(0x7f0000001880)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$NL80211_CMD_JOIN_OCB(r7, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001980)={&(0x7f0000001900)={0x4c, r4, 0x20, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x389}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x194}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xce}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x20000800)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r7, &(0x7f0000001c80)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001a40)={0x1f4, r4, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x905, 0x62}}}}, [@NL80211_ATTR_TID_CONFIG={0xd8, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x5c}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xb6}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x60}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xfffffffffffffff9}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x7e}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x44}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x4}]}, @NL80211_ATTR_TID_CONFIG={0x50, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xd7}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0xac, 0x11d, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x98}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x32}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6f}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc2c}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xdd}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xf3}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6c7c}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x12}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xf9}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}]}]}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x20044081}, 0x91)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000001cc0)={@loopback, 0x1, 0x2, 0x3, 0x0, 0xff, 0x84a}, 0x20)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001d00)={0x1b, 0x0, 0x0, 0x7, 0x0, r6, 0x7, '\x00', r1, r7, 0x1, 0x4, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000001f80)={'vxcan1\x00', <r10=>0x0})
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002280)={0x6, 0xa, &(0x7f0000002040)=@raw=[@alu={0x7, 0x1, 0x9, 0xf, 0x4, 0xffffffffffffffe7, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x32b75f67}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], &(0x7f00000020c0)='GPL\x00', 0xcd, 0xd3, &(0x7f0000002100)=""/211, 0x41000, 0x46, '\x00', r1, 0x25, r7, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000002200)=[r7, r6, r7], &(0x7f0000002240)=[{0x2, 0x5, 0x7, 0xb}, {0x1, 0x2, 0x0, 0x8}], 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0xb, 0x11, &(0x7f0000001d80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@ldst={0x3, 0x3, 0x4, 0x8, 0x5, 0x48}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001e40)='syzkaller\x00', 0x6, 0xef, &(0x7f0000001e80)=""/239, 0x40f00, 0x18, '\x00', r10, @fallback=0x37, r7, 0x8, &(0x7f0000001fc0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000002000)={0x5, 0x9, 0x8, 0xfffffff7}, 0x10, 0xffffffffffffffff, r11, 0x6, &(0x7f0000002340)=[r6], &(0x7f0000002380)=[{0x0, 0x5, 0xf, 0x3}, {0x4, 0x5, 0x5}, {0x4, 0x3, 0x6, 0x6}, {0x4, 0x2, 0x9, 0x4}, {0x5, 0x1, 0x3, 0x3}, {0x4, 0x5, 0x7, 0x3}], 0x10, 0x9, @void, @value}, 0x94)
pipe(&(0x7f00000024c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000002540), r3)
sendmsg$GTP_CMD_ECHOREQ(r12, &(0x7f0000002640)={&(0x7f0000002500)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002600)={&(0x7f0000002580)={0x54, r13, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@GTPA_FAMILY={0x5, 0xd, 0x15}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_PEER_ADDR6={0x14, 0xb, @ipv4={'\x00', '\xff\xff', @remote}}, @GTPA_MS_ADDR6={0x14, 0xc, @dev={0xfe, 0x80, '\x00', 0x19}}, @GTPA_LINK={0x8, 0x1, r1}]}, 0x54}, 0x1, 0x0, 0x0, 0x40801}, 0x4008001)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000002780)={@fallback=r3, 0x32, 0x1, 0x8, &(0x7f0000002680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f00000026c0)=[0x0, 0x0, 0x0], &(0x7f0000002700)=[0x0, 0x0, 0x0], &(0x7f0000002740)=[0x0, 0x0], <r14=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000027c0)={@ifindex=r1, r11, 0x26, 0x10, 0x0, @void, @value=r12, @void, @void, r14}, 0x20)

735.435049ms ago: executing program 2 (id=697):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xac}]}, &(0x7f0000000180)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

709.798932ms ago: executing program 1 (id=698):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000006c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000006800000008000300", @ANYRES32=r3, @ANYBLOB="1700c7"], 0x34}}, 0x0)
sendmmsg$unix(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=[@cred={{0x20}}, @cred={{0x1c}}], 0x40}}], 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84) (async)
r4 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r4, 0x84, 0x64, &(0x7f0000000000), 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_int(r7, 0x29, 0x1f, &(0x7f0000000040), 0x4) (async)
setsockopt$inet6_int(r7, 0x29, 0x1f, &(0x7f0000000040), 0x4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
unshare(0x600)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000004000000e27f00000200000000000000", @ANYRES32, @ANYBLOB="000000000000000001025f92030000e96b99ba4a78e77b9189d100", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000004000000e27f00000200000000000000", @ANYRES32, @ANYBLOB="000000000000000001025f92030000e96b99ba4a78e77b9189d100", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000006c0)={r10, &(0x7f0000000500), &(0x7f0000000600)=""/155}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r10, &(0x7f0000000040), &(0x7f0000000480)=""/146}, 0x1d)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0x0, 0x7}, {0xfff2, 0xb}}}, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0x0, 0x7}, {0xfff2, 0xb}}}, 0x24}}, 0x0)

678.479203ms ago: executing program 2 (id=699):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040))
write$cgroup_int(r3, &(0x7f0000000000)=0x2, 0x12)
vmsplice(r2, &(0x7f0000000680)=[{&(0x7f00000002c0)="2fb50f4f69064cf211dd632970ccb0f0412b", 0x12}], 0x1, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000000c0)={0x40, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x28}, @val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x40}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x60, 0x0, 0x1, 0x201, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x4}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0x4}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x0)

627.332737ms ago: executing program 0 (id=700):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x2, 0x2}}]}}]}, 0x48}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000c40)={'sit0\x00', r3, 0x7, 0x10, 0xffffff81, 0x7, {{0x16, 0x4, 0x3, 0x38, 0x58, 0x68, 0x0, 0x1, 0x4, 0x0, @broadcast, @private=0xa010101, {[@timestamp_addr={0x44, 0x44, 0xe8, 0x1, 0x5, [{@loopback, 0x1}, {@multicast1, 0xfffffff9}, {@multicast2, 0x3}, {@private=0xa010101, 0x3}, {@empty, 0x4}, {@private=0xa010100, 0x3fd}, {@local, 0x1}, {@multicast2, 0x2}]}]}}}}})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0xc2, 0x1, 0x0, 0x0, {[@mss={0x2, 0x4, 0xa005}, @nop]}}}}}}}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r5, &(0x7f0000000ec0)=[{{&(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)='k', 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r5, 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x800, 0x30}, 0xc)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe000000007110bf00000000001d300200000000004704000001ed030407030000020000001d440000000000006b0a20fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='hrtimer_start\x00', r6, 0x0, 0x8000000000000000}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r6, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x2, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0], 0x0, 0x8e, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000200), &(0x7f0000000280), 0x8, 0x77, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005bf067dcbb36f9e61b7871a974544e2a29b219a0989c2ef288e1263043e1dd697f9a4e3b304391ec686b5509f91a8197fb0d78f8"], 0x138}}, 0x0)

535.272545ms ago: executing program 1 (id=701):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000001c0)={r1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x1e, 0x80005, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_IDLE(r5, 0x103, 0x7, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8}]}}]}, 0x3c}}, 0x0)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="02829c3c32c6387a0d002cbd7000ffdbdf25", @ANYRES32=r10, @ANYBLOB="0a000900aaaaaaaaaabb0000050037000100000005003300020000000800310026e70000050030000000000008002c000c00000005003000000000000500300005000000"], 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x4084)
socket(0x2, 0x80805, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

488.669135ms ago: executing program 2 (id=702):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000000140)={r1}, 0x8)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="e3ac8d1531e387962b0ca2aa7a74e3211faeaa889f81de3e427a41a692b129210df1205309cf3815cb29afa89850693148864e786c8bc88c98a61697ca7d46b15cfcadbced816dcd1133d058c3a5a07abc8f445b2bcf9529"], 0xc8}}, 0x20020880)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2c0000005200010026bd7000fcdbdf250a"], 0x2c}, 0x1, 0x0, 0x0, 0xd441}, 0x0)

217.910037ms ago: executing program 2 (id=703):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1200000022000000040000000600000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000cac4627f619c6fb885e3f0689083ab8b22b797a5f20101c406edf2a81468700339e8b3298c02eb6ca44d0ae2e22070ab3e460ed50aadb99501317673436320948ac6c60b89cc47fe884924d020c6b0cbabf281973f9a7228b988b5ede22e40e54b404506b47f87e614b401b07159344315572156", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000100)=@udp=r1}, 0x20) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={r0, &(0x7f00000001c0)="4addc387a7c74b6eb343d78806a9bfcf0b31766b6dc27b90a63d8bd24db093e86208", &(0x7f0000000000)=@udp=r2}, 0x20)
bpf$MAP_UPDATE_ELEM(0x4, &(0x7f00000011c0)={r0, &(0x7f0000000040)="4addc387a7c74b6eb343d78806a9bfcf0b31766b6dc27b90a63d8bd24db093e86208", &(0x7f00000005c0)=@udp}, 0x20)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c) (async)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="02000000040000000800000001000000800000003535b3d215ee0169395f"], 0x48)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703360000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x2, @dev, 0x800}, 0x1c) (async)
r5 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r5, 0x80089419, &(0x7f0000000080)) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'}) (async)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004002800018007000100637400001c00028008000240000000150500030000000000080001400000000d0900010073797a300000000009000b00"], 0x80}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003600)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000500)="d01d4881040cc19a2d2902fdf1d9752173744eebf9f976c207090ab9fc54e1fb15e5ffa4c7270a3d53d0f32cc6327d256ad8a00d8e75f29964d103fdc71b9908bc4ab7d37ecfbbbf3bc0b0c479e116d2218b3925993d746023936cea5863e7848744fd9d5c6edbb2c1d983acf3c2306c2836e49c43ff2c73fd63e5053796d286fbc5668bd46a24b6bade7fd81722cdd380d60d2d766d423d39a4", 0x9a}], 0x1}}], 0x1, 0x0) (async)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) (async)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000002c0)={<r9=>0x0, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0xe, 0x9, 0x9, 0x1, 0x9}, &(0x7f0000000140)=0x98)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000380)={r9, 0x6}, &(0x7f00000003c0)=0x8) (async)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000001500)=@raw={'raw\x00', 0x8, 0x3, 0xa40, 0x8c0, 0x11, 0x148, 0x9a8, 0x0, 0x9a8, 0x2a8, 0x2a8, 0x9a8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x878, 0x8c0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@u32={{0x7e0}, {[], 0x29}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@uncond, 0x0, 0xb8, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@socket0={{0x20}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xaa0) (async)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d8000000", @ANYRESOCT=r5, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c5e910000002a68e1"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x9506, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

0s ago: executing program 0 (id=704):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@delchain={0xc0, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6, 0x5, {0x9d}}, @filter_kind_options=@f_fw={{0x7}, {0x84, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x9, 0xe}}, @TCA_FW_INDEV={0x14, 0x3, 'batadv_slave_1\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_bond\x00'}, @TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_team\x00'}, @TCA_FW_ACT={0x34, 0x4, [@m_simple={0x30, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xc0}}, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000040)=@ipmr_getroute={0x1c, 0x1a, 0x400, 0x70bd27, 0x25dfdbfe, {0x80, 0x0, 0x0, 0xe, 0x0, 0x3, 0xfe, 0xb, 0x200}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (rerun: 64)

kernel console output (not intermixed with test programs):

 76.511207][ T6025] bond0: entered promiscuous mode
[   76.516584][ T6025] bond_slave_0: entered promiscuous mode
[   76.523472][ T6025] bond_slave_1: entered promiscuous mode
[   76.532186][ T6034] netlink: 116 bytes leftover after parsing attributes in process `syz.3.218'.
[   76.544923][ T5999] bond0: left promiscuous mode
[   76.552671][ T6029] netlink: 40 bytes leftover after parsing attributes in process `syz.0.217'.
[   76.555227][ T5999] bond_slave_0: left promiscuous mode
[   76.577349][ T5999] bond_slave_1: left promiscuous mode
[   76.680127][ T6041] FAULT_INJECTION: forcing a failure.
[   76.680127][ T6041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.721951][ T6046] netlink: 108 bytes leftover after parsing attributes in process `syz.2.221'.
[   76.737518][  T941] cfg80211: failed to load regulatory.db
[   76.761622][ T6041] CPU: 0 UID: 0 PID: 6041 Comm: syz.3.220 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   76.771907][ T6041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.781975][ T6041] Call Trace:
[   76.783872][ T6050] ieee802154 phy0 wpan0: encryption failed: -22
[   76.785256][ T6041]  <TASK>
[   76.794445][ T6041]  dump_stack_lvl+0x241/0x360
[   76.798063][ T6050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.224'.
[   76.799139][ T6041]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.813102][ T6041]  ? __pfx__printk+0x10/0x10
[   76.817727][ T6041]  ? __pfx_lock_release+0x10/0x10
[   76.822786][ T6041]  should_fail_ex+0x3b0/0x4e0
[   76.827490][ T6041]  _copy_from_user+0x2f/0xe0
[   76.829359][ T6046] netlink: 108 bytes leftover after parsing attributes in process `syz.2.221'.
[   76.832083][ T6041]  copy_msghdr_from_user+0xae/0x680
[   76.832112][ T6041]  ? __pfx___might_resched+0x10/0x10
[   76.849676][ T6055] netlink: 12 bytes leftover after parsing attributes in process `syz.4.224'.
[   76.851472][ T6041]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   76.851507][ T6041]  ? rcu_is_watching+0x15/0xb0
[   76.851529][ T6041]  ? __might_fault+0xaa/0x120
[   76.875639][ T6041]  __sys_sendmmsg+0x36d/0x730
[   76.880347][ T6041]  ? __pfx___sys_sendmmsg+0x10/0x10
[   76.885575][ T6041]  ? __pfx_lock_release+0x10/0x10
[   76.890623][ T6041]  ? kstrtouint_from_user+0x128/0x190
[   76.896046][ T6041]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   76.901972][ T6041]  ? ksys_write+0x229/0x2b0
[   76.906510][ T6041]  ? __pfx_lock_release+0x10/0x10
[   76.911569][ T6041]  ? vfs_write+0x7bf/0xc90
[   76.916022][ T6041]  ? kmem_cache_free+0x1a2/0x420
[   76.920988][ T6041]  ? __mutex_unlock_slowpath+0x21d/0x750
[   76.926648][ T6041]  ? __fget_files+0x3f3/0x470
[   76.931351][ T6041]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   76.937348][ T6041]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.943706][ T6041]  ? do_syscall_64+0x100/0x230
[   76.948492][ T6041]  __x64_sys_sendmmsg+0xa0/0xb0
[   76.953371][ T6041]  do_syscall_64+0xf3/0x230
[   76.957898][ T6041]  ? clear_bhb_loop+0x35/0x90
[   76.962596][ T6041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.968517][ T6041] RIP: 0033:0x7f43cf37dff9
[   76.973088][ T6041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.992716][ T6041] RSP: 002b:00007f43d0244038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   77.001158][ T6041] RAX: ffffffffffffffda RBX: 00007f43cf535f80 RCX: 00007f43cf37dff9
[   77.009153][ T6041] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   77.017156][ T6041] RBP: 00007f43d0244090 R08: 0000000000000000 R09: 0000000000000000
[   77.025161][ T6041] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   77.033163][ T6041] R13: 0000000000000000 R14: 00007f43cf535f80 R15: 00007ffc85a5f2f8
[   77.041182][ T6041]  </TASK>
[   77.857149][ T6110] FAULT_INJECTION: forcing a failure.
[   77.857149][ T6110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.870533][ T6110] CPU: 0 UID: 0 PID: 6110 Comm: syz.1.238 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   77.880801][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   77.890891][ T6110] Call Trace:
[   77.894195][ T6110]  <TASK>
[   77.897146][ T6110]  dump_stack_lvl+0x241/0x360
[   77.901913][ T6110]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.907140][ T6110]  ? __pfx__printk+0x10/0x10
[   77.911739][ T6110]  ? __pfx_lock_release+0x10/0x10
[   77.916778][ T6110]  should_fail_ex+0x3b0/0x4e0
[   77.921477][ T6110]  _copy_from_user+0x2f/0xe0
[   77.926085][ T6110]  copy_msghdr_from_user+0xae/0x680
[   77.931311][ T6110]  ? __pfx___might_resched+0x10/0x10
[   77.936626][ T6110]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   77.942464][ T6110]  ? rcu_is_watching+0x15/0xb0
[   77.947248][ T6110]  ? __might_fault+0xaa/0x120
[   77.951956][ T6110]  __sys_sendmmsg+0x36d/0x730
[   77.956669][ T6110]  ? __pfx___sys_sendmmsg+0x10/0x10
[   77.961908][ T6110]  ? __pfx_lock_release+0x10/0x10
[   77.966956][ T6110]  ? kstrtouint_from_user+0x128/0x190
[   77.972375][ T6110]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   77.978291][ T6110]  ? ksys_write+0x229/0x2b0
[   77.982806][ T6110]  ? __pfx_lock_release+0x10/0x10
[   77.987834][ T6110]  ? vfs_write+0x7bf/0xc90
[   77.992254][ T6110]  ? kmem_cache_free+0x1a2/0x420
[   77.997280][ T6110]  ? __mutex_unlock_slowpath+0x21d/0x750
[   78.002915][ T6110]  ? __fget_files+0x3f3/0x470
[   78.007597][ T6110]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   78.013583][ T6110]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   78.019916][ T6110]  ? do_syscall_64+0x100/0x230
[   78.024675][ T6110]  __x64_sys_sendmmsg+0xa0/0xb0
[   78.029532][ T6110]  do_syscall_64+0xf3/0x230
[   78.034039][ T6110]  ? clear_bhb_loop+0x35/0x90
[   78.038709][ T6110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.044692][ T6110] RIP: 0033:0x7f066437dff9
[   78.049110][ T6110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.068709][ T6110] RSP: 002b:00007f06651bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   78.077209][ T6110] RAX: ffffffffffffffda RBX: 00007f0664535f80 RCX: 00007f066437dff9
[   78.085177][ T6110] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   78.093141][ T6110] RBP: 00007f06651bb090 R08: 0000000000000000 R09: 0000000000000000
[   78.101105][ T6110] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   78.109155][ T6110] R13: 0000000000000000 R14: 00007f0664535f80 R15: 00007ffe5f0ad5c8
[   78.117132][ T6110]  </TASK>
[   78.222357][ T6120] dvmrp0: entered allmulticast mode
[   78.234024][ T6120] dvmrp0: left allmulticast mode
[   78.393708][ T6130] tipc: Enabled bearer <udp:syz2>, priority 10
[   79.283759][ T6169] openvswitch: netlink: Missing key (keys=20040, expected=2000)
[   79.527488][ T6181] FAULT_INJECTION: forcing a failure.
[   79.527488][ T6181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.600649][  T941] IPVS: starting estimator thread 0...
[   79.614469][ T6185] x_tables: duplicate underflow at hook 2
[   79.625542][ T6181] CPU: 1 UID: 0 PID: 6181 Comm: syz.2.254 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   79.635855][ T6181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.646024][ T6181] Call Trace:
[   79.649311][ T6181]  <TASK>
[   79.652238][ T6181]  dump_stack_lvl+0x241/0x360
[   79.656934][ T6181]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.662141][ T6181]  ? __pfx__printk+0x10/0x10
[   79.666733][ T6181]  ? __pfx_lock_release+0x10/0x10
[   79.671769][ T6181]  should_fail_ex+0x3b0/0x4e0
[   79.676449][ T6181]  _copy_from_user+0x2f/0xe0
[   79.681036][ T6181]  copy_msghdr_from_user+0xae/0x680
[   79.686231][ T6181]  ? __pfx___might_resched+0x10/0x10
[   79.691515][ T6181]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   79.697318][ T6181]  ? rcu_is_watching+0x15/0xb0
[   79.702101][ T6181]  ? __might_fault+0xaa/0x120
[   79.706793][ T6181]  __sys_sendmmsg+0x36d/0x730
[   79.711492][ T6181]  ? __pfx___sys_sendmmsg+0x10/0x10
[   79.716706][ T6181]  ? __pfx_lock_release+0x10/0x10
[   79.721735][ T6181]  ? kstrtouint_from_user+0x128/0x190
[   79.727123][ T6181]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   79.733023][ T6181]  ? ksys_write+0x229/0x2b0
[   79.737544][ T6181]  ? __pfx_lock_release+0x10/0x10
[   79.742596][ T6181]  ? vfs_write+0x7bf/0xc90
[   79.747023][ T6181]  ? kmem_cache_free+0x1a2/0x420
[   79.751981][ T6181]  ? __mutex_unlock_slowpath+0x21d/0x750
[   79.757619][ T6181]  ? __fget_files+0x3f3/0x470
[   79.762312][ T6181]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   79.768300][ T6181]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   79.774630][ T6181]  ? do_syscall_64+0x100/0x230
[   79.779390][ T6181]  __x64_sys_sendmmsg+0xa0/0xb0
[   79.784242][ T6181]  do_syscall_64+0xf3/0x230
[   79.788741][ T6181]  ? clear_bhb_loop+0x35/0x90
[   79.793419][ T6181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.799312][ T6181] RIP: 0033:0x7f151557dff9
[   79.803719][ T6181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.823322][ T6181] RSP: 002b:00007f1516322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   79.831733][ T6181] RAX: ffffffffffffffda RBX: 00007f1515735f80 RCX: 00007f151557dff9
[   79.839696][ T6181] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   79.847660][ T6181] RBP: 00007f1516322090 R08: 0000000000000000 R09: 0000000000000000
[   79.855623][ T6181] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   79.863591][ T6181] R13: 0000000000000000 R14: 00007f1515735f80 R15: 00007fff2675e5d8
[   79.871569][ T6181]  </TASK>
[   79.945619][ T6182] IPVS: using max 19 ests per chain, 45600 per kthread
[   80.404675][ T6214] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[   80.448879][ T6220] macvlan2: entered promiscuous mode
[   80.454330][ T6220] vlan0: entered promiscuous mode
[   80.960323][ T6246] __nla_validate_parse: 9 callbacks suppressed
[   80.960341][ T6246] netlink: 16 bytes leftover after parsing attributes in process `syz.3.279'.
[   80.999602][ T6246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[   81.399686][ T6269] bond0: entered promiscuous mode
[   81.404779][ T6269] bond_slave_0: entered promiscuous mode
[   81.423825][ T6269] bond_slave_1: entered promiscuous mode
[   81.483261][ T6268] bond0: left promiscuous mode
[   81.501206][ T6268] bond_slave_0: left promiscuous mode
[   81.515936][ T6268] bond_slave_1: left promiscuous mode
[   81.739720][ T6293] netlink: 24 bytes leftover after parsing attributes in process `syz.4.282'.
[   82.036156][ T6320] bond0: entered promiscuous mode
[   82.062041][ T6320] bond_slave_0: entered promiscuous mode
[   82.086478][ T6320] bond_slave_1: entered promiscuous mode
[   82.161015][ T6318] bond0: left promiscuous mode
[   82.187814][ T6318] bond_slave_0: left promiscuous mode
[   82.200838][ T6318] bond_slave_1: left promiscuous mode
[   82.221887][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   82.291301][ T6328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.303'.
[   82.323254][ T6331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.363987][ T6331] batadv_slave_1: entered promiscuous mode
[   82.531622][ T6342] netlink: 'syz.3.307': attribute type 10 has an invalid length.
[   82.570009][ T6342] netlink: 40 bytes leftover after parsing attributes in process `syz.3.307'.
[   82.586522][ T6342] veth0_vlan: entered allmulticast mode
[   82.592724][ T6342] bridge0: port 3(veth0_vlan) entered blocking state
[   82.629684][ T6342] bridge0: port 3(veth0_vlan) entered disabled state
[   82.647653][ T6342] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[   83.097106][ T6373] netlink: 152 bytes leftover after parsing attributes in process `syz.2.315'.
[   83.313425][ T6370] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.321421][ T6370] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.361265][ T6381] dvmrp0: entered allmulticast mode
[   83.385807][ T6378] dvmrp0: left allmulticast mode
[   83.394784][ T6383] netlink: 1696 bytes leftover after parsing attributes in process `syz.0.319'.
[   83.809211][ T6398] netlink: 28 bytes leftover after parsing attributes in process `syz.4.324'.
[   83.933387][ T6397] delete_channel: no stack
[   84.021894][ T6403] netlink: 44 bytes leftover after parsing attributes in process `syz.4.326'.
[   84.194553][ T6414] netlink: 104 bytes leftover after parsing attributes in process `syz.4.329'.
[   84.569905][ T6430] IPv4: Oversized IP packet from 172.20.20.24
[   84.577842][    C1] IPv4: Oversized IP packet from 172.20.20.24
[   84.584884][    C1] IPv4: Oversized IP packet from 172.20.20.24
[   84.686935][ T6448] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   85.871308][ T6515] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[   85.884097][ T6515] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[   86.025422][ T6520] __nla_validate_parse: 4 callbacks suppressed
[   86.025441][ T6520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.359'.
[   86.041005][ T6520] netlink: 12 bytes leftover after parsing attributes in process `syz.2.359'.
[   86.050498][ T6520] netlink: 16 bytes leftover after parsing attributes in process `syz.2.359'.
[   86.131154][ T6526] netlink: 32 bytes leftover after parsing attributes in process `syz.4.360'.
[   86.151527][ T6530] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[   86.173928][ T6526] IPVS: stopping master sync thread 6530 ...
[   86.203722][ T6526] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   86.244020][ T6526] xt_CHECKSUM: unsupported CHECKSUM operation 68
[   86.371364][ T6543] netlink: 4 bytes leftover after parsing attributes in process `syz.0.366'.
[   86.425683][ T6543] bridge_slave_1: left allmulticast mode
[   86.431409][ T6543] bridge_slave_1: left promiscuous mode
[   86.483653][ T6543] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.576149][ T6543] bridge_slave_0: left allmulticast mode
[   86.581847][ T6543] bridge_slave_0: left promiscuous mode
[   86.594971][ T6543] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.759976][ T6567] netlink: 16 bytes leftover after parsing attributes in process `syz.1.372'.
[   86.928723][ T6584] netlink: 'syz.4.376': attribute type 7 has an invalid length.
[   86.949666][ T6575] Bluetooth: MGMT ver 1.23
[   86.957584][ T6584] netlink: 'syz.4.376': attribute type 39 has an invalid length.
[   87.024795][ T6581] netlink: 'syz.2.375': attribute type 1 has an invalid length.
[   87.044922][ T6589] xt_TCPMSS: Only works on TCP SYN packets
[   87.053572][ T6588] netlink: 'syz.1.377': attribute type 10 has an invalid length.
[   87.080902][ T6588] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.377'.
[   87.109242][ T6588] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[   87.152425][ T6588] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   87.183212][ T6591] netlink: 'syz.1.377': attribute type 4 has an invalid length.
[   87.253255][ T6593] netlink: 'syz.4.378': attribute type 10 has an invalid length.
[   87.322107][ T6593] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.342824][ T6593] team0: Port device batadv0 added
[   87.359353][ T6601] netlink: 4 bytes leftover after parsing attributes in process `syz.0.381'.
[   87.377749][ T6602] netlink: 8 bytes leftover after parsing attributes in process `syz.2.382'.
[   87.618578][ T6619] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.647777][ T6619] netlink: 36 bytes leftover after parsing attributes in process `syz.4.388'.
[   87.680152][ T6621] netlink: 'syz.3.389': attribute type 1 has an invalid length.
[   87.961659][ T6632] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.995678][ T6632] batman_adv: batadv0: Removing interface: batadv_slave_0
[   88.020648][ T6632] batman_adv: batadv0: Removing interface: batadv_slave_1
[   88.155460][ T6632] team0: Port device batadv0 removed
[   88.226570][ T6644] netlink: 'syz.1.397': attribute type 4 has an invalid length.
[   88.316615][ T6648] netlink: 'syz.1.397': attribute type 4 has an invalid length.
[   88.482947][ T6662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   88.554141][ T6667] netlink: 'syz.0.402': attribute type 1 has an invalid length.
[   88.875304][ T6680] xt_addrtype: ipv6 BLACKHOLE matching not supported
[   88.982709][ T6686] netlink: 'syz.0.408': attribute type 2 has an invalid length.
[   89.083609][ T6695] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (5)
[   89.207002][ T6704] FAULT_INJECTION: forcing a failure.
[   89.207002][ T6704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.232236][ T6704] CPU: 0 UID: 0 PID: 6704 Comm: syz.3.413 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   89.242531][ T6704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.252607][ T6704] Call Trace:
[   89.255899][ T6704]  <TASK>
[   89.258844][ T6704]  dump_stack_lvl+0x241/0x360
[   89.263554][ T6704]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.268781][ T6704]  ? __pfx__printk+0x10/0x10
[   89.273400][ T6704]  ? __pfx_lock_release+0x10/0x10
[   89.278468][ T6704]  should_fail_ex+0x3b0/0x4e0
[   89.283180][ T6704]  _copy_from_user+0x2f/0xe0
[   89.287797][ T6704]  copy_msghdr_from_user+0xae/0x680
[   89.293022][ T6704]  ? __pfx___might_resched+0x10/0x10
[   89.298361][ T6704]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   89.304197][ T6704]  ? rcu_is_watching+0x15/0xb0
[   89.308980][ T6704]  ? __might_fault+0xaa/0x120
[   89.313682][ T6704]  __sys_sendmmsg+0x36d/0x730
[   89.318387][ T6704]  ? __pfx___sys_sendmmsg+0x10/0x10
[   89.323628][ T6704]  ? __pfx_lock_release+0x10/0x10
[   89.328647][ T6704]  ? kstrtouint_from_user+0x128/0x190
[   89.334040][ T6704]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   89.339953][ T6704]  ? ksys_write+0x229/0x2b0
[   89.344474][ T6704]  ? __pfx_lock_release+0x10/0x10
[   89.349508][ T6704]  ? vfs_write+0x7bf/0xc90
[   89.353948][ T6704]  ? kmem_cache_free+0x1a2/0x420
[   89.358889][ T6704]  ? __mutex_unlock_slowpath+0x21d/0x750
[   89.364529][ T6704]  ? __fget_files+0x3f3/0x470
[   89.369220][ T6704]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   89.375208][ T6704]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.381625][ T6704]  ? do_syscall_64+0x100/0x230
[   89.386399][ T6704]  __x64_sys_sendmmsg+0xa0/0xb0
[   89.391269][ T6704]  do_syscall_64+0xf3/0x230
[   89.395773][ T6704]  ? clear_bhb_loop+0x35/0x90
[   89.400446][ T6704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.406337][ T6704] RIP: 0033:0x7f43cf37dff9
[   89.410750][ T6704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.430363][ T6704] RSP: 002b:00007f43d0244038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   89.438887][ T6704] RAX: ffffffffffffffda RBX: 00007f43cf535f80 RCX: 00007f43cf37dff9
[   89.446859][ T6704] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   89.454840][ T6704] RBP: 00007f43d0244090 R08: 0000000000000000 R09: 0000000000000000
[   89.462815][ T6704] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   89.470787][ T6704] R13: 0000000000000000 R14: 00007f43cf535f80 R15: 00007ffc85a5f2f8
[   89.478850][ T6704]  </TASK>
[   89.524520][ T6713] FAULT_INJECTION: forcing a failure.
[   89.524520][ T6713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.561594][ T6713] CPU: 1 UID: 0 PID: 6713 Comm: syz.4.416 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   89.571887][ T6713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.581965][ T6713] Call Trace:
[   89.585265][ T6713]  <TASK>
[   89.588221][ T6713]  dump_stack_lvl+0x241/0x360
[   89.593025][ T6713]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.598254][ T6713]  ? __pfx__printk+0x10/0x10
[   89.602877][ T6713]  ? __pfx_lock_release+0x10/0x10
[   89.607935][ T6713]  should_fail_ex+0x3b0/0x4e0
[   89.612645][ T6713]  _copy_from_user+0x2f/0xe0
[   89.617259][ T6713]  copy_msghdr_from_user+0xae/0x680
[   89.622478][ T6713]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   89.628302][ T6713]  __sys_sendmsg+0x22d/0x380
[   89.632889][ T6713]  ? __pfx___sys_sendmsg+0x10/0x10
[   89.638003][ T6713]  ? __pfx_vfs_write+0x10/0x10
[   89.642795][ T6713]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.649128][ T6713]  ? do_syscall_64+0x100/0x230
[   89.653890][ T6713]  ? do_syscall_64+0xb6/0x230
[   89.658578][ T6713]  do_syscall_64+0xf3/0x230
[   89.663096][ T6713]  ? clear_bhb_loop+0x35/0x90
[   89.667771][ T6713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.673663][ T6713] RIP: 0033:0x7f646037dff9
[   89.678123][ T6713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.697727][ T6713] RSP: 002b:00007f64611fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.706142][ T6713] RAX: ffffffffffffffda RBX: 00007f6460535f80 RCX: 00007f646037dff9
[   89.714109][ T6713] RDX: 0000000000048080 RSI: 0000000020000840 RDI: 0000000000000004
[   89.722072][ T6713] RBP: 00007f64611fe090 R08: 0000000000000000 R09: 0000000000000000
[   89.730209][ T6713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.738174][ T6713] R13: 0000000000000000 R14: 00007f6460535f80 R15: 00007ffcd5e22718
[   89.746153][ T6713]  </TASK>
[   89.840628][ T6721] IPv6: sit1: Disabled Multicast RS
[   89.891141][ T6719] netlink: 'syz.1.418': attribute type 1 has an invalid length.
[   90.253535][ T6753] FAULT_INJECTION: forcing a failure.
[   90.253535][ T6753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.278227][ T6753] CPU: 1 UID: 0 PID: 6753 Comm: syz.1.428 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   90.288521][ T6753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   90.298610][ T6753] Call Trace:
[   90.301914][ T6753]  <TASK>
[   90.304865][ T6753]  dump_stack_lvl+0x241/0x360
[   90.309587][ T6753]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.314822][ T6753]  ? __pfx__printk+0x10/0x10
[   90.319450][ T6753]  ? __pfx_lock_release+0x10/0x10
[   90.324514][ T6753]  should_fail_ex+0x3b0/0x4e0
[   90.329230][ T6753]  _copy_from_user+0x2f/0xe0
[   90.333850][ T6753]  copy_msghdr_from_user+0xae/0x680
[   90.339077][ T6753]  ? __pfx___might_resched+0x10/0x10
[   90.344397][ T6753]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   90.350235][ T6753]  ? rcu_is_watching+0x15/0xb0
[   90.355024][ T6753]  ? __might_fault+0xaa/0x120
[   90.359721][ T6753]  __sys_sendmmsg+0x36d/0x730
[   90.364422][ T6753]  ? __pfx___sys_sendmmsg+0x10/0x10
[   90.369640][ T6753]  ? __pfx_lock_release+0x10/0x10
[   90.374687][ T6753]  ? kstrtouint_from_user+0x128/0x190
[   90.380085][ T6753]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   90.385977][ T6753]  ? ksys_write+0x229/0x2b0
[   90.390485][ T6753]  ? __pfx_lock_release+0x10/0x10
[   90.395517][ T6753]  ? vfs_write+0x7bf/0xc90
[   90.399938][ T6753]  ? kmem_cache_free+0x1a2/0x420
[   90.404884][ T6753]  ? __mutex_unlock_slowpath+0x21d/0x750
[   90.410523][ T6753]  ? __fget_files+0x3f3/0x470
[   90.415293][ T6753]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   90.421274][ T6753]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.427600][ T6753]  ? do_syscall_64+0x100/0x230
[   90.432361][ T6753]  __x64_sys_sendmmsg+0xa0/0xb0
[   90.437213][ T6753]  do_syscall_64+0xf3/0x230
[   90.441709][ T6753]  ? clear_bhb_loop+0x35/0x90
[   90.446384][ T6753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.452274][ T6753] RIP: 0033:0x7f066437dff9
[   90.456689][ T6753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.476292][ T6753] RSP: 002b:00007f06651bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   90.484703][ T6753] RAX: ffffffffffffffda RBX: 00007f0664535f80 RCX: 00007f066437dff9
[   90.492679][ T6753] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   90.500644][ T6753] RBP: 00007f06651bb090 R08: 0000000000000000 R09: 0000000000000000
[   90.508608][ T6753] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   90.516573][ T6753] R13: 0000000000000000 R14: 00007f0664535f80 R15: 00007ffe5f0ad5c8
[   90.524551][ T6753]  </TASK>
[   90.588527][ T6762] tipc: Can't bind to reserved service type 3
[   90.724665][ T6772] FAULT_INJECTION: forcing a failure.
[   90.724665][ T6772] name failslab, interval 1, probability 0, space 0, times 1
[   90.772101][ T6772] CPU: 1 UID: 0 PID: 6772 Comm: syz.2.431 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   90.782399][ T6772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   90.792488][ T6772] Call Trace:
[   90.795791][ T6772]  <TASK>
[   90.798742][ T6772]  dump_stack_lvl+0x241/0x360
[   90.803455][ T6772]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.808686][ T6772]  ? __pfx__printk+0x10/0x10
[   90.813299][ T6772]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   90.819303][ T6772]  ? __pfx___might_resched+0x10/0x10
[   90.824625][ T6772]  should_fail_ex+0x3b0/0x4e0
[   90.829337][ T6772]  should_failslab+0xac/0x100
[   90.834043][ T6772]  ? __alloc_skb+0x1c3/0x440
[   90.838659][ T6772]  kmem_cache_alloc_node_noprof+0x71/0x320
[   90.844510][ T6772]  __alloc_skb+0x1c3/0x440
[   90.848970][ T6772]  ? __pfx___alloc_skb+0x10/0x10
[   90.853941][ T6772]  ? netlink_autobind+0xd6/0x2f0
[   90.858897][ T6772]  ? netlink_autobind+0x2b0/0x2f0
[   90.863945][ T6772]  netlink_sendmsg+0x638/0xcb0
[   90.868757][ T6772]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.874075][ T6772]  ? aa_sock_msg_perm+0x91/0x160
[   90.879043][ T6772]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.884364][ T6772]  __sock_sendmsg+0x221/0x270
[   90.889071][ T6772]  ____sys_sendmsg+0x52a/0x7e0
[   90.893868][ T6772]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.899215][ T6772]  __sys_sendmsg+0x292/0x380
[   90.903825][ T6772]  ? __pfx___sys_sendmsg+0x10/0x10
[   90.908971][ T6772]  ? __pfx_vfs_write+0x10/0x10
[   90.913793][ T6772]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.920154][ T6772]  ? do_syscall_64+0x100/0x230
[   90.924944][ T6772]  ? do_syscall_64+0xb6/0x230
[   90.929646][ T6772]  do_syscall_64+0xf3/0x230
[   90.934174][ T6772]  ? clear_bhb_loop+0x35/0x90
[   90.938883][ T6772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.944803][ T6772] RIP: 0033:0x7f151557dff9
[   90.949246][ T6772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.968876][ T6772] RSP: 002b:00007f1516322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.977498][ T6772] RAX: ffffffffffffffda RBX: 00007f1515735f80 RCX: 00007f151557dff9
[   90.985497][ T6772] RDX: 0000000000048080 RSI: 0000000020000840 RDI: 0000000000000004
[   90.993493][ T6772] RBP: 00007f1516322090 R08: 0000000000000000 R09: 0000000000000000
[   91.001487][ T6772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.009475][ T6772] R13: 0000000000000000 R14: 00007f1515735f80 R15: 00007fff2675e5d8
[   91.017484][ T6772]  </TASK>
[   91.441802][ T6794] __nla_validate_parse: 8 callbacks suppressed
[   91.441824][ T6794] netlink: 56 bytes leftover after parsing attributes in process `syz.4.438'.
[   91.540821][ T6786] netlink: 16 bytes leftover after parsing attributes in process `syz.3.437'.
[   91.861138][ T6813] FAULT_INJECTION: forcing a failure.
[   91.861138][ T6813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.881383][ T6813] CPU: 0 UID: 0 PID: 6813 Comm: syz.2.444 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   91.891695][ T6813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.901855][ T6813] Call Trace:
[   91.905155][ T6813]  <TASK>
[   91.908099][ T6813]  dump_stack_lvl+0x241/0x360
[   91.912807][ T6813]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.918027][ T6813]  ? __pfx__printk+0x10/0x10
[   91.922640][ T6813]  ? __pfx_lock_release+0x10/0x10
[   91.927692][ T6813]  should_fail_ex+0x3b0/0x4e0
[   91.932396][ T6813]  _copy_from_user+0x2f/0xe0
[   91.937006][ T6813]  copy_msghdr_from_user+0xae/0x680
[   91.942229][ T6813]  ? __pfx___might_resched+0x10/0x10
[   91.947546][ T6813]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   91.953465][ T6813]  ? rcu_is_watching+0x15/0xb0
[   91.958346][ T6813]  ? __might_fault+0xaa/0x120
[   91.963051][ T6813]  __sys_sendmmsg+0x36d/0x730
[   91.967756][ T6813]  ? __pfx___sys_sendmmsg+0x10/0x10
[   91.972986][ T6813]  ? __pfx_lock_release+0x10/0x10
[   91.978030][ T6813]  ? kstrtouint_from_user+0x128/0x190
[   91.983438][ T6813]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   91.984462][ T6804] netlink: 12 bytes leftover after parsing attributes in process `syz.4.441'.
[   91.989337][ T6813]  ? ksys_write+0x229/0x2b0
[   91.989368][ T6813]  ? __pfx_lock_release+0x10/0x10
[   91.989397][ T6813]  ? vfs_write+0x7bf/0xc90
[   91.989419][ T6813]  ? kmem_cache_free+0x1a2/0x420
[   91.989443][ T6813]  ? __mutex_unlock_slowpath+0x21d/0x750
[   91.989469][ T6813]  ? __fget_files+0x3f3/0x470
[   91.989499][ T6813]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   91.989525][ T6813]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   91.989551][ T6813]  ? do_syscall_64+0x100/0x230
[   91.989572][ T6813]  __x64_sys_sendmmsg+0xa0/0xb0
[   91.989596][ T6813]  do_syscall_64+0xf3/0x230
[   91.989614][ T6813]  ? clear_bhb_loop+0x35/0x90
[   91.989635][ T6813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.989659][ T6813] RIP: 0033:0x7f151557dff9
[   91.989677][ T6813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.989693][ T6813] RSP: 002b:00007f1516322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   91.989716][ T6813] RAX: ffffffffffffffda RBX: 00007f1515735f80 RCX: 00007f151557dff9
[   91.989731][ T6813] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   91.989743][ T6813] RBP: 00007f1516322090 R08: 0000000000000000 R09: 0000000000000000
[   91.989756][ T6813] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   91.989769][ T6813] R13: 0000000000000000 R14: 00007f1515735f80 R15: 00007fff2675e5d8
[   91.989798][ T6813]  </TASK>
[   92.112277][ T6816] netlink: 40 bytes leftover after parsing attributes in process `syz.4.441'.
[   92.137605][ T6818] netlink: 'syz.2.445': attribute type 1 has an invalid length.
[   92.171334][ T6804] netlink: 'syz.4.441': attribute type 8 has an invalid length.
[   92.426905][ T6833] trusted_key: syz.2.449 sent an empty control message without MSG_MORE.
[   92.576846][ T6839] netlink: 20 bytes leftover after parsing attributes in process `syz.0.453'.
[   92.631730][ T6841] bond0: entered promiscuous mode
[   92.637083][ T6841] bond_slave_0: entered promiscuous mode
[   92.642870][ T6841] bond_slave_1: entered promiscuous mode
[   92.668593][ T6840] bond0: left promiscuous mode
[   92.673427][ T6840] bond_slave_0: left promiscuous mode
[   92.680845][ T6840] bond_slave_1: left promiscuous mode
[   92.853458][ T6844] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.931399][ T6855] FAULT_INJECTION: forcing a failure.
[   92.931399][ T6855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.975917][ T6855] CPU: 0 UID: 0 PID: 6855 Comm: syz.0.458 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   92.986209][ T6855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   92.996263][ T6855] Call Trace:
[   92.999537][ T6855]  <TASK>
[   93.002459][ T6855]  dump_stack_lvl+0x241/0x360
[   93.007143][ T6855]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.012336][ T6855]  ? __pfx__printk+0x10/0x10
[   93.016923][ T6855]  ? __pfx_lock_release+0x10/0x10
[   93.021948][ T6855]  should_fail_ex+0x3b0/0x4e0
[   93.026629][ T6855]  _copy_from_iter+0x1ed/0x1d60
[   93.031473][ T6855]  ? __virt_addr_valid+0x183/0x530
[   93.036587][ T6855]  ? __pfx_lock_release+0x10/0x10
[   93.041620][ T6855]  ? __alloc_skb+0x28f/0x440
[   93.046206][ T6855]  ? __pfx__copy_from_iter+0x10/0x10
[   93.051489][ T6855]  ? __virt_addr_valid+0x183/0x530
[   93.056591][ T6855]  ? __virt_addr_valid+0x183/0x530
[   93.061698][ T6855]  ? __virt_addr_valid+0x45f/0x530
[   93.066803][ T6855]  ? __check_object_size+0x48e/0x900
[   93.072086][ T6855]  netlink_sendmsg+0x73d/0xcb0
[   93.076874][ T6855]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.082169][ T6855]  ? aa_sock_msg_perm+0x91/0x160
[   93.087119][ T6855]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.092406][ T6855]  __sock_sendmsg+0x221/0x270
[   93.097087][ T6855]  ____sys_sendmsg+0x52a/0x7e0
[   93.101863][ T6855]  ? __pfx_____sys_sendmsg+0x10/0x10
[   93.107154][ T6855]  __sys_sendmsg+0x292/0x380
[   93.111736][ T6855]  ? __pfx___sys_sendmsg+0x10/0x10
[   93.116849][ T6855]  ? __pfx_vfs_write+0x10/0x10
[   93.121630][ T6855]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   93.127953][ T6855]  ? do_syscall_64+0x100/0x230
[   93.132706][ T6855]  ? do_syscall_64+0xb6/0x230
[   93.137381][ T6855]  do_syscall_64+0xf3/0x230
[   93.141881][ T6855]  ? clear_bhb_loop+0x35/0x90
[   93.146549][ T6855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.152436][ T6855] RIP: 0033:0x7fa95c37dff9
[   93.156844][ T6855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.176451][ T6855] RSP: 002b:00007fa95d17e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.184859][ T6855] RAX: ffffffffffffffda RBX: 00007fa95c535f80 RCX: 00007fa95c37dff9
[   93.192848][ T6855] RDX: 0000000000048080 RSI: 0000000020000840 RDI: 0000000000000004
[   93.200824][ T6855] RBP: 00007fa95d17e090 R08: 0000000000000000 R09: 0000000000000000
[   93.208801][ T6855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.216770][ T6855] R13: 0000000000000000 R14: 00007fa95c535f80 R15: 00007ffd3961d5d8
[   93.224757][ T6855]  </TASK>
[   93.644060][ T6878] netlink: 24 bytes leftover after parsing attributes in process `syz.0.465'.
[   93.789208][ T6883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.466'.
[   93.812263][ T6883] batadv0: default FDB implementation only supports local addresses
[   93.840849][ T6885] bond0: entered promiscuous mode
[   93.845862][ T5247] Bluetooth: hci4: command tx timeout
[   93.846157][ T6885] bond_slave_0: entered promiscuous mode
[   93.862711][ T6893] netlink: 44 bytes leftover after parsing attributes in process `syz.2.466'.
[   93.873262][ T6885] bond_slave_1: entered promiscuous mode
[   93.884191][ T6890] netlink: 44 bytes leftover after parsing attributes in process `syz.2.466'.
[   93.946838][ T6884] bond0: left promiscuous mode
[   93.951790][ T6884] bond_slave_0: left promiscuous mode
[   93.963455][ T6884] bond_slave_1: left promiscuous mode
[   94.073925][ T6904] FAULT_INJECTION: forcing a failure.
[   94.073925][ T6904] name failslab, interval 1, probability 0, space 0, times 0
[   94.095150][ T6904] CPU: 1 UID: 0 PID: 6904 Comm: syz.0.472 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   94.105463][ T6904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.115543][ T6904] Call Trace:
[   94.118834][ T6904]  <TASK>
[   94.121760][ T6904]  dump_stack_lvl+0x241/0x360
[   94.126445][ T6904]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.131654][ T6904]  ? __pfx__printk+0x10/0x10
[   94.136245][ T6904]  ? __kmalloc_noprof+0xb0/0x400
[   94.141188][ T6904]  ? __pfx___might_resched+0x10/0x10
[   94.146475][ T6904]  should_fail_ex+0x3b0/0x4e0
[   94.151158][ T6904]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   94.157408][ T6904]  should_failslab+0xac/0x100
[   94.162080][ T6904]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   94.168314][ T6904]  __kmalloc_noprof+0xd8/0x400
[   94.173078][ T6904]  ? apparmor_capable+0x13b/0x1b0
[   94.178101][ T6904]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   94.184169][ T6904]  genl_rcv_msg+0x802/0xec0
[   94.188680][ T6904]  ? mark_lock+0x9a/0x360
[   94.193008][ T6904]  ? __pfx_genl_rcv_msg+0x10/0x10
[   94.198044][ T6904]  ? __pfx_lock_acquire+0x10/0x10
[   94.203069][ T6904]  ? __pfx_nl802154_pre_doit+0x10/0x10
[   94.208527][ T6904]  ? __pfx_nl802154_add_llsec_dev+0x10/0x10
[   94.214411][ T6904]  ? __pfx_nl802154_post_doit+0x10/0x10
[   94.219954][ T6904]  ? __pfx___might_resched+0x10/0x10
[   94.225246][ T6904]  netlink_rcv_skb+0x1e3/0x430
[   94.230008][ T6904]  ? __pfx_genl_rcv_msg+0x10/0x10
[   94.235027][ T6904]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   94.240328][ T6904]  genl_rcv+0x28/0x40
[   94.244305][ T6904]  netlink_unicast+0x7f6/0x990
[   94.249074][ T6904]  ? __pfx_netlink_unicast+0x10/0x10
[   94.254352][ T6904]  ? __virt_addr_valid+0x183/0x530
[   94.259465][ T6904]  ? __check_object_size+0x48e/0x900
[   94.264747][ T6904]  netlink_sendmsg+0x8e4/0xcb0
[   94.269516][ T6904]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.274890][ T6904]  ? aa_sock_msg_perm+0x91/0x160
[   94.279850][ T6904]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.285167][ T6904]  __sock_sendmsg+0x221/0x270
[   94.289866][ T6904]  ____sys_sendmsg+0x52a/0x7e0
[   94.294635][ T6904]  ? __pfx_____sys_sendmsg+0x10/0x10
[   94.300015][ T6904]  __sys_sendmsg+0x292/0x380
[   94.304608][ T6904]  ? __pfx___sys_sendmsg+0x10/0x10
[   94.309727][ T6904]  ? __pfx_vfs_write+0x10/0x10
[   94.314617][ T6904]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.320972][ T6904]  ? do_syscall_64+0x100/0x230
[   94.325749][ T6904]  ? do_syscall_64+0xb6/0x230
[   94.330430][ T6904]  do_syscall_64+0xf3/0x230
[   94.334929][ T6904]  ? clear_bhb_loop+0x35/0x90
[   94.339623][ T6904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.345538][ T6904] RIP: 0033:0x7fa95c37dff9
[   94.349978][ T6904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.369594][ T6904] RSP: 002b:00007fa95d17e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.378011][ T6904] RAX: ffffffffffffffda RBX: 00007fa95c535f80 RCX: 00007fa95c37dff9
[   94.385979][ T6904] RDX: 0000000000048080 RSI: 0000000020000840 RDI: 0000000000000004
[   94.393948][ T6904] RBP: 00007fa95d17e090 R08: 0000000000000000 R09: 0000000000000000
[   94.401911][ T6904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.409879][ T6904] R13: 0000000000000000 R14: 00007fa95c535f80 R15: 00007ffd3961d5d8
[   94.417860][ T6904]  </TASK>
[   94.499705][    T9] IPVS: starting estimator thread 0...
[   94.506588][ T6906] netlink: 8 bytes leftover after parsing attributes in process `syz.2.473'.
[   94.547653][ T6912] FAULT_INJECTION: forcing a failure.
[   94.547653][ T6912] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.564335][ T6912] CPU: 1 UID: 0 PID: 6912 Comm: syz.1.475 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   94.574624][ T6912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   94.584704][ T6912] Call Trace:
[   94.588008][ T6912]  <TASK>
[   94.590954][ T6912]  dump_stack_lvl+0x241/0x360
[   94.595659][ T6912]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.600884][ T6912]  ? __pfx__printk+0x10/0x10
[   94.605500][ T6912]  ? __pfx_lock_release+0x10/0x10
[   94.610548][ T6912]  should_fail_ex+0x3b0/0x4e0
[   94.615247][ T6912]  _copy_from_user+0x2f/0xe0
[   94.619861][ T6912]  copy_msghdr_from_user+0xae/0x680
[   94.625081][ T6912]  ? __pfx___might_resched+0x10/0x10
[   94.630386][ T6912]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   94.636214][ T6912]  ? rcu_is_watching+0x15/0xb0
[   94.641033][ T6912]  ? __might_fault+0xaa/0x120
[   94.645827][ T6912]  __sys_sendmmsg+0x36d/0x730
[   94.650530][ T6912]  ? __pfx___sys_sendmmsg+0x10/0x10
[   94.655761][ T6912]  ? __pfx_lock_release+0x10/0x10
[   94.660837][ T6912]  ? kstrtouint_from_user+0x128/0x190
[   94.666249][ T6912]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   94.672185][ T6912]  ? ksys_write+0x229/0x2b0
[   94.676721][ T6912]  ? __pfx_lock_release+0x10/0x10
[   94.681786][ T6912]  ? vfs_write+0x7bf/0xc90
[   94.686426][ T6912]  ? kmem_cache_free+0x1a2/0x420
[   94.691432][ T6912]  ? __mutex_unlock_slowpath+0x21d/0x750
[   94.697182][ T6912]  ? __fget_files+0x3f3/0x470
[   94.701981][ T6912]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   94.707992][ T6912]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.714448][ T6912]  ? do_syscall_64+0x100/0x230
[   94.719236][ T6912]  __x64_sys_sendmmsg+0xa0/0xb0
[   94.724116][ T6912]  do_syscall_64+0xf3/0x230
[   94.728637][ T6912]  ? clear_bhb_loop+0x35/0x90
[   94.733330][ T6912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.739243][ T6912] RIP: 0033:0x7f066437dff9
[   94.743670][ T6912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.763272][ T6912] RSP: 002b:00007f06651bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   94.771686][ T6912] RAX: ffffffffffffffda RBX: 00007f0664535f80 RCX: 00007f066437dff9
[   94.779654][ T6912] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   94.787621][ T6912] RBP: 00007f06651bb090 R08: 0000000000000000 R09: 0000000000000000
[   94.795603][ T6912] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   94.803582][ T6912] R13: 0000000000000000 R14: 00007f0664535f80 R15: 00007ffe5f0ad5c8
[   94.811554][ T6912]  </TASK>
[   94.818477][ T6910] IPVS: using max 22 ests per chain, 52800 per kthread
[   95.373777][ T6946] netlink: 'syz.3.487': attribute type 1 has an invalid length.
[   95.386077][ T6946] FAULT_INJECTION: forcing a failure.
[   95.386077][ T6946] name failslab, interval 1, probability 0, space 0, times 0
[   95.404016][ T6944] pimreg: entered allmulticast mode
[   95.429948][ T6946] CPU: 0 UID: 0 PID: 6946 Comm: syz.3.487 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   95.440254][ T6946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   95.450421][ T6946] Call Trace:
[   95.453715][ T6946]  <TASK>
[   95.456661][ T6946]  dump_stack_lvl+0x241/0x360
[   95.461370][ T6946]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.466597][ T6946]  ? __pfx__printk+0x10/0x10
[   95.471311][ T6946]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   95.477320][ T6946]  ? __pfx___might_resched+0x10/0x10
[   95.482637][ T6946]  should_fail_ex+0x3b0/0x4e0
[   95.487350][ T6946]  should_failslab+0xac/0x100
[   95.492165][ T6946]  ? __alloc_skb+0x1c3/0x440
[   95.496879][ T6946]  kmem_cache_alloc_node_noprof+0x71/0x320
[   95.502719][ T6946]  __alloc_skb+0x1c3/0x440
[   95.507171][ T6946]  ? __pfx___alloc_skb+0x10/0x10
[   95.512138][ T6946]  ? netlink_ack_tlv_len+0x6e/0x200
[   95.517368][ T6946]  netlink_ack+0x13f/0xa30
[   95.521824][ T6946]  ? __pfx_lock_acquire+0x10/0x10
[   95.526876][ T6946]  ? __pfx_nl802154_add_llsec_dev+0x10/0x10
[   95.532878][ T6946]  ? __pfx_nl802154_post_doit+0x10/0x10
[   95.538470][ T6946]  netlink_rcv_skb+0x262/0x430
[   95.543268][ T6946]  ? __pfx_genl_rcv_msg+0x10/0x10
[   95.548324][ T6946]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   95.553804][ T6946]  genl_rcv+0x28/0x40
[   95.557833][ T6946]  netlink_unicast+0x7f6/0x990
[   95.562642][ T6946]  ? __pfx_netlink_unicast+0x10/0x10
[   95.567962][ T6946]  ? __virt_addr_valid+0x183/0x530
[   95.573282][ T6946]  ? __check_object_size+0x48e/0x900
[   95.578600][ T6946]  netlink_sendmsg+0x8e4/0xcb0
[   95.583419][ T6946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.588741][ T6946]  ? aa_sock_msg_perm+0x91/0x160
[   95.593686][ T6946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.598976][ T6946]  __sock_sendmsg+0x221/0x270
[   95.603652][ T6946]  ____sys_sendmsg+0x52a/0x7e0
[   95.608422][ T6946]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.613713][ T6946]  __sys_sendmsg+0x292/0x380
[   95.618305][ T6946]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.623417][ T6946]  ? __pfx_vfs_write+0x10/0x10
[   95.628199][ T6946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   95.634524][ T6946]  ? do_syscall_64+0x100/0x230
[   95.639294][ T6946]  ? do_syscall_64+0xb6/0x230
[   95.643974][ T6946]  do_syscall_64+0xf3/0x230
[   95.648470][ T6946]  ? clear_bhb_loop+0x35/0x90
[   95.653139][ T6946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.659081][ T6946] RIP: 0033:0x7f43cf37dff9
[   95.663487][ T6946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.683176][ T6946] RSP: 002b:00007f43d0244038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.691681][ T6946] RAX: ffffffffffffffda RBX: 00007f43cf535f80 RCX: 00007f43cf37dff9
[   95.699658][ T6946] RDX: 0000000000048080 RSI: 0000000020000840 RDI: 0000000000000004
[   95.707660][ T6946] RBP: 00007f43d0244090 R08: 0000000000000000 R09: 0000000000000000
[   95.715633][ T6946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.723687][ T6946] R13: 0000000000000000 R14: 00007f43cf535f80 R15: 00007ffc85a5f2f8
[   95.731668][ T6946]  </TASK>
[   95.904097][ T6930] tipc: Failed to remove unknown binding: 66,1,1/0:2293200838/2293200840
[   95.920543][ T6930] tipc: Failed to remove unknown binding: 66,1,1/0:2293200838/2293200840
[   95.935120][ T6930] tipc: Failed to remove unknown binding: 66,1,1/0:2293200838/2293200840
[   96.284121][ T6959] FAULT_INJECTION: forcing a failure.
[   96.284121][ T6959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.299231][ T6959] CPU: 1 UID: 0 PID: 6959 Comm: syz.2.489 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   96.309514][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   96.319601][ T6959] Call Trace:
[   96.322898][ T6959]  <TASK>
[   96.325852][ T6959]  dump_stack_lvl+0x241/0x360
[   96.330556][ T6959]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.335767][ T6959]  ? __pfx__printk+0x10/0x10
[   96.340371][ T6959]  ? __pfx_lock_release+0x10/0x10
[   96.345406][ T6959]  should_fail_ex+0x3b0/0x4e0
[   96.350104][ T6959]  _copy_from_user+0x2f/0xe0
[   96.354703][ T6959]  copy_msghdr_from_user+0xae/0x680
[   96.359912][ T6959]  ? __pfx___might_resched+0x10/0x10
[   96.365203][ T6959]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   96.371009][ T6959]  ? rcu_is_watching+0x15/0xb0
[   96.375795][ T6959]  ? __might_fault+0xaa/0x120
[   96.380504][ T6959]  __sys_sendmmsg+0x36d/0x730
[   96.385197][ T6959]  ? __pfx___sys_sendmmsg+0x10/0x10
[   96.390424][ T6959]  ? __pfx_lock_release+0x10/0x10
[   96.395468][ T6959]  ? kstrtouint_from_user+0x128/0x190
[   96.400859][ T6959]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   96.406751][ T6959]  ? ksys_write+0x229/0x2b0
[   96.411255][ T6959]  ? __pfx_lock_release+0x10/0x10
[   96.416281][ T6959]  ? vfs_write+0x7bf/0xc90
[   96.420696][ T6959]  ? kmem_cache_free+0x1a2/0x420
[   96.425632][ T6959]  ? __mutex_unlock_slowpath+0x21d/0x750
[   96.431260][ T6959]  ? __fget_files+0x3f3/0x470
[   96.435939][ T6959]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   96.441926][ T6959]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   96.448255][ T6959]  ? do_syscall_64+0x100/0x230
[   96.453019][ T6959]  __x64_sys_sendmmsg+0xa0/0xb0
[   96.457869][ T6959]  do_syscall_64+0xf3/0x230
[   96.462367][ T6959]  ? clear_bhb_loop+0x35/0x90
[   96.467040][ T6959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.472951][ T6959] RIP: 0033:0x7f151557dff9
[   96.477370][ T6959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.497012][ T6959] RSP: 002b:00007f1516322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   96.505529][ T6959] RAX: ffffffffffffffda RBX: 00007f1515735f80 RCX: 00007f151557dff9
[   96.513511][ T6959] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   96.521484][ T6959] RBP: 00007f1516322090 R08: 0000000000000000 R09: 0000000000000000
[   96.529461][ T6959] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   96.537429][ T6959] R13: 0000000000000000 R14: 00007f1515735f80 R15: 00007fff2675e5d8
[   96.545424][ T6959]  </TASK>
[   97.588784][ T6944] pimreg: left allmulticast mode
[   97.770000][ T6969] __nla_validate_parse: 3 callbacks suppressed
[   97.770020][ T6969] netlink: 180 bytes leftover after parsing attributes in process `syz.1.491'.
[   97.811090][ T6969] netlink: 'syz.1.491': attribute type 1 has an invalid length.
[   97.820009][ T6967] netlink: 32 bytes leftover after parsing attributes in process `syz.4.492'.
[   97.826692][ T6969] netlink: 20 bytes leftover after parsing attributes in process `syz.1.491'.
[   98.156092][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.496'.
[   98.241178][ T6995] FAULT_INJECTION: forcing a failure.
[   98.241178][ T6995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.255763][ T6995] CPU: 1 UID: 0 PID: 6995 Comm: syz.2.500 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   98.266041][ T6995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   98.276120][ T6995] Call Trace:
[   98.279428][ T6995]  <TASK>
[   98.282381][ T6995]  dump_stack_lvl+0x241/0x360
[   98.287099][ T6995]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.292340][ T6995]  ? __pfx__printk+0x10/0x10
[   98.296963][ T6995]  ? __pfx_lock_release+0x10/0x10
[   98.302033][ T6995]  should_fail_ex+0x3b0/0x4e0
[   98.306742][ T6995]  _copy_from_user+0x2f/0xe0
[   98.311338][ T6995]  copy_msghdr_from_user+0xae/0x680
[   98.316596][ T6995]  ? __pfx___might_resched+0x10/0x10
[   98.321883][ T6995]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   98.327750][ T6995]  ? rcu_is_watching+0x15/0xb0
[   98.332538][ T6995]  ? __might_fault+0xaa/0x120
[   98.337220][ T6995]  __sys_sendmmsg+0x36d/0x730
[   98.341898][ T6995]  ? __pfx___sys_sendmmsg+0x10/0x10
[   98.347099][ T6995]  ? __pfx_lock_release+0x10/0x10
[   98.352122][ T6995]  ? kstrtouint_from_user+0x128/0x190
[   98.357511][ T6995]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   98.363404][ T6995]  ? ksys_write+0x229/0x2b0
[   98.367905][ T6995]  ? __pfx_lock_release+0x10/0x10
[   98.372954][ T6995]  ? vfs_write+0x7bf/0xc90
[   98.377416][ T6995]  ? kmem_cache_free+0x1a2/0x420
[   98.382455][ T6995]  ? __mutex_unlock_slowpath+0x21d/0x750
[   98.388098][ T6995]  ? __fget_files+0x3f3/0x470
[   98.392794][ T6995]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   98.398784][ T6995]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.405119][ T6995]  ? do_syscall_64+0x100/0x230
[   98.409885][ T6995]  __x64_sys_sendmmsg+0xa0/0xb0
[   98.414733][ T6995]  do_syscall_64+0xf3/0x230
[   98.419236][ T6995]  ? clear_bhb_loop+0x35/0x90
[   98.423909][ T6995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.429807][ T6995] RIP: 0033:0x7f151557dff9
[   98.434237][ T6995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.453925][ T6995] RSP: 002b:00007f1516322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   98.462429][ T6995] RAX: ffffffffffffffda RBX: 00007f1515735f80 RCX: 00007f151557dff9
[   98.470396][ T6995] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   98.478361][ T6995] RBP: 00007f1516322090 R08: 0000000000000000 R09: 0000000000000000
[   98.486325][ T6995] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   98.494288][ T6995] R13: 0000000000000000 R14: 00007f1515735f80 R15: 00007fff2675e5d8
[   98.502275][ T6995]  </TASK>
[   98.779518][ T7015] netlink: 20 bytes leftover after parsing attributes in process `syz.3.504'.
[   98.807594][ T7017] netlink: 20 bytes leftover after parsing attributes in process `syz.4.505'.
[   98.864313][ T7022] netlink: 'syz.2.507': attribute type 1 has an invalid length.
[   98.938972][ T7020] batadv0: entered promiscuous mode
[   98.956194][ T7011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   98.969985][ T7027] netlink: 240 bytes leftover after parsing attributes in process `syz.4.508'.
[   98.986382][ T7020] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.251683][ T7044] FAULT_INJECTION: forcing a failure.
[   99.251683][ T7044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.268688][ T7044] CPU: 1 UID: 0 PID: 7044 Comm: syz.0.512 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[   99.278974][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   99.289065][ T7044] Call Trace:
[   99.292365][ T7044]  <TASK>
[   99.295315][ T7044]  dump_stack_lvl+0x241/0x360
[   99.300035][ T7044]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.305270][ T7044]  ? __pfx__printk+0x10/0x10
[   99.309890][ T7044]  ? __pfx_lock_release+0x10/0x10
[   99.314949][ T7044]  should_fail_ex+0x3b0/0x4e0
[   99.319654][ T7044]  _copy_from_user+0x2f/0xe0
[   99.324270][ T7044]  copy_msghdr_from_user+0xae/0x680
[   99.329517][ T7044]  ? __pfx___might_resched+0x10/0x10
[   99.334846][ T7044]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   99.340691][ T7044]  ? rcu_is_watching+0x15/0xb0
[   99.345484][ T7044]  ? __might_fault+0xaa/0x120
[   99.350205][ T7044]  __sys_sendmmsg+0x36d/0x730
[   99.354918][ T7044]  ? __pfx___sys_sendmmsg+0x10/0x10
[   99.360241][ T7044]  ? __pfx_lock_release+0x10/0x10
[   99.365304][ T7044]  ? kstrtouint_from_user+0x128/0x190
[   99.370727][ T7044]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   99.376651][ T7044]  ? ksys_write+0x229/0x2b0
[   99.381189][ T7044]  ? __pfx_lock_release+0x10/0x10
[   99.386255][ T7044]  ? vfs_write+0x7bf/0xc90
[   99.390706][ T7044]  ? kmem_cache_free+0x1a2/0x420
[   99.395678][ T7044]  ? __mutex_unlock_slowpath+0x21d/0x750
[   99.401178][ T7046] netlink: 112 bytes leftover after parsing attributes in process `syz.4.513'.
[   99.401407][ T7044]  ? __fget_files+0x3f3/0x470
[   99.415130][ T7044]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   99.421139][ T7044]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.427493][ T7044]  ? do_syscall_64+0x100/0x230
[   99.432321][ T7044]  __x64_sys_sendmmsg+0xa0/0xb0
[   99.433830][ T7046] netlink: 52 bytes leftover after parsing attributes in process `syz.4.513'.
[   99.437182][ T7044]  do_syscall_64+0xf3/0x230
[   99.437208][ T7044]  ? clear_bhb_loop+0x35/0x90
[   99.437227][ T7044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.437250][ T7044] RIP: 0033:0x7fa95c37dff9
[   99.437267][ T7044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.437281][ T7044] RSP: 002b:00007fa95d17e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   99.456039][ T7052] dccp_invalid_packet: invalid packet type
[   99.461232][ T7044] RAX: ffffffffffffffda RBX: 00007fa95c535f80 RCX: 00007fa95c37dff9
[   99.461252][ T7044] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[   99.461264][ T7044] RBP: 00007fa95d17e090 R08: 0000000000000000 R09: 0000000000000000
[   99.461276][ T7044] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[   99.531384][ T7044] R13: 0000000000000000 R14: 00007fa95c535f80 R15: 00007ffd3961d5d8
[   99.539399][ T7044]  </TASK>
[   99.611838][ T7052] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 1
[   99.675612][ T7059] sock: sock_timestamping_bind_phc: sock not bind to device
[   99.706909][ T7059] netlink: 8 bytes leftover after parsing attributes in process `syz.4.516'.
[   99.889104][ T7065] netlink: 'syz.0.519': attribute type 1 has an invalid length.
[  110.747138][ T4625] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  110.756502][ T5242] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  110.768212][ T5246] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  110.775864][ T5246] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  110.785804][ T5246] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  110.786896][ T5242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  110.794625][ T5246] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  110.803534][ T5242] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  110.810643][ T5246] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  110.819869][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  110.823540][ T5246] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  110.831805][ T5244] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  110.837648][ T5246] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  110.844462][ T5244] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  110.859057][ T5242] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  110.871095][ T5244] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  110.878335][ T5244] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  110.887086][ T5244] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  110.934580][ T5246] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  110.961541][ T5244] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  111.015500][ T5246] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  111.051566][ T5246] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  111.184057][ T5246] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  111.193474][ T5246] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  111.343005][ T7081] chnl_net:caif_netlink_parms(): no params data found
[  111.414983][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  111.429002][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  111.438211][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  111.504659][ T5246] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  111.529063][ T5246] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  111.545076][ T5246] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  111.714436][ T7081] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.722885][ T7081] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.730502][ T7081] bridge_slave_0: entered allmulticast mode
[  111.738084][ T7081] bridge_slave_0: entered promiscuous mode
[  111.786185][ T7081] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.793353][ T7081] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.803588][ T7081] bridge_slave_1: entered allmulticast mode
[  111.812188][ T7081] bridge_slave_1: entered promiscuous mode
[  111.843083][ T6434] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.854307][ T6434] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20064 - 0
[  111.882093][ T7085] chnl_net:caif_netlink_parms(): no params data found
[  111.930512][ T6434] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.941227][ T6434] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20064 - 0
[  111.974917][ T7081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.986922][ T7081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.054665][ T6434] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.065405][ T6434] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20064 - 0
[  112.092362][ T7081] team0: Port device team_slave_0 added
[  112.100569][ T7081] team0: Port device team_slave_1 added
[  112.178509][ T6434] team0: Port device netdevsim0 removed
[  112.188200][ T6434] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.198641][ T6434] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20064 - 0
[  112.223212][ T7081] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.230291][ T7081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.261133][ T7081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.297314][ T7081] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.304289][ T7081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.331959][ T7081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.360381][ T7085] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.367732][ T7085] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.374909][ T7085] bridge_slave_0: entered allmulticast mode
[  112.387576][ T7085] bridge_slave_0: entered promiscuous mode
[  112.415860][ T7085] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.423069][ T7085] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.430903][ T7085] bridge_slave_1: entered allmulticast mode
[  112.438843][ T7085] bridge_slave_1: entered promiscuous mode
[  112.466193][ T7081] hsr_slave_0: entered promiscuous mode
[  112.472374][ T7081] hsr_slave_1: entered promiscuous mode
[  112.478747][ T7081] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.486610][ T7081] Cannot create hsr debugfs directory
[  112.522180][ T7085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.574364][ T7085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.683773][ T6434] bridge_slave_1: left allmulticast mode
[  112.691889][ T6434] bridge_slave_1: left promiscuous mode
[  112.699527][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.966636][ T5246] Bluetooth: hci5: command tx timeout
[  113.045511][ T5246] Bluetooth: hci6: command tx timeout
[  113.075800][ T6434] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.091532][ T6434] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.102369][ T6434] bond0 (unregistering): Released all slaves
[  113.126871][ T5246] Bluetooth: hci7: command tx timeout
[  113.140897][ T7085] team0: Port device team_slave_0 added
[  113.151233][ T7085] team0: Port device team_slave_1 added
[  113.171997][ T7087] chnl_net:caif_netlink_parms(): no params data found
[  113.329149][ T7085] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.345515][ T7085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.372977][ T7085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.390484][ T7084] chnl_net:caif_netlink_parms(): no params data found
[  113.428243][ T7085] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.435238][ T7085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.463887][ T7085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.509333][ T7095] chnl_net:caif_netlink_parms(): no params data found
[  113.535269][ T5246] Bluetooth: hci8: command tx timeout
[  113.609305][ T5246] Bluetooth: hci1: command tx timeout
[  113.731963][ T7085] hsr_slave_0: entered promiscuous mode
[  113.739712][ T7085] hsr_slave_1: entered promiscuous mode
[  113.754701][ T7085] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.764465][ T7085] Cannot create hsr debugfs directory
[  113.812130][ T6434] hsr_slave_0: left promiscuous mode
[  113.824046][ T6434] hsr_slave_1: left promiscuous mode
[  113.841467][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.855651][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.864429][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.881475][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.908725][ T6434] vlan0: left promiscuous mode
[  113.913918][ T6434] veth1_macvtap: left promiscuous mode
[  113.920111][ T6434] veth0_macvtap: left promiscuous mode
[  113.926607][ T6434] veth1_vlan: left promiscuous mode
[  113.931899][ T6434] veth0_vlan: left promiscuous mode
[  114.340223][ T6434] team0 (unregistering): Port device team_slave_1 removed
[  114.378116][ T6434] team0 (unregistering): Port device team_slave_0 removed
[  114.822388][ T7087] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.830531][ T7087] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.838525][ T7087] bridge_slave_0: entered allmulticast mode
[  114.845124][ T7087] bridge_slave_0: entered promiscuous mode
[  114.909102][ T7087] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.919895][ T7087] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.927492][ T7087] bridge_slave_1: entered allmulticast mode
[  114.934529][ T7087] bridge_slave_1: entered promiscuous mode
[  114.966234][ T7084] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.973381][ T7084] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.982083][ T7084] bridge_slave_0: entered allmulticast mode
[  114.989401][ T7084] bridge_slave_0: entered promiscuous mode
[  115.046721][ T5246] Bluetooth: hci5: command tx timeout
[  115.062608][ T7084] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.070056][ T7084] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.077717][ T7084] bridge_slave_1: entered allmulticast mode
[  115.084284][ T7084] bridge_slave_1: entered promiscuous mode
[  115.116579][ T7087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.126793][ T5246] Bluetooth: hci6: command tx timeout
[  115.133069][ T7095] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.140949][ T7095] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.149498][ T7095] bridge_slave_0: entered allmulticast mode
[  115.156591][ T7095] bridge_slave_0: entered promiscuous mode
[  115.206614][ T5246] Bluetooth: hci7: command tx timeout
[  115.238507][ T7087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.257223][ T7095] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.264560][ T7095] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.273219][ T7095] bridge_slave_1: entered allmulticast mode
[  115.280345][ T7095] bridge_slave_1: entered promiscuous mode
[  115.330144][ T7087] team0: Port device team_slave_0 added
[  115.350098][ T7084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.384390][ T7087] team0: Port device team_slave_1 added
[  115.414320][ T7095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.427505][ T7084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.479793][ T7085] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.505969][ T7095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.547888][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.554877][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.585325][ T7087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.599348][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.606616][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.632759][ T7087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.634275][ T5246] Bluetooth: hci8: command tx timeout
[  115.671248][ T7085] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.685790][ T5246] Bluetooth: hci1: command tx timeout
[  115.704661][ T7084] team0: Port device team_slave_0 added
[  115.723402][ T7095] team0: Port device team_slave_0 added
[  115.747558][ T7085] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.768416][ T7084] team0: Port device team_slave_1 added
[  115.791584][ T7084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.798834][ T7084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.832455][ T7084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.846441][ T7095] team0: Port device team_slave_1 added
[  115.911399][ T7085] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.947634][ T7084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.954737][ T7084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.981378][ T7084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.013843][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_0
[  116.020927][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.047065][ T7095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  116.064368][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_1
[  116.071732][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.098571][ T7095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.112009][ T7087] hsr_slave_0: entered promiscuous mode
[  116.124136][ T7087] hsr_slave_1: entered promiscuous mode
[  116.151570][ T6434] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.226006][ T7084] hsr_slave_0: entered promiscuous mode
[  116.234934][ T7084] hsr_slave_1: entered promiscuous mode
[  116.242171][ T7084] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.253793][ T7084] Cannot create hsr debugfs directory
[  116.273075][ T6434] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.346870][ T6434] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.397156][ T7095] hsr_slave_0: entered promiscuous mode
[  116.403501][ T7095] hsr_slave_1: entered promiscuous mode
[  116.414815][ T7095] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.423107][ T7095] Cannot create hsr debugfs directory
[  116.461757][ T6434] team0: Port device netdevsim0 removed
[  116.469690][ T6434] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.543152][ T7081] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  116.612848][ T7081] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  116.649919][ T7081] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  116.660968][ T7081] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  116.794127][ T7087] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.811933][ T7085] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  116.861791][ T7087] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.878761][ T7085] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  116.911951][ T6434] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.928347][ T7085] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  116.951030][ T7087] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.985911][ T7085] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  117.027820][ T6434] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.076911][ T7087] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.127053][ T5246] Bluetooth: hci5: command tx timeout
[  117.134827][ T6434] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.206889][ T5246] Bluetooth: hci6: command tx timeout
[  117.273396][ T6434] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.288060][ T5246] Bluetooth: hci7: command tx timeout
[  117.494176][ T7081] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.516778][ T7087] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  117.527496][ T7087] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  117.550068][ T7087] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  117.591873][ T7087] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  117.629607][ T7085] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.653645][ T7081] 8021q: adding VLAN 0 to HW filter on device team0
[  117.690389][ T5246] Bluetooth: hci8: command tx timeout
[  117.703346][ T6434] bridge_slave_1: left allmulticast mode
[  117.717308][ T6434] bridge_slave_1: left promiscuous mode
[  117.723062][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.749926][ T6434] bridge_slave_0: left allmulticast mode
[  117.763213][ T6434] bridge_slave_0: left promiscuous mode
[  117.772798][ T6434] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.776006][ T5246] Bluetooth: hci1: command tx timeout
[  117.796368][ T6434] bridge_slave_1: left allmulticast mode
[  117.802060][ T6434] bridge_slave_1: left promiscuous mode
[  117.817237][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.838732][ T6434] bridge_slave_0: left allmulticast mode
[  117.844429][ T6434] bridge_slave_0: left promiscuous mode
[  117.861112][ T6434] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.507978][ T6434] team0: Port device bond0 removed
[  118.515595][ T6434] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.524456][ T6434] bond_slave_0: left promiscuous mode
[  118.532950][ T6434] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.542349][ T6434] bond_slave_1: left promiscuous mode
[  118.558004][ T6434] bond0 (unregistering): Released all slaves
[  118.582630][ T6434] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.593909][ T6434] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.621589][ T6434] bond0 (unregistering): Released all slaves
[  118.691827][ T2581] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.699002][ T2581] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.785164][ T2581] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.792381][ T2581] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.855219][ T6434] tipc: Left network mode
[  118.938002][ T7085] 8021q: adding VLAN 0 to HW filter on device team0
[  119.048486][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.055656][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.097604][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.104695][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.208656][ T5246] Bluetooth: hci5: command tx timeout
[  119.286074][ T5246] Bluetooth: hci6: command tx timeout
[  119.367269][ T5246] Bluetooth: hci7: command tx timeout
[  119.534190][ T7087] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.580585][ T7087] 8021q: adding VLAN 0 to HW filter on device team0
[  119.682873][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.690078][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.766735][ T7085] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.777603][ T5246] Bluetooth: hci8: command tx timeout
[  119.785121][ T7081] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.794220][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.801393][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.848962][ T5246] Bluetooth: hci1: command tx timeout
[  119.891036][ T6434] hsr_slave_0: left promiscuous mode
[  119.898128][ T6434] hsr_slave_1: left promiscuous mode
[  119.904493][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.919633][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_0
[  119.931238][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  119.939168][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  119.948629][ T6434] hsr_slave_0: left promiscuous mode
[  119.954468][ T6434] hsr_slave_1: left promiscuous mode
[  119.978250][ T6434] veth1_macvtap: left promiscuous mode
[  119.983767][ T6434] veth0_macvtap: left promiscuous mode
[  119.989735][ T6434] veth1_vlan: left promiscuous mode
[  119.994978][ T6434] veth0_vlan: left promiscuous mode
[  120.008183][ T6434] veth1_macvtap: left promiscuous mode
[  120.013700][ T6434] veth0_macvtap: left promiscuous mode
[  120.443511][ T6434] team0 (unregistering): Port device team_slave_1 removed
[  120.482640][ T6434] team0 (unregistering): Port device team_slave_0 removed
[  120.964785][ T6434] team0 (unregistering): Port device team_slave_1 removed
[  121.001431][ T6434] team0 (unregistering): Port device team_slave_0 removed
[  121.330342][ T7084] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  121.359532][ T7084] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  121.389909][ T7084] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  121.410908][ T7084] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  121.525125][ T7081] veth0_vlan: entered promiscuous mode
[  121.542050][ T7085] veth0_vlan: entered promiscuous mode
[  121.564195][ T7095] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  121.576632][ T7095] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  121.597463][ T7095] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  121.620823][ T7095] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  121.669448][ T7085] veth1_vlan: entered promiscuous mode
[  121.739062][ T7081] veth1_vlan: entered promiscuous mode
[  121.939677][ T7081] veth0_macvtap: entered promiscuous mode
[  121.984394][ T7084] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.001776][ T6434] IPVS: stop unused estimator thread 0...
[  122.018770][ T7081] veth1_macvtap: entered promiscuous mode
[  122.056188][ T7085] veth0_macvtap: entered promiscuous mode
[  122.062620][ T6434] IPVS: stop unused estimator thread 0...
[  122.137752][ T7085] veth1_macvtap: entered promiscuous mode
[  122.184428][ T7084] 8021q: adding VLAN 0 to HW filter on device team0
[  122.199179][ T7081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.211852][ T7081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.222309][ T7081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.235411][ T7081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.255216][ T7081] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.288490][ T7081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.300641][ T7081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.311109][ T7081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.322540][ T7081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.334537][ T7081] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.351406][ T7081] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.360720][ T7081] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.370287][ T7081] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.379389][ T7081] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.409041][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.416222][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.432766][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.440127][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.451956][ T7087] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.473818][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.484549][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.495876][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.506685][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.517641][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.528430][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.539671][ T7085] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.564762][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.580440][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.590301][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.601582][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.611611][ T7085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.622194][ T7085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.633922][ T7085] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.644364][ T7095] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.684564][ T7085] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.697349][ T7085] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.706865][ T7085] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.715799][ T7085] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.779043][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.797130][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.820743][ T7095] 8021q: adding VLAN 0 to HW filter on device team0
[  122.856883][ T7087] veth0_vlan: entered promiscuous mode
[  122.872564][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.879716][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.920017][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.927117][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.947158][ T7087] veth1_vlan: entered promiscuous mode
[  122.956986][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.964845][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.024791][ T7095] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  123.037084][ T7095] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  123.076691][ T6434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.112345][ T6434] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.181813][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.222299][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.237018][ T7087] veth0_macvtap: entered promiscuous mode
[  123.246021][ T7087] veth1_macvtap: entered promiscuous mode
[  123.261648][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.272311][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.282949][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.294225][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.304247][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.314766][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.324764][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.335737][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.347113][ T7087] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.357551][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  123.368594][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.378812][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  123.389589][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.400334][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  123.411472][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.421533][ T7087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  123.432136][ T7087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.443384][ T7087] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.454452][ T7087] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.463373][ T7087] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.472432][ T7087] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.481408][ T7087] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.609032][ T7084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.729349][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.744695][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.764261][ T7095] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.884967][ T7084] veth0_vlan: entered promiscuous mode
[  123.912421][ T6450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.942012][ T6450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.950345][ T7233] netlink: 28 bytes leftover after parsing attributes in process `syz.1.527'.
[  123.973542][ T7084] veth1_vlan: entered promiscuous mode
[  124.042543][   T12] tipc: Subscription rejected, illegal request
[  124.072838][ T7084] veth0_macvtap: entered promiscuous mode
[  124.100689][ T7238] FAULT_INJECTION: forcing a failure.
[  124.100689][ T7238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.113320][ T7084] veth1_macvtap: entered promiscuous mode
[  124.136320][ T7238] CPU: 0 UID: 0 PID: 7238 Comm: syz.3.525 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  124.146614][ T7238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  124.152342][ T7235] netlink: 8 bytes leftover after parsing attributes in process `syz.0.529'.
[  124.156756][ T7238] Call Trace:
[  124.156769][ T7238]  <TASK>
[  124.156778][ T7238]  dump_stack_lvl+0x241/0x360
[  124.156811][ T7238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.156836][ T7238]  ? __pfx__printk+0x10/0x10
[  124.182593][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.186211][ T7238]  ? __pfx_lock_release+0x10/0x10
[  124.186252][ T7238]  should_fail_ex+0x3b0/0x4e0
[  124.186282][ T7238]  _copy_from_user+0x2f/0xe0
[  124.211053][ T7238]  copy_msghdr_from_user+0xae/0x680
[  124.216260][ T7238]  ? __pfx___might_resched+0x10/0x10
[  124.221547][ T7238]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  124.227443][ T7238]  ? rcu_is_watching+0x15/0xb0
[  124.232200][ T7238]  ? __might_fault+0xaa/0x120
[  124.236874][ T7238]  __sys_sendmmsg+0x36d/0x730
[  124.241552][ T7238]  ? __pfx___sys_sendmmsg+0x10/0x10
[  124.246839][ T7238]  ? __pfx_lock_release+0x10/0x10
[  124.251864][ T7238]  ? kstrtouint_from_user+0x128/0x190
[  124.257353][ T7238]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  124.263246][ T7238]  ? ksys_write+0x229/0x2b0
[  124.267755][ T7238]  ? __pfx_lock_release+0x10/0x10
[  124.272789][ T7238]  ? vfs_write+0x7bf/0xc90
[  124.277215][ T7238]  ? kmem_cache_free+0x1a2/0x420
[  124.282170][ T7238]  ? __mutex_unlock_slowpath+0x21d/0x750
[  124.287818][ T7238]  ? __fget_files+0x3f3/0x470
[  124.292532][ T7238]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  124.298531][ T7238]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  124.304868][ T7238]  ? do_syscall_64+0x100/0x230
[  124.309739][ T7238]  __x64_sys_sendmmsg+0xa0/0xb0
[  124.314616][ T7238]  do_syscall_64+0xf3/0x230
[  124.319128][ T7238]  ? clear_bhb_loop+0x35/0x90
[  124.323806][ T7238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.329703][ T7238] RIP: 0033:0x7ff37137dff9
[  124.334119][ T7238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.353740][ T7238] RSP: 002b:00007ff37208e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  124.362181][ T7238] RAX: ffffffffffffffda RBX: 00007ff371535f80 RCX: 00007ff37137dff9
[  124.370160][ T7238] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[  124.378122][ T7238] RBP: 00007ff37208e090 R08: 0000000000000000 R09: 0000000000000000
[  124.386089][ T7238] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[  124.394051][ T7238] R13: 0000000000000000 R14: 00007ff371535f80 R15: 00007fff1771cbb8
[  124.402057][ T7238]  </TASK>
[  124.445587][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.455732][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.477858][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.488000][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.498586][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.508501][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.519768][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.530265][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.540809][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.552256][ T7084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.562756][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.573502][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.580464][ T7246] tipc: Failed to remove unknown binding: 66,1,1/0:4159655755/4159655757
[  124.583453][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.602323][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.612802][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.624153][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.634146][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.644662][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.655471][ T7084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.663657][ T7246] tipc: Failed to remove unknown binding: 66,1,1/0:4159655755/4159655757
[  124.666021][ T7084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.686291][ T7084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.695567][ T7246] tipc: Failed to remove unknown binding: 66,1,1/0:4159655755/4159655757
[  124.737824][ T7084] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.747647][ T7084] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.756475][ T7084] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.765190][ T7084] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.944055][ T7095] veth0_vlan: entered promiscuous mode
[  124.978312][ T2581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.005895][ T2581] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.032621][ T7095] veth1_vlan: entered promiscuous mode
[  125.104902][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.128957][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.139011][ T7095] veth0_macvtap: entered promiscuous mode
[  125.150507][ T7261] netlink: 'syz.3.535': attribute type 9 has an invalid length.
[  125.189688][ T7095] veth1_macvtap: entered promiscuous mode
[  125.261935][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.273684][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.283668][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.295645][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.305577][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.316794][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.326986][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.338208][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.349355][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.360168][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.370527][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.381550][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.392772][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.416737][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.456008][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.495712][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.522188][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.538594][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.550059][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.560719][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.571704][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.583134][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.595392][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.607753][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.618557][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.631917][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.737054][ T7095] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.759898][ T7095] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.774809][ T7095] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.795982][ T7095] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.138144][ T7293] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  126.162533][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.546'.
[  127.564008][ T7304] netlink: 12 bytes leftover after parsing attributes in process `syz.2.549'.
[  127.747064][ T6450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.754928][ T6450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.924822][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.944422][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.944489][ T7316] team0: entered promiscuous mode
[  127.953938][ T7313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.964114][ T7316] team_slave_0: entered promiscuous mode
[  127.974493][ T7316] team_slave_1: entered promiscuous mode
[  127.987834][ T7320] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  128.032215][ T7314] team0: left promiscuous mode
[  128.038339][ T7314] team_slave_0: left promiscuous mode
[  128.044643][ T7314] team_slave_1: left promiscuous mode
[  128.336794][ T7330] syzkaller1: entered promiscuous mode
[  128.342329][ T7330] syzkaller1: entered allmulticast mode
[  128.522064][ T7351] veth0_vlan: left promiscuous mode
[  128.528789][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.563'.
[  128.543202][ T7351] veth0_vlan: entered promiscuous mode
[  128.926450][ T7370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'.
[  128.985594][ T7370] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.162046][ T7386] syzkaller1: entered promiscuous mode
[  129.173536][ T7386] syzkaller1: entered allmulticast mode
[  129.227367][ T7386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.575'.
[  129.297034][ T7389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.575'.
[  129.552788][ T7398] netlink: 'syz.1.580': attribute type 1 has an invalid length.
[  129.716645][ T7404] tun0: tun_chr_ioctl cmd 1074025675
[  129.727456][ T7404] tun0: persist enabled
[  129.738221][ T7406] lo: entered promiscuous mode
[  129.748265][ T7403] tun0: tun_chr_ioctl cmd 1074025675
[  129.775990][ T7403] tun0: persist enabled
[  129.831921][ T7406] lo: left promiscuous mode
[  129.848740][ T7413] netlink: 20 bytes leftover after parsing attributes in process `syz.3.584'.
[  130.234112][ T7430] team_slave_0: entered promiscuous mode
[  130.240113][ T7430] team_slave_1: entered promiscuous mode
[  130.288308][ T7430] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  130.324510][ T7430] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  130.412722][ T7452] netlink: 116 bytes leftover after parsing attributes in process `syz.2.593'.
[  130.705916][ T7462] netlink: 'syz.3.601': attribute type 64 has an invalid length.
[  130.765688][ T7462] netlink: 24 bytes leftover after parsing attributes in process `syz.3.601'.
[  130.778323][ T7462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.601'.
[  130.860266][ T7473] netlink: 68 bytes leftover after parsing attributes in process `syz.4.602'.
[  130.926305][ T7475] netlink: 'syz.0.606': attribute type 1 has an invalid length.
[  130.972588][ T7476] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'.
[  130.992343][ T7480] netlink: 'syz.4.602': attribute type 10 has an invalid length.
[  130.995318][ T7475] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.606'.
[  131.019112][ T7476] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'.
[  131.052298][ T7475] netlink: 'syz.0.606': attribute type 1 has an invalid length.
[  131.368587][ T7503] hsr0: entered promiscuous mode
[  131.513881][ T7514] netlink: 'syz.0.615': attribute type 1 has an invalid length.
[  131.867527][ T7527] netem: unknown loss type 0
[  131.873972][ T7527] netem: change failed
[  131.929282][ T7531] netlink: 'syz.0.622': attribute type 9 has an invalid length.
[  131.970186][ T7535] netlink: 'syz.2.624': attribute type 9 has an invalid length.
[  132.186510][ T7549] netlink: 'syz.0.627': attribute type 11 has an invalid length.
[  132.218027][ T7549] netlink: 'syz.0.627': attribute type 11 has an invalid length.
[  132.604002][ T7564] xt_CT: You must specify a L4 protocol and not use inversions on it
[  133.047549][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  133.053995][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  133.495994][ T7598] netlink: 'syz.3.641': attribute type 3 has an invalid length.
[  133.851648][ T7614] netlink: 'syz.4.646': attribute type 4 has an invalid length.
[  134.017667][ T7625] netlink: 'syz.3.648': attribute type 10 has an invalid length.
[  134.076022][ T7625] syz_tun: entered promiscuous mode
[  134.117301][ T7625] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  144.146816][ T7652] netlink: 'syz.1.660': attribute type 1 has an invalid length.
[  144.185568][ T7652] __nla_validate_parse: 13 callbacks suppressed
[  144.185589][ T7652] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.660'.
[  144.247237][ T7652] netlink: 'syz.1.660': attribute type 2 has an invalid length.
[  144.299946][ T7652] netlink: 'syz.1.660': attribute type 1 has an invalid length.
[  144.481574][ T4625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  144.500039][ T4625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  144.510969][ T4625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  144.519272][ T4625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  144.533118][ T4625] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  144.542558][ T4625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  144.621269][ T7087] bond0: (slave syz_tun): Releasing backup interface
[  144.668544][ T4625] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  144.686035][ T7661] netlink: 16 bytes leftover after parsing attributes in process `syz.2.661'.
[  144.709550][ T7661] IPv6: NLM_F_CREATE should be specified when creating new route
[  144.717833][ T4625] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  144.733289][ T4625] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  144.737171][ T7663] netlink: 'syz.2.661': attribute type 1 has an invalid length.
[  144.792771][ T7663] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.661'.
[  144.800153][ T4625] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  144.811244][ T7663] netlink: 'syz.2.661': attribute type 1 has an invalid length.
[  144.827854][ T4625] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  144.838498][ T4625] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  145.149308][ T7685] bond0: entered promiscuous mode
[  145.154403][ T7685] bond_slave_0: entered promiscuous mode
[  145.173223][ T7685] bond_slave_1: entered promiscuous mode
[  145.533217][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.564864][ T7684] bond0: left promiscuous mode
[  145.575767][ T7684] bond_slave_0: left promiscuous mode
[  145.582663][ T7684] bond_slave_1: left promiscuous mode
[  145.598104][ T7698] netlink: 56 bytes leftover after parsing attributes in process `syz.1.670'.
[  145.613140][ T7664] chnl_net:caif_netlink_parms(): no params data found
[  145.715180][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.762283][ T7704] netlink: 'syz.2.671': attribute type 3 has an invalid length.
[  145.774010][ T7668] chnl_net:caif_netlink_parms(): no params data found
[  145.781023][ T7704] netlink: 'syz.2.671': attribute type 1 has an invalid length.
[  145.781045][ T7704] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.671'.
[  145.848091][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.928949][ T7708] FAULT_INJECTION: forcing a failure.
[  145.928949][ T7708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.955864][ T7708] CPU: 0 UID: 0 PID: 7708 Comm: syz.0.673 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  145.966151][ T7708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  145.976231][ T7708] Call Trace:
[  145.979523][ T7708]  <TASK>
[  145.982470][ T7708]  dump_stack_lvl+0x241/0x360
[  145.987178][ T7708]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.992402][ T7708]  ? __pfx__printk+0x10/0x10
[  145.997025][ T7708]  ? __pfx_lock_release+0x10/0x10
[  146.002065][ T7708]  should_fail_ex+0x3b0/0x4e0
[  146.006743][ T7708]  _copy_from_user+0x2f/0xe0
[  146.011325][ T7708]  copy_msghdr_from_user+0xae/0x680
[  146.016528][ T7708]  ? __pfx___might_resched+0x10/0x10
[  146.021835][ T7708]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  146.027656][ T7708]  ? rcu_is_watching+0x15/0xb0
[  146.032411][ T7708]  ? __might_fault+0xaa/0x120
[  146.037083][ T7708]  __sys_sendmmsg+0x36d/0x730
[  146.041785][ T7708]  ? __pfx___sys_sendmmsg+0x10/0x10
[  146.046992][ T7708]  ? __pfx_lock_release+0x10/0x10
[  146.052012][ T7708]  ? kstrtouint_from_user+0x128/0x190
[  146.057388][ T7708]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  146.063307][ T7708]  ? ksys_write+0x229/0x2b0
[  146.067833][ T7708]  ? __pfx_lock_release+0x10/0x10
[  146.072889][ T7708]  ? vfs_write+0x7bf/0xc90
[  146.077327][ T7708]  ? kmem_cache_free+0x1a2/0x420
[  146.082363][ T7708]  ? __mutex_unlock_slowpath+0x21d/0x750
[  146.087988][ T7708]  ? __fget_files+0x3f3/0x470
[  146.092692][ T7708]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  146.098684][ T7708]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.105006][ T7708]  ? do_syscall_64+0x100/0x230
[  146.109775][ T7708]  __x64_sys_sendmmsg+0xa0/0xb0
[  146.114630][ T7708]  do_syscall_64+0xf3/0x230
[  146.119138][ T7708]  ? clear_bhb_loop+0x35/0x90
[  146.123843][ T7708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.129758][ T7708] RIP: 0033:0x7f4e32b7dff9
[  146.134203][ T7708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.153828][ T7708] RSP: 002b:00007f4e33a63038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  146.162257][ T7708] RAX: ffffffffffffffda RBX: 00007f4e32d35f80 RCX: 00007f4e32b7dff9
[  146.170232][ T7708] RDX: 0000000004000070 RSI: 0000000020003b80 RDI: 0000000000000005
[  146.178218][ T7708] RBP: 00007f4e33a63090 R08: 0000000000000000 R09: 0000000000000000
[  146.186186][ T7708] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000002
[  146.194151][ T7708] R13: 0000000000000000 R14: 00007f4e32d35f80 R15: 00007ffc8540b518
[  146.202154][ T7708]  </TASK>
[  146.237267][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.273210][ T7710] netlink: 'syz.2.674': attribute type 322 has an invalid length.
[  146.323570][ T7664] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.332161][ T7664] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.342327][ T7664] bridge_slave_0: entered allmulticast mode
[  146.366879][ T7664] bridge_slave_0: entered promiscuous mode
[  146.414784][ T7664] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.436842][ T7664] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.444383][ T7664] bridge_slave_1: entered allmulticast mode
[  146.451834][ T7664] bridge_slave_1: entered promiscuous mode
[  146.459536][ T7724] bond0: entered promiscuous mode
[  146.465422][ T7724] bond_slave_0: entered promiscuous mode
[  146.471554][ T7724] bond_slave_1: entered promiscuous mode
[  146.508217][ T7668] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.516754][ T7668] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.523934][ T7668] bridge_slave_0: entered allmulticast mode
[  146.544481][ T7668] bridge_slave_0: entered promiscuous mode
[  146.554385][ T7726] netlink: 'syz.2.677': attribute type 11 has an invalid length.
[  146.624321][ T7733] IPVS: set_ctl: invalid protocol: 29 255.255.255.255:20003
[  146.648432][ T4625] Bluetooth: hci0: command tx timeout
[  146.737029][ T7668] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.766444][ T7668] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.786311][ T7668] bridge_slave_1: entered allmulticast mode
[  146.793354][ T7668] bridge_slave_1: entered promiscuous mode
[  146.827825][ T7737] netlink: 112 bytes leftover after parsing attributes in process `syz.0.680'.
[  146.873101][ T7664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.885813][ T4625] Bluetooth: hci2: command tx timeout
[  146.898555][ T7722] bond0: left promiscuous mode
[  146.911594][ T7722] bond_slave_0: left promiscuous mode
[  146.922125][ T7722] bond_slave_1: left promiscuous mode
[  146.963303][ T7664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.973419][ T7738] netlink: 'syz.2.681': attribute type 2 has an invalid length.
[  147.044953][ T7668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.062341][ T7668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.090167][ T7741] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  147.241069][ T7668] team0: Port device team_slave_0 added
[  147.274486][ T7664] team0: Port device team_slave_0 added
[  147.289113][ T7748] netlink: 12 bytes leftover after parsing attributes in process `syz.1.684'.
[  147.309784][ T7664] team0: Port device team_slave_1 added
[  147.380122][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.426170][ T7668] team0: Port device team_slave_1 added
[  147.513079][ T7668] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.535722][ T7668] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.589276][ T7668] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.621536][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.673087][ T7668] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.682817][ T7668] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.736014][ T7668] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.788105][ T7664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.804713][ T7664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.835835][ T7664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.859837][ T7763] IPv6: sit1: Disabled Multicast RS
[  147.887899][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.969437][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.010045][ T7769] bond0: entered promiscuous mode
[  148.016946][ T7769] bond_slave_0: entered promiscuous mode
[  148.022733][ T7769] bond_slave_1: entered promiscuous mode
[  148.030567][ T7664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.038836][ T7664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.070241][ T7664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.101941][ T7668] hsr_slave_0: entered promiscuous mode
[  148.109814][ T7668] hsr_slave_1: entered promiscuous mode
[  148.129723][ T7765] netlink: 8 bytes leftover after parsing attributes in process `syz.1.689'.
[  148.259425][ T7768] bond0: left promiscuous mode
[  148.267484][ T7780] netlink: 20 bytes leftover after parsing attributes in process `syz.2.692'.
[  148.281301][ T7768] bond_slave_0: left promiscuous mode
[  148.289282][ T7768] bond_slave_1: left promiscuous mode
[  148.456590][ T7785] netlink: 'syz.2.694': attribute type 11 has an invalid length.
[  148.737441][ T4625] Bluetooth: hci0: command tx timeout
[  148.975734][ T4625] Bluetooth: hci2: command tx timeout
[  150.017322][ T7664] hsr_slave_0: entered promiscuous mode
[  150.036099][ T7664] hsr_slave_1: entered promiscuous mode
[  150.047922][ T7664] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  150.075489][ T7664] Cannot create hsr debugfs directory
[  150.266600][   T11] bridge_slave_1: left allmulticast mode
[  150.286429][   T11] bridge_slave_1: left promiscuous mode
[  150.292185][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.371119][ T7804] netlink: 24 bytes leftover after parsing attributes in process `syz.2.702'.
[  150.435264][ T7797] syz.0.700[7797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.439410][ T7797] syz.0.700[7797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.454930][   T11] bridge_slave_0: left allmulticast mode
[  150.494897][ T7797] syz.0.700[7797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  150.504551][   T11] bridge_slave_0: left promiscuous mode
[  150.573444][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.669090][   T11] bridge_slave_1: left allmulticast mode
[  150.674793][   T11] bridge_slave_1: left promiscuous mode
[  150.715121][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.789776][   T11] bridge_slave_0: left allmulticast mode
[  150.808075][ T4625] Bluetooth: hci0: command tx timeout
[  150.816758][   T11] bridge_slave_0: left promiscuous mode
[  150.838259][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.057367][ T4625] Bluetooth: hci2: command tx timeout
[  152.887212][ T4625] Bluetooth: hci0: command tx timeout
[  153.125977][ T4625] Bluetooth: hci2: command tx timeout
[  154.773427][  T938] sched: DL replenish lagged too much
[  162.023748][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  162.037001][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  162.044795][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  162.054358][ T5247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  162.062645][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  162.072480][ T5247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  162.083695][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  162.095303][ T5247] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  162.103288][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  162.112136][ T5247] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  162.131680][ T5247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  162.142859][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  162.150606][ T5247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  162.167995][ T5246] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  162.180955][ T5246] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  162.189297][ T5246] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  162.211188][ T5246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  162.219264][ T5246] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  164.165704][ T5246] Bluetooth: hci1: command tx timeout
[  164.245621][ T5232] Bluetooth: hci4: command tx timeout
[  164.253633][ T5246] Bluetooth: hci3: command tx timeout
[  166.249602][ T5246] Bluetooth: hci1: command tx timeout
[  166.326365][ T5246] Bluetooth: hci3: command tx timeout
[  166.331858][ T5246] Bluetooth: hci4: command tx timeout
[  168.325526][ T5246] Bluetooth: hci1: command tx timeout
[  168.408643][ T5232] Bluetooth: hci3: command tx timeout
[  168.416205][ T5246] Bluetooth: hci4: command tx timeout
[  170.405611][ T5246] Bluetooth: hci1: command tx timeout
[  170.485589][ T5232] Bluetooth: hci3: command tx timeout
[  170.492852][ T5246] Bluetooth: hci4: command tx timeout
[  194.511008][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  194.524075][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  206.216349][ T5232] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  206.227370][ T5232] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  206.236631][ T5232] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  206.246202][ T5232] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  206.264613][ T5232] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  206.272997][ T5232] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  206.313893][ T5246] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  206.323314][ T5246] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  206.334724][ T5246] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  206.342925][ T5246] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  206.354937][ T5246] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  206.363385][ T5246] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  208.325761][ T5246] Bluetooth: hci7: command tx timeout
[  208.408326][ T5246] Bluetooth: hci9: command tx timeout
[  210.411400][ T5246] Bluetooth: hci7: command tx timeout
[  210.485781][ T5246] Bluetooth: hci9: command tx timeout
[  212.485688][ T5246] Bluetooth: hci7: command tx timeout
[  212.566498][ T5246] Bluetooth: hci9: command tx timeout
[  214.565594][ T5246] Bluetooth: hci7: command tx timeout
[  214.645616][ T5246] Bluetooth: hci9: command tx timeout
[  222.526957][ T5232] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  222.539117][ T5232] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  222.547502][ T5232] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  222.556495][ T5232] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  222.564264][ T5232] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  222.575741][ T5232] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  222.624427][ T5246] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  222.637112][ T5246] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  222.646301][ T5246] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  222.655972][ T5246] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  222.663683][ T5246] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  222.671210][ T5246] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  222.718576][ T5246] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  222.728129][ T5246] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  222.740321][ T5246] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  222.748405][ T5246] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  222.756453][ T5246] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  222.763882][ T5246] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  224.648033][ T5246] Bluetooth: hci10: command tx timeout
[  224.725702][ T5246] Bluetooth: hci11: command tx timeout
[  224.806501][ T5246] Bluetooth: hci12: command tx timeout
[  226.730122][ T5246] Bluetooth: hci10: command tx timeout
[  226.805593][ T5246] Bluetooth: hci11: command tx timeout
[  226.885961][ T5246] Bluetooth: hci12: command tx timeout
[  228.805659][ T5246] Bluetooth: hci10: command tx timeout
[  228.887310][ T5246] Bluetooth: hci11: command tx timeout
[  228.966046][ T5246] Bluetooth: hci12: command tx timeout
[  230.885639][ T5246] Bluetooth: hci10: command tx timeout
[  230.965646][ T5246] Bluetooth: hci11: command tx timeout
[  231.046491][ T5246] Bluetooth: hci12: command tx timeout
[  237.545573][ T5244] Bluetooth: hci5: command 0x0406 tx timeout
[  237.551769][ T4625] Bluetooth: hci8: command 0x0406 tx timeout
[  237.558705][   T54] Bluetooth: hci6: command 0x0406 tx timeout
[  255.947510][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  255.953891][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  268.259031][ T5232] Bluetooth: hci2: command 0x0406 tx timeout
[  268.265104][ T5232] Bluetooth: hci0: command 0x0406 tx timeout
[  269.276019][ T5246] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  269.285230][ T5246] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  269.293480][ T5246] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  269.302280][ T5246] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  269.311390][ T5246] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  269.319135][ T5246] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  269.400945][ T5247] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  269.416446][ T5247] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  269.425661][ T5247] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  269.433913][ T5247] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  269.441708][ T5247] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  269.450301][ T5247] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  271.366419][ T5247] Bluetooth: hci13: command tx timeout
[  271.525905][ T5247] Bluetooth: hci14: command tx timeout
[  273.445583][ T5247] Bluetooth: hci13: command tx timeout
[  273.605878][ T5247] Bluetooth: hci14: command tx timeout
[  275.529294][ T5247] Bluetooth: hci13: command tx timeout
[  275.686696][ T5247] Bluetooth: hci14: command tx timeout
[  277.608858][ T5247] Bluetooth: hci13: command tx timeout
[  277.765825][ T5247] Bluetooth: hci14: command tx timeout
[  283.260592][ T5246] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  283.270548][ T5246] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  283.279724][ T5246] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  283.290387][ T5246] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  283.298276][ T5246] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  283.306594][ T5246] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  283.380716][ T5247] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  283.392522][ T5247] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  283.401325][ T5247] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  283.409493][ T5247] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  283.417272][ T5247] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  283.424654][ T5247] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  283.487470][ T5246] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  283.499149][ T5246] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  283.507153][ T5246] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  283.517114][ T5246] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  283.524899][ T5246] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  283.544399][ T5246] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  285.365682][ T5247] Bluetooth: hci15: command tx timeout
[  285.526685][ T5246] Bluetooth: hci16: command tx timeout
[  285.605927][ T5246] Bluetooth: hci17: command tx timeout
[  287.446339][ T5246] Bluetooth: hci15: command tx timeout
[  287.605912][ T5246] Bluetooth: hci16: command tx timeout
[  287.686615][ T5246] Bluetooth: hci17: command tx timeout
[  288.743268][ T5246] Bluetooth: hci4: command 0x0406 tx timeout
[  288.749441][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  288.755557][ T5244] Bluetooth: hci3: command 0x0406 tx timeout
[  289.525693][ T5247] Bluetooth: hci15: command tx timeout
[  289.686166][ T5247] Bluetooth: hci16: command tx timeout
[  289.765732][ T5247] Bluetooth: hci17: command tx timeout
[  291.605649][ T5247] Bluetooth: hci15: command tx timeout
[  291.769440][ T5247] Bluetooth: hci16: command tx timeout
[  291.845724][ T5247] Bluetooth: hci17: command tx timeout
[  294.965779][   T30] INFO: task kworker/u8:0:11 blocked for more than 143 seconds.
[  294.973472][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  294.992998][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  295.003315][   T30] task:kworker/u8:0    state:D stack:20088 pid:11    tgid:11    ppid:2      flags:0x00004000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  295.025387][   T30] Workqueue: netns cleanup_net
[  295.036506][   T30] Call Trace:
[  295.039839][   T30]  <TASK>
[  295.042793][   T30]  __schedule+0x1895/0x4b30
[  295.085565][   T30]  ? __pfx___schedule+0x10/0x10
[  295.090486][   T30]  ? __pfx_lock_release+0x10/0x10
[  295.200325][   T30]  ? kthread_data+0x52/0xd0
[  295.204908][   T30]  ? wq_worker_sleeping+0x66/0x240
[  295.238111][   T30]  ? schedule+0x90/0x320
[  295.242419][   T30]  schedule+0x14b/0x320
[  295.285605][   T30]  schedule_timeout+0xb0/0x310
[  295.290443][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  295.336241][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  295.342304][   T30]  ? wait_for_completion+0x2fe/0x620
[  295.396118][   T30]  ? wait_for_completion+0x2fe/0x620
[  295.401473][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  295.439846][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  295.445120][   T30]  ? wait_for_completion+0x2fe/0x620
[  295.486306][   T30]  wait_for_completion+0x355/0x620
[  295.491509][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  295.533131][   T30]  ? __flush_work+0xe7/0xc50
[  295.546323][   T30]  __flush_work+0xa37/0xc50
[  295.550879][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  295.576280][   T30]  ? __flush_work+0xe7/0xc50
[  295.580933][   T30]  ? __pfx___flush_work+0x10/0x10
[  295.611358][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  295.625481][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  295.631855][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  295.666398][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  295.671663][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  295.696345][   T30]  ? net_generic+0x1f/0x240
[  295.700906][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  295.733317][   T30]  ? unregister_netdevice_queue+0x26b/0x370
[  295.754144][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  295.765564][   T30]  ? nexthop_net_exit_batch_rtnl+0x100/0x150
[  295.771592][   T30]  cleanup_net+0x75d/0xcc0
[  295.792473][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  295.805474][   T30]  ? process_scheduled_works+0x976/0x1850
[  295.811238][   T30]  process_scheduled_works+0xa63/0x1850
[  295.828966][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  295.834997][   T30]  ? assign_work+0x364/0x3d0
[  295.846218][   T30]  worker_thread+0x870/0xd30
[  295.851274][   T30]  ? __kthread_parkme+0x169/0x1d0
[  295.865380][   T30]  ? __pfx_worker_thread+0x10/0x10
[  295.870534][   T30]  kthread+0x2f0/0x390
[  295.874617][   T30]  ? __pfx_worker_thread+0x10/0x10
[  295.890104][   T30]  ? __pfx_kthread+0x10/0x10
[  295.894730][   T30]  ret_from_fork+0x4b/0x80
[  295.903668][   T30]  ? __pfx_kthread+0x10/0x10
[  295.914595][   T30]  ret_from_fork_asm+0x1a/0x30
[  295.919705][   T30]  </TASK>
[  295.926242][   T30] INFO: task kworker/u8:10:2939 blocked for more than 144 seconds.
[  295.949493][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  295.962988][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  295.975531][   T30] task:kworker/u8:10   state:D stack:20920 pid:2939  tgid:2939  ppid:2      flags:0x00004000
[  295.996563][   T30] Workqueue: events_unbound linkwatch_event
[  296.002514][   T30] Call Trace:
[  296.014789][   T30]  <TASK>
[  296.017983][   T30]  __schedule+0x1895/0x4b30
[  296.022540][   T30]  ? __pfx___schedule+0x10/0x10
[  296.039983][   T30]  ? __pfx_lock_release+0x10/0x10
[  296.045072][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  296.051764][   T30]  ? kthread_data+0x52/0xd0
[  296.069324][   T30]  ? schedule+0x90/0x320
[  296.073704][   T30]  ? wq_worker_sleeping+0x66/0x240
[  296.094425][   T30]  ? schedule+0x90/0x320
[  296.105324][   T30]  schedule+0x14b/0x320
[  296.109527][   T30]  schedule_preempt_disabled+0x13/0x30
[  296.115010][   T30]  __mutex_lock+0x6a7/0xd70
[  296.130235][   T30]  ? __mutex_lock+0x52a/0xd70
[  296.141381][   T30]  ? linkwatch_event+0xe/0x60
[  296.152724][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  296.163264][   T30]  ? process_scheduled_works+0x976/0x1850
[  296.176243][   T30]  linkwatch_event+0xe/0x60
[  296.180810][   T30]  process_scheduled_works+0xa63/0x1850
[  296.195438][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  296.201500][   T30]  ? assign_work+0x364/0x3d0
[  296.216254][   T30]  worker_thread+0x870/0xd30
[  296.220922][   T30]  ? __kthread_parkme+0x169/0x1d0
[  296.234730][   T30]  ? __pfx_worker_thread+0x10/0x10
[  296.241512][   T30]  kthread+0x2f0/0x390
[  296.255382][   T30]  ? __pfx_worker_thread+0x10/0x10
[  296.260944][   T30]  ? __pfx_kthread+0x10/0x10
[  296.275409][   T30]  ret_from_fork+0x4b/0x80
[  296.279957][   T30]  ? __pfx_kthread+0x10/0x10
[  296.284576][   T30]  ret_from_fork_asm+0x1a/0x30
[  296.300049][   T30]  </TASK>
[  296.303191][   T30] INFO: task kworker/0:3:5273 blocked for more than 144 seconds.
[  296.315449][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  296.322766][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  296.351101][   T30] task:kworker/0:3     state:D stack:22224 pid:5273  tgid:5273  ppid:2      flags:0x00004000
[  296.365510][   T30] Workqueue: events switchdev_deferred_process_work
[  296.372244][   T30] Call Trace:
[  296.386221][   T30]  <TASK>
[  296.389202][   T30]  __schedule+0x1895/0x4b30
[  296.393736][   T30]  ? try_to_wake_up+0x971/0x1480
[  296.409408][   T30]  ? schedule+0x90/0x320
[  296.413727][   T30]  ? __pfx___schedule+0x10/0x10
[  296.425443][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  296.431471][   T30]  ? __pfx_lock_release+0x10/0x10
[  296.448782][   T30]  ? kick_pool+0x45c/0x620
[  296.453356][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  296.464434][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  296.474439][   T30]  ? schedule+0x90/0x320
[  296.484007][   T30]  schedule+0x14b/0x320
[  296.495557][   T30]  schedule_preempt_disabled+0x13/0x30
[  296.501068][   T30]  __mutex_lock+0x6a7/0xd70
[  296.517555][   T30]  ? __mutex_lock+0x52a/0xd70
[  296.522278][   T30]  ? switchdev_deferred_process_work+0xe/0x20
[  296.539615][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  296.553267][   T30]  ? process_scheduled_works+0x976/0x1850
[  296.562678][   T30]  switchdev_deferred_process_work+0xe/0x20
[  296.583914][   T30]  process_scheduled_works+0xa63/0x1850
[  296.589809][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  296.605458][   T30]  ? assign_work+0x364/0x3d0
[  296.610107][   T30]  worker_thread+0x870/0xd30
[  296.614749][   T30]  ? __kthread_parkme+0x169/0x1d0
[  296.630098][   T30]  ? __pfx_worker_thread+0x10/0x10
[  296.640907][   T30]  kthread+0x2f0/0x390
[  296.654119][   T30]  ? __pfx_worker_thread+0x10/0x10
[  296.660382][   T30]  ? __pfx_kthread+0x10/0x10
[  296.665013][   T30]  ret_from_fork+0x4b/0x80
[  296.679960][   T30]  ? __pfx_kthread+0x10/0x10
[  296.684607][   T30]  ret_from_fork_asm+0x1a/0x30
[  296.694771][   T30]  </TASK>
[  296.698097][   T30] INFO: task syz-executor:7664 blocked for more than 145 seconds.
[  296.716086][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  296.723410][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  296.743798][   T30] task:syz-executor    state:D stack:21728 pid:7664  tgid:7664  ppid:1      flags:0x00004004
[  296.765380][   T30] Call Trace:
[  296.768698][   T30]  <TASK>
[  296.773738][   T30]  __schedule+0x1895/0x4b30
[  296.785385][   T30]  ? __pfx___schedule+0x10/0x10
[  296.790283][   T30]  ? __pfx_lock_release+0x10/0x10
[  296.805115][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  296.811476][   T30]  ? schedule+0x90/0x320
[  296.820798][   T30]  schedule+0x14b/0x320
[  296.825004][   T30]  schedule_preempt_disabled+0x13/0x30
[  296.840595][   T30]  __mutex_lock+0x6a7/0xd70
[  296.845151][   T30]  ? __mutex_lock+0x52a/0xd70
[  296.855507][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  296.860666][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  296.875499][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  296.881061][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  296.896259][   T30]  ? __lock_acquire+0x1384/0x2050
[  296.901339][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  296.916694][   T30]  netlink_rcv_skb+0x1e3/0x430
[  296.921505][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  296.928384][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  296.933731][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  296.948870][   T30]  netlink_unicast+0x7f6/0x990
[  296.962072][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  296.972215][   T30]  ? __virt_addr_valid+0x183/0x530
[  296.983701][   T30]  ? __check_object_size+0x48e/0x900
[  296.994336][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  297.004910][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.014650][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  297.025375][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.030702][   T30]  __sock_sendmsg+0x221/0x270
[  297.042369][   T30]  __sys_sendto+0x39b/0x4f0
[  297.051171][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  297.064852][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  297.074304][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  297.092048][   T30]  __x64_sys_sendto+0xde/0x100
[  297.099357][   T30]  do_syscall_64+0xf3/0x230
[  297.103903][   T30]  ? clear_bhb_loop+0x35/0x90
[  297.115509][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.121456][   T30] RIP: 0033:0x7f18d617fe8c
[  297.145779][   T30] RSP: 002b:00007ffff49fc970 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  297.154263][   T30] RAX: ffffffffffffffda RBX: 00007f18d6e64620 RCX: 00007f18d617fe8c
[  297.173967][   T30] RDX: 000000000000004c RSI: 00007f18d6e64670 RDI: 0000000000000003
[  297.183948][   T30] RBP: 0000000000000000 R08: 00007ffff49fc9c4 R09: 000000000000000c
[  297.203039][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  297.215476][   T30] R13: 0000000000000000 R14: 00007f18d6e64670 R15: 0000000000000000
[  297.223514][   T30]  </TASK>
[  297.235525][   T30] INFO: task syz-executor:7668 blocked for more than 145 seconds.
[  297.243369][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  297.262735][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  297.279830][   T30] task:syz-executor    state:D stack:21728 pid:7668  tgid:7668  ppid:1      flags:0x00000004
[  297.301513][   T30] Call Trace:
[  297.304829][   T30]  <TASK>
[  297.311236][   T30]  __schedule+0x1895/0x4b30
[  297.318017][   T30]  ? __pfx___schedule+0x10/0x10
[  297.322927][   T30]  ? __pfx_lock_release+0x10/0x10
[  297.342248][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  297.355405][   T30]  ? schedule+0x90/0x320
[  297.359920][   T30]  schedule+0x14b/0x320
[  297.366744][   T30]  schedule_preempt_disabled+0x13/0x30
[  297.372246][   T30]  __mutex_lock+0x6a7/0xd70
[  297.391817][   T30]  ? __mutex_lock+0x52a/0xd70
[  297.400107][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  297.412821][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  297.418153][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  297.423127][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  297.439126][   T30]  ? __lock_acquire+0x1384/0x2050
[  297.444206][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  297.455497][   T30]  netlink_rcv_skb+0x1e3/0x430
[  297.460318][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  297.478018][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  297.483383][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  297.499860][   T30]  netlink_unicast+0x7f6/0x990
[  297.504683][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  297.515387][   T30]  ? __virt_addr_valid+0x183/0x530
[  297.520628][   T30]  ? __check_object_size+0x48e/0x900
[  297.543522][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  297.548731][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.554062][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  297.571996][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.581789][   T30]  __sock_sendmsg+0x221/0x270
[  297.593666][   T30]  __sys_sendto+0x39b/0x4f0
[  297.598346][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  297.603423][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  297.621656][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  297.632599][   T30]  __x64_sys_sendto+0xde/0x100
[  297.642926][   T30]  do_syscall_64+0xf3/0x230
[  297.648553][   T30]  ? clear_bhb_loop+0x35/0x90
[  297.653269][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.670916][   T30] RIP: 0033:0x7fc8ed57fe8c
[  297.681824][   T30] RSP: 002b:00007ffd1e22a5a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  297.701341][   T30] RAX: ffffffffffffffda RBX: 00007fc8ee264620 RCX: 00007fc8ed57fe8c
[  297.713584][   T30] RDX: 0000000000000058 RSI: 00007fc8ee264670 RDI: 0000000000000003
[  297.725489][   T30] RBP: 0000000000000000 R08: 00007ffd1e22a5f4 R09: 000000000000000c
[  297.733581][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  297.751964][   T30] R13: 0000000000000000 R14: 00007fc8ee264670 R15: 0000000000000000
[  297.762262][   T30]  </TASK>
[  297.775504][   T30] INFO: task syz.1.701:7802 blocked for more than 146 seconds.
[  297.783081][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  297.801365][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  297.814990][   T30] task:syz.1.701       state:D stack:27296 pid:7802  tgid:7801  ppid:7081   flags:0x00000004
[  297.836478][   T30] Call Trace:
[  297.839785][   T30]  <TASK>
[  297.842732][   T30]  __schedule+0x1895/0x4b30
[  297.855105][   T30]  ? __pfx___schedule+0x10/0x10
[  297.863050][   T30]  ? __pfx_lock_release+0x10/0x10
[  297.873152][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  297.886293][   T30]  ? schedule+0x90/0x320
[  297.890583][   T30]  schedule+0x14b/0x320
[  297.894765][   T30]  schedule_preempt_disabled+0x13/0x30
[  297.910126][   T30]  __mutex_lock+0x6a7/0xd70
[  297.914676][   T30]  ? __mutex_lock+0x52a/0xd70
[  297.924938][   T30]  ? packet_mc_add+0x28/0x950
[  297.935388][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  297.940452][   T30]  ? __pfx___might_resched+0x10/0x10
[  297.955344][   T30]  ? __might_fault+0xaa/0x120
[  297.960062][   T30]  ? __pfx_lock_release+0x10/0x10
[  297.965118][   T30]  packet_mc_add+0x28/0x950
[  297.981211][   T30]  ? __might_fault+0xc6/0x120
[  297.991539][   T30]  packet_setsockopt+0x104f/0x1970
[  298.001595][   T30]  ? __pfx_packet_setsockopt+0x10/0x10
[  298.013952][   T30]  ? aa_sk_perm+0x96d/0xab0
[  298.022964][   T30]  ? __pfx_aa_sk_perm+0x10/0x10
[  298.033851][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  298.039823][   T30]  ? __fget_files+0x29/0x470
[  298.044443][   T30]  ? aa_sock_opt_perm+0x79/0x120
[  298.059622][   T30]  ? __pfx_packet_setsockopt+0x10/0x10
[  298.065124][   T30]  do_sock_setsockopt+0x3af/0x720
[  298.075517][   T30]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  298.085975][   T30]  ? __fget_files+0x29/0x470
[  298.090700][   T30]  ? __fget_files+0x3f3/0x470
[  298.105466][   T30]  ? __fget_files+0x29/0x470
[  298.111879][   T30]  __sys_setsockopt+0x1a2/0x250
[  298.124677][   T30]  __x64_sys_setsockopt+0xb5/0xd0
[  298.130776][   T30]  do_syscall_64+0xf3/0x230
[  298.145441][   T30]  ? clear_bhb_loop+0x35/0x90
[  298.150170][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.175243][   T30] RIP: 0033:0x7fba9df7dff9
[  298.186192][   T30] RSP: 002b:00007fba9ee1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  298.194673][   T30] RAX: ffffffffffffffda RBX: 00007fba9e135f80 RCX: 00007fba9df7dff9
[  298.216767][   T30] RDX: 0000000000000001 RSI: 0000000000000107 RDI: 0000000000000005
[  298.224792][   T30] RBP: 00007fba9dff0296 R08: 0000000000000010 R09: 0000000000000000
[  298.235433][   T30] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000000
[  298.243447][   T30] R13: 0000000000000000 R14: 00007fba9e135f80 R15: 00007ffd7ade9a18
[  298.263657][   T30]  </TASK>
[  298.270318][   T30] INFO: task syz.1.701:7805 blocked for more than 146 seconds.
[  298.290694][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  298.302574][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  298.322881][   T30] task:syz.1.701       state:D stack:25248 pid:7805  tgid:7801  ppid:7081   flags:0x00000004
[  298.343525][   T30] Call Trace:
[  298.346982][   T30]  <TASK>
[  298.349944][   T30]  __schedule+0x1895/0x4b30
[  298.354529][   T30]  ? __pfx___schedule+0x10/0x10
[  298.370185][   T30]  ? __pfx_lock_release+0x10/0x10
[  298.381650][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  298.393567][   T30]  ? schedule+0x90/0x320
[  298.404312][   T30]  schedule+0x14b/0x320
[  298.408901][   T30]  schedule_preempt_disabled+0x13/0x30
[  298.414398][   T30]  __mutex_lock+0x6a7/0xd70
[  298.434113][   T30]  ? __mutex_lock+0x52a/0xd70
[  298.440200][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  298.454207][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  298.460304][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  298.475481][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  298.480646][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  298.495485][   T30]  ? ref_tracker_free+0x643/0x7e0
[  298.500581][   T30]  netlink_rcv_skb+0x1e3/0x430
[  298.514992][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  298.522031][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  298.535522][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  298.540775][   T30]  netlink_unicast+0x7f6/0x990
[  298.555139][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  298.560748][   T30]  ? __virt_addr_valid+0x183/0x530
[  298.566381][   T30]  ? __check_object_size+0x48e/0x900
[  298.571716][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  298.592307][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.602286][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  298.614739][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.624766][   T30]  __sock_sendmsg+0x221/0x270
[  298.634957][   T30]  ____sys_sendmsg+0x52a/0x7e0
[  298.640863][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  298.655487][   T30]  __sys_sendmsg+0x292/0x380
[  298.660125][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  298.675516][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  298.681892][   T30]  ? do_syscall_64+0x100/0x230
[  298.699050][   T30]  ? do_syscall_64+0xb6/0x230
[  298.703778][   T30]  do_syscall_64+0xf3/0x230
[  298.714941][   T30]  ? clear_bhb_loop+0x35/0x90
[  298.719936][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.735445][   T30] RIP: 0033:0x7fba9df7dff9
[  298.739903][   T30] RSP: 002b:00007fba9edfb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.758701][   T30] RAX: ffffffffffffffda RBX: 00007fba9e136058 RCX: 00007fba9df7dff9
[  298.773281][   T30] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 000000000000000e
[  298.784862][   T30] RBP: 00007fba9dff0296 R08: 0000000000000000 R09: 0000000000000000
[  298.805624][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.813646][   T30] R13: 0000000000000000 R14: 00007fba9e136058 R15: 00007ffd7ade9a18
[  298.834385][   T30]  </TASK>
[  298.837759][   T30] INFO: task syz.2.703:7811 blocked for more than 147 seconds.
[  298.855476][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  298.862794][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  298.881912][   T30] task:syz.2.703       state:D stack:26880 pid:7811  tgid:7809  ppid:7084   flags:0x00004004
[  298.904078][   T30] Call Trace:
[  298.908301][   T30]  <TASK>
[  298.911260][   T30]  __schedule+0x1895/0x4b30
[  298.925383][   T30]  ? __pfx___schedule+0x10/0x10
[  298.930298][   T30]  ? __pfx_lock_release+0x10/0x10
[  298.945345][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  298.950854][   T30]  ? schedule+0x90/0x320
[  298.955123][   T30]  schedule+0x14b/0x320
[  298.969742][   T30]  schedule_preempt_disabled+0x13/0x30
[  298.975251][   T30]  __mutex_lock+0x6a7/0xd70
[  298.990012][   T30]  ? __mutex_lock+0x52a/0xd70
[  298.994728][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  299.005404][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  299.010487][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  299.026501][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  299.031666][   T30]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  299.047780][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  299.053305][   T30]  netlink_rcv_skb+0x1e3/0x430
[  299.065370][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  299.070885][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  299.086169][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  299.091249][   T30]  netlink_unicast+0x7f6/0x990
[  299.107151][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  299.112488][   T30]  ? __virt_addr_valid+0x183/0x530
[  299.125829][   T30]  ? __check_object_size+0x48e/0x900
[  299.131262][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  299.146145][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.151498][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  299.165350][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.170692][   T30]  __sock_sendmsg+0x221/0x270
[  299.185658][   T30]  ____sys_sendmsg+0x52a/0x7e0
[  299.190575][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  299.205088][   T30]  __sys_sendmsg+0x292/0x380
[  299.218971][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  299.224181][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  299.242205][   T30]  ? do_syscall_64+0x100/0x230
[  299.247593][   T30]  ? do_syscall_64+0xb6/0x230
[  299.252307][   T30]  do_syscall_64+0xf3/0x230
[  299.267535][   T30]  ? clear_bhb_loop+0x35/0x90
[  299.272271][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.285540][   T30] RIP: 0033:0x7f45a477dff9
[  299.290007][   T30] RSP: 002b:00007f45a55a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.314890][   T30] RAX: ffffffffffffffda RBX: 00007f45a4935f80 RCX: 00007f45a477dff9
[  299.324543][   T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006
[  299.342817][   T30] RBP: 00007f45a47f0296 R08: 0000000000000000 R09: 0000000000000000
[  299.353200][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.365709][   T30] R13: 0000000000000000 R14: 00007f45a4935f80 R15: 00007ffd822dcf48
[  299.373757][   T30]  </TASK>
[  299.388792][   T30] INFO: task syz.0.704:7817 blocked for more than 147 seconds.
[  299.403164][   T30]       Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  299.416190][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  299.424901][   T30] task:syz.0.704       state:D stack:26880 pid:7817  tgid:7816  ppid:7085   flags:0x00000004
[  299.444804][   T30] Call Trace:
[  299.467812][   T30]  <TASK>
[  299.470801][   T30]  __schedule+0x1895/0x4b30
[  299.483949][   T30]  ? __pfx___schedule+0x10/0x10
[  299.489005][   T30]  ? __pfx_lock_release+0x10/0x10
[  299.494163][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  299.512519][   T30]  ? schedule+0x90/0x320
[  299.518200][   T30]  schedule+0x14b/0x320
[  299.522401][   T30]  schedule_preempt_disabled+0x13/0x30
[  299.538973][   T30]  __mutex_lock+0x6a7/0xd70
[  299.544067][   T30]  ? __mutex_lock+0x52a/0xd70
[  299.555517][   T30]  ? rtnl_dumpit+0x99/0x200
[  299.560086][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  299.565140][   T30]  ? __alloc_skb+0x28f/0x440
[  299.579989][   T30]  ? __pfx___alloc_skb+0x10/0x10
[  299.585072][   T30]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  299.596312][   T30]  rtnl_dumpit+0x99/0x200
[  299.600705][   T30]  netlink_dump+0x647/0xd80
[  299.605260][   T30]  ? __pfx_netlink_dump+0x10/0x10
[  299.624905][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  299.635533][   T30]  __netlink_dump_start+0x5a2/0x790
[  299.641266][   T30]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  299.656333][   T30]  rtnetlink_rcv_msg+0xb3d/0xcf0
[  299.661430][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  299.675485][   T30]  ? __pfx_rtnl_dumpit+0x10/0x10
[  299.680492][   T30]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  299.697370][   T30]  ? ref_tracker_free+0x643/0x7e0
[  299.702573][   T30]  netlink_rcv_skb+0x1e3/0x430
[  299.707596][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  299.713099][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  299.730867][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  299.740193][   T30]  netlink_unicast+0x7f6/0x990
[  299.745027][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  299.761215][   T30]  ? __virt_addr_valid+0x183/0x530
[  299.769851][   T30]  ? __check_object_size+0x48e/0x900
[  299.775189][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  299.785395][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.790743][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  299.804965][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.811232][   T30]  __sock_sendmsg+0x221/0x270
[  299.819405][   T30]  __sys_sendto+0x39b/0x4f0
[  299.823964][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  299.840030][   T30]  ? do_futex+0x33b/0x560
[  299.844446][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  299.861978][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  299.872501][   T30]  __x64_sys_sendto+0xde/0x100
[  299.884146][   T30]  do_syscall_64+0xf3/0x230
[  299.888852][   T30]  ? clear_bhb_loop+0x35/0x90
[  299.893561][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.910588][   T30] RIP: 0033:0x7f4e32b7dff9
[  299.915050][   T30] RSP: 002b:00007f4e33a63038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  299.935467][   T30] RAX: ffffffffffffffda RBX: 00007f4e32d35f80 RCX: 00007f4e32b7dff9
[  299.943977][   T30] RDX: 0000000000000012 RSI: 0000000020000740 RDI: 0000000000000004
[  299.962208][   T30] RBP: 00007f4e32bf0296 R08: 0000000000000000 R09: 0000000000000000
[  299.973651][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.986218][   T30] R13: 0000000000000000 R14: 00007f4e32d35f80 R15: 00007ffc8540b518
[  299.994260][   T30]  </TASK>
[  300.005757][   T30] 
[  300.005757][   T30] Showing all locks held in the system:
[  300.013511][   T30] 5 locks held by kworker/u8:0/11:
[  300.031905][   T30]  #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  300.046270][   T30]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  300.066579][   T30]  #2: ffffffff8fcc5f50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  300.084697][   T30]  #3: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0
[  300.105158][   T30]  #4: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  300.130018][   T30] 3 locks held by kworker/u8:1/12:
[  300.135182][   T30]  #0: ffff88802e278148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  300.164942][   T30]  #1: ffffc90000117d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  300.185315][   T30]  #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  300.194895][   T30] 1 lock held by khungtaskd/30:
[  300.210606][   T30]  #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  300.232496][   T30] 3 locks held by kworker/u8:10/2939:
[  300.242574][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  300.266096][   T30]  #1: ffffc90009a67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  300.287190][   T30]  #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  300.304920][   T30] 2 locks held by getty/4985:
[  300.309810][   T30]  #0: ffff88814c22d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  300.331388][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  300.353240][   T30] 3 locks held by kworker/0:3/5273:
[  300.364760][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  300.386131][   T30]  #1: ffffc90004097d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  300.405398][   T30]  #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  300.425416][   T30] 7 locks held by kworker/1:4/5284:
[  300.430661][   T30] 3 locks held by kworker/0:6/5322:
[  300.447516][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  300.471014][   T30]  #1: ffffc90004317d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  300.495491][   T30]  #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  300.506411][   T30] 1 lock held by syz-executor/7664:
[  300.511993][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.531501][   T30] 1 lock held by syz-executor/7668:
[  300.542755][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.562778][   T30] 1 lock held by syz.1.701/7802:
[  300.572905][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: packet_mc_add+0x28/0x950
[  300.585449][   T30] 1 lock held by syz.1.701/7805:
[  300.590421][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.609642][   T30] 1 lock held by syz.2.703/7811:
[  300.614632][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.634832][   T30] 2 locks held by syz.0.704/7817:
[  300.641294][   T30]  #0: ffff8880607af6c8 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790
[  300.665450][   T30]  #1: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x99/0x200
[  300.674345][   T30] 1 lock held by syz-executor/7823:
[  300.690469][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.705539][   T30] 1 lock held by syz-executor/7825:
[  300.710792][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.734913][   T30] 1 lock held by syz-executor/7827:
[  300.746292][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.765442][   T30] 1 lock held by syz-executor/7831:
[  300.770690][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.790652][   T30] 1 lock held by syz-executor/7833:
[  300.800429][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.823763][   T30] 1 lock held by syz-executor/7844:
[  300.830418][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.852715][   T30] 1 lock held by syz-executor/7846:
[  300.860289][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.881418][   T30] 1 lock held by syz-executor/7847:
[  300.893463][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.914349][   T30] 1 lock held by syz-executor/7852:
[  300.920800][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.941023][   T30] 1 lock held by syz-executor/7854:
[  300.952203][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  300.975526][   T30] 1 lock held by syz-executor/7859:
[  300.980763][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  301.000194][   T30] 1 lock held by syz-executor/7861:
[  301.009957][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  301.025465][   T30] 1 lock held by syz-executor/7863:
[  301.030689][   T30]  #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  301.052051][   T30] 
[  301.054415][   T30] =============================================
[  301.054415][   T30] 
[  301.076175][   T30] NMI backtrace for cpu 0
[  301.080547][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  301.090733][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  301.100809][   T30] Call Trace:
[  301.104108][   T30]  <TASK>
[  301.107051][   T30]  dump_stack_lvl+0x241/0x360
[  301.111758][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.116983][   T30]  ? __pfx__printk+0x10/0x10
[  301.121610][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  301.126577][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  301.132052][   T30]  ? _printk+0xd5/0x120
[  301.136230][   T30]  ? __pfx__printk+0x10/0x10
[  301.140841][   T30]  ? __wake_up_klogd+0xcc/0x110
[  301.145714][   T30]  ? __pfx__printk+0x10/0x10
[  301.150329][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  301.155376][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  301.161465][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  301.167471][   T30]  watchdog+0xff4/0x1040
[  301.171740][   T30]  ? watchdog+0x1ea/0x1040
[  301.176192][   T30]  ? __pfx_watchdog+0x10/0x10
[  301.180897][   T30]  kthread+0x2f0/0x390
[  301.184989][   T30]  ? __pfx_watchdog+0x10/0x10
[  301.189687][   T30]  ? __pfx_kthread+0x10/0x10
[  301.194297][   T30]  ret_from_fork+0x4b/0x80
[  301.198746][   T30]  ? __pfx_kthread+0x10/0x10
[  301.203397][   T30]  ret_from_fork_asm+0x1a/0x30
[  301.208199][   T30]  </TASK>
[  301.213300][   T30] Sending NMI from CPU 0 to CPUs 1:
[  301.219216][    C1] NMI backtrace for cpu 1
[  301.219229][    C1] CPU: 1 UID: 0 PID: 5284 Comm: kworker/1:4 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  301.219249][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  301.219260][    C1] Workqueue: events nsim_dev_trap_report_work
[  301.219283][    C1] RIP: 0010:unwind_next_frame+0x18ed/0x22d0
[  301.219309][    C1] Code: 0c 01 75 40 80 3d c2 22 db 11 00 75 37 c6 05 b9 22 db 11 01 e9 21 fa ff ff bf 01 00 00 00 e8 8a c5 21 00 65 8b 0d ab 98 c2 7e <b0> 01 85 c9 75 73 e8 48 77 bf ff eb 6c 80 3d ba 75 c5 0e 00 0f 84
[  301.219323][    C1] RSP: 0018:ffffc90000a18730 EFLAGS: 00000213
[  301.219336][    C1] RAX: 0000000000000103 RBX: ffffc90000a18810 RCX: 0000000000000102
[  301.219348][    C1] RDX: dffffc0000000000 RSI: ffffc90000a11000 RDI: 0000000000000001
[  301.219360][    C1] RBP: ffffc90000a18800 R08: ffffc90000a18c40 R09: 0000000000000000
[  301.219371][    C1] R10: ffffc90000a18850 R11: fffff5200014310c R12: dffffc0000000000
[  301.219384][    C1] R13: ffffc90000a18800 R14: ffffc90000a11000 R15: ffffc90000a18c50
[  301.219397][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  301.219410][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  301.219422][    C1] CR2: 000000110c3591bd CR3: 000000000e734000 CR4: 00000000003506f0
[  301.219443][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  301.219453][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  301.219463][    C1] Call Trace:
[  301.219469][    C1]  <NMI>
[  301.219476][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  301.219496][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  301.219519][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  301.219537][    C1]  ? nmi_handle+0x2a/0x5a0
[  301.219565][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  301.219585][    C1]  ? nmi_handle+0x14f/0x5a0
[  301.219600][    C1]  ? nmi_handle+0x2a/0x5a0
[  301.219616][    C1]  ? unwind_next_frame+0x18ed/0x22d0
[  301.219639][    C1]  ? default_do_nmi+0x63/0x160
[  301.219658][    C1]  ? exc_nmi+0x123/0x1f0
[  301.219675][    C1]  ? end_repeat_nmi+0xf/0x53
[  301.219695][    C1]  ? unwind_next_frame+0x18ed/0x22d0
[  301.219724][    C1]  ? unwind_next_frame+0x18ed/0x22d0
[  301.219748][    C1]  ? unwind_next_frame+0x18ed/0x22d0
[  301.219771][    C1]  </NMI>
[  301.219776][    C1]  <IRQ>
[  301.219786][    C1]  ? kmem_cache_free+0x1a2/0x420
[  301.219808][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  301.219827][    C1]  arch_stack_walk+0x11c/0x150
[  301.219845][    C1]  ? dst_destroy+0x2ac/0x460
[  301.219862][    C1]  stack_trace_save+0x118/0x1d0
[  301.219880][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  301.219899][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  301.219923][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.219946][    C1]  kasan_save_track+0x3f/0x80
[  301.219960][    C1]  ? kasan_save_track+0x3f/0x80
[  301.219974][    C1]  ? kasan_save_free_info+0x40/0x50
[  301.219994][    C1]  ? __kasan_slab_free+0x59/0x70
[  301.220009][    C1]  ? kmem_cache_free+0x1a2/0x420
[  301.220047][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  301.220070][    C1]  kasan_save_free_info+0x40/0x50
[  301.220096][    C1]  __kasan_slab_free+0x59/0x70
[  301.220111][    C1]  ? dst_destroy+0x2ac/0x460
[  301.220124][    C1]  kmem_cache_free+0x1a2/0x420
[  301.220144][    C1]  ? dst_destroy+0x2ac/0x460
[  301.220159][    C1]  dst_destroy+0x2ac/0x460
[  301.220174][    C1]  ? rcu_core+0xa37/0x17a0
[  301.220188][    C1]  ? __pfx_dst_destroy_rcu+0x10/0x10
[  301.220211][    C1]  rcu_core+0xaaa/0x17a0
[  301.220232][    C1]  ? __pfx_rcu_core+0x10/0x10
[  301.220246][    C1]  ? __run_timer_base+0x1c0/0x8e0
[  301.220274][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.220302][    C1]  handle_softirqs+0x2c5/0x980
[  301.220325][    C1]  ? do_softirq+0x11b/0x1e0
[  301.220345][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  301.220368][    C1]  do_softirq+0x11b/0x1e0
[  301.220386][    C1]  </IRQ>
[  301.220391][    C1]  <TASK>
[  301.220397][    C1]  ? __pfx_do_softirq+0x10/0x10
[  301.220416][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  301.220440][    C1]  ? rcu_is_watching+0x15/0xb0
[  301.220458][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  301.220478][    C1]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  301.220495][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  301.220515][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  301.220535][    C1]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  301.220554][    C1]  nsim_dev_trap_report_work+0x75d/0xaa0
[  301.220582][    C1]  ? process_scheduled_works+0x976/0x1850
[  301.220602][    C1]  process_scheduled_works+0xa63/0x1850
[  301.220634][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  301.220658][    C1]  ? assign_work+0x364/0x3d0
[  301.220680][    C1]  worker_thread+0x870/0xd30
[  301.220704][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  301.220727][    C1]  ? __kthread_parkme+0x169/0x1d0
[  301.220751][    C1]  ? __pfx_worker_thread+0x10/0x10
[  301.220772][    C1]  kthread+0x2f0/0x390
[  301.220785][    C1]  ? __pfx_worker_thread+0x10/0x10
[  301.220805][    C1]  ? __pfx_kthread+0x10/0x10
[  301.220820][    C1]  ret_from_fork+0x4b/0x80
[  301.220841][    C1]  ? __pfx_kthread+0x10/0x10
[  301.220855][    C1]  ret_from_fork_asm+0x1a/0x30
[  301.220882][    C1]  </TASK>
[  301.231591][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  301.231607][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  301.231628][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  301.231639][   T30] Call Trace:
[  301.231647][   T30]  <TASK>
[  301.231656][   T30]  dump_stack_lvl+0x241/0x360
[  301.231687][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.231711][   T30]  ? __pfx__printk+0x10/0x10
[  301.231731][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  301.231760][   T30]  ? vscnprintf+0x5d/0x90
[  301.231781][   T30]  panic+0x349/0x880
[  301.231804][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  301.231830][   T30]  ? __pfx_panic+0x10/0x10
[  301.231850][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  301.231868][   T30]  ? __irq_work_queue_local+0x137/0x410
[  301.231891][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  301.231910][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  301.231932][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  301.231953][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  301.231974][   T30]  watchdog+0x1033/0x1040
[  301.231996][   T30]  ? watchdog+0x1ea/0x1040
[  301.232021][   T30]  ? __pfx_watchdog+0x10/0x10
[  301.232041][   T30]  kthread+0x2f0/0x390
[  301.232057][   T30]  ? __pfx_watchdog+0x10/0x10
[  301.232077][   T30]  ? __pfx_kthread+0x10/0x10
[  301.232094][   T30]  ret_from_fork+0x4b/0x80
[  301.232115][   T30]  ? __pfx_kthread+0x10/0x10
[  301.232132][   T30]  ret_from_fork_asm+0x1a/0x30
[  301.232162][   T30]  </TASK>
[  301.874610][   T30] Kernel Offset: disabled
[  301.878927][   T30] Rebooting in 86400 seconds..