last executing test programs:

30.776082002s ago: executing program 1 (id=4154):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e6d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf01860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e748fafa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f0844307df70f532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fda0f0a04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0001002d8c38a967c1bbe09315c298774009d8c6a16c7da308bcc87dc3addb08141bdee5d2780cfef663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd805deb28c13c1ed1c0d9cae846bcbfa8cce7b893ebc68578af7dc7d5e87d44ff80800000034c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c568cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7dcf050000000000001491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c78974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000400000000000a5accf93bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9c46136a5755c47287eb00000000000000c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b179509bd9f263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a378700000000000000000000000000631ffc86fe0c8124536afbfc6300ee2c00000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e35776e37c2b7772d0873369ba559e4a9ce9a7878a9a46f2a68adae0f3f5c0715b169ff053d8f5ab73d5f738b0edc71a287418ba45a14fd1ab423d9c392d010af2cf1356c6f78d563822afd3e8fb693ef3e1f1c02289e94b15a0a2a58e9c77a6d388004396baf8af32d0bd7fef1597b20e2eec0273012e344628a8ea5bd0a9da43078b95af7186d5bf36a2e31c0ee3e1ec6accd94b7e3b47e52681128c5b6fb2afbffaa52d53080f7ef112fdffffffffffffff0c1f7b4673fc5202bcc1159ba59b9b5c996079b6c2b9cc011470ce48b53c7339135e0a1e7c90b91a84cfaf95af6edc881ca69cb3d869fcd87a294447e3eb627923970281e28528348f9d0157c80ffd70dd45fc9ae550e191e9f88a1f15c2d997c217bb6d5d24e88d07837851b391ffcf3aa2183952ef4d68757c7511179f0984960b907016a4ad6ba19f89794b545f983e94a980f83794c277dd644651d721a0d0546b3e69b8530d9391068d67cfb4fe879c23933ec59d3e728113fdf3a28800512b9cef65523490caa4f5ec30ad6ded9879843ade683b3263197964e752ca77b966ae22e73a0cbbe549306e49d0e11662cf8bcccd8198ef44911ed6b86792086cc6c758d8c4a872041e58685d4134a5ee5063b4bb7e8035442b1cba567cfee96b3b858c9086c907ddddd16414545f1b94b34f081f3e6248699060d62f236b5204993cf42c180f757938a62b5f302cae4a4a7be523be2db61b74bab36d0e63e4469969482ada533c54bdc9c2ad0b7dce02c869e6c853f92d24823036f8b5f4a6f6f89e1a9cd003c714814277f32bd6d535dcc08c992f2938b2e265ff6bfbf38694255c367867d64c50b6f7f2fd131b5b30059ea2ed6bd2b887f808dee79a76d600883085436d79381d7a4a09c4d73f8046c72b206ae3b76429c719f80ab8ff65494f35a75916d81ce89b94ed2e07540d855ebb2e78bfbb354e29d6b905f2573bec68e340472006f3738f004c24edd7c538ad9f25bda4c443bc816a8fb38081adbf5a80f5cd6fde3aadd56a9283dfdcbf7fdd1b44e717c0b405b3261f19b1c38df6331df8e84619ef307875c893a8f0a436ccfb6319000000000000000000000000001f1c8231baae9e6b907826aa7431ee8ee9deb4db6dca3e4fa3df5cd4015a3771c25bff7d305689ff0a71d821fc6ee9d2d0069a6f4cb434e8183796f89825de4d251bbf526adcf572bd39c9817a51b50859c77eebd37709f0d65667a71700006103120886e81241c7186011c6949a9ef5eadb3ca1ba74d055196c80fe796f3550eef858d924ba6a93ea687720ffe78f1e2c98686d85575fbabee88e97d4dea9b7d8416d62f962b9202528fcc38eea7d2b4efca4e14fcbcc15e8"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
epoll_create(0x8)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x6, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010113b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES64=r2], 0x40}}, 0x0)

30.691403851s ago: executing program 1 (id=4157):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8)
write$cgroup_int(r2, &(0x7f00000005c0), 0x12)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r4, r3, 0x2, 0x0, 0x4000}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x1, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], <r5=>0x0, 0x9d, &(0x7f0000000180)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x1b, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x0, &(0x7f0000000040), &(0x7f00000002c0)='GPL\x00', 0x5, 0xb6, &(0x7f0000000300)=""/182, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, r5}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r5, 0xffffffffffffffff, 0x3f, 0x0, 0x0, 0x10, 0x40}, 0x70)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r7, r6, 0x2, 0x6, 0x4000}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xd3}]}, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

30.519586353s ago: executing program 1 (id=4160):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, [@call={0x85, 0x0, 0x0, 0x29}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

30.367898332s ago: executing program 1 (id=4164):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, 0x0, 0x40000}}, {{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001600)=ANY=[], 0x208}}], 0x2, 0x0)

21.766878095s ago: executing program 1 (id=4164):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, 0x0, 0x40000}}, {{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001600)=ANY=[], 0x208}}], 0x2, 0x0)

8.639148289s ago: executing program 3 (id=4402):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x30, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
socket(0x11, 0x800000003, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002d80)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x6], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xfffffffc}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r5, &(0x7f0000001800)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c, &(0x7f0000001600)=[{&(0x7f00000001c0)="16", 0x1}], 0x1}}], 0x1, 0x0) (async, rerun: 32)
sendmmsg$inet6(r5, &(0x7f0000000400)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000180)="d7", 0x1}], 0x1}}], 0x1, 0x0) (async, rerun: 32)
shutdown(r5, 0x1) (async)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r5, 0x84, 0x78, &(0x7f00000002c0), 0x4) (async, rerun: 64)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) (rerun: 64)

8.243576276s ago: executing program 1 (id=4164):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, 0x0, 0x40000}}, {{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000001600)=ANY=[], 0x208}}], 0x2, 0x0)

7.681712496s ago: executing program 3 (id=4420):
r0 = socket$kcm(0x2, 0x3, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0x8, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r2], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010806000000000000000b00000008000300", @ANYRES32=r6, @ANYBLOB="0a000600080211000001000028005080110001004abee339084eeef16f162471f400000005000200000000000800030005ac0f00"], 0x50}}, 0x0) (async)
sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="020026bd7000fbdbdf251a000000964cba3b57b0216090e15e7fa44a5e6cb150bd95ff235e7d38c46b29564e83ee2acde99e6d39e041b7411327"], 0x14}, 0x1, 0x0, 0x0, 0x4000850}, 0x4008080) (async)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000940)={0x0, 0xfff9, 0x6, 0x1, 0x7, 0xe}, &(0x7f0000000980)=0x14) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r7, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="100029bd7000fcdbdf250f0000000500a310000000000500d5000000000008007e000a0000001c0034005bae13b4da49e79eecc0f6e7d17b8af2957ac12c37a093a5"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x4000010) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000c"], 0x0}, 0x90) (rerun: 32)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, 0x0, 0x0) (async)
getsockopt$inet6_mptcp_buf(r8, 0x11c, 0x3, &(0x7f00000001c0)=""/207, &(0x7f0000000000)=0xcf)
r9 = socket$kcm(0x10, 0x3, 0x10) (async)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
listen(r10, 0xfff)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) (async)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r12, &(0x7f0000000480)={0x0, 0xf00, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r11, 0x1, 0x0, 0x0, {{}, {0x0, 0x4101}, {0x14}}}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r5, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000600)={&(0x7f0000000a40)=ANY=[@ANYBLOB="3edd7eb77629c3b499ab18786dd22a0781d6509e1b98e388c15ae6b85477860594fbd91133ddcb1b16b11b0d65acdeca887b8aaa64a9aabc70e8584f3b6b2a313e10b674f7d8e89f6c2c313a76990e43f20f4c13399818000225730507", @ANYRES16=r4, @ANYBLOB="330128bd7000fcdbdf25700000000c009900070000007c0000000a00060008021100000100000a00060008021100000000000a000600ffffffffffff0000"], 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x4050) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="0000000101008024d4e3455c7216da3484447f8a081f930884b55764ca84de3d0e7bc8d6f29cd84ba9408cf2351604f1724e10a8fcc3988de886d82375980e92a1ba2f8410b0677331bf6293af17222761aa1289e6a8f1d888f4809cdccfe135695630dcb6bad9b53d1d96f2f820a715ce709fcaa40a70dc4c98ebbe761c0eec46d4f50508215e72fc781a471b1a7c769a074f2d6388253cfdd4b0e37a788fbb7296ae39bb35439c66437fa3347adfaca46f74fbc95f1b070287096cc9bdc953ea637c118a68a8ddc03aa44e8aa8ca5dac063a052d0000008bb982eb4ec7e08b552a2807c00bbfbbb5369dd1e04690a1267e29e89d27673db50050419e278e6130000000000000ccb94db73118ae0e420400f7caf98b2aae92430ae8b475784a021e18bbd97d526cb8c94111daab5f9b4e31103a1175e50db2f5440b27a3c9f17cdd126eb40a73fc90521fc8d3913f14eac8f0f1dc5c53e5eb97d8694b17612c890346cab61e5a4a7ab6c304e0887d63ab328eed44ea5391f7e3adf127a07c4dd14bdfc029822f71cfc2ca0a23258fe8fc76dcd75554c935be063718380741560b39cc4336e008d0897193ea1e"], 0x114}], 0x1}, 0x0)
sendmsg$kcm(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, 0x40008071) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='tlb_flush\x00', r3}, 0x10) (async)
sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0}, 0x4008804)

7.404906697s ago: executing program 3 (id=4421):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYBLOB], 0x48}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001500)={0x12, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x6}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$inet6_sctp(0xa, 0x0, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259"], &(0x7f0000000080)='GPL\x00', 0x0, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067070000200000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socket$kcm(0xa, 0x6, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x35, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x7c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001ac0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10d, 0xa, &(0x7f0000000000)=r2, 0x4)
sendto$inet6(r1, &(0x7f00000001c0)="c2", 0x1, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000500)=""/4086, 0xff6}], 0x1}, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0xd000000}, 0x0)

6.903917478s ago: executing program 3 (id=4422):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
unshare(0x2040400)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
splice(r2, &(0x7f0000000040), r1, 0x0, 0x800000000ff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x3, 0x20008, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x0, 0xfffffffc}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffc}, 0x9)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x26, 0x12, 0xa01}, 0x26}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x68, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @remote}]}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @local}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x68}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r7}, 0x10)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9)
syz_emit_ethernet(0x3a, &(0x7f0000000700)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @multicast1}, {0x0, 0x88be, 0x18, 0x0, @wg=@data}}}}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

6.511803866s ago: executing program 3 (id=4427):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b702000000000000632af0ff0000000026090800000000007b9af0ff00000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000001500000076ffffffc39800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000580)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0x98)
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000e100000000000000000c00010000000000950079334131fbd646fa000000000000d177a2eb9a7deae0acc8033c220ca0e620892c60a466ca9e62ea924317b6e2f1b87a30d73d4aaeac11a333"], &(0x7f0000000080)='syzkaller\x00', 0x4}, 0x90)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r5, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSFLAGS1(r5, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r5, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0xa, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8}]}}}]}, 0x3c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x50, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}, @IFLA_GENEVE_ID={0x8, 0x1, 0x1}]}}}]}, 0x50}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
socket$netlink(0x10, 0x3, 0x0)

5.252198584s ago: executing program 3 (id=4438):
socket$packet(0x11, 0x0, 0x300)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000380)=0x6, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000740)=[{{&(0x7f0000000100)={0x2, 0x4e21, 0x6c, @empty}, 0x1c, 0x0}}], 0x300, 0x0)

2.065920574s ago: executing program 0 (id=4458):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x90)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2d}}]}, &(0x7f0000000180)=0x10)
socket(0x2, 0x80805, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x14, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r2, &(0x7f00000001c0), 0x20000000, 0x2}, 0x20)
write(0xffffffffffffffff, &(0x7f00000000c0)="24000000200099f0000000000000000002", 0x11)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002bc0)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast1, 0x8}, 0x1c, 0x0}}], 0x1, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002ac0)=ANY=[@ANYBLOB="b80000000000000004010000010000008be5f176d9a07c398e7c9ec688e71baf631c9b6a2b0410e521314675ace4d88298fbdc54d37a6d8ba69814c3521305b6195c7b9b0f31fd9e1c7516b1a8a7d592dd5f8f9750ea12355106fb2a55d00325c962495bfdb74ed51cd1c2d35e1254833ccabfa57af6066a832f278715d516013423f1fb21c702fd51668999cf76bf13e67883bb84aefede5ece748b2d6dc64aaeedf4956f0671018e6194072f03d6e4b9d7fc4600000000b0000000000000001100000026c5dc45a50a92e7f52f52e7f75597aa432fec272ab48aa0df9ca7499c64fbd952b66a0634305f68b6dcbfa48469a2711730ff4a4afe5fc2a0004507d0fe2241605adeb30532ab387a993daa3bc696a6cee314b681607d2d53c9cfa81435fe01df7c282af00ee74999a665f1d0fa17434ca0b09f4a6947fc7b5fcd7a84cccea30659854d2e1f8375a24a273b126d5839bd059f7996de9b0deb9d4e8ebd8aba9363000000680000000000000004010000f9ffffff085f4bb43340a4d44b45e6a3a95f4ee31f663785ee6f83e5bd008f39a6125ea1221198addd7f23fdb4d29b6bda05dff7203823d1cc0dbdf60b4ad6de79d8125b308b0d32dc4b76c50136707141fcacaf22fee78e9f33c70038000000000000009601000006000000180ed33962ebb765e2ce47f59cc70375d4147775f91007092ecd6dfe5d69b4a597991e871aee0000d8000000000000000d01000002000000b013141c7538b8c3ab966c3f609377e4cd1e1751f6e290bb7a718e02b8006d06951c7a735fcd8fc46d9d12e7c962b91e221efb3126ebf33a5c44ce98495d706a970daf0d4553d2b8a7d17e18da6606b371377bced774c90b1f52ab8ddbff043e0be938c9322b6375b90a37ee24d3c321dd9ea4ff77b81e90476664975d3f3f7649f688ca909559cc4a0f08876a5f3a907bfcc54caa736575259d63f6dc9e98c3039909f67bf5a9c8dff864a96d4d8e5c34e913cade0e85855b1058a5adc021feeebe475ecd6f8281f0000000000000000701000006000000d15bc5fc77caba3e58cbda89ee1a0c259fec8486dba1e22e6d20828824d3f2d5436d9c3476f4181beb52fe24ab089aace9aff58560f44f4a916db0f3613b398ecc1fe8b27b3a74f7dc069d09cbc24d6a38ee382766bda17a29e3b4f7a674b921bdfc328b9ec0547deefe921886d8fbbad5ab5496ac7375cde2945cd02c370ef4151552f5f9082b5dcbdf98b1ececd0b879123a5fb2ee35c0445d5f826c5eb30872476162769986601915e1ab6a774409f048b235d493061436a8a98672c55655451461286f51698dd5987fbd061d460300000000000000036f727d33000000001010000000000000ff000000f2ffffffb58aafc7a5e52d22e76dd03a8f50fc7af80508a1981d9641edd6b90700ab95c1bb885074cd7e7c7ef36d5ea95449de3b0c9d76f4c820eb1cbf25a858a7afa025796a59669dab043073f9a96753408ee1ed896f96ed04475b0baddc13ff271765519e16a5badd6dcdb3c19c6b846e4ed5452cb5189ffcb055f0531af6aeb23d412d58880c1ee9b231c40561580bbfb2e6a3a32ab1a46015a82a0872013c2de738ac5d0ce34053832dcdd9fd8c66478cf043c466d0043ec79b0aceb5d140f0eec0b163f49ee7d212d6010bcfff898050c2d23303c966a86bf5e4830f79a32c5072a712409422d29ca818cd09f9ee6943f4db4cf1f481ec1d6151c800105a707e0274b1881d0ab86983e8af396e93315b19bad7674e6ba45de54078b4379e27ae3cb96f4ffe2a62ae2b9aba20c90f8815f5fb4c034d3a1a29efe36892fc0d4a257cd3d0a10ffdbe9be1c68805a0bc501dedb3d69f437a688a13b6f955b9bff8ed4f03ec772ddd4bd2b7dd8cbf1825db269e278cc582c296afc992b0386625c3c719b0cf1acf24c49c9dda762fbcd8dd205ec4b57c5cfe"], 0x14d0}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@abs={0x1}, 0x4f)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r7)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="410000000000000000030603000014000300024d301e0e50001806e8ffffffffffff08000700263a0906140002"], 0x44}, 0x2, 0x1000000}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r9, 0x2, 0x0, 0x0, @prog_id}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="b4060000000000007111b7000000000095000000000000008500000000000000950000000000000095000000000000001a8f3c6f7401829076d83a75"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x90)

1.952677458s ago: executing program 2 (id=4459):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv6_getnexthop={0x20, 0x6a, 0xf5715ac9c25cb36b, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r2}]}, 0x20}}, 0x0)
socket(0x2, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000000180)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)
sendmsg$FOU_CMD_DEL(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x1c}}, 0x0)

1.856074206s ago: executing program 0 (id=4460):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000001"], 0x34}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000000000040000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}}, 0x0)
bind$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x19, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20)

1.855517625s ago: executing program 4 (id=4461):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="60000000020601030a000000000000000000000014000780060004404e210000effd05400000000005000400000000000d000300686173683a6e657400000000050005000000000005000100060000000e0003006269746d70703a6970000000"], 0x60}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0xd4, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0xa}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}, @CTA_TUPLE_ORIG={0x5c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x95}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2}, @CTA_MARK_MASK={0x8}, @CTA_TUPLE_ORIG={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @empty}}}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000000306033f000000ffffffffbfffffff000500010007"], 0x28}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0x42400)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
socket$kcm(0x11, 0x200000000000002, 0x300)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
recvmsg$kcm(r4, &(0x7f0000001040)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000400), 0xffffffffffffffff)
r6 = getpid()
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r6, 0x12)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r6}]}, 0x24}}, 0x4000040)
getsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

1.714148511s ago: executing program 2 (id=4462):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000200))
socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000095c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000009a00)={0x0, 0x0, &(0x7f00000099c0)={&(0x7f0000009940)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x3c}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000d40)={0x0, 0xa00, &(0x7f0000000080)={&(0x7f0000000c80)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100fdffffffffffffff0200e7ff0b0001800500020003"], 0x20}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = socket(0x40000000015, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x0, 0x0, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

1.375454563s ago: executing program 0 (id=4463):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001400)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004600)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xc}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4d}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1}]}]}]}}]}, 0x5c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x1400)

1.102408326s ago: executing program 4 (id=4464):
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd6012000800303a00fe80eeffffffffffffff0000000000bb"], 0x0) (async)
r0 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
syz_emit_ethernet(0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a9d2e78d5fb6fd9381923d6577357a31ec21f15015b32e5f3135ca1dc196e2127edbed5c2c0767692cbc299f26a9e7ccf9906636a8b32e4f0bd4cc0583723ec09e5fb7a7a907a9a5d9f1cfbcf031b6797bb0a4771eaf1"], 0x0)

1.101539235s ago: executing program 2 (id=4465):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0xf1ffffff}, 0x0)

1.100315717s ago: executing program 2 (id=4466):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x89}, @exit], &(0x7f00000008c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0xff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
r2 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfff}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0xa0f15a6d21a68a81, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x7f}, 0x1c)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x9e}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_80211_inject_frame(&(0x7f0000000280)=@broadcast, &(0x7f00000002c0)=@ctrl_frame=@cf_end_cf_ack={{}, {0x7}, @device_a, @broadcast}, 0x10)

1.099593326s ago: executing program 0 (id=4467):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x2d}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000023c0), 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000008000000000003b0000202500030099d10d9d25c8a2fe7207020361f6342c87e0a19952c465d11336ece9566b068fb5043f58e0ec075a993a78b9fe298f0870268454392fd9d7dc4264aa448300882c2875f38d5f", @ANYRES32=r5, @ANYBLOB="26003300d00000000802110000010802110000005050505050500000090425030000003e01000000"], 0x44}}, 0x0)
socket(0x11, 0x80a, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028010001a"], 0x44}}, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)

1.025024124s ago: executing program 4 (id=4468):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000000)=0x7, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000300)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @loopback}, '\x00\x00\x00A\x00\x00 \x00'}}}}}, 0x0)

938.903755ms ago: executing program 4 (id=4469):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000024c0)={0x14dc, r1, 0x800, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1782, 0x53}}}}, [@NL80211_ATTR_IE={0x1a, 0x2a, [@ibss={0x6, 0x2}, @mic={0x8c, 0x10, {0xd9a, "548b9702eb37", @short="202c053890cb09c1"}}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0xd}, @NL80211_ATTR_FILS_ERP_RRK={0xe2, 0xfc, "a8be57c7bd6e8d4cce3f32e345c205a5ddd4f707ce3ad4799370cd94a20dd81fa8dec27c256563f2222b145dedfec67d29c7000103598cfef376dcedde9c84984ccb102e4c72cdb25341b7909805aaf907fecf29737947b337225c1970c3b01cf44490f0264370722921a883053635035c02af74ffbf636798eedcbe1b16afbb3b66c0fbfd4e13bbc84ce94a8315535da00d144603b9dd6777c314edbced63251efa3cb41ab804b874cc171c4b1cc378734b0f63df3c998b4b8bcc14cd4c9252c7e039aabe2a4d6bb0e8546a98d8e44437824570a881e46c8a7be84208c5"}, @NL80211_ATTR_FILS_ERP_REALM={0x78, 0xfa, "50326d2331fb1dcee7ab0fb739fa5e3b5cb04020beaeb310ed5c201b01d68731e347eae91e3756dfa1aabd123b879376be14a68def8ca7c3646454b8e281e2e58c4bc20a19f4bc3818c86acdfefbc0fda59ea602f61a914b84476d7c60f3d2ded1afa188855faf5e9d26366bd19aaef935e9212d"}, @NL80211_ATTR_FILS_ERP_USERNAME={0x14, 0xf9, "5e23eeecc2196dc6cd0fde786dd6dd45"}, @NL80211_ATTR_FILS_ERP_REALM={0x5b, 0xfa, "14765f46b8aa96fa350bbb7adfe231cca472dc80a1b4943cbf4bd884c28ce1c6a93844e3efe23bed3afb595c4adb341005560dbb837fbfb44167aa69c08fd2621b38dd13dab8df96f52213d20a5aa320d81ec1c8994aea"}, @NL80211_ATTR_FILS_ERP_REALM={0xb8, 0xfa, "f69296b20d35381762253a221a4c671ceffd04003cd7c3a571d792f378158b9ffe0a629fbce74bbee7d67fcd89e76c860a77fc52c55ade49852df55f241e274e763b4f12ca0af10de661bee3678b863414725795c023bf67461a2df35a899b130eb110b2c8e50a99d711c3b0cb56042995a434c6caab3b86e69b0d1d1d82b8e7ca848148f346109d46cc3a5104de2a28616b67c336ef6caf0525134ca35b321af6bafdede7593edc721a7baefdee4aaa4fe7c0bb"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x7f}, @NL80211_ATTR_FILS_ERP_REALM={0x5c, 0xfa, "a266535d8e9331c05897a495f1d854935b8c859b7f7a40983402572b734fad57b98e30179cef82655d5beff9b1b516d28d62ffbc5ebe16cbf87f16827e5a62843fb6afa5576601ece0e0dcb8aff3e0aa6dd6822262e63a8e"}, @NