last executing test programs:

1m26.062141079s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

1m14.518896659s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

1m1.047885326s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

48.682624239s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

35.048327559s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

15.857200146s ago: executing program 4 (id=234):
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f00000000c0)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="e4bb98e2876d"}, 0x14)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@private0, 0x86dd}}}]}, 0x38}, 0x1, 0xf00}, 0x600)

4.202866438s ago: executing program 0 (id=2692):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b0000000000"], 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'bond0\x00'}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0xf0}}, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002440), &(0x7f0000002480)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000024c0)={<r7=>0x0}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)="e40034ea77f09a1229ebdd6f9ed9cc81055bf3fa66f6b2c79498d001679dd9eb12b125cb56313d29185954d9b5d42453d1a67e2ccc4b07e44cf10132ce33ec0714eeba71b7ef13b54492ac793167e6debd3a452bf48af2107460a820ae74f42d4e38f4157ff3ff77c769fedce1a3acb4ebbf067873b2189d9108f5814df45a3e0f6b95f160f7e295a4e459cba60654eb8762af43d5ef02a8e3b6373fa3a769c4c5dbdf89bc7e794a54b269c647215c52fffcbc989937c468ad6d411a9b2be332ee0bd14f4ceac34aa0479b406feb4a4315f8b367f30608d38cb0146628f6", 0xde}, {&(0x7f0000000300)="fd8c8d7ccbaa75da6b9e500791f84ef95c5cc9e2526e1896e8cad5c20295c5ba52d0f1b96eb629720e6f0c994ba83d5459e9f47965a69d4f753fd0bde07e1f469cc80b979ccd81a357668c890fbf31480d1e1fe6c6a725e79f8c7b7681e8f424c1d56bc3319aeac71e4942f39902a705a26c7df9216208ca4be4e5807c4f743789d91ff40000fbf1281c373259e12e359c8b95a61d19adaa909b1e8da7505344fef218f1ded93e3ecca5fcc13355c01e856a4ebab62b4248c39f4150227c06ae1701009737a961e16a9c2ef8c3cb7bd3b0b049ca12eedb181252b39c75d720a54536ff346fb4cde10b6adf688c50d818", 0xf0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r7}}}], 0x60, 0x800}}, {{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001c40)="8ae3298d1176e97d4abfe4585964980543805e53a9d967bced1808b42661353cd0a2b5205312d2f0307ae8c9e5a4", 0x2e}], 0x1, &(0x7f0000001dc0)}}, {{&(0x7f0000002640)=@abs, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4000}}], 0x3, 0x8000)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000140)={0x0, @multicast2, @private}, &(0x7f0000000180)=0xc)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x8004}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xe}}, 0x0)
getsockname$packet(r8, &(0x7f00000007c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x24, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast1}, @FOU_ATTR_IFINDEX={0x8, 0xb, r9}]}, 0x24}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000006000000010000000000000800000000040000000000000000000900010000002e00002e00000000000000000000000000003742a457e7fe4c1551274a381b152f7b15fe3661855882b5b1e2d9675a8c1440f33d41980a231eb85d15482fc4f7e07f87182ae106f4fcea2781fa6ece710a7c8faa2542714c2324ceba641a50ad8999e8ad7b7ccb05ada1417e61b1399e9f55fdaed8b353f15e09169f4b4a00758be32fce44d0a42c4f8e1bc100b5dabf7e7651a53a6505c2f60b438dc7a33bdb6692aa89"], &(0x7f0000002d80)=""/4100, 0x46, 0x1004, 0x1}, 0x20)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000000)={0x2, 0xfffffff8, 0x0, 0x6e65})
r10 = socket$inet6_sctp(0xa, 0x0, 0x84)
sendto$inet6(r10, 0x0, 0x0, 0x24048841, &(0x7f00000000c0)={0xa, 0x20, 0x0, @mcast1, 0x15}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r10, 0x29, 0x2, 0x0, 0x0)

3.538607488s ago: executing program 0 (id=2699):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r0, 0x8b26, &(0x7f0000000080)={'wlan1\x00', @random="000000f900"})

3.417595707s ago: executing program 0 (id=2701):
syz_init_net_socket$ax25(0x3, 0x0, 0x1)
connect$ax25(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000000)={0x2, &(0x7f0000000180)=[{0x4}, {0x6}]}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="26eb6d12cb78af20c43504e686a3130f2b123c2587ebe03ac0cce7de9bdfe28abf6398bbdfa8969f", 0x28}], 0x1)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\b\x00'/20])
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
socket$kcm(0x15, 0x5, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@l2tp={0xa, 0x0, @broadcast, 0xffffc0fe}, 0x80, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'sit0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="18080000000000000000000000000000181100005dcf079d2028d7015fe1396a7618e307caf72d619d76e12f5b6d706f9501ee898794d9832ce13f3d4b97a59cb0c5c858f955568af4971a658ede46d0434ffff8ab27e547f8190aa56a43587e286437fced4f4d600765e4f55ebaecc9f449f7b983f18b42846d213aa00cdcde2d54fe15cb434534c46200a3c0f552fb50471d8238", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007baaf8ff00000000b5090800000000007baaf0ff00000000bf8700000000000007090000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7050000080000004600020076000000bf9800000000000056080200000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r5}, 0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0xf00, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001300a900"/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="080004007f"], 0x30}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800457916000000000000119078ac1414bbac1414bb00004e2100089078"], 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvmmsg(r4, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{&(0x7f0000003a00)=""/183, 0xb7}], 0x1, &(0x7f0000003c00)=""/63, 0xfffffffffffffe61}}, {{&(0x7f0000003c80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}}], 0x4, 0x0, 0x0)

2.515955729s ago: executing program 0 (id=2708):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x5, 0x7fff, 0x0, 0x0, 0xffffffffffffffff, 0x7f}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000a00), &(0x7f0000000280)=@tcp6=r1}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r3, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000008c0)={&(0x7f0000000a80)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16=r2], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4c000)
getsockname(r2, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, &(0x7f00000000c0)=0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000640), 0xc, &(0x7f00000006c0)={&(0x7f0000000680)=@bridge_getneigh={0x28, 0x1e, 0x8, 0x70bd2b, 0x25dfdbfd, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7003}, [@IFLA_TXQLEN={0x8, 0xd, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40800)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newlink={0xac, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x84, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x74, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x87cd, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x4, 0x27b6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x9}}]}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x6, 0x4}}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x200, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xffffffffffffffa5, 0x1, {0x3, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffe01, 0x7f}}]}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0xac}}, 0x0)

2.30749699s ago: executing program 0 (id=2712):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="28000000010859040000000000000000070000020600024088eb00000900010073797a3100000000"], 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x4008800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = accept(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x6)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r2)
getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0x18, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x75, @local}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@multicast2, @in6=@private1}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x0, 0x0, @private0}, @in6={0x2, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}]}, 0xe0}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010f10407000000000000000000000002", @ANYRES32=r3, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x5)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r3, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="2000000014002101000000ac0000000002000000", @ANYRES32=r8, @ANYBLOB="08000200ac"], 0x20}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x18}}, 0x4040004)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x60, 0x0, 0x0, r10}}, 0x24}}, 0x0)
r11 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r11, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)

2.097054017s ago: executing program 0 (id=2714):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000)=0x1)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002400)={{r1}, 0x0, 0x0, @inherit={0x70, &(0x7f00000005c0)=ANY=[@ANYBLOB="ded5aab3f21edc825431aca9d7d7d3b100000000000000050000000000000000000000000000000000000000000082c273d2a960dff36f216700"/102, @ANYRESOCT=r1, @ANYRESOCT=r1, @ANYBLOB="661bec0316f80d28b1ce12dddf4bd867f7a137efb364022cf840c035336b208093dd223d49726278e0f896d39627b1c4c78a2ed258292d5ef96857aa486276ad72d05240ace0e0751156c5d71dac438f5c132a7371d66cf4c97ff7b4d7ce0a6449565218758aa921eeb192bc7676eb3bed1131da2d4981fb5027d6032c2701126f7803185a83b3ba742d3fd31df557cf8d2867611350fd82b3b7b073d0c6ab74fe5e3b5a2040259c8dcc2a13442b52d818dc9ed2556c1c36936d3fa7cb1402dc28fc081e3c3c9b236385"]}, @name="1e14281273ac5c8262d9b21fc10561c801ffa81fa3ccff813ff8b2a8d6512a8fa9773d1b77ab0bf6220ddc62b49e5ec62c635409107a7633e73e22fdf150b452ea8281d08e02e105fa9c8811a48f9603da4f413e012343fdccf508e6822b4d7d9e8802712fe80ad8c8e586b8d2de859a16c9e58ea47f0672c82a644da949febe03fe15f1ca1d205c5ff4676682b3e3655573bd917161a1faf9584ae483118971353a12d4e588f6e0e02ffc40ffb1e0d6d817515b1fb0d53d7220a9ec1cbad3f5e2a1ac4215d705e2c44717d2cb56d4156020ff75912214c099423c9676263ce96e1fa183a41dd3dad67d57942b0110b6aa5a4ecef357eb0dfc47f9555a422ac7cb9a056a20078194542a5d32600392d4081a8d90c8a634a74e4d41808e9afc87b56436984dab00857dd84d7463d8546a32d7d95664ccf154ca8ac8dd6572ba85456bc7b43bd7ffacf3262e54279098d30faf162c183c034c3a66dd72c62993d2d88212f9c7ce81746a5c4a4ec2670651fab31268fb8146b7054fbe9e7b9b3638c8ceb894cf60d2c2c9633a9fdf501dd2ea264c74676cb9c968765e24d995dd4bbfc57b324a9a25c6615f07462d61bfbbd43a6abc36404223cd5800005694379258e9d6cd6268ff06ac3f4b5ad590a893f90bcc3541e5df8fe6850bbb188cd7a68c608ae6bffdaf0880083b81c0a9fe7b05f4f13e02dd46b0c2e3671012e7c667547883278e7d36c64326d89fe2b3499769b394ebc8e362e83ac126c14e75a3d8c6b0c9b133ef2eb9a960154718188ff78bb3ff39512a70ed24484db1ff6cff8d9ff98da0c719612ac621b695bcfa0ac880c281c6e1a8d42cfd23d4728f4f2ab7e837c189d874be6526ed869e7827f194d180a1b6c5c64fc16d1c05219fecf6afc838ce8a14077868c5e1b2733dd961639b1cd7c80e4593b900eb612bef94a207556cf7da764971b366f08803b36f98b79b00047c558e97f1bc694589727bdf5e43d6ac9aa441190a085311d3dfdb2e4d5c3d777a4d68dac730118cf4a3d44eac920efd975362423f834dec8d6ffbf22d194af2fb4860f7a961cbecbe92491a33b618c8d6c7f8bd27e0be2467c1f2be9e7fa6d3a2d764bba9e7ed13f55ab6a82b3816f6aac2cec627305194f218228a03f8c5255ad348afc8fce5f78c6e5402fd162d37a3562505466a7bdc78b21022aae8eec781f7b3265e71c07710d8e7c1d662852da1cd633d29575a553576222432d175c889300c1c0cb3676e143975afa6f90819ef61c64bcd99bb9168faf4572987a28f3356055b42f38ebf17e5f85fa7ce63d013a00ef287df2f4088bb8867b2b76b980f167a96ac1a44634e2c4741703aaef9cb4bd603014e07b807f178ccd911553fa71beaf81e5ac6f28d6f1514f61b14d247da1f2ba42b6ab06b45c1a639d2de8265030c2baab5e272c5224c47b1f2947c3c956d275808681119205204ee6e20d4ff17091c8a80e1be7afbf88516885573350ad66a67e93247e8850249a137054b378fa25eacac3b0dac7ff0c9176383ace558825130d03767b8356ccf08f2086b39819dd6c72ad28bef5f797777226b1556ff2e7a6a844a5f5ac4217e2b89f771f685304b77eb7e1ca4aa19fbeae39a26fb785ec5c56dc9ae862dc86c3b5af8416a1ad1b37016e76c90d5f981f6221443564db72f2264a9247b12efc1df695029b2bc743befabb4a1d0d7e53f50ea78f57184d5dfbc9aa0e2db761edc13f1db64bf919b98701e532857f4e8279512e0df53ae9352be000c392f66d078af13f3dde08d6ed82c908c96a0ffe7c9fca6cab8f9af74c0919b3de52635bb04e2b2f611d1cb2d5fe4c24ef18494ffb048c51bbb7840301324de92b49d552a46e15400d0c19ee59e9b787627ebbcd4afdbaf349d9f9ad2e1e1fa98c97ca8721de261557ff446502bb2fbbcf6f9024fa08620badf33323ec5b6864e394de21d18f71df50decbbbad76158973fba106c4cb74180a134c44b577bc97f7134c7341cf4b009f5fa442826c2ab65551ddb2fc68368919c989020181debf35f1fa1f7a469e4ea963b097416a1e2dcbafc62d4c5246596f1f715fa9e924901e918f3fc1810c5b201267da0e1932308b51c5025c5d51b0acbc585dd69322bafbb234b4b11ae38a114355909d6454dbf241f28c6774712e4077dee7ff6b85bd0145128679a80673fd9cf734521dad5fe8c126d762c3e90acc25ca8ce2fadeb7a56e2fc61d9c29e04c2d663394f6eebd01f24b3692161f52647abe0ca89c90629e26cac630e81ba329aa0abc57d96c46c5eecc9ef241077dd9114626da9341a0dd6164b073e0fa6f5b9f63c4ec9459745c935466734a14c912b18c22521c1949f80c5bd590e83bd8db831d622f804b7d62cf025904c7f785cee4e7c9558f7f9121e8a8aab37b88bd3ca1d3566e843f077e2be99186fc6d5fa41956983de9aeb42367f1de1ff4f1bd78d772761718a1065a59331eee7fbabecae7a8543664f5cd28fe2e4bc601fce5c75e697384d7f199840901dcd4234c37bf761ed892c3bef713b370ee9a6e1973b96c4f2296fa26dfda1ec3768b884f85db05da45301bb7bb8d90231498a1d1af46b54f8403f4d0014d24bca24f6eba37d58716ab5f74f7b25ff86f42c193455d307d51ab9f61a559cc9e254765fb44c732b49156c5718d4a99293a7cdd1d60788af5d42c1526b830c916b16fc50032a626ef9275072a7d74ce31f608c4888a11c52c9fd60c19a37bb8b3d9a6c35beb85a2c5204b704f29c8053d5624373add4f751349ea84754b4f00c20da2b3158726a06fc5cfa1d6e922ac5c5dcb2108dbce3e6fc4f41e536322bfc46ec699940cfbd0b51c37fdd3a0a819a6cc84de39704a1e6f2a2ac0512b4b1f06b11ab3fc8b16af50506af56397278b8e188c137271e5ab601d6032a0e18aa6d9d0bd40d0b778933abbe90bcb8a3571594e84f797d37fa832dfe86e625c430d42928f61fa527e6baf13161726bfcbc371d96dcd32e8cb7b3b17b41fb440ea044284c6b732c195c50f655107252eb69eef24aeef6c7f325429f8f36462d1660bc000ad40c6282c9e5572c716e3de6d9ef8eccefbfee08ed38d13276be5e78f770968981ee3eaee9c733938729c7c4192838a0a8eeeff153fbd817814ec85efb6c1cc58753ea8b660bb3a247dd62628a075828183ad84d2c60434a2540b5b35b5f0c2c10535c1ee7fba922710279d6b2f0baa0faed56cd87eee274bb8394113772c0fd14cd5bf4f3ef6387fba3ff25d23c7a164863ca9c7b872a6ceef346b1553751faf8880c2160ef2084b49e16514e298a7f0a2429e205015b0c2f1bcc1e48eb4782cf4b246ae574087164d542f85412b9e68816ed029ccc51297fe08b043c4d54ead91096aa8419a13aa77cebb649d75311f24c0b68af204220c4b3df508c55255a0273ee24a483e7f290f2c2e6f063ed4994f12756ee1ddd986bbe6e52b824bab2c3da626c615fa3872ac53a84777d65c2a2b64311b6bee1ed8aa27f648dfb7cae005d3a621d9c10446f992272f18e14ea975d5a723bc34e75f4b3606ff4f61d54781c653abb268893bdcd1801967ac0987599f47971b1f90ae30c3a3561ef8b26d5b9a6b1f9daf29a78ad2014640cd50370c2a15245278e0ccf5057f031f316a547a0d635a378e425895c8570771a14030a8544ef075d3f626aebd0414e9515f4184af3e6ee56c4daea6a254eb9b5b39566664fc651d817b477768af3e8bf24642551c757f8a2d20180b95304bc1dd61622002ff06185efa565b6959623e7e2281ffec4959b5bded3dc7d563766203e75d480aae9a8d2816dd8b6b6f2ba1a8be3683a190d11df4f3e0ad6ba2b8ad6bb9685f2671a1f12dbe4836fd4dac9a0c9d136cecf9f62ac13f25fdc8de85280456aa4c75160a4bc2b478b9cb0822ef199e8f7f9e0245892efbfe33299395e82c20c13662553738d59fe521c450f722d034187b448de40a4458134abd0535d9a8f3414c5aaf9acd2f274e8400c1c8181d15c565b4e085ef9cad5e932b2e1f7891c2fe01fee0296e6c309653e10e1d08346255766a42cebb17fb165e4c28232083610e26f187bd5d1ca7f5e7e7c5cc179b3c862c15b43b6b4601257769b5d3062d56cc8f0ed43df220ec0f4c76ba83b0e18ce9e2e2190e0820aa4437b07e3bfae67ec4c48e1c996f6680eeea99c9f22ada30dc0f9ea905eb043e6431aae0a04740014fa563db6d96209cf1f96daf778dfc194a71c9deb34c14d82616f251eb11cb1bc1e41377ec0a4ccd8a53f2c193e77db47de93ecf5e38caebc394d82a1e61b3b2dda1e50ce42352b5b7d5285525e193486e775d386b3161583c48ca0bd8cd8efa6f7cac5fe9d2292cf23b30f5d4fda4890914e27c895bd16610d0bb2fdab956c68bab1ce89ccac6ebf8949a2a6d714dd944b4559aa291e7a81d77d40a75b901cbcbe4cdf15dde4bb63bd9f192471bd2e0cca88201255c86b422d7f93e068967c248a0414a06b44c13062af66cd5146081c0d9e2591bcc348971d7938e2c34f122253e21e29ed20e4749013bd5679d5a37f37402ecf205ad1527914f85555d642097410bf3c687565ba5cce0e97ca28d92666c1ad3559ac638a88729a97154ef5e394d70dfe712466b238f60548059445d0bae2d6d2da9e78a855fc7692397cedafc7887c94c765f98773f03f3dbb71ffa468f42c61ad91743532387d0f2919b0ba794f90f3988efb98f29867695d55a92575c66a28aab114f1acb09b61de9445ed57e3aecc84c105a2febe8ee0ef447e63629ad6261cbb6b51f1228300289a21f1fb7199cc38821ccc9d1d8db3d45fd2a370062a20ba2265ef0e8df377be01f143d17581cde4473c5383399b14623af3d37fd90c729a351aaa6215915d576d76e83bfca1bb777fcdadd62e5b096509756988f70e09da6cd149585395f05fb0e685ee50bc04a0ebd930d0f570b9cf089ea5cbcf5375f1c988bd31f82b3efa9f95a11654058c58676d5851f31bd6a52d1d9412b567ee817bc8a92e40dac5f76c8092199bac6cc942ad6752f19b9840dd89aea8b219da440b4b3da122fb44b2bb86f9faa5aa06c3b76093cc0c30f6eeeaad57d6163ac4b4e6105d0718b719860f12c767ac452acd7789ba31d9c9d9d9b9dc238044d89258337e3eef815f74fc2a715882b268185c4717e9a47775e11a5c210867cef74ce24d06e1593ddb198bc305ca6e3605c7424cf288a21eeb425206918392f83d178afba94a5e363646aacea3ad854d62d81f08f4a3f404bb69723501c22d95a6cadaf101a52b16d5b69a81c633b5680deced95cf8fe8727707ae8dbcb00d0f6212cc0c2e06af63d5d94f4c2c29a9df70beb9b2f9eb6c98c67c8502bba33f3ce5c150a0ff8ad28ad6de26b74f717630df540e65ef59bdeb97549b9aecb8d3486bcdc79a95267b4a47f06e83e6febe67ee8250aac6a80bb0b9c56d8be1ecbba8da03b22741e90667a44545e4ce422fe415abe81a9949530d61bcadcbe0ccaa3d7f1fc94520deb6a76c0356c768a4acfdd8a0f852baf12f2fbe1ae6fbcfda4dae1316aad07d492221869ffbca179a57f7c190dadee6f97ac1a7396f34e97a90d85eaf78573e9f393e80c9d797f4e96641c4c1d9909da708ec17258b293105475b747e948a5ae6c57805e3049326fd33c761de4cf7be9ec2b9caa9166c25363adf89c70f5385de1cdbea"})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0xf}, 0x90)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, &(0x7f00000000c0)=0xa0, 0x4)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r6, &(0x7f0000000580)={&(0x7f0000000440), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x88000)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001001c000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000048000000030a01010000000000000000020000000900010073797a30000000000900030073797a3200000000080007006e617400140004800800014000000000080002"], 0xa4}}, 0x20000094)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB=','], 0x2c}}, 0x0)
close(0xffffffffffffffff)

1.867916393s ago: executing program 3 (id=2717):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x2}]}]}, 0x28}, 0x1, 0x0, 0xf00000000000000}, 0x0)

1.750467271s ago: executing program 3 (id=2719):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x1e, &(0x7f0000000000)=0x88, 0x4) (async)
r1 = socket(0x1e, 0x1, 0x0)
listen(r1, 0x0) (async)
shutdown(r1, 0x2) (async)
readv(r1, &(0x7f0000000980)=[{&(0x7f0000000300)=""/182, 0xb6}], 0x1)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r2, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000080) (async)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x1, 0x4, 0xffffffff, 0x2, 0x1}, 0x48) (async, rerun: 32)
r3 = socket$inet6(0xa, 0x2, 0x0) (async, rerun: 32)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0) (async)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, &(0x7f0000000000), 0x10)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000080)={0x17b, <r6=>0x0}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000000c0)=r6, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000e80), 0xffffffffffffffff) (async)
r9 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r9, 0x101, 0x8, &(0x7f0000000800), &(0x7f0000000840)=0x4)
sendmsg$DEVLINK_CMD_SB_GET(r7, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000ec0)={0x3c, r8, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 64)
bind$inet6(r3, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720ac4ff000000000000009500"/23], &(0x7f0000000040)='syzkaller\x00'}, 0x90)

1.673603321s ago: executing program 2 (id=2720):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x280, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @dev, [], [], 'batadv0\x00', 'wg1\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x0, 0x4c00}}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "ea01dace53ca15d49302b6f9280e0081e08ab2cff0c119a466e514dcba71"}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2e0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7cf0ff001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000900000000000500200001000000050028"], 0x7c}}, 0x0)

1.630719231s ago: executing program 1 (id=2721):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000a00)={'veth1_to_team\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r3, 0x89e3, &(0x7f00000000c0)={0x0, 0x0, 0xa, 0xb})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000040), &(0x7f0000000200)=0x30)

1.519794197s ago: executing program 3 (id=2722):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)={0x1b, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x5, 0x7fff, 0x0, 0x0, 0xffffffffffffffff, 0x7f}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000a00), &(0x7f0000000280)=@tcp6=r1, 0x4}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x0, 0x803, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r3, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000008c0)={&(0x7f0000000a80)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES16=r2], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4c000)
getsockname(r2, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, &(0x7f00000000c0)=0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000640), 0xc, &(0x7f00000006c0)={&(0x7f0000000680)=@bridge_getneigh={0x28, 0x1e, 0x8, 0x70bd2b, 0x25dfdbfd, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7003}, [@IFLA_TXQLEN={0x8, 0xd, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40800)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newlink={0xac, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x84, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x74, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x87cd, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x4, 0x27b6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x9}}]}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x6, 0x4}}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x200, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xffffffffffffffa5, 0x1, {0x3, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffe01, 0x7f}}]}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0xac}}, 0x0)

1.519314866s ago: executing program 2 (id=2723):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1a, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@getchain={0x2c, 0x66, 0xfcd66a900070b359, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x60}}, [{0x8, 0xb, 0x37}]}, 0x2c}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})

1.420335596s ago: executing program 2 (id=2724):
r0 = epoll_create1(0x0)
epoll_create1(0x0) (async)
r1 = epoll_create1(0x0)
r2 = socket$isdn(0x22, 0x3, 0x11)
ioctl$IMHOLD_L1(r2, 0x80044948, &(0x7f0000000040)=0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x300, r0, &(0x7f0000000140)={0x30002000})
syz_emit_ethernet(0x3cc, &(0x7f0000000180)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c5819c", 0x396, 0x3a, 0x0, @dev, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @loopback, [{0x4, 0x13, "a72ca4b1ec69796fbadccb37fd442c4d8c48b798440c36eb9b6b4202f65e59aca7cec82d57e0d7012d004b22a579869d5deb4a4679efac9f006c312864afc7c6724ebafa521d464aa31c575c6ba6fa029c2ffb1f5e39e06da5ebb10b046a420c7bad645b5792b14903e8106549a90eaddade5cf43d51d6ea04b57dcf63b2e5e84729e5df5a71a2f8081663e61b99ab1740ee86362d431d914a"}, {0x5, 0x1b, "ff4eed91d5fcdea6aab72f88e722154a36cdf20a3c51c94202ca26eaf6a0188cb9282a61d9d789e13a4e3796784067b93975fadb67dd1a3508305cfd5d946c78e0ddfbe9f2fc4e314838c16a7be9d5c9fc767491154332c9bbc999bd265e8d44608e10be81ec5883a7e4017eb74e5a02d6ab2abd632c81e595749bda13ffdf1e98082390b4439488266be162605a63961846a05f5ed6b0d205e7f143423259cdd31604cc90a63da41778a627021263d487deb522c5afa442c28d65e3b393cac3ef557f12a728d9e9bd8ac1749006bcfe4eaf3ac8d8ce2a6e"}, {0x20, 0x1b, "6a45580ba8ffcf8e57ca8d226458bbdddd168836824ad40dd6dccec7875aa6329ed0db55e964a4348c11ac6b7194639578185f4914700258a844dad12adeff8152029c8789eab7e36d6bb872c9e56c7b6dac1b32415d38e7d70761c43745989837e1d48bfc8d08b73776e32d0d217a29c7ae7b067afc89222a4c39b5ea6fbc21e7750f8b065228b1c3dab1be2690ce5ce705bb69e056f6be20060196beb4be105d026b2cd1827166b2f109283206470b4c44e7d2333b8216c0eadf22ab3fa322ad52fa472b22b165e4a7d38f5a066a3b06d43d2fd7335d56de13fd7b"}, {0xe, 0x5, "14fc9f599de1f7bf1850380d1757b35fc58428cdc36bee5f68a51d77671fb8a62c9ba677e5a38799"}, {0x1, 0xc, "cb16e55878da28343e1f91ff701f530dfb24602c52daa640b3d1de6bf68379056b7f3d81419a70a89fcf1e2819d6f0bb282961633124d64b02b6f1b5b086d23cd228eda13c06ba1a965253009baec4c6ec0fa42348a5435480831fa1b3bd7bc5"}, {0x4, 0x14, "8776b00f76321a9ef776086d58333503e3ac37748306a7f4ac0eea2978dab2f048c8c95093d9e9876aa6e5c93f0aa176ce3725da4077919a1c9c2a930b9c88cfe005d32bd1e7231cf9435a7e8d20939db76beb8ae756963c54e655770ec3e0e9490ff32908629f18875694897b213056ebacb0e0eaa8a672e6939014be8898796d9dc015582073c8c15bec3c8531658b2d1ecf8577af457cd63ecf8bab138de9b9"}]}}}}}}, 0x0)

1.357729329s ago: executing program 1 (id=2725):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)=0x28)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xda00)
r1 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xf, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x1b, 0x2}, 0x48)

1.311936326s ago: executing program 3 (id=2726):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b0000000000"], 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'bond0\x00'}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0xf0}}, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001840), &(0x7f0000001880)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002440), &(0x7f0000002480)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000024c0)={<r7=>0x0}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000680)="e40034ea77f09a1229ebdd6f9ed9cc81055bf3fa66f6b2c79498d001679dd9eb12b125cb56313d29185954d9b5d42453d1a67e2ccc4b07e44cf10132ce33ec0714eeba71b7ef13b54492ac793167e6debd3a452bf48af2107460a820ae74f42d4e38f4157ff3ff77c769fedce1a3acb4ebbf067873b2189d9108f5814df45a3e0f6b95f160f7e295a4e459cba60654eb8762af43d5ef02a8e3b6373fa3a769c4c5dbdf89bc7e794a54b269c647215c52fffcbc989937c468ad6d411a9b2be332ee0bd14f4ceac34aa0479b406feb4a4315f8b367f30608d38cb0146628f6", 0xde}, {&(0x7f0000000300)="fd8c8d7ccbaa75da6b9e500791f84ef95c5cc9e2526e1896e8cad5c20295c5ba52d0f1b96eb629720e6f0c994ba83d5459e9f47965a69d4f753fd0bde07e1f469cc80b979ccd81a357668c890fbf31480d1e1fe6c6a725e79f8c7b7681e8f424c1d56bc3319aeac71e4942f39902a705a26c7df9216208ca4be4e5807c4f743789d91ff40000fbf1281c373259e12e359c8b95a61d19adaa909b1e8da7505344fef218f1ded93e3ecca5fcc13355c01e856a4ebab62b4248c39f4150227c06ae1701009737a961e16a9c2ef8c3cb7bd3b0b049ca12eedb181252b39c75d720a54536ff346fb4cde10b6adf688c50d818", 0xf0}], 0x2, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r7}}}], 0x60, 0x800}}, {{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001c40)="8ae3298d1176e97d4abfe4585964980543805e53a9d967bced1808b42661353cd0a2b5205312d2f0307ae8c9e5a4", 0x2e}], 0x1, &(0x7f0000001dc0)}}, {{&(0x7f0000002640)=@abs, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4000}}], 0x3, 0x8000)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000140)={0x0, @multicast2, @private}, &(0x7f0000000180)=0xc)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x8004}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xe}}, 0x0)
getsockname$packet(r8, &(0x7f00000007c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x24, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast1}, @FOU_ATTR_IFINDEX={0x8, 0xb, r9}]}, 0x24}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000006000000010000000000000800000000040000000000000000000900010000002e00002e00000000000000000000000000003742a457e7fe4c1551274a381b152f7b15fe3661855882b5b1e2d9675a8c1440f33d41980a231eb85d15482fc4f7e07f87182ae106f4fcea2781fa6ece710a7c8faa2542714c2324ceba641a50ad8999e8ad7b7ccb05ada1417e61b1399e9f55fdaed8b353f15e09169f4b4a00758be32fce44d0a42c4f8e1bc100b5dabf7e7651a53a6505c2f60b438dc7a33bdb6692aa89"], &(0x7f0000002d80)=""/4100, 0x46, 0x1004, 0x1}, 0x20)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000000)={0x2, 0xfffffff8, 0x0, 0x6e65})
r10 = socket$inet6_sctp(0xa, 0x0, 0x84)
sendto$inet6(r10, 0x0, 0x0, 0x24048841, &(0x7f00000000c0)={0xa, 0x20, 0x0, @mcast1, 0x15}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r10, 0x29, 0x2, 0x0, 0x0)

1.187951926s ago: executing program 2 (id=2727):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000280)={0x44, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x0, 0x0, 0x58]}}]}]}]}, 0x44}}, 0x0) (fail_nth: 5)

1.187191461s ago: executing program 1 (id=2728):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000140)='9', 0x1}], 0x1)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, &(0x7f0000000140), 0x0}, 0x20)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r2, 0x80080400)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10)
getsockopt$inet_int(r3, 0x10d, 0xc9, &(0x7f0000000000), &(0x7f0000000240)=0x4)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000001180), r7)
sendmsg$NFC_CMD_GET_SE(r6, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)={0x14, r8, 0x5953a6d8b15e6715}, 0x14}}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(r5, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000004}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r8, 0x20, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r9=>0x0})
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={r9, 0x2, 0x6}, 0xfffffffffffffdd9)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x4, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r10, &(0x7f00000007c0), &(0x7f00000000c0)=""/79}, 0x20)
r11 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e23, @multicast1}}, 0xa000000, 0x1, 0x0, 0x0, 0x55, 0x5, 0x7f}, 0x9c)
r12 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)=@newtaction={0x60, 0x30, 0x53b, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_simple={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)

614.08436ms ago: executing program 2 (id=2729):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000b00)={0x38, r3, 0x428, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xfffffff8, 0x12}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x38}}, 0x8001)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000007c0), r2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_IPTABLES={0x5}]}}}]}, 0x3c}}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="dd30b700"], 0x14}}, 0x0)
r7 = openat$cgroup_ro(r1, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x275a, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000004c0), r6)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000600), r0)
r11 = socket(0x11, 0x800000003, 0x0)
r12 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r11, 0x8933, &(0x7f0000000600)={'team0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=@gettclass={0x24, 0x2a, 0x200, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r13, {0x3, 0xd}, {0xfff3, 0x9}, {0x7, 0xffe0}}, ["", "", ""]}, 0x24}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000640)=[0x0], ""/16, <r14=>0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0), 0x0, 0xad, &(0x7f00000006c0)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000980)={'team0\x00', <r15=>0x0})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000ac0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80480}, 0xc, &(0x7f0000000a80)={&(0x7f00000009c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=r10, @ANYBLOB="000425bd7000fedbdf250600000014000180080003000300000008000100", @ANYRES32=r13, @ANYBLOB="5c000180b8e9c1061869f5d570300000000000000000000008000100", @ANYRES32=r14, @ANYBLOB="14000200626f6e645f736c6176655f31000000000800030002000000080003000100000008000100", @ANYRES32=r15, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="0800030002000000"], 0x84}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)
sendmsg$NLBL_MGMT_C_ADD(r8, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x34, r9, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x26}]}, 0x34}, 0x1, 0x0, 0x0, 0x44011}, 0x5000)
pread64(r7, 0x0, 0x9, 0x0)
r16 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r17 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', <r18=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEV(r16, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x94, r17, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0202}}}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r18}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0302}}}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x7}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0102}}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0202}}}, @NL802154_ATTR_SEC_DEVICE={0x10, 0x2e, 0x0, 0x1, {0xc, 0x4, {0xaaaaaaaaaaaa0102}}}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
read(r7, &(0x7f0000001440)=""/180, 0xb4)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYRES64=r1, @ANYRESOCT=r1, @ANYRESHEX=0x0], 0x78}}, 0x40000)

439.801758ms ago: executing program 3 (id=2730):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f89000000200000000301ff0000000309ff5bffff00c7", 0x48}], 0x1)

359.86825ms ago: executing program 1 (id=2731):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000100)=0x10)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000001c0)=0x8)
r3 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x11, &(0x7f00000077c0)={r2, 0x0, 0x500}, 0x8)

358.855105ms ago: executing program 2 (id=2732):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
r2 = socket(0x2, 0x2, 0x0)
getsockopt$nfc_llcp(r2, 0x88, 0x68, 0x0, 0x20000000)
r3 = socket$inet6(0xa, 0x4, 0x5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0xb, [@typedef={0x6}, @func={0x6, 0x0, 0x0, 0xc, 0x3}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xe}, {0xe}, {0xf}, {0xe, 0x1}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x61, 0x5f, 0x2e]}}, &(0x7f0000000500)=""/59, 0x67, 0x3b, 0x1}, 0x20)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)={<r4=>0x0, 0x2}, &(0x7f0000000400)=0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000440)={r4}, &(0x7f0000000640)=0x8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x6, 0x80}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000017c0)={r5, &(0x7f0000001700), &(0x7f0000001780), 0x3}, 0x20)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x13, r3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b000000016007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d522ac78876a4595146add31b35355848794ca3f8b38aef1e114ab9fb0200000000000000a3b0c81c6f8144e74fe13b80ca46c1a6c04ad73c9d44b605f900"/158, 0x9e}, {&(0x7f00000000c0)="68c32a7de6a2395800000000000000000000894faaf39ffe271f432f", 0x1c}], 0x2}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000100), 0xfffffd9d)
sendfile(r6, r7, 0x0, 0x8000002b)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, &(0x7f0000000140), &(0x7f0000000300)}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x15, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x21}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@generic={0x9, 0x8, 0x2, 0x1, 0x9}, @map_val, @call={0x85, 0x0, 0x0, 0x20}, @exit, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000002840)={0x1c, 0x5, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r9, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={0x0, 0x14}}, 0x28004000)
getsockname$packet(r9, &(0x7f0000000200)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000900010076"], 0x48}}, 0x0)
socket(0x28, 0x5, 0x0)
socket(0x28, 0x5, 0x0)

192.5906ms ago: executing program 3 (id=2733):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000500)=[{{&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0xbf, 0x0}}], 0x73d, 0x0, 0x0)
ppoll(&(0x7f0000000440)=[{}], 0x1, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000004000000020000000000001103000000ffffffff000000000100000d010000000000000001000000020000000000000802000000000061"], 0x0, 0x4c}, 0x20)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x2c, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]]}, 0x2c}}, 0x0)
clock_gettime(0xfffffffffffffffd, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x9, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af2502"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "b8a3e100908f61640000000200fe80ffff00000000000000ff0bc0fe00000000008879e66485201a0015ca83747357a027450004000000"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x85}}, &(0x7f0000000000)='GPL\x00'}, 0x90)

174.513973ms ago: executing program 1 (id=2734):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000040)="2700250014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)

0s ago: executing program 1 (id=2735):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(r0, &(0x7f0000000e00)=[{{&(0x7f0000000180)={0x2, 0x4e23, @rand_addr=0x2000000}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@cipso={0x86, 0xa, 0x3, [{0x5, 0x4, "f1ac"}]}]}}}], 0x20, 0x25}}], 0x1, 0x0)

kernel console output (not intermixed with test programs):

][T12892] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  333.219630][ T5102] Bluetooth: hci0: command tx timeout
[  333.300310][ T5102] Bluetooth: hci1: command tx timeout
[  334.066327][T12746] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.073489][T12746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.101651][T12746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.116432][T12746] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.123554][T12746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.153814][T12746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.597787][T12746] hsr_slave_0: entered promiscuous mode
[  334.620525][T12746] hsr_slave_1: entered promiscuous mode
[  334.667979][T12746] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  334.675610][T12746] Cannot create hsr debugfs directory
[  335.297268][ T5102] Bluetooth: hci0: command tx timeout
[  335.376133][ T5102] Bluetooth: hci1: command tx timeout
[  335.831640][T12986] netlink: 5312 bytes leftover after parsing attributes in process `syz.2.1867'.
[  335.851597][T12986] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  336.424877][T12746] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.467874][T12744] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  336.502502][T12744] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  336.619163][T12746] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.642478][T12744] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  336.654033][T13027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  336.664188][T13027] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1880'.
[  336.685478][T13029] netlink: 'syz.3.1881': attribute type 10 has an invalid length.
[  336.694756][T13029] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1881'.
[  336.715725][T12744] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  336.742892][T13030] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  336.834520][T12746] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.994936][T12746] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.111274][T13047] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1886'.
[  337.211102][T13047] netlink: 'syz.0.1886': attribute type 6 has an invalid length.
[  337.258085][T12744] 8021q: adding VLAN 0 to HW filter on device bond0
[  337.295025][T12744] 8021q: adding VLAN 0 to HW filter on device team0
[  337.409437][T13057] netlink: 'syz.2.1889': attribute type 27 has an invalid length.
[  337.582967][T13057] sit0: left promiscuous mode
[  337.644150][T13057] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.652104][T13057] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.669062][T13057] bond0: left promiscuous mode
[  337.674047][T13057] bond_slave_0: left promiscuous mode
[  337.681316][T13057] bond_slave_1: left promiscuous mode
[  337.693007][T13057] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  337.764669][T13057] wg2: left promiscuous mode
[  337.773344][T13057] wg2: left allmulticast mode
[  337.839293][T13057] infiniband syz2: set down
[  337.893436][T13057] batadv_slave_0: left promiscuous mode
[  337.914821][T13057] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.054676][T13057] macsec0: left promiscuous mode
[  338.061006][T13057] macsec0: left allmulticast mode
[  338.068736][T13057] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  338.085013][T13057] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  338.094726][T13057] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  338.105483][T13057] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  338.261067][T13067] netlink: 'syz.3.1891': attribute type 10 has an invalid length.
[  338.289729][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.296988][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.318637][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.325922][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.376409][T13069] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1892'.
[  338.395694][T13059] bridge0: port 3(geneve1) entered blocking state
[  338.417239][T13059] bridge0: port 3(geneve1) entered disabled state
[  338.424062][T13059] geneve1: entered allmulticast mode
[  338.445709][T13059] geneve1: entered promiscuous mode
[  338.477092][T13072] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1892'.
[  338.565083][T12746] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  338.658007][T12746] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  338.688500][T13082] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1894'.
[  338.708471][T12746] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  338.744868][T12746] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  338.845259][T13084] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  339.257268][T12746] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.335688][T12746] 8021q: adding VLAN 0 to HW filter on device team0
[  339.391652][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.399281][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.440094][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.447391][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.471508][T13113] netlink: 'syz.0.1901': attribute type 1 has an invalid length.
[  339.499904][T13113] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.1901'.
[  339.520499][T12744] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.528341][T13113] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1901'.
[  339.602444][T13116] netlink: 'syz.2.1902': attribute type 6 has an invalid length.
[  339.650715][T12746] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  340.368704][T13145] syzkaller0: entered promiscuous mode
[  340.385099][T13145] syzkaller0: entered allmulticast mode
[  340.442913][   T35] syzkaller0: tun_net_xmit 48
[  340.462827][T13154] syzkaller0: tun_chr_ioctl cmd 2147767520
[  340.520554][T12746] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.578800][T13145] syzkaller0: tun_chr_ioctl cmd 1074025677
[  340.585526][T13145] syzkaller0: Linktype set failed because interface is up
[  340.632514][T13145] netlink: 'syz.0.1908': attribute type 5 has an invalid length.
[  340.687847][T13145] syzkaller0: tun_net_xmit 1280
[  343.245765][T12744] veth0_vlan: entered promiscuous mode
[  343.312372][T12746] veth0_vlan: entered promiscuous mode
[  343.350619][T12744] veth1_vlan: entered promiscuous mode
[  343.401307][T12746] veth1_vlan: entered promiscuous mode
[  343.604157][T12746] veth0_macvtap: entered promiscuous mode
[  343.623858][T12744] veth0_macvtap: entered promiscuous mode
[  343.649024][T12746] veth1_macvtap: entered promiscuous mode
[  343.703365][T12744] veth1_macvtap: entered promiscuous mode
[  343.713222][T13244] __nla_validate_parse: 3 callbacks suppressed
[  343.713243][T13244] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1918'.
[  343.733211][T12746] batman_adv: batadv0: Interface activated: batadv_slave_0
[  343.758541][T13246] netlink: 'syz.0.1919': attribute type 10 has an invalid length.
[  343.817686][T12746] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.838883][T12746] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.860210][T12746] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.882660][T12746] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.892483][T13251] netlink: 'syz.2.1918': attribute type 3 has an invalid length.
[  343.915735][T12746] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.942426][T12746] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.964405][T12746] batman_adv: batadv0: Interface activated: batadv_slave_1
[  344.020602][T12746] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  344.041976][T12746] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.061153][T12746] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.086063][T12746] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.158903][T12744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  344.182871][T12744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.206453][T12744] batman_adv: batadv0: Interface activated: batadv_slave_0
[  344.260685][T12744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.297266][T12744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.326174][T12744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.349594][T12744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.390115][T12744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.417668][T12744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.445674][T12744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.482937][T12744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.509707][T12744] batman_adv: batadv0: Interface activated: batadv_slave_1
[  344.582423][T12744] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  344.606072][T12744] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.623548][T12744] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.635568][T12744] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.709865][T13283] netlink: 'syz.3.1927': attribute type 15 has an invalid length.
[  344.718596][T13283] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1927'.
[  344.728152][T13281] tap0: tun_chr_ioctl cmd 1074025672
[  344.733514][T13281] tap0: ignored: set checksum enabled
[  344.810416][ T2483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.828899][ T2483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.894161][T13286] netlink: 'syz.3.1928': attribute type 29 has an invalid length.
[  344.941651][T13286] netlink: 'syz.3.1928': attribute type 29 has an invalid length.
[  344.956810][T13287] netlink: 'syz.3.1928': attribute type 29 has an invalid length.
[  345.000773][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  345.009485][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.103319][ T2467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  345.134403][ T2467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.220158][ T2483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  345.240999][ T2483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.480869][T13305] x_tables: duplicate underflow at hook 1
[  345.593273][T13315] dccp_invalid_packet: P.Data Offset(0) too small
[  345.725230][ T2467] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.910311][ T2467] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.001303][ T2467] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.084839][ T2467] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.218218][ T2467] bridge_slave_1: left allmulticast mode
[  346.223906][ T2467] bridge_slave_1: left promiscuous mode
[  346.230103][ T2467] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.239806][ T2467] bridge_slave_0: left allmulticast mode
[  346.245471][ T2467] bridge_slave_0: left promiscuous mode
[  346.252174][ T2467] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.619697][ T2467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  346.634376][ T2467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  346.645955][ T2467] bond0 (unregistering): Released all slaves
[  347.013695][ T2467] hsr_slave_0: left promiscuous mode
[  347.031550][ T2467] hsr_slave_1: left promiscuous mode
[  347.044301][ T2467] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  347.052245][ T2467] batman_adv: batadv0: Removing interface: batadv_slave_0
[  347.061406][ T2467] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  347.069661][ T2467] batman_adv: batadv0: Removing interface: batadv_slave_1
[  347.094919][ T2467] veth1_macvtap: left promiscuous mode
[  347.100642][ T2467] veth0_macvtap: left promiscuous mode
[  347.106561][ T2467] veth1_vlan: left promiscuous mode
[  347.111948][ T2467] veth0_vlan: left promiscuous mode
[  347.865049][ T2467] team0 (unregistering): Port device team_slave_1 removed
[  347.988702][ T2467] team0 (unregistering): Port device team_slave_0 removed
[  348.051896][ T4488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  348.063444][ T4488] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  348.076063][ T4488] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  348.098375][ T4488] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  348.109589][ T4488] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  348.123812][ T4488] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  348.581273][T13336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1940'.
[  348.794957][T13360] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1947'.
[  348.936546][T13360] netlink: 'syz.3.1947': attribute type 6 has an invalid length.
[  349.257383][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  349.560165][T13353] chnl_net:caif_netlink_parms(): no params data found
[  349.611618][T13402] bond0: (slave bond_slave_0): Releasing backup interface
[  349.711247][T13407] batadv_slave_0: entered promiscuous mode
[  349.925647][T13353] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.967402][T13353] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.983328][T13353] bridge_slave_0: entered allmulticast mode
[  350.011573][T13353] bridge_slave_0: entered promiscuous mode
[  350.026351][T13353] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.039586][T13353] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.052454][T13353] bridge_slave_1: entered allmulticast mode
[  350.060851][T13353] bridge_slave_1: entered promiscuous mode
[  350.168522][T13353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  350.176209][ T4488] Bluetooth: hci0: command tx timeout
[  350.195496][T13434] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1972'.
[  350.234187][T13353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.307665][T13429] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1971'.
[  350.336744][T13429] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1971'.
[  350.449712][T13353] team0: Port device team_slave_0 added
[  350.478243][T13353] team0: Port device team_slave_1 added
[  350.544747][T13445] netlink: 'syz.2.1977': attribute type 20 has an invalid length.
[  350.628036][T13353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.628901][T13449] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1977'.
[  350.665025][T13353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.703617][T13353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.785739][T13449] openvswitch: ÊügáG: Dropping previously announced user features
[  350.786520][T13353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.802487][T13353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.845971][T13353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  350.914271][T13456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1980'.
[  350.961724][T13462] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1982'.
[  351.062117][T13466] netlink: 'syz.1.1982': attribute type 6 has an invalid length.
[  351.112537][T13353] hsr_slave_0: entered promiscuous mode
[  351.120494][T13353] hsr_slave_1: entered promiscuous mode
[  351.139785][T13469] FAULT_INJECTION: forcing a failure.
[  351.139785][T13469] name failslab, interval 1, probability 0, space 0, times 0
[  351.166916][T13469] CPU: 0 PID: 13469 Comm: syz.0.1983 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  351.177207][T13469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  351.187304][T13469] Call Trace:
[  351.190698][T13469]  <TASK>
[  351.193635][T13469]  dump_stack_lvl+0x241/0x360
[  351.198345][T13469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.203565][T13469]  ? __pfx__printk+0x10/0x10
[  351.208180][T13469]  ? netlink_insert+0x10b7/0x14b0
[  351.213221][T13469]  should_fail_ex+0x3b0/0x4e0
[  351.218006][T13469]  ? __alloc_skb+0x1c3/0x440
[  351.222642][T13469]  should_failslab+0x9/0x20
[  351.227181][T13469]  kmem_cache_alloc_node_noprof+0x71/0x320
[  351.233019][T13469]  __alloc_skb+0x1c3/0x440
[  351.237458][T13469]  ? __pfx___alloc_skb+0x10/0x10
[  351.242413][T13469]  ? netlink_autobind+0xd6/0x2f0
[  351.247369][T13469]  ? netlink_autobind+0x2b0/0x2f0
[  351.252415][T13469]  netlink_sendmsg+0x631/0xcb0
[  351.257208][T13469]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.262512][T13469]  ? __import_iovec+0x536/0x820
[  351.267373][T13469]  ? aa_sock_msg_perm+0x91/0x160
[  351.272418][T13469]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  351.277712][T13469]  ? security_socket_sendmsg+0x87/0xb0
[  351.283186][T13469]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.288491][T13469]  __sock_sendmsg+0x221/0x270
[  351.293183][T13469]  ____sys_sendmsg+0x525/0x7d0
[  351.297973][T13469]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.303295][T13469]  __sys_sendmsg+0x2b0/0x3a0
[  351.307906][T13469]  ? __pfx___sys_sendmsg+0x10/0x10
[  351.313030][T13469]  ? vfs_write+0x7c4/0xc90
[  351.317496][T13469]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  351.323835][T13469]  ? do_syscall_64+0x100/0x230
[  351.328621][T13469]  ? do_syscall_64+0xb6/0x230
[  351.333323][T13469]  do_syscall_64+0xf3/0x230
[  351.337851][T13469]  ? clear_bhb_loop+0x35/0x90
[  351.342547][T13469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.348472][T13469] RIP: 0033:0x7f57e8d75bd9
[  351.352898][T13469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.372516][T13469] RSP: 002b:00007f57e9a7c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.380944][T13469] RAX: ffffffffffffffda RBX: 00007f57e8f03f60 RCX: 00007f57e8d75bd9
[  351.388928][T13469] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[  351.396906][T13469] RBP: 00007f57e9a7c0a0 R08: 0000000000000000 R09: 0000000000000000
[  351.404907][T13469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.412888][T13469] R13: 000000000000004d R14: 00007f57e8f03f60 R15: 00007ffe6c03b5f8
[  351.420884][T13469]  </TASK>
[  351.810985][T13490] netlink: 'syz.0.1989': attribute type 4 has an invalid length.
[  351.831107][T13492] netlink: 'syz.0.1989': attribute type 4 has an invalid length.
[  352.205164][T13505] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1996'.
[  352.224605][T13505] netlink: 'syz.3.1996': attribute type 6 has an invalid length.
[  352.257110][ T4488] Bluetooth: hci0: command tx timeout
[  352.277913][T13353] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  352.304826][T13353] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  352.344027][T13353] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  352.363706][T13353] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  352.549261][T13353] 8021q: adding VLAN 0 to HW filter on device bond0
[  352.614217][T13353] 8021q: adding VLAN 0 to HW filter on device team0
[  352.638872][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.646222][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  352.678999][T13521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1999'.
[  352.717232][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1999'.
[  352.751733][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.759027][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.814036][T13521] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  352.959947][T13521] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.054241][T13533] wireguard0: entered promiscuous mode
[  353.060658][T13533] wireguard0: entered allmulticast mode
[  353.222211][T13353] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  353.573074][T13565] netlink: 'syz.3.2014': attribute type 1 has an invalid length.
[  353.813249][T13353] 8021q: adding VLAN 0 to HW filter on device batadv0
[  353.975253][T13585] __nla_validate_parse: 5 callbacks suppressed
[  353.975278][T13585] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2018'.
[  354.101919][T13591] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2020'.
[  354.145684][T13591] xt_recent: hitcount (2147483648) is larger than allowed maximum (255)
[  354.163628][T13592] xt_recent: hitcount (2147483648) is larger than allowed maximum (255)
[  354.334044][T13605] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2024'.
[  354.336878][ T4488] Bluetooth: hci0: command tx timeout
[  354.573943][T13353] veth0_vlan: entered promiscuous mode
[  354.633362][T13353] veth1_vlan: entered promiscuous mode
[  354.755064][T13353] veth0_macvtap: entered promiscuous mode
[  354.785266][T13353] veth1_macvtap: entered promiscuous mode
[  354.809067][T13620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  354.833367][T13353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.858705][T13353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.883791][T13353] batman_adv: batadv0: Interface activated: batadv_slave_0
[  354.904594][T13353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.944296][T13353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.965006][T13353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.977893][T13353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.988105][T13637] netlink: 780 bytes leftover after parsing attributes in process `syz.1.2032'.
[  355.001407][T13637] unsupported nla_type 152
[  355.006882][T13353] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.019618][T13353] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.034639][T13353] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.053123][T13353] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.064826][T13353] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.074358][T13353] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.097042][T13353] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.277702][  T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.305678][  T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.321056][T13646] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2037'.
[  355.368194][ T2483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.377187][ T2483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.977309][T13668] netlink: 'syz.3.2044': attribute type 1 has an invalid length.
[  356.081267][T13668] bond1: (slave gretap1): making interface the new active one
[  356.098461][T13668] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  356.110211][T13674] tipc: Started in network mode
[  356.117242][T13674] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  356.139727][T13674] tipc: Enabled bearer <eth:ipvlan0>, priority 0
[  356.277215][T13684] Unsupported ieee802154 address type: 0
[  356.327590][T13678] IPVS: Scheduler module ip_vs_sip not found
[  356.786229][T13709] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2058'.
[  356.795251][T13709] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2058'.
[  357.076699][T13729] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2064'.
[  357.077085][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2063'.
[  357.256167][   T25] tipc: Node number set to 10136234
[  357.370179][ T2853] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.074537][ T2853] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.144224][ T2853] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.202920][ T2853] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.296253][ T2853] bridge_slave_1: left allmulticast mode
[  358.302871][ T2853] bridge_slave_1: left promiscuous mode
[  358.310993][ T2853] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.321402][ T2853] bridge_slave_0: left allmulticast mode
[  358.327386][ T2853] bridge_slave_0: left promiscuous mode
[  358.333086][ T2853] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.672982][ T2853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.685662][ T2853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.698418][ T2853] bond0 (unregistering): Released all slaves
[  359.063447][ T2853] hsr_slave_0: left promiscuous mode
[  359.069696][ T2853] hsr_slave_1: left promiscuous mode
[  359.079039][ T2853] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  359.088255][ T2853] batman_adv: batadv0: Removing interface: batadv_slave_0
[  359.096951][ T2853] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  359.104377][ T2853] batman_adv: batadv0: Removing interface: batadv_slave_1
[  359.139973][ T2853] veth1_macvtap: left promiscuous mode
[  359.157911][ T2853] veth0_macvtap: left promiscuous mode
[  359.163713][ T2853] veth1_vlan: left promiscuous mode
[  359.204212][ T2853] veth0_vlan: left promiscuous mode
[  359.254146][T13743] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2067'.
[  359.619307][ T5102] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  359.632106][ T5102] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  359.643181][ T5102] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  359.655266][ T5102] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  359.667746][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  359.675491][ T5102] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  359.712665][T13764] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2074'.
[  359.729073][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2074'.
[  360.134217][T13773] Bluetooth: hci3: invalid length 0, exp 2 for type 7
[  360.168338][ T2853] team0 (unregistering): Port device team_slave_1 removed
[  360.218253][ T2853] team0 (unregistering): Port device team_slave_0 removed
[  360.868548][T13779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2078'.
[  361.407319][T13799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2085'.
[  361.700365][ T4488] Bluetooth: hci0: command tx timeout
[  361.770767][T13817] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2090'.
[  361.829935][T13817] bridge5: the hash_elasticity option has been deprecated and is always 16
[  362.012483][T13760] chnl_net:caif_netlink_parms(): no params data found
[  362.069283][T13833] netlink: 5312 bytes leftover after parsing attributes in process `syz.1.2095'.
[  362.116312][T13833] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  362.168688][T13837] netlink: 'syz.0.2097': attribute type 21 has an invalid length.
[  362.178340][T13837] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2097'.
[  362.258912][T13760] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.260788][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  362.276073][T13760] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.292797][T13760] bridge_slave_0: entered allmulticast mode
[  362.307511][T13760] bridge_slave_0: entered promiscuous mode
[  362.321553][T13760] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.336270][T13760] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.344019][T13760] bridge_slave_1: entered allmulticast mode
[  362.361206][T13760] bridge_slave_1: entered promiscuous mode
[  362.468775][T13760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  362.534172][T13760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.660282][T13760] team0: Port device team_slave_0 added
[  362.670773][T13760] team0: Port device team_slave_1 added
[  362.773130][T13760] batman_adv: batadv0: Adding interface: batadv_slave_0
[  362.790964][T13760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  362.833702][T13760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  362.877191][T13760] batman_adv: batadv0: Adding interface: batadv_slave_1
[  362.884372][T13760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  362.966259][T13760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.188276][T13760] hsr_slave_0: entered promiscuous mode
[  363.215682][T13760] hsr_slave_1: entered promiscuous mode
[  363.482964][T13914] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2114'.
[  363.531800][T13913] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2116'.
[  363.656864][T13916] netlink: 'syz.0.2114': attribute type 6 has an invalid length.
[  363.776464][ T5102] Bluetooth: hci0: command tx timeout
[  363.791319][T13923] IPv6: sit1: Disabled Multicast RS
[  363.978053][T13929] team0: Port device macvlan1 added
[  364.166929][T13938] netlink: 'syz.0.2123': attribute type 1 has an invalid length.
[  364.217808][T13937] team_slave_0: entered promiscuous mode
[  364.224022][T13937] team_slave_1: entered promiscuous mode
[  364.249228][T13937] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  364.274439][T13937] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  364.665147][T13957] __nla_validate_parse: 2 callbacks suppressed
[  364.665168][T13957] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2129'.
[  364.702139][T13960] netlink: 'syz.0.2129': attribute type 6 has an invalid length.
[  364.924866][T13970] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2132'.
[  365.063851][T13760] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  365.104563][T13760] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  365.126373][T13760] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  365.198063][T13760] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  365.243951][T13981] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2137'.
[  365.449065][T13992] veth0_vlan: entered allmulticast mode
[  365.639969][T13760] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.689845][T13760] 8021q: adding VLAN 0 to HW filter on device team0
[  365.708410][T13999] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.723839][T13999] tipc: Resetting bearer <eth:bridge0>
[  365.732763][T13999] bridge_slave_1: left allmulticast mode
[  365.739347][T13999] bridge_slave_1: left promiscuous mode
[  365.745359][T13999] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.756882][T13999] tipc: Resetting bearer <eth:bridge0>
[  365.765490][T13999] bond0: (slave bond_slave_0): Releasing backup interface
[  365.780491][T13999] bond0: (slave bond_slave_1): Releasing backup interface
[  365.809255][T13999] team0: Port device team_slave_0 removed
[  365.832744][T13999] team0: Port device team_slave_1 removed
[  365.845546][T13999] batman_adv: batadv0: Removing interface: batadv_slave_0
[  365.856219][ T5102] Bluetooth: hci0: command 0x040f tx timeout
[  365.873102][T13999] batman_adv: batadv0: Removing interface: batadv_slave_1
[  365.894161][T14007] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2144'.
[  365.905243][T13999] batman_adv: batadv0: Removing interface: ipvlan2
[  365.924486][T13997] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2140'.
[  365.969312][T14003] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.985157][T14003] team0: Port device bond0 added
[  366.012606][T14010] netlink: 'syz.2.2144': attribute type 6 has an invalid length.
[  366.056639][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.063891][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.126185][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.133412][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.284487][T13760] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  366.329469][T14026] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2151'.
[  366.346652][T14026] netlink: 'syz.3.2151': attribute type 1 has an invalid length.
[  366.374647][T14023] netlink: 120 bytes leftover after parsing attributes in process `syz.2.2148'.
[  366.395765][T14023] xt_TPROXY: Can be used only with -p tcp or -p udp
[  366.562600][T14034] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2152'.
[  366.597611][T14037] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2153'.
[  366.679673][T14039] FAULT_INJECTION: forcing a failure.
[  366.679673][T14039] name failslab, interval 1, probability 0, space 0, times 0
[  366.697006][T13760] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.712819][T14039] CPU: 0 PID: 14039 Comm: syz.2.2154 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  366.723034][T14039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  366.733131][T14039] Call Trace:
[  366.736448][T14039]  <TASK>
[  366.739417][T14039]  dump_stack_lvl+0x241/0x360
[  366.744155][T14039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.749407][T14039]  ? __pfx__printk+0x10/0x10
[  366.754057][T14039]  ? netlink_insert+0x10b7/0x14b0
[  366.759133][T14039]  should_fail_ex+0x3b0/0x4e0
[  366.763871][T14039]  ? __alloc_skb+0x1c3/0x440
[  366.768507][T14039]  should_failslab+0x9/0x20
[  366.773059][T14039]  kmem_cache_alloc_node_noprof+0x71/0x320
[  366.778918][T14039]  __alloc_skb+0x1c3/0x440
[  366.783372][T14039]  ? __pfx___alloc_skb+0x10/0x10
[  366.788323][T14039]  ? netlink_autobind+0xd6/0x2f0
[  366.793276][T14039]  ? netlink_autobind+0x2b0/0x2f0
[  366.798335][T14039]  netlink_sendmsg+0x631/0xcb0
[  366.803143][T14039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.808473][T14039]  ? __import_iovec+0x536/0x820
[  366.813342][T14039]  ? aa_sock_msg_perm+0x91/0x160
[  366.818307][T14039]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  366.823599][T14039]  ? security_socket_sendmsg+0x87/0xb0
[  366.829075][T14039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.834404][T14039]  __sock_sendmsg+0x221/0x270
[  366.839115][T14039]  ____sys_sendmsg+0x525/0x7d0
[  366.843899][T14039]  ? __pfx_____sys_sendmsg+0x10/0x10
[  366.849208][T14039]  __sys_sendmsg+0x2b0/0x3a0
[  366.853812][T14039]  ? __pfx___sys_sendmsg+0x10/0x10
[  366.858935][T14039]  ? vfs_write+0x7c4/0xc90
[  366.863400][T14039]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  366.869740][T14039]  ? do_syscall_64+0x100/0x230
[  366.874522][T14039]  ? do_syscall_64+0xb6/0x230
[  366.879218][T14039]  do_syscall_64+0xf3/0x230
[  366.883739][T14039]  ? clear_bhb_loop+0x35/0x90
[  366.888422][T14039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.894330][T14039] RIP: 0033:0x7ffb4d775bd9
[  366.898751][T14039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.918467][T14039] RSP: 002b:00007ffb4e4b2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.927013][T14039] RAX: ffffffffffffffda RBX: 00007ffb4d903f60 RCX: 00007ffb4d775bd9
[  366.935004][T14039] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  366.942990][T14039] RBP: 00007ffb4e4b20a0 R08: 0000000000000000 R09: 0000000000000000
[  366.950968][T14039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.959035][T14039] R13: 000000000000000b R14: 00007ffb4d903f60 R15: 00007fffd3719518
[  366.967030][T14039]  </TASK>
[  367.000438][T14042] batadv0: entered promiscuous mode
[  367.020475][T14042] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  367.031508][T14042] batadv0: left promiscuous mode
[  367.494820][T13760] veth0_vlan: entered promiscuous mode
[  367.524593][T13760] veth1_vlan: entered promiscuous mode
[  367.628230][T14077] netlink: 'syz.3.2164': attribute type 15 has an invalid length.
[  367.659155][T14077] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2164'.
[  367.723359][T13760] veth0_macvtap: entered promiscuous mode
[  367.803125][T13760] veth1_macvtap: entered promiscuous mode
[  367.889573][T14089] team0: Device is already in use.
[  367.914408][T13760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.936985][ T5102] Bluetooth: hci0: command 0x040f tx timeout
[  367.949692][T13760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.962124][T13760] batman_adv: batadv0: Interface activated: batadv_slave_0
[  367.981351][T13760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.992738][T13760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.005106][T13760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.018189][T13760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.030356][T13760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  368.041076][T13760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  368.058097][T13760] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.077982][T13760] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.107309][T13760] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.119090][T13760] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.130092][T13760] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  368.355235][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.380658][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.524048][T14109] x_tables: duplicate underflow at hook 1
[  368.544535][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.587109][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  369.239641][T14139] syz.2.2185: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  369.250111][T14151] –eth0_vlan: renamed from bridge_slave_1 (while UP)
[  369.297093][T14139] CPU: 0 PID: 14139 Comm: syz.2.2185 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  369.307404][T14139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  369.317499][T14139] Call Trace:
[  369.320816][T14139]  <TASK>
[  369.323778][T14139]  dump_stack_lvl+0x241/0x360
[  369.328525][T14139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.333776][T14139]  ? __pfx__printk+0x10/0x10
[  369.338426][T14139]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  369.344894][T14139]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  369.351446][T14139]  warn_alloc+0x278/0x410
[  369.355884][T14139]  ? __pfx_warn_alloc+0x10/0x10
[  369.361480][T14139]  ? xskq_create+0xb6/0x170
[  369.366014][T14139]  ? __get_vm_area_node+0x23d/0x270
[  369.371247][T14139]  __vmalloc_node_range_noprof+0x69f/0x1460
[  369.377178][T14139]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  369.383518][T14139]  ? __kasan_kmalloc+0x98/0xb0
[  369.388309][T14139]  ? xskq_create+0x54/0x170
[  369.392845][T14139]  vmalloc_user_noprof+0x74/0x80
[  369.397806][T14139]  ? xskq_create+0xb6/0x170
[  369.402323][T14139]  xskq_create+0xb6/0x170
[  369.406674][T14139]  xsk_init_queue+0xa1/0x100
[  369.411305][T14139]  xsk_setsockopt+0x598/0x950
[  369.416003][T14139]  ? __pfx_xsk_setsockopt+0x10/0x10
[  369.421228][T14139]  ? __pfx_lock_acquire+0x10/0x10
[  369.426611][T14139]  ? aa_sock_opt_perm+0x79/0x120
[  369.431570][T14139]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  369.437125][T14139]  ? security_socket_setsockopt+0x87/0xb0
[  369.442858][T14139]  ? __pfx_xsk_setsockopt+0x10/0x10
[  369.448068][T14139]  do_sock_setsockopt+0x3af/0x720
[  369.453112][T14139]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  369.458694][T14139]  ? __fget_files+0x29/0x470
[  369.463308][T14139]  ? __fget_files+0x3f6/0x470
[  369.468015][T14139]  __sys_setsockopt+0x1ae/0x250
[  369.472891][T14139]  __x64_sys_setsockopt+0xb5/0xd0
[  369.478110][T14139]  do_syscall_64+0xf3/0x230
[  369.482636][T14139]  ? clear_bhb_loop+0x35/0x90
[  369.487327][T14139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.493238][T14139] RIP: 0033:0x7ffb4d775bd9
[  369.497748][T14139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.517472][T14139] RSP: 002b:00007ffb4e470048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  369.525899][T14139] RAX: ffffffffffffffda RBX: 00007ffb4d904110 RCX: 00007ffb4d775bd9
[  369.533964][T14139] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000b
[  369.541941][T14139] RBP: 00007ffb4d7e4e60 R08: 0000000000000004 R09: 0000000000000000
[  369.550011][T14139] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  369.557993][T14139] R13: 000000000000000b R14: 00007ffb4d904110 R15: 00007fffd3719518
[  369.566005][T14139]  </TASK>
[  369.601634][T14139] Mem-Info:
[  369.605197][T14139] active_anon:3397 inactive_anon:0 isolated_anon:0
[  369.605197][T14139]  active_file:1547 inactive_file:38290 isolated_file:0
[  369.605197][T14139]  unevictable:768 dirty:224 writeback:0
[  369.605197][T14139]  slab_reclaimable:9732 slab_unreclaimable:104072
[  369.605197][T14139]  mapped:13214 shmem:1282 pagetables:614
[  369.605197][T14139]  sec_pagetables:0 bounce:0
[  369.605197][T14139]  kernel_misc_reclaimable:0
[  369.605197][T14139]  free:1393764 free_pcp:3782 free_cma:0
[  369.652616][T14139] Node 0 active_anon:13488kB inactive_anon:0kB active_file:6188kB inactive_file:153080kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52856kB dirty:892kB writeback:0kB shmem:3592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10948kB pagetables:2456kB sec_pagetables:0kB all_unreclaimable? no
[  369.694040][T14139] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  369.727404][T14139] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  369.774883][T14139] lowmem_reserve[]: 0 2571 2571 0 0
[  369.795155][T14139] Node 0 DMA32 free:1606740kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:15940kB inactive_anon:0kB active_file:6188kB inactive_file:152780kB unevictable:1536kB writepending:888kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:13724kB local_pcp:7528kB free_cma:0kB
[  369.858631][T14139] lowmem_reserve[]: 0 0 0 0 0
[  369.863446][T14139] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:300kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  369.912426][T14139] lowmem_reserve[]: 0 0 0 0 0
[  369.922812][T14162] __nla_validate_parse: 4 callbacks suppressed
[  369.922834][T14162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  369.922861][T14139] Node 1 Normal free:3950684kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:1008kB local_pcp:1008kB free_cma:0kB
[  369.974031][T14139] lowmem_reserve[]: 0 0 0 0 0
[  369.988155][T14139] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  370.011935][T14139] Node 0 DMA32: 1*4kB (M) 2*8kB (UE) 26*16kB (M) 109*32kB (UM) 154*64kB (UME) 41*128kB (UME) 60*256kB (UME) 43*512kB (UME) 17*1024kB (UM) 9*2048kB (U) 369*4096kB (UM) = 1603668kB
[  370.047078][T14139] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  370.085340][T14139] Node 1 Normal: 5*4kB (UM) 5*8kB (UM) 8*16kB (UM) 7*32kB (UM) 1*64kB (M) 3*128kB (UM) 1*256kB (U) 4*512kB (UM) 5*1024kB (U) 3*2048kB (U) 961*4096kB (M) = 3950684kB
[  370.103977][T14139] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  370.114139][T14139] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  370.124295][T14139] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  370.135115][T14139] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  370.144653][T14139] 43419 total pagecache pages
[  370.149622][T14139] 0 pages in swap cache
[  370.153809][T14139] Free swap  = 124996kB
[  370.166425][T14139] Total swap = 124996kB
[  370.170633][T14139] 2097051 pages RAM
[  370.181323][T14139] 0 pages HighMem/MovableOnly
[  370.188002][T14139] 400875 pages reserved
[  370.192197][T14139] 0 pages cma reserved
[  370.284469][T14172] netlink: 'syz.2.2197': attribute type 5 has an invalid length.
[  370.428729][T14177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2199'.
[  370.522492][T14180] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2201'.
[  370.615606][T14185] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2203'.
[  370.902060][T13902] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.527291][T13902] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.593088][T13902] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.684882][T13902] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.798987][T13902] bridge_slave_1: left allmulticast mode
[  371.804781][T13902] bridge_slave_1: left promiscuous mode
[  371.810672][T13902] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.821489][T13902] bridge_slave_0: left allmulticast mode
[  371.827721][T13902] bridge_slave_0: left promiscuous mode
[  371.833544][T13902] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.192787][T13902] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.205129][T13902] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.217467][T13902] bond0 (unregistering): Released all slaves
[  372.607392][T13902] hsr_slave_0: left promiscuous mode
[  372.613508][T13902] hsr_slave_1: left promiscuous mode
[  372.624028][T13902] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  372.642213][T13902] batman_adv: batadv0: Removing interface: batadv_slave_0
[  372.650818][T13902] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.666187][T13902] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.693424][T13902] veth1_macvtap: left promiscuous mode
[  372.699649][T13902] veth0_macvtap: left promiscuous mode
[  372.705372][T13902] veth1_vlan: left promiscuous mode
[  372.711467][T13902] veth0_vlan: left promiscuous mode
[  372.788575][T14207] netlink: 'syz.2.2209': attribute type 1 has an invalid length.
[  372.819867][T14207] netlink: 'syz.2.2209': attribute type 1 has an invalid length.
[  372.855921][T14207] netlink: 'syz.2.2209': attribute type 2 has an invalid length.
[  372.864317][T14210] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  372.885033][T14211] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2210'.
[  372.928036][T14207] netlink: 'syz.2.2209': attribute type 1 has an invalid length.
[  372.936390][T14210] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  372.962071][T14214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2209'.
[  372.989643][T14207] netlink: 'syz.2.2209': attribute type 1 has an invalid length.
[  373.018289][T14207] netlink: 'syz.2.2209': attribute type 2 has an invalid length.
[  373.199338][ T4488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  373.211060][ T4488] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  373.223318][ T4488] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  373.233340][ T4488] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  373.241988][ T4488] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  373.251291][ T4488] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  373.653463][T13902] team0 (unregistering): Port device team_slave_1 removed
[  373.713764][T13902] team0 (unregistering): Port device team_slave_0 removed
[  374.328094][T14227] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2213'.
[  374.368433][T14229] 
€Â: left allmulticast mode
[  374.373214][T14229] 
€Â: left promiscuous mode
[  374.402179][T14229] bridge0: port 1(
€Â) entered disabled state
[  374.440861][T14229] –eth0_vlan: left allmulticast mode
[  374.452491][T14229] –eth0_vlan: left promiscuous mode
[  374.458551][T14229] bridge0: port 2(–eth0_vlan) entered disabled state
[  374.493254][T14229] bond0: (slave bond_slave_1): Releasing backup interface
[  374.567092][T14229] team0: Port device team_slave_0 removed
[  374.631013][T14229] team0: Port device team_slave_1 removed
[  374.645049][T14229] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  374.653313][T14229] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.674298][T14229] bond0: (slave team1): Releasing backup interface
[  374.701106][T14229] bond1: (slave gretap1): Releasing backup interface
[  374.927745][T14239] netlink: 'syz.0.2219': attribute type 10 has an invalid length.
[  374.946999][T14239] team0: Port device netdevsim0 added
[  375.011989][T14247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2222'.
[  375.026263][T14243] netlink: 'syz.0.2219': attribute type 10 has an invalid length.
[  375.084354][T14250] xt_recent: hitcount (2147483648) is larger than allowed maximum (255)
[  375.275688][T14255] xt_ecn: cannot match TCP bits for non-tcp packets
[  375.299829][ T4488] Bluetooth: hci0: command tx timeout
[  375.406211][T14255] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2224'.
[  375.492779][T14218] chnl_net:caif_netlink_parms(): no params data found
[  375.576670][T14268] netlink: 'syz.2.2226': attribute type 9 has an invalid length.
[  375.618316][T14276] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2230'.
[  375.630805][T14276] ip6gretap0: entered allmulticast mode
[  375.762061][T14218] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.769491][T14218] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.778876][T14218] bridge_slave_0: entered allmulticast mode
[  375.787037][T14218] bridge_slave_0: entered promiscuous mode
[  375.796326][T14218] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.803666][T14218] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.813967][T14218] bridge_slave_1: entered allmulticast mode
[  375.822164][T14218] bridge_slave_1: entered promiscuous mode
[  375.923435][T14218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.973375][T14218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  376.126840][T14302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2238'.
[  376.195672][T14218] team0: Port device team_slave_0 added
[  376.222917][T14218] team0: Port device team_slave_1 added
[  376.392194][T14218] batman_adv: batadv0: Adding interface: batadv_slave_0
[  376.405340][T14218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.448128][T14218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  376.460971][T14315] netlink: 112 bytes leftover after parsing attributes in process `syz.1.2241'.
[  376.473179][T14315] tipc: Enabled bearer <eth:bridge0>, priority 0
[  376.488302][T14318] bridge6: entered promiscuous mode
[  376.515289][T14320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2245'.
[  376.535347][T14218] batman_adv: batadv0: Adding interface: batadv_slave_1
[  376.553517][T14218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.605025][T14218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  376.799203][T14334] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2249'.
[  376.824612][T14218] hsr_slave_0: entered promiscuous mode
[  376.843397][T14218] hsr_slave_1: entered promiscuous mode
[  376.994821][T14342] bridge_slave_0: left allmulticast mode
[  377.033422][T14342] bridge_slave_0: left promiscuous mode
[  377.043812][T14342] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.088844][T14342] bridge_slave_1: left allmulticast mode
[  377.105334][T14342] bridge_slave_1: left promiscuous mode
[  377.125671][T14342] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.161587][T14342] bond0: (slave bond_slave_0): Releasing backup interface
[  377.201948][T14342] bond0: (slave bond_slave_1): Releasing backup interface
[  377.233149][T14362] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2257'.
[  377.272832][T14342] team_slave_0: left promiscuous mode
[  377.329757][T14342] team0: Port device team_slave_0 removed
[  377.342091][T14342] team_slave_1: left promiscuous mode
[  377.355059][T14342] team0: Port device team_slave_1 removed
[  377.376124][ T4488] Bluetooth: hci0: command tx timeout
[  377.382966][T14342] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.396248][T14342] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.426548][T14342] team0: Port device macvlan1 removed
[  377.443557][T14342] bond0: (slave macvlan2): Releasing backup interface
[  377.505714][T14348] 8021q: adding VLAN 0 to HW filter on device bond0
[  377.517247][T14348] team0: Port device bond0 added
[  377.531301][ T6739] tipc: Resetting bearer <eth:bridge0>
[  377.957802][T14384] syzkaller0: entered promiscuous mode
[  377.973304][T14384] syzkaller0: entered allmulticast mode
[  378.003114][T14384] ieee802154 phy0 wpan0: encryption failed: -90
[  378.194602][T14395] netlink: 'syz.3.2267': attribute type 1 has an invalid length.
[  378.212542][T14395] netlink: 9396 bytes leftover after parsing attributes in process `syz.3.2267'.
[  378.306789][T14218] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  378.326709][T14218] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  378.350019][T14402] xt_SECMARK: invalid mode: 0
[  378.354747][T14218] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  378.355700][T14401] xt_SECMARK: invalid mode: 0
[  378.372898][T14218] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  378.647647][T14409] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.655777][T14409] team0: Port device bond0 added
[  378.693328][T14414] netlink: 'syz.0.2272': attribute type 23 has an invalid length.
[  378.718236][T14218] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.775783][T14218] 8021q: adding VLAN 0 to HW filter on device team0
[  378.815672][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.822952][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.882034][ T6739] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.889297][ T6739] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.910774][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  378.918203][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  379.330968][T14438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2281'.
[  379.350028][T14438] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  379.366577][T14438] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744071562199068)
[  379.430516][T14218] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.458938][ T4488] Bluetooth: hci0: command tx timeout
[  379.954206][T14218] veth0_vlan: entered promiscuous mode
[  379.981752][T14218] veth1_vlan: entered promiscuous mode
[  380.070376][T14218] veth0_macvtap: entered promiscuous mode
[  380.105240][T14218] veth1_macvtap: entered promiscuous mode
[  380.143860][T14481] netlink: 'syz.3.2293': attribute type 2 has an invalid length.
[  380.160462][T14481] __nla_validate_parse: 2 callbacks suppressed
[  380.160485][T14481] netlink: 38 bytes leftover after parsing attributes in process `syz.3.2293'.
[  380.215644][T14218] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.243404][T14218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.260969][T14218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.304288][T14218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.336790][T14218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.360418][T14218] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.390554][T14487] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:0
[  380.444411][T14218] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.464641][T14218] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.478757][T14218] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.495458][T14218] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.767561][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.775442][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.859827][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.870088][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.153796][T14517] netlink: 'syz.2.2306': attribute type 16 has an invalid length.
[  381.260470][T14523] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2308'.
[  381.758934][T14547] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2315'.
[  381.812163][T14548] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2316'.
[  381.915598][T14551] tipc: Resetting bearer <eth:bridge0>
[  381.967064][T14551] team0: Port device bond0 removed
[  382.051669][T14555] 8021q: adding VLAN 0 to HW filter on device bond0
[  382.079921][T14555] team0: Port device bond0 added
[  382.301958][T14571] netlink: 47 bytes leftover after parsing attributes in process `syz.2.2326'.
[  382.318468][T14571] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2326'.
[  382.481858][T14580] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2328'.
[  382.639908][T14590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2333'.
[  382.671052][T14590] xfrm1: entered promiscuous mode
[  382.677457][T14590] xfrm1: entered allmulticast mode
[  382.712365][T14594] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2335'.
[  382.931020][T14610] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2341'.
[  382.968422][T14612] netlink: 'syz.3.2342': attribute type 1 has an invalid length.
[  383.102007][   T62] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.348505][   T62] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.413391][   T62] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.486338][   T62] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.604127][   T62] bridge_slave_1: left allmulticast mode
[  384.611130][   T62] bridge_slave_1: left promiscuous mode
[  384.618365][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.629006][   T62] bridge_slave_0: left allmulticast mode
[  384.634686][   T62] bridge_slave_0: left promiscuous mode
[  384.640678][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.992787][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  385.004409][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  385.018243][   T62] bond0 (unregistering): Released all slaves
[  385.107268][T14623] x_tables: ip6_tables: rpfilter match: used from hooks POSTROUTING, but only valid from PREROUTING
[  385.504211][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  385.520936][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  385.532272][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  385.549112][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  385.558490][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  385.568468][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  385.987627][T14645] __nla_validate_parse: 1 callbacks suppressed
[  385.987647][T14645] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2353'.
[  386.084716][T14649] netlink: 'syz.1.2356': attribute type 5 has an invalid length.
[  386.106390][ T4488] Bluetooth: hci2: command 0x0406 tx timeout
[  386.245936][T14656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2355'.
[  386.284690][T14656] netlink: 'syz.0.2355': attribute type 30 has an invalid length.
[  386.383428][T14667] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2360'.
[  386.411776][T14667] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2360'.
[  386.510809][   T62] hsr_slave_0: left promiscuous mode
[  386.540574][   T62] hsr_slave_1: left promiscuous mode
[  386.554998][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.564355][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  386.573222][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.586805][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.651839][   T62] veth1_macvtap: left promiscuous mode
[  386.668185][   T62] veth0_macvtap: left promiscuous mode
[  386.677370][   T62] veth1_vlan: left promiscuous mode
[  386.682776][   T62] veth0_vlan: left promiscuous mode
[  387.404297][   T62] team0 (unregistering): Port device team_slave_1 removed
[  387.455163][   T62] team0 (unregistering): Port device team_slave_0 removed
[  387.617062][ T5102] Bluetooth: hci0: command tx timeout
[  387.914137][T14688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2365'.
[  388.075892][T14698] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2367'.
[  388.142003][T14704] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2371'.
[  388.445441][T14638] chnl_net:caif_netlink_parms(): no params data found
[  388.859207][T14638] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.877336][T14638] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.884824][T14638] bridge_slave_0: entered allmulticast mode
[  388.920239][T14638] bridge_slave_0: entered promiscuous mode
[  388.941118][T14638] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.956684][T14638] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.970947][T14638] bridge_slave_1: entered allmulticast mode
[  388.999275][T14638] bridge_slave_1: entered promiscuous mode
[  389.053221][T14734] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2380'.
[  389.100042][T14638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.168603][T14638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.295522][T14638] team0: Port device team_slave_0 added
[  389.354973][T14638] team0: Port device team_slave_1 added
[  389.525226][T14638] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.553753][T14638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.591940][T14638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.617054][T14638] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.632698][T14638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.702281][ T5102] Bluetooth: hci0: command tx timeout
[  389.767930][T14638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.925287][T14638] hsr_slave_0: entered promiscuous mode
[  389.942816][T14638] hsr_slave_1: entered promiscuous mode
[  390.373794][T14769] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2392'.
[  390.502110][T14775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2395'.
[  390.943858][T14796] team0: Port device bond0 removed
[  391.020681][T14799] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.060564][T14799] team0: Port device bond0 added
[  391.069492][T14801] netlink: 'syz.1.2402': attribute type 13 has an invalid length.
[  391.272900][T14806] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2404'.
[  391.371946][T14638] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  391.445391][T14638] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  391.470502][T14638] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  391.505070][T14638] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  391.719996][T14827] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2412'.
[  391.776542][ T5102] Bluetooth: hci0: command tx timeout
[  391.885495][T14638] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.931079][T14837] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2416'.
[  391.976265][T14638] 8021q: adding VLAN 0 to HW filter on device team0
[  391.996060][T14841] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2417'.
[  392.024800][ T6739] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.032072][ T6739] bridge0: port 1(bridge_slave_0) entered forwarding state
[  392.063279][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.070617][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  392.685991][T14638] 8021q: adding VLAN 0 to HW filter on device batadv0
[  393.019186][T14891] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2429'.
[  393.233513][T14899] team0: Port device bond0 removed
[  393.241255][T14904] FAULT_INJECTION: forcing a failure.
[  393.241255][T14904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.278793][T14904] CPU: 1 PID: 14904 Comm: syz.0.2433 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  393.289135][T14904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  393.299320][T14904] Call Trace:
[  393.302811][T14904]  <TASK>
[  393.305776][T14904]  dump_stack_lvl+0x241/0x360
[  393.310509][T14904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.315755][T14904]  ? __pfx__printk+0x10/0x10
[  393.320421][T14904]  ? __pfx_lock_release+0x10/0x10
[  393.325504][T14904]  should_fail_ex+0x3b0/0x4e0
[  393.330242][T14904]  _copy_from_user+0x2f/0xe0
[  393.334879][T14904]  copy_msghdr_from_user+0xae/0x680
[  393.340110][T14904]  ? __pfx___might_resched+0x10/0x10
[  393.345423][T14904]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  393.351253][T14904]  ? __might_fault+0xaa/0x120
[  393.356003][T14904]  do_recvmmsg+0x40f/0xae0
[  393.360477][T14904]  ? __pfx_lock_release+0x10/0x10
[  393.365577][T14904]  ? __pfx_do_recvmmsg+0x10/0x10
[  393.370575][T14904]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  393.376520][T14904]  ? ksys_write+0x23e/0x2c0
[  393.381053][T14904]  ? __pfx_lock_release+0x10/0x10
[  393.386102][T14904]  ? vfs_write+0x7c4/0xc90
[  393.390590][T14904]  ? __mutex_unlock_slowpath+0x21d/0x750
[  393.396252][T14904]  ? __fget_files+0x3f6/0x470
[  393.400958][T14904]  __x64_sys_recvmmsg+0x199/0x250
[  393.406027][T14904]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  393.411695][T14904]  ? do_syscall_64+0x100/0x230
[  393.416484][T14904]  ? do_syscall_64+0xb6/0x230
[  393.421191][T14904]  do_syscall_64+0xf3/0x230
[  393.425720][T14904]  ? clear_bhb_loop+0x35/0x90
[  393.430418][T14904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.436338][T14904] RIP: 0033:0x7f57e8d75bd9
[  393.440764][T14904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.460391][T14904] RSP: 002b:00007f57e9a7c048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  393.468909][T14904] RAX: ffffffffffffffda RBX: 00007f57e8f03f60 RCX: 00007f57e8d75bd9
[  393.476891][T14904] RDX: 040000000000027a RSI: 0000000020003900 RDI: 0000000000000004
[  393.484872][T14904] RBP: 00007f57e9a7c0a0 R08: 0000000000000000 R09: 0000000000000000
[  393.492856][T14904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  393.500837][T14904] R13: 000000000000004d R14: 00007f57e8f03f60 R15: 00007ffe6c03b5f8
[  393.508839][T14904]  </TASK>
[  393.641345][T14911] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.660632][T14911] team0: Port device bond0 added
[  393.853324][T14638] veth0_vlan: entered promiscuous mode
[  393.860267][ T5102] Bluetooth: hci0: command tx timeout
[  393.929409][T14638] veth1_vlan: entered promiscuous mode
[  394.016522][T14934] xt_ecn: cannot match TCP bits for non-tcp packets
[  394.047135][T14934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2441'.
[  394.080677][T14638] veth0_macvtap: entered promiscuous mode
[  394.092586][T14638] veth1_macvtap: entered promiscuous mode
[  394.143445][T14638] batman_adv: batadv0: Interface activated: batadv_slave_0
[  394.174109][T14638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.206077][T14638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.230533][T14638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.243901][T14638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.277379][T14638] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.287518][T14939] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2443'.
[  394.322292][T14638] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.354543][T14638] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.372053][T14638] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.381933][T14638] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.398336][T14944] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2444'.
[  394.408492][T14944] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2444'.
[  394.455010][T14947] netlink: 'syz.1.2446': attribute type 20 has an invalid length.
[  394.549639][T14948] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2446'.
[  394.621775][T14948] ÊügáG: entered promiscuous mode
[  394.660673][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.671268][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.794945][T14960] netlink: 'syz.3.2451': attribute type 6 has an invalid length.
[  394.834219][  T142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.850041][T14962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.866550][  T142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.503474][T14995] netlink: 'syz.3.2459': attribute type 10 has an invalid length.
[  395.530561][T14995] batadv_slave_0: left promiscuous mode
[  395.561637][T14995] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  395.831123][T15010] netlink: 'syz.1.2464': attribute type 6 has an invalid length.
[  396.013116][T15017] xfrm1: entered promiscuous mode
[  396.041676][T15017] xfrm1: entered allmulticast mode
[  396.063920][T15025] netlink: 'syz.3.2470': attribute type 1 has an invalid length.
[  396.126134][T15025] 8021q: adding VLAN 0 to HW filter on device batadv1
[  396.135775][T15025] bond2: (slave batadv1): making interface the new active one
[  396.147979][T15025] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  396.289896][T15036] A link change request failed with some changes committed already. Interface hsr0 may have been left with an inconsistent configuration, please check.
[  396.563087][T15048] __nla_validate_parse: 9 callbacks suppressed
[  396.563110][T15048] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2479'.
[  396.589910][T15044] netlink: 'syz.2.2478': attribute type 3 has an invalid length.
[  396.852208][ T2467] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.021890][ T4488] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  397.034452][ T4488] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  397.074659][ T4488] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  397.091086][ T4488] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  397.107036][ T4488] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  397.120252][ T4488] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  397.449158][T15056] chnl_net:caif_netlink_parms(): no params data found
[  397.558715][ T2467] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.572999][T15056] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.580728][T15056] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.589239][T15056] bridge_slave_0: entered allmulticast mode
[  397.597788][T15056] bridge_slave_0: entered promiscuous mode
[  397.607260][T15056] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.614415][T15056] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.623862][T15056] bridge_slave_1: entered allmulticast mode
[  397.631763][T15056] bridge_slave_1: entered promiscuous mode
[  397.653256][ T2467] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.698693][T15056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  397.713643][T15056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  397.755333][ T2467] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.789136][T15056] team0: Port device team_slave_0 added
[  397.799488][T15056] team0: Port device team_slave_1 added
[  397.837737][T15056] batman_adv: batadv0: Adding interface: batadv_slave_0
[  397.844755][T15056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.872277][T15056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  397.886580][T15056] batman_adv: batadv0: Adding interface: batadv_slave_1
[  397.893575][T15056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.920282][T15056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  397.980167][T15056] hsr_slave_0: entered promiscuous mode
[  397.989406][T15056] hsr_slave_1: entered promiscuous mode
[  397.995657][T15056] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  398.003904][T15056] Cannot create hsr debugfs directory
[  398.114864][ T2467] bridge_slave_1: left allmulticast mode
[  398.120795][ T2467] bridge_slave_1: left promiscuous mode
[  398.127207][ T2467] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.140116][ T2467] bridge_slave_0: left allmulticast mode
[  398.147063][ T2467] bridge_slave_0: left promiscuous mode
[  398.152774][ T2467] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.522503][ T2467] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  398.535668][ T2467] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  398.550441][ T2467] bond0 (unregistering): Released all slaves
[  398.685509][T15056] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.770985][T15056] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.853851][T15056] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.046539][T15056] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.126309][ T2467] hsr_slave_0: left promiscuous mode
[  399.166340][ T2467] hsr_slave_1: left promiscuous mode
[  399.188621][ T2467] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  399.199888][ T2467] batman_adv: batadv0: Removing interface: batadv_slave_0
[  399.217919][ T2467] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  399.220271][ T4488] Bluetooth: hci0: command tx timeout
[  399.225528][ T2467] batman_adv: batadv0: Removing interface: batadv_slave_1
[  399.329043][ T2467] veth1_macvtap: left promiscuous mode
[  399.342117][ T2467] veth0_macvtap: left promiscuous mode
[  399.358423][ T2467] veth1_vlan: left promiscuous mode
[  399.381648][ T2467] veth0_vlan: left promiscuous mode
[  399.383264][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  399.398674][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  399.416342][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  399.425299][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  399.436670][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  399.444211][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  399.964237][ T2467] team0 (unregistering): Port device team_slave_1 removed
[  400.018617][ T2467] team0 (unregistering): Port device team_slave_0 removed
[  400.483026][T15069] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2482'.
[  400.502851][T15069] xfrm1: entered promiscuous mode
[  400.508401][T15069] xfrm1: entered allmulticast mode
[  400.560861][T15076] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2485'.
[  400.848335][T15056] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  401.089284][T15092] sit0: entered promiscuous mode
[  401.096941][T15092] netlink: 'syz.2.2492': attribute type 1 has an invalid length.
[  401.115168][T15092] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2492'.
[  401.161653][T15056] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  401.205642][T15056] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  401.246607][T15056] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  401.266968][T15100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2495'.
[  401.296178][ T4488] Bluetooth: hci0: command tx timeout
[  401.324930][T15100] xfrm1: entered promiscuous mode
[  401.332578][T15100] xfrm1: entered allmulticast mode
[  401.498248][T15109] Bluetooth: MGMT ver 1.22
[  401.536092][ T4488] Bluetooth: hci1: command tx timeout
[  401.684269][ T2467] tipc: Resetting bearer <eth:bridge0>
[  402.085539][T15121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.305084][ T2467] tipc: Disabling bearer <eth:bridge0>
[  402.695587][ T2467] team0: Port device bond0 removed
[  402.718013][ T2467] bond0 (unregistering): Released all slaves
[  402.846903][ T2467] ÊügáG: left promiscuous mode
[  402.994951][T15145] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2507'.
[  403.016876][ T2467] tipc: Disabling bearer <eth:ipvlan0>
[  403.048373][ T2467] tipc: Left network mode
[  403.174352][T15056] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.262391][T15150] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2508'.
[  403.272806][T15150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2508'.
[  403.381350][ T4488] Bluetooth: hci0: command tx timeout
[  403.475748][T15077] chnl_net:caif_netlink_parms(): no params data found
[  403.479062][T15155] IPVS: set_ctl: invalid protocol: 29 172.30.1.1:20000
[  403.530844][T15056] 8021q: adding VLAN 0 to HW filter on device team0
[  403.616943][ T4488] Bluetooth: hci1: command tx timeout
[  403.639965][T15161] netlink: del zone limit has 8 unknown bytes
[  403.653396][T15162] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2512'.
[  403.924722][ T5155] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.932055][ T5155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.014728][T15077] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.022471][T15077] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.032237][T15077] bridge_slave_0: entered allmulticast mode
[  404.039973][T15077] bridge_slave_0: entered promiscuous mode
[  404.053591][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.060859][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.095399][T15077] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.129680][T15077] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.156216][T15077] bridge_slave_1: entered allmulticast mode
[  404.183610][T15077] bridge_slave_1: entered promiscuous mode
[  404.280942][T15178] FAULT_INJECTION: forcing a failure.
[  404.280942][T15178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.303991][T15178] CPU: 1 PID: 15178 Comm: syz.3.2517 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  404.314302][T15178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  404.324435][T15178] Call Trace:
[  404.327748][T15178]  <TASK>
[  404.330704][T15178]  dump_stack_lvl+0x241/0x360
[  404.335406][T15178]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.340627][T15178]  ? __pfx__printk+0x10/0x10
[  404.345243][T15178]  ? __pfx_lock_release+0x10/0x10
[  404.350284][T15178]  should_fail_ex+0x3b0/0x4e0
[  404.355003][T15178]  _copy_from_user+0x2f/0xe0
[  404.359662][T15178]  copy_msghdr_from_user+0xae/0x680
[  404.364878][T15178]  ? __pfx___might_resched+0x10/0x10
[  404.370192][T15178]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  404.376053][T15178]  ? __might_fault+0xaa/0x120
[  404.380783][T15178]  do_recvmmsg+0x40f/0xae0
[  404.385398][T15178]  ? __pfx_lock_release+0x10/0x10
[  404.390436][T15178]  ? __pfx_do_recvmmsg+0x10/0x10
[  404.395420][T15178]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  404.401343][T15178]  ? ksys_write+0x23e/0x2c0
[  404.405871][T15178]  ? __pfx_lock_release+0x10/0x10
[  404.410943][T15178]  ? vfs_write+0x7c4/0xc90
[  404.415410][T15178]  ? __mutex_unlock_slowpath+0x21d/0x750
[  404.421074][T15178]  ? __fget_files+0x3f6/0x470
[  404.425786][T15178]  __x64_sys_recvmmsg+0x199/0x250
[  404.430869][T15178]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  404.436430][T15178]  ? do_syscall_64+0x100/0x230
[  404.441225][T15178]  ? do_syscall_64+0xb6/0x230
[  404.445944][T15178]  do_syscall_64+0xf3/0x230
[  404.450480][T15178]  ? clear_bhb_loop+0x35/0x90
[  404.455161][T15178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.461072][T15178] RIP: 0033:0x7f9279575bd9
[  404.465511][T15178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.485129][T15178] RSP: 002b:00007f927a28f048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  404.493573][T15178] RAX: ffffffffffffffda RBX: 00007f9279703f60 RCX: 00007f9279575bd9
[  404.501589][T15178] RDX: 040000000000027a RSI: 0000000020003900 RDI: 0000000000000004
[  404.509656][T15178] RBP: 00007f927a28f0a0 R08: 0000000000000000 R09: 0000000000000000
[  404.517657][T15178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  404.525724][T15178] R13: 000000000000004d R14: 00007f9279703f60 R15: 00007ffd401f3008
[  404.533796][T15178]  </TASK>
[  404.594128][ T2467] hsr_slave_0: left promiscuous mode
[  404.600762][ T2467] hsr_slave_1: left promiscuous mode
[  404.630486][ T2467] veth1_macvtap: left promiscuous mode
[  404.636316][ T2467] veth0_macvtap: left promiscuous mode
[  404.643209][ T2467] veth1_vlan: left promiscuous mode
[  404.649326][ T2467] veth0_vlan: left promiscuous mode
[  405.467293][ T4488] Bluetooth: hci0: command tx timeout
[  405.710826][ T4488] Bluetooth: hci1: command tx timeout
[  405.924442][T15077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  405.957956][T15077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.126854][T15077] team0: Port device team_slave_0 added
[  406.137662][T15077] team0: Port device team_slave_1 added
[  406.322253][T15212] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2529'.
[  406.346979][T15077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.365673][T15077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.410718][T15077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  406.442201][T15077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.456737][T15077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.492840][T15077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.747221][T15077] hsr_slave_0: entered promiscuous mode
[  406.767748][T15228] FAULT_INJECTION: forcing a failure.
[  406.767748][T15228] name failslab, interval 1, probability 0, space 0, times 0
[  406.787529][T15077] hsr_slave_1: entered promiscuous mode
[  406.794644][T15228] CPU: 1 PID: 15228 Comm: syz.2.2534 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  406.804864][T15228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  406.814961][T15228] Call Trace:
[  406.818271][T15228]  <TASK>
[  406.821233][T15228]  dump_stack_lvl+0x241/0x360
[  406.825971][T15228]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.831216][T15228]  ? __pfx__printk+0x10/0x10
[  406.835845][T15228]  ? is_bpf_text_address+0x285/0x2a0
[  406.841163][T15228]  should_fail_ex+0x3b0/0x4e0
[  406.845871][T15228]  ? alloc_empty_file+0x9e/0x1d0
[  406.850846][T15228]  should_failslab+0x9/0x20
[  406.855397][T15228]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  406.860852][T15228]  alloc_empty_file+0x9e/0x1d0
[  406.865663][T15228]  path_openat+0x105/0x35f0
[  406.870218][T15228]  ? mark_lock+0x9a/0x350
[  406.874569][T15228]  ? __pfx_stack_trace_save+0x10/0x10
[  406.879970][T15228]  ? __lock_acquire+0x1346/0x1fd0
[  406.885022][T15228]  ? __lock_acquire+0x1346/0x1fd0
[  406.890069][T15228]  ? __pfx_path_openat+0x10/0x10
[  406.895039][T15228]  do_filp_open+0x235/0x490
[  406.899558][T15228]  ? __pfx_do_filp_open+0x10/0x10
[  406.904618][T15228]  ? _raw_spin_unlock+0x28/0x50
[  406.909482][T15228]  ? alloc_fd+0x5a1/0x640
[  406.913831][T15228]  do_sys_openat2+0x13e/0x1d0
[  406.918620][T15228]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  406.924638][T15228]  ? __pfx_do_sys_openat2+0x10/0x10
[  406.929879][T15228]  ? __fget_files+0x3f6/0x470
[  406.934600][T15228]  __x64_sys_openat+0x247/0x2a0
[  406.939475][T15228]  ? __pfx___x64_sys_openat+0x10/0x10
[  406.944874][T15228]  ? do_syscall_64+0x100/0x230
[  406.949667][T15228]  ? do_syscall_64+0xb6/0x230
[  406.954386][T15228]  do_syscall_64+0xf3/0x230
[  406.958925][T15228]  ? clear_bhb_loop+0x35/0x90
[  406.963627][T15228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.969546][T15228] RIP: 0033:0x7ffb4d774610
[  406.973974][T15228] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44
[  406.993699][T15228] RSP: 002b:00007ffb4e4b1f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  407.002135][T15228] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffb4d774610
[  407.010207][T15228] RDX: 0000000000000000 RSI: 00007ffb4d7e3609 RDI: 00000000ffffff9c
[  407.018197][T15228] RBP: 00007ffb4d7e3609 R08: 0000000000000000 R09: 0000000000000000
[  407.026192][T15228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  407.034175][T15228] R13: 000000000000000b R14: 00007ffb4d903f60 R15: 00007fffd3719518
[  407.042184][T15228]  </TASK>
[  407.234647][T15234] macsec1: entered promiscuous mode
[  407.240627][T15234] gretap0: entered promiscuous mode
[  407.255128][T15234] gretap0: left promiscuous mode
[  407.441637][T15245] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2538'.
[  407.541552][T15056] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.741402][T15252] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2541'.
[  407.776446][ T4488] Bluetooth: hci1: command tx timeout
[  407.812031][T15056] veth0_vlan: entered promiscuous mode
[  407.942829][T15056] veth1_vlan: entered promiscuous mode
[  407.982356][T15261] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2545'.
[  408.060476][T15056] veth0_macvtap: entered promiscuous mode
[  408.084234][T15056] veth1_macvtap: entered promiscuous mode
[  408.134449][T15056] batman_adv: batadv0: Interface activated: batadv_slave_0
[  408.204419][T15056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.216824][T15056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.228303][T15056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  408.239707][T15056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  408.252090][T15056] batman_adv: batadv0: Interface activated: batadv_slave_1
[  408.283324][T15056] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.311817][T15056] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.326230][T15056] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.345429][T15056] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.401138][T15077] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  408.421276][T15077] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  408.460188][T15077] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  408.475522][T15077] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  408.592389][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.612604][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.684773][T15275] 8021q: adding VLAN 0 to HW filter on device batadv0
[  408.698065][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.709530][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.831761][T15077] 8021q: adding VLAN 0 to HW filter on device bond0
[  408.920380][T15280] FAULT_INJECTION: forcing a failure.
[  408.920380][T15280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.934179][T15077] 8021q: adding VLAN 0 to HW filter on device team0
[  408.961386][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.968599][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  408.984304][T15280] CPU: 1 PID: 15280 Comm: syz.0.2549 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  408.994519][T15280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  409.004635][T15280] Call Trace:
[  409.007948][T15280]  <TASK>
[  409.010908][T15280]  dump_stack_lvl+0x241/0x360
[  409.015663][T15280]  ? __pfx_dump_stack_lvl+0x10/0x10
[  409.020917][T15280]  ? __pfx__printk+0x10/0x10
[  409.025572][T15280]  ? snprintf+0xda/0x120
[  409.029859][T15280]  should_fail_ex+0x3b0/0x4e0
[  409.034603][T15280]  _copy_to_user+0x2f/0xb0
[  409.039056][T15280]  simple_read_from_buffer+0xca/0x150
[  409.044469][T15280]  proc_fail_nth_read+0x1e9/0x250
[  409.049524][T15280]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  409.055119][T15280]  ? rw_verify_area+0x520/0x6b0
[  409.060018][T15280]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  409.065613][T15280]  vfs_read+0x204/0xbc0
[  409.069794][T15280]  ? __pfx_lock_release+0x10/0x10
[  409.074853][T15280]  ? __pfx_vfs_read+0x10/0x10
[  409.079631][T15280]  ? __fget_files+0x29/0x470
[  409.084240][T15280]  ? __fget_files+0x3f6/0x470
[  409.088962][T15280]  ksys_read+0x1a0/0x2c0
[  409.093247][T15280]  ? __pfx_ksys_read+0x10/0x10
[  409.098035][T15280]  ? do_syscall_64+0x100/0x230
[  409.102822][T15280]  ? do_syscall_64+0xb6/0x230
[  409.107518][T15280]  do_syscall_64+0xf3/0x230
[  409.112041][T15280]  ? clear_bhb_loop+0x35/0x90
[  409.116726][T15280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.122635][T15280] RIP: 0033:0x7f57e8d746bc
[  409.127057][T15280] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  409.146786][T15280] RSP: 002b:00007f57e9a7c040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  409.155231][T15280] RAX: ffffffffffffffda RBX: 00007f57e8f03f60 RCX: 00007f57e8d746bc
[  409.163211][T15280] RDX: 000000000000000f RSI: 00007f57e9a7c0b0 RDI: 0000000000000004
[  409.171187][T15280] RBP: 00007f57e9a7c0a0 R08: 0000000000000000 R09: 0000000000000000
[  409.179176][T15280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.187149][T15280] R13: 000000000000004d R14: 00007f57e8f03f60 R15: 00007ffe6c03b5f8
[  409.195142][T15280]  </TASK>
[  409.313462][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.320689][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  409.369256][T15290] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2552'.
[  409.722243][   T11] bridge_slave_1: left allmulticast mode
[  409.734537][   T11] bridge_slave_1: left promiscuous mode
[  409.760820][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.786300][   T11] bridge_slave_0: left allmulticast mode
[  409.797666][   T11] bridge_slave_0: left promiscuous mode
[  409.807382][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.299436][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.314733][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.331830][   T11] bond0 (unregistering): Released all slaves
[  410.347544][T15306] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  410.363263][T15316] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2560'.
[  410.492424][T15077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  410.857348][T15340] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2566'.
[  411.709287][   T11] hsr_slave_0: left promiscuous mode
[  411.827731][   T11] hsr_slave_1: left promiscuous mode
[  411.849614][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  411.864256][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  411.883560][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  411.896556][   T11] batman_adv: batadv0: Removing interface: ipvlan2
[  411.914085][   T11] batman_adv: batadv0: Removing interface: ipvlan3
[  411.982872][   T11] veth1_macvtap: left promiscuous mode
[  411.989660][   T11] veth0_macvtap: left promiscuous mode
[  411.995719][   T11] veth1_vlan: left promiscuous mode
[  412.004433][   T11] veth0_vlan: left promiscuous mode
[  412.745193][   T11] team0 (unregistering): Port device team_slave_1 removed
[  412.797528][   T11] team0 (unregistering): Port device team_slave_0 removed
[  413.281886][T15374] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2572'.
[  413.304468][T15374] vlan2: entered promiscuous mode
[  413.310973][T15374] bond0: entered promiscuous mode
[  413.317624][T15374] bond_slave_0: entered promiscuous mode
[  413.323548][T15374] bond_slave_1: entered promiscuous mode
[  413.333697][T15374] bond0: left promiscuous mode
[  413.338860][T15374] bond_slave_0: left promiscuous mode
[  413.344596][T15374] bond_slave_1: left promiscuous mode
[  413.393148][T15376] team0: entered promiscuous mode
[  413.398587][T15376] team_slave_0: entered promiscuous mode
[  413.404447][T15376] team_slave_1: entered promiscuous mode
[  413.412933][T15376] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  413.423155][T15376] team0: left promiscuous mode
[  413.428884][T15376] team_slave_0: left promiscuous mode
[  413.434709][T15376] team_slave_1: left promiscuous mode
[  413.494964][T15389] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  413.518718][T15398] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2579'.
[  413.557810][T15077] veth0_vlan: entered promiscuous mode
[  413.722986][T15077] veth1_vlan: entered promiscuous mode
[  413.743254][T15404] syzkaller0: entered promiscuous mode
[  413.792377][T15404] syzkaller0 (unregistering): left promiscuous mode
[  414.020283][T15077] veth0_macvtap: entered promiscuous mode
[  414.045208][T15077] veth1_macvtap: entered promiscuous mode
[  414.110881][T15419] team0: entered promiscuous mode
[  414.134813][T15419] bond0: entered promiscuous mode
[  414.165676][T15419] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  414.261385][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  414.280048][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.313087][T15077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.361039][T15431] netlink: 'syz.1.2590': attribute type 21 has an invalid length.
[  414.398045][T15431] IPv6: NLM_F_CREATE should be specified when creating new route
[  414.425185][T15433] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2591'.
[  414.561444][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  414.605884][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.622069][T15077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  414.636388][T15077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  414.649074][T15077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  414.660053][T15439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2591'.
[  414.712004][T15077] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.753574][T15077] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.773815][T15077] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.802113][T15077] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  414.967328][T15417] team0: left promiscuous mode
[  414.979069][T15417] bond0: left promiscuous mode
[  415.016397][T15417] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  415.138715][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.176125][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.283872][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.306215][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.363559][T15464] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2603'.
[  415.986143][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.150785][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.283177][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.514421][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.716652][   T35] bridge_slave_1: left allmulticast mode
[  416.722337][   T35] bridge_slave_1: left promiscuous mode
[  416.729256][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.738820][   T35] bridge_slave_0: left allmulticast mode
[  416.744479][   T35] bridge_slave_0: left promiscuous mode
[  416.751483][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.143963][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  417.158168][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  417.172890][   T35] bond0 (unregistering): Released all slaves
[  417.560995][   T35] hsr_slave_0: left promiscuous mode
[  417.568411][   T35] hsr_slave_1: left promiscuous mode
[  417.575531][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  417.583297][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  417.593465][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  417.601291][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  417.627547][   T35] veth1_macvtap: left promiscuous mode
[  417.633159][   T35] veth0_macvtap: left promiscuous mode
[  417.638988][   T35] veth1_vlan: left promiscuous mode
[  417.644573][   T35] veth0_vlan: left promiscuous mode
[  418.180659][   T35] team0 (unregistering): Port device team_slave_1 removed
[  418.296479][   T35] team0 (unregistering): Port device team_slave_0 removed
[  418.372358][T15499] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2612'.
[  418.574358][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  418.585556][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  418.608279][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  418.622358][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  418.640997][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  418.653150][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  419.128403][T15508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2616'.
[  419.281280][T15514] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2618'.
[  419.582086][T15533] bridge_slave_0: left allmulticast mode
[  419.596135][T15533] bridge_slave_0: left promiscuous mode
[  419.601992][T15533] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.632962][T15533] bridge_slave_1: left allmulticast mode
[  419.645958][T15533] bridge_slave_1: left promiscuous mode
[  419.651821][T15533] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.680119][T15533] bond0: (slave bond_slave_0): Releasing backup interface
[  419.691101][T15533] bond0: (slave bond_slave_1): Releasing backup interface
[  419.728830][T15533] team0: Port device team_slave_0 removed
[  419.761429][T15533] team0: Port device team_slave_1 removed
[  419.769473][T15533] batman_adv: batadv0: Removing interface: batadv_slave_0
[  419.790791][T15533] batman_adv: batadv0: Removing interface: batadv_slave_1
[  419.807108][T15533] geneve1: left allmulticast mode
[  419.812490][T15533] geneve1: left promiscuous mode
[  419.822516][T15533] bridge0: port 3(geneve1) entered disabled state
[  419.834509][T15533] bond0: (slave netdevsim0): Releasing backup interface
[  419.868784][T15538] 8021q: adding VLAN 0 to HW filter on device bond0
[  419.885584][T15538] team0: Port device bond0 added
[  419.893770][T15546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2627'.
[  419.927715][T15541] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2627'.
[  419.993314][T15551] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2629'.
[  420.053951][T15553] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2630'.
[  420.171878][T15562] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2633'.
[  420.318311][T15503] chnl_net:caif_netlink_parms(): no params data found
[  420.428830][T15575] netlink: 'syz.0.2638': attribute type 32 has an invalid length.
[  420.437103][T15575] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2638'.
[  420.447006][T15575] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  420.527954][T15503] bridge0: port 1(bridge_slave_0) entered blocking state
[  420.535573][T15503] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.543863][T15503] bridge_slave_0: entered allmulticast mode
[  420.553201][T15503] bridge_slave_0: entered promiscuous mode
[  420.562765][T15580] tipc: Started in network mode
[  420.569177][T15580] tipc: Node identity ac1414, cluster identity 4711
[  420.578502][T15580] tipc: New replicast peer: 0.0.0.0
[  420.584762][T15580] tipc: Enabled bearer <udp:syz1>, priority 0
[  420.592085][T15503] bridge0: port 2(bridge_slave_1) entered blocking state
[  420.600165][T15503] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.608081][T15503] bridge_slave_1: entered allmulticast mode
[  420.615545][T15503] bridge_slave_1: entered promiscuous mode
[  420.669637][T15503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  420.683621][T15503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  420.736258][ T4488] Bluetooth: hci1: command tx timeout
[  420.792690][T15503] team0: Port device team_slave_0 added
[  420.810219][T15503] team0: Port device team_slave_1 added
[  420.847167][T15586] bridge_slave_0: left allmulticast mode
[  420.853319][T15586] bridge_slave_0: left promiscuous mode
[  420.859448][T15586] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.875254][T15586] bridge_slave_1: left allmulticast mode
[  420.882101][T15586] bridge_slave_1: left promiscuous mode
[  420.888481][T15586] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.902337][T15586] bond0: (slave bond_slave_0): Releasing backup interface
[  420.950917][T15586] bond0: (slave bond_slave_1): Releasing backup interface
[  421.045636][T15586] team0: Port device team_slave_0 removed
[  421.130199][T15586] team0: Port device team_slave_1 removed
[  421.150729][T15586] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.168784][T15586] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.205190][T15586] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.232951][T15586] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.313295][T15587] 8021q: adding VLAN 0 to HW filter on device bond0
[  421.339576][T15587] team0: Port device bond0 added
[  421.405764][T15597] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2642'.
[  421.415749][T15602] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2643'.
[  421.445533][T15503] batman_adv: batadv0: Adding interface: batadv_slave_0
[  421.465462][T15503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.494436][T15503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  421.511275][T15503] batman_adv: batadv0: Adding interface: batadv_slave_1
[  421.518686][T15503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.548988][T15503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  421.697005][    T9] tipc: Node number set to 2886996992
[  421.703919][T15503] hsr_slave_0: entered promiscuous mode
[  421.729893][T15503] hsr_slave_1: entered promiscuous mode
[  421.747465][T15609] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2646'.
[  422.597688][T15658] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2663'.
[  422.816203][ T4488] Bluetooth: hci1: command 0x041b tx timeout
[  424.900477][ T4488] Bluetooth: hci1: command 0x041b tx timeout
[  425.522604][T15656] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2661'.
[  425.532779][T15663] 8021q: VLANs not supported on hsr0
[  425.546361][T15665] 8021q: VLANs not supported on hsr0
[  425.865012][T15503] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  425.904223][T15503] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  425.929297][T15503] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  425.970699][T15503] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  426.283966][T15503] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.332459][T15503] 8021q: adding VLAN 0 to HW filter on device team0
[  426.372398][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.379637][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.483762][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.491093][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  426.545692][T15701] vlan3: entered promiscuous mode
[  426.674964][T15711] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2676'.
[  426.787546][T15714] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2681'.
[  426.977443][ T5102] Bluetooth: hci1: command 0x041b tx timeout
[  427.299721][T15740] ipvlan3: entered promiscuous mode
[  427.315111][T15740] ipvlan3: entered allmulticast mode
[  427.323542][T15740] dummy0: entered allmulticast mode
[  427.396728][T15503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.562742][T15749] netlink: 18 bytes leftover after parsing attributes in process `syz.3.2690'.
[  427.654046][T15752] team0: Port device bond0 removed
[  427.703766][T15752] team0: Port device netdevsim0 removed
[  427.733611][T15756] 8021q: adding VLAN 0 to HW filter on device bond0
[  427.762185][T15756] team0: Port device bond0 added
[  427.778517][T15760] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2695'.
[  428.094513][T15503] veth0_vlan: entered promiscuous mode
[  428.107668][T15771] netlink: 'syz.1.2696': attribute type 21 has an invalid length.
[  428.121304][T15771] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2696'.
[  428.210269][T15503] veth1_vlan: entered promiscuous mode
[  428.246283][T15773] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2698'.
[  428.284826][T15778] FAULT_INJECTION: forcing a failure.
[  428.284826][T15778] name failslab, interval 1, probability 0, space 0, times 0
[  428.298132][T15778] CPU: 1 PID: 15778 Comm: syz.3.2700 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  428.308332][T15778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  428.318421][T15778] Call Trace:
[  428.321734][T15778]  <TASK>
[  428.324723][T15778]  dump_stack_lvl+0x241/0x360
[  428.329460][T15778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.334717][T15778]  ? __pfx__printk+0x10/0x10
[  428.339381][T15778]  should_fail_ex+0x3b0/0x4e0
[  428.344112][T15778]  ? skb_clone+0x20c/0x390
[  428.348662][T15778]  should_failslab+0x9/0x20
[  428.353208][T15778]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  428.358636][T15778]  skb_clone+0x20c/0x390
[  428.362928][T15778]  ? dev_queue_xmit_nit+0x220/0xc10
[  428.368175][T15778]  dev_queue_xmit_nit+0x419/0xc10
[  428.373246][T15778]  ? dev_queue_xmit_nit+0x2b/0xc10
[  428.378406][T15778]  ? validate_xmit_skb+0xa04/0x1120
[  428.383654][T15778]  dev_hard_start_xmit+0x15f/0x7e0
[  428.388808][T15778]  ? __pfx_validate_xmit_skb+0x10/0x10
[  428.394327][T15778]  __dev_queue_xmit+0x1b0e/0x3d30
[  428.399394][T15778]  ? netlink_unicast+0x7ea/0x980
[  428.404387][T15778]  ? netlink_sendmsg+0x8db/0xcb0
[  428.409375][T15778]  ? __sock_sendmsg+0x221/0x270
[  428.414278][T15778]  ? __dev_queue_xmit+0x2d2/0x3d30
[  428.419447][T15778]  ? __pfx___dev_queue_xmit+0x10/0x10
[  428.424867][T15778]  ? __copy_skb_header+0x437/0x5b0
[  428.430026][T15778]  ? __asan_memcpy+0x40/0x70
[  428.434661][T15778]  ? __copy_skb_header+0x437/0x5b0
[  428.439827][T15778]  ? __skb_clone+0x454/0x6c0
[  428.444476][T15778]  ? skb_clone+0x240/0x390
[  428.448947][T15778]  __netlink_deliver_tap+0x54d/0x7c0
[  428.454303][T15778]  ? netlink_deliver_tap+0x2e/0x1b0
[  428.459556][T15778]  netlink_deliver_tap+0x19d/0x1b0
[  428.464726][T15778]  netlink_sendskb+0x68/0x140
[  428.469459][T15778]  netlink_unicast+0x39d/0x980
[  428.474298][T15778]  ? __pfx_netlink_unicast+0x10/0x10
[  428.479663][T15778]  nlmsg_notify+0x13b/0x1c0
[  428.484223][T15778]  tc_modify_qdisc+0x1c58/0x1e40
[  428.489236][T15778]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  428.494624][T15778]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  428.499952][T15778]  rtnetlink_rcv_msg+0x89b/0x1180
[  428.505106][T15778]  ? rtnetlink_rcv_msg+0x208/0x1180
[  428.510357][T15778]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  428.515872][T15778]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  428.521906][T15778]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  428.528292][T15778]  ? __local_bh_enable_ip+0x168/0x200
[  428.533715][T15778]  ? lockdep_hardirqs_on+0x99/0x150
[  428.538973][T15778]  ? __local_bh_enable_ip+0x168/0x200
[  428.544407][T15778]  ? dev_hard_start_xmit+0x773/0x7e0
[  428.549744][T15778]  ? __dev_queue_xmit+0x2d2/0x3d30
[  428.554907][T15778]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  428.560765][T15778]  ? __dev_queue_xmit+0x2d2/0x3d30
[  428.565928][T15778]  ? __dev_queue_xmit+0x16c9/0x3d30
[  428.571192][T15778]  ? __dev_queue_xmit+0x2d2/0x3d30
[  428.576369][T15778]  ? ref_tracker_free+0x643/0x7e0
[  428.581461][T15778]  netlink_rcv_skb+0x1e3/0x430
[  428.586274][T15778]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  428.591865][T15778]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  428.597236][T15778]  ? netlink_deliver_tap+0x2e/0x1b0
[  428.602663][T15778]  netlink_unicast+0x7ea/0x980
[  428.607493][T15778]  ? __pfx_netlink_unicast+0x10/0x10
[  428.612835][T15778]  ? __virt_addr_valid+0x183/0x530
[  428.618158][T15778]  ? __check_object_size+0x49c/0x900
[  428.623497][T15778]  ? bpf_lsm_netlink_send+0x9/0x10
[  428.628642][T15778]  netlink_sendmsg+0x8db/0xcb0
[  428.633483][T15778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  428.638811][T15778]  ? __import_iovec+0x536/0x820
[  428.643678][T15778]  ? aa_sock_msg_perm+0x91/0x160
[  428.648651][T15778]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  428.654050][T15778]  ? security_socket_sendmsg+0x87/0xb0
[  428.659536][T15778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  428.664942][T15778]  __sock_sendmsg+0x221/0x270
[  428.669652][T15778]  ____sys_sendmsg+0x525/0x7d0
[  428.674495][T15778]  ? __pfx_____sys_sendmsg+0x10/0x10
[  428.679892][T15778]  __sys_sendmsg+0x2b0/0x3a0
[  428.684542][T15778]  ? __pfx___sys_sendmsg+0x10/0x10
[  428.689691][T15778]  ? vfs_write+0x7c4/0xc90
[  428.694161][T15778]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  428.700537][T15778]  ? do_syscall_64+0x100/0x230
[  428.705337][T15778]  ? do_syscall_64+0xb6/0x230
[  428.710058][T15778]  do_syscall_64+0xf3/0x230
[  428.714598][T15778]  ? clear_bhb_loop+0x35/0x90
[  428.719305][T15778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.725228][T15778] RIP: 0033:0x7f9279575bd9
[  428.729680][T15778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.749329][T15778] RSP: 002b:00007f927a28f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  428.757786][T15778] RAX: ffffffffffffffda RBX: 00007f9279703f60 RCX: 00007f9279575bd9
[  428.765767][T15778] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  428.773768][T15778] RBP: 00007f927a28f0a0 R08: 0000000000000000 R09: 0000000000000000
[  428.781749][T15778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  428.789749][T15778] R13: 000000000000004d R14: 00007f9279703f60 R15: 00007ffd401f3008
[  428.797783][T15778]  </TASK>
[  428.908779][T15503] veth0_macvtap: entered promiscuous mode
[  428.943407][T15503] veth1_macvtap: entered promiscuous mode
[  429.017436][T15503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  429.052978][T15503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  429.057103][ T5102] Bluetooth: hci1: command 0x041b tx timeout
[  429.082290][T15503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  429.133773][T15503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  429.203894][T15503] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  429.235258][T15503] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  429.267797][T15503] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  429.293745][T15503] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  429.313422][T15808] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2708'.
[  429.427311][T15811] team0: Port device bond0 removed
[  429.452594][T15812] 8021q: adding VLAN 0 to HW filter on device bond0
[  429.473866][T15812] team0: Port device bond0 added
[  429.672846][ T2853] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.696835][ T2853] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.753874][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.775413][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.307809][T15854] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2722'.
[  430.541794][T15864] FAULT_INJECTION: forcing a failure.
[  430.541794][T15864] name failslab, interval 1, probability 0, space 0, times 0
[  430.568868][T15861] team0: Port device bond0 removed
[  430.577565][T15864] CPU: 1 PID: 15864 Comm: syz.2.2727 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  430.587783][T15864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  430.597866][T15864] Call Trace:
[  430.601162][T15864]  <TASK>
[  430.604104][T15864]  dump_stack_lvl+0x241/0x360
[  430.608809][T15864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.614026][T15864]  ? __pfx__printk+0x10/0x10
[  430.618645][T15864]  ? __pfx___might_resched+0x10/0x10
[  430.623952][T15864]  should_fail_ex+0x3b0/0x4e0
[  430.628658][T15864]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  430.634908][T15864]  should_failslab+0x9/0x20
[  430.639439][T15864]  __kmalloc_noprof+0xd8/0x400
[  430.644225][T15864]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  430.650316][T15864]  genl_rcv_msg+0x802/0xec0
[  430.654841][T15864]  ? mark_lock+0x9a/0x350
[  430.659210][T15864]  ? __pfx_genl_rcv_msg+0x10/0x10
[  430.664268][T15864]  ? __pfx_lock_acquire+0x10/0x10
[  430.669389][T15864]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  430.674781][T15864]  ? __pfx_nl80211_join_mesh+0x10/0x10
[  430.680284][T15864]  ? __pfx_nl80211_post_doit+0x10/0x10
[  430.685758][T15864]  ? __pfx___might_resched+0x10/0x10
[  430.691076][T15864]  netlink_rcv_skb+0x1e3/0x430
[  430.695869][T15864]  ? __pfx_genl_rcv_msg+0x10/0x10
[  430.700920][T15864]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  430.706511][T15864]  genl_rcv+0x28/0x40
[  430.710505][T15864]  netlink_unicast+0x7ea/0x980
[  430.715291][T15864]  ? __pfx_netlink_unicast+0x10/0x10
[  430.720593][T15864]  ? __virt_addr_valid+0x183/0x530
[  430.725726][T15864]  ? __check_object_size+0x49c/0x900
[  430.731151][T15864]  ? bpf_lsm_netlink_send+0x9/0x10
[  430.736305][T15864]  netlink_sendmsg+0x8db/0xcb0
[  430.741117][T15864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  430.746434][T15864]  ? __import_iovec+0x536/0x820
[  430.751304][T15864]  ? aa_sock_msg_perm+0x91/0x160
[  430.756301][T15864]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  430.761600][T15864]  ? security_socket_sendmsg+0x87/0xb0
[  430.767164][T15864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  430.772467][T15864]  __sock_sendmsg+0x221/0x270
[  430.777161][T15864]  ____sys_sendmsg+0x525/0x7d0
[  430.782125][T15864]  ? __pfx_____sys_sendmsg+0x10/0x10
[  430.787464][T15864]  __sys_sendmsg+0x2b0/0x3a0
[  430.792173][T15864]  ? __pfx___sys_sendmsg+0x10/0x10
[  430.797400][T15864]  ? vfs_write+0x7c4/0xc90
[  430.801895][T15864]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  430.808260][T15864]  ? do_syscall_64+0x100/0x230
[  430.813052][T15864]  ? do_syscall_64+0xb6/0x230
[  430.817767][T15864]  do_syscall_64+0xf3/0x230
[  430.822292][T15864]  ? clear_bhb_loop+0x35/0x90
[  430.826985][T15864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.832897][T15864] RIP: 0033:0x7ffb4d775bd9
[  430.837327][T15864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.857043][T15864] RSP: 002b:00007ffb4e4b2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  430.865488][T15864] RAX: ffffffffffffffda RBX: 00007ffb4d903f60 RCX: 00007ffb4d775bd9
[  430.873480][T15864] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  430.881504][T15864] RBP: 00007ffb4e4b20a0 R08: 0000000000000000 R09: 0000000000000000
[  430.889490][T15864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.897475][T15864] R13: 000000000000000b R14: 00007ffb4d903f60 R15: 00007fffd3719518
[  430.905479][T15864]  </TASK>
[  431.014507][T15861] bond0: (slave batadv_slave_0): Releasing backup interface
[  431.132854][T15861] bond2: (slave batadv1): Releasing active interface
[  431.168765][T15865] 8021q: adding VLAN 0 to HW filter on device bond0
[  431.187546][T15865] team0: Port device bond0 added
[  431.706364][T15892] ------------[ cut here ]------------
[  431.711903][T15892] WARNING: CPU: 0 PID: 15892 at net/mac80211/chan.c:501 _ieee80211_change_chanctx+0x34b/0x1240
[  431.724598][T15892] Modules linked in:
[  431.730157][T15892] CPU: 0 PID: 15892 Comm: syz.3.2733 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  431.741574][T15892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  431.752267][T15892] RIP: 0010:_ieee80211_change_chanctx+0x34b/0x1240
[  431.759154][T15892] Code: 05 74 1a 83 fd 0d 75 1c e8 e2 9e 8f f6 eb 25 e8 db 9e 8f f6 eb 1e e8 d4 9e 8f f6 eb 17 e8 cd 9e 8f f6 eb 10 e8 c6 9e 8f f6 90 <0f> 0b 90 eb 05 e8 bb 9e 8f f6 48 8b 2c 24 4c 89 7c 24 60 4c 89 ff
[  431.779491][T15892] RSP: 0018:ffffc9000445eba8 EFLAGS: 00010283
[  431.785621][T15892] RAX: ffffffff8b06895a RBX: ffff888070a93cf6 RCX: 0000000000040000
[  431.796387][T15892] RDX: ffffc90009bd1000 RSI: 00000000000008c1 RDI: 00000000000008c2
[  431.804559][T15892] RBP: 0000000000000007 R08: 0000000000000005 R09: ffffffff8b0688ff
[  431.813223][T15892] R10: 0000000000000007 R11: ffff888063181e00 R12: dffffc0000000000
[  431.822585][T15892] R13: ffff888070a93c00 R14: ffff888070a93c00 R15: ffff88806ef90e20
[  431.831661][T15892] FS:  00007f927a26e6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  431.841101][T15892] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  431.844340][T15895] netlink: 'syz.3.2733': attribute type 10 has an invalid length.
[  431.847793][T15892] CR2: 00007f927a26cfc8 CR3: 000000002e8bc000 CR4: 00000000003506f0
[  431.847881][T15892] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  431.847900][T15892] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  431.847919][T15892] Call Trace:
[  431.847931][T15892]  <TASK>
[  431.847943][T15892]  ? __warn+0x163/0x4e0
[  431.847980][T15892]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  431.897582][T15892]  ? report_bug+0x2b3/0x500
[  431.902165][T15892]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  431.908191][T15892]  ? handle_bug+0x3e/0x70
[  431.912582][T15892]  ? exc_invalid_op+0x1a/0x50
[  431.917408][T15892]  ? asm_exc_invalid_op+0x1a/0x20
[  431.922503][T15892]  ? _ieee80211_change_chanctx+0x2ef/0x1240
[  431.930005][T15892]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  431.937784][T15892]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  431.943744][T15892]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  431.949937][T15892]  ieee80211_recalc_chanctx_chantype+0xf27/0xfb0
[  431.956741][T15892]  ? __pfx_ieee80211_recalc_chanctx_chantype+0x10/0x10
[  431.963653][T15892]  ? ieee80211_link_update_chanreq+0x8c/0x2f0
[  431.970134][T15892]  ? __asan_memcpy+0x40/0x70
[  431.974819][T15892]  ? ieee80211_link_update_chanreq+0x299/0x2f0
[  431.981148][T15892]  ieee80211_link_change_chanreq+0x11a6/0x1470
[  431.987759][T15892]  ? __pfx_ieee80211_link_change_chanreq+0x10/0x10
[  431.994334][T15892]  ? cfg80211_get_chans_dfs_required+0xae2/0xb60
[  432.000835][T15892]  ieee80211_set_ap_chanwidth+0x1d5/0x2f0
[  432.006689][T15892]  ? ieee80211_get_channel_khz+0x173/0x920
[  432.012558][T15892]  ? __pfx_ieee80211_set_ap_chanwidth+0x10/0x10
[  432.020261][T15892]  rdev_set_ap_chanwidth+0x118/0x2b0
[  432.027879][T15892]  __nl80211_set_channel+0x528/0x660
[  432.033237][T15892]  ? nl80211_set_wiphy+0x279/0x2c80
[  432.039596][T15892]  ? __pfx___nl80211_set_channel+0x10/0x10
[  432.045466][T15892]  ? lockdep_hardirqs_on+0x99/0x150
[  432.051108][T15892]  nl80211_set_wiphy+0x1215/0x2c80
[  432.056377][T15892]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  432.062512][T15892]  ? nl80211_pre_doit+0x5f/0x8b0
[  432.067616][T15892]  ? __pfx_netdev_run_todo+0x10/0x10
[  432.072956][T15892]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  432.078869][T15892]  ? __nla_parse+0x40/0x60
[  432.083418][T15892]  genl_rcv_msg+0xb14/0xec0
[  432.088082][T15892]  ? mark_lock+0x9a/0x350
[  432.092482][T15892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  432.098119][T15892]  ? __pfx_lock_acquire+0x10/0x10
[  432.103196][T15892]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  432.109023][T15892]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  432.114542][T15892]  ? __pfx_nl80211_post_doit+0x10/0x10
[  432.120294][T15892]  ? __pfx___might_resched+0x10/0x10
[  432.125649][T15892]  netlink_rcv_skb+0x1e3/0x430
[  432.132140][T15892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  432.138705][T15892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  432.144086][T15892]  ? __netlink_deliver_tap+0x77e/0x7c0
[  432.149698][T15892]  genl_rcv+0x28/0x40
[  432.153744][T15892]  netlink_unicast+0x7ea/0x980
[  432.158698][T15892]  ? __pfx_netlink_unicast+0x10/0x10
[  432.164120][T15892]  ? __virt_addr_valid+0x183/0x530
[  432.170182][T15892]  ? __check_object_size+0x49c/0x900
[  432.175534][T15892]  ? bpf_lsm_netlink_send+0x9/0x10
[  432.181199][T15892]  netlink_sendmsg+0x8db/0xcb0
[  432.186635][T15892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  432.191980][T15892]  ? __import_iovec+0x536/0x820
[  432.197349][T15892]  ? aa_sock_msg_perm+0x91/0x160
[  432.202354][T15892]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  432.207773][T15892]  ? security_socket_sendmsg+0x87/0xb0
[  432.213376][T15892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  432.218800][T15892]  __sock_sendmsg+0x221/0x270
[  432.223529][T15892]  ____sys_sendmsg+0x525/0x7d0
[  432.228753][T15892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  432.235123][T15892]  __sys_sendmsg+0x2b0/0x3a0
[  432.241260][T15892]  ? __pfx___sys_sendmsg+0x10/0x10
[  432.246573][T15892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  432.252946][T15892]  ? do_syscall_64+0x100/0x230
[  432.258480][T15892]  ? do_syscall_64+0xb6/0x230
[  432.263239][T15892]  do_syscall_64+0xf3/0x230
[  432.267926][T15892]  ? clear_bhb_loop+0x35/0x90
[  432.272657][T15892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.279145][T15892] RIP: 0033:0x7f9279575bd9
[  432.283693][T15892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.303776][T15892] RSP: 002b:00007f927a26e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  432.312340][T15892] RAX: ffffffffffffffda RBX: 00007f9279704038 RCX: 00007f9279575bd9
[  432.320472][T15892] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000007
[  432.328881][T15892] RBP: 00007f92795e4e60 R08: 0000000000000000 R09: 0000000000000000
[  432.338174][T15892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  432.347329][T15892] R13: 000000000000006e R14: 00007f9279704038 R15: 00007ffd401f3008
[  432.356190][T15892]  </TASK>
[  432.359256][T15892] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  432.366568][T15892] CPU: 0 PID: 15892 Comm: syz.3.2733 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0
[  432.376759][T15892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  432.386852][T15892] Call Trace:
[  432.390163][T15892]  <TASK>
[  432.393124][T15892]  dump_stack_lvl+0x241/0x360
[  432.397863][T15892]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.403295][T15892]  ? __pfx__printk+0x10/0x10
[  432.407947][T15892]  ? vscnprintf+0x5d/0x90
[  432.412324][T15892]  panic+0x349/0x860
[  432.416271][T15892]  ? __warn+0x172/0x4e0
[  432.420461][T15892]  ? __pfx_panic+0x10/0x10
[  432.424930][T15892]  __warn+0x346/0x4e0
[  432.428935][T15892]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  432.434847][T15892]  report_bug+0x2b3/0x500
[  432.439200][T15892]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  432.445117][T15892]  handle_bug+0x3e/0x70
[  432.449283][T15892]  exc_invalid_op+0x1a/0x50
[  432.453796][T15892]  asm_exc_invalid_op+0x1a/0x20
[  432.458670][T15892] RIP: 0010:_ieee80211_change_chanctx+0x34b/0x1240
[  432.465186][T15892] Code: 05 74 1a 83 fd 0d 75 1c e8 e2 9e 8f f6 eb 25 e8 db 9e 8f f6 eb 1e e8 d4 9e 8f f6 eb 17 e8 cd 9e 8f f6 eb 10 e8 c6 9e 8f f6 90 <0f> 0b 90 eb 05 e8 bb 9e 8f f6 48 8b 2c 24 4c 89 7c 24 60 4c 89 ff
[  432.484806][T15892] RSP: 0018:ffffc9000445eba8 EFLAGS: 00010283
[  432.490890][T15892] RAX: ffffffff8b06895a RBX: ffff888070a93cf6 RCX: 0000000000040000
[  432.498870][T15892] RDX: ffffc90009bd1000 RSI: 00000000000008c1 RDI: 00000000000008c2
[  432.506851][T15892] RBP: 0000000000000007 R08: 0000000000000005 R09: ffffffff8b0688ff
[  432.514828][T15892] R10: 0000000000000007 R11: ffff888063181e00 R12: dffffc0000000000
[  432.522808][T15892] R13: ffff888070a93c00 R14: ffff888070a93c00 R15: ffff88806ef90e20
[  432.530801][T15892]  ? _ieee80211_change_chanctx+0x2ef/0x1240
[  432.536712][T15892]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  432.542634][T15892]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  432.548569][T15892]  ieee80211_recalc_chanctx_chantype+0xf27/0xfb0
[  432.555007][T15892]  ? __pfx_ieee80211_recalc_chanctx_chantype+0x10/0x10
[  432.561988][T15892]  ? ieee80211_link_update_chanreq+0x8c/0x2f0
[  432.568085][T15892]  ? __asan_memcpy+0x40/0x70
[  432.572683][T15892]  ? ieee80211_link_update_chanreq+0x299/0x2f0
[  432.578929][T15892]  ieee80211_link_change_chanreq+0x11a6/0x1470
[  432.585190][T15892]  ? __pfx_ieee80211_link_change_chanreq+0x10/0x10
[  432.591721][T15892]  ? cfg80211_get_chans_dfs_required+0xae2/0xb60
[  432.598110][T15892]  ieee80211_set_ap_chanwidth+0x1d5/0x2f0
[  432.603839][T15892]  ? ieee80211_get_channel_khz+0x173/0x920
[  432.609657][T15892]  ? __pfx_ieee80211_set_ap_chanwidth+0x10/0x10
[  432.615939][T15892]  rdev_set_ap_chanwidth+0x118/0x2b0
[  432.621263][T15892]  __nl80211_set_channel+0x528/0x660
[  432.626563][T15892]  ? nl80211_set_wiphy+0x279/0x2c80
[  432.631866][T15892]  ? __pfx___nl80211_set_channel+0x10/0x10
[  432.637714][T15892]  ? lockdep_hardirqs_on+0x99/0x150
[  432.642942][T15892]  nl80211_set_wiphy+0x1215/0x2c80
[  432.648080][T15892]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  432.654207][T15892]  ? nl80211_pre_doit+0x5f/0x8b0
[  432.659243][T15892]  ? __pfx_netdev_run_todo+0x10/0x10
[  432.664548][T15892]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  432.670134][T15892]  ? __nla_parse+0x40/0x60
[  432.674578][T15892]  genl_rcv_msg+0xb14/0xec0
[  432.679097][T15892]  ? mark_lock+0x9a/0x350
[  432.683446][T15892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  432.688509][T15892]  ? __pfx_lock_acquire+0x10/0x10
[  432.693544][T15892]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  432.698936][T15892]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  432.704409][T15892]  ? __pfx_nl80211_post_doit+0x10/0x10
[  432.709969][T15892]  ? __pfx___might_resched+0x10/0x10
[  432.715300][T15892]  netlink_rcv_skb+0x1e3/0x430
[  432.720086][T15892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  432.725124][T15892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  432.730467][T15892]  ? __netlink_deliver_tap+0x77e/0x7c0
[  432.735968][T15892]  genl_rcv+0x28/0x40
[  432.739960][T15892]  netlink_unicast+0x7ea/0x980
[  432.744750][T15892]  ? __pfx_netlink_unicast+0x10/0x10
[  432.750080][T15892]  ? __virt_addr_valid+0x183/0x530
[  432.755221][T15892]  ? __check_object_size+0x49c/0x900
[  432.760526][T15892]  ? bpf_lsm_netlink_send+0x9/0x10
[  432.765661][T15892]  netlink_sendmsg+0x8db/0xcb0
[  432.770459][T15892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  432.775769][T15892]  ? __import_iovec+0x536/0x820
[  432.780643][T15892]  ? aa_sock_msg_perm+0x91/0x160
[  432.785600][T15892]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  432.790905][T15892]  ? security_socket_sendmsg+0x87/0xb0
[  432.796383][T15892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  432.801769][T15892]  __sock_sendmsg+0x221/0x270
[  432.806468][T15892]  ____sys_sendmsg+0x525/0x7d0
[  432.811256][T15892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  432.816575][T15892]  __sys_sendmsg+0x2b0/0x3a0
[  432.821212][T15892]  ? __pfx___sys_sendmsg+0x10/0x10
[  432.826392][T15892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  432.832734][T15892]  ? do_syscall_64+0x100/0x230
[  432.837520][T15892]  ? do_syscall_64+0xb6/0x230
[  432.842218][T15892]  do_syscall_64+0xf3/0x230
[  432.846742][T15892]  ? clear_bhb_loop+0x35/0x90
[  432.851432][T15892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.857347][T15892] RIP: 0033:0x7f9279575bd9
[  432.861770][T15892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.881384][T15892] RSP: 002b:00007f927a26e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  432.889924][T15892] RAX: ffffffffffffffda RBX: 00007f9279704038 RCX: 00007f9279575bd9
[  432.897906][T15892] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000007
[  432.905897][T15892] RBP: 00007f92795e4e60 R08: 0000000000000000 R09: 0000000000000000
[  432.913888][T15892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  432.921909][T15892] R13: 000000000000006e R14: 00007f9279704038 R15: 00007ffd401f3008
[  432.929906][T15892]  </TASK>
[  432.933258][T15892] Kernel Offset: disabled
[  432.937714][T15892] Rebooting in 86400 seconds..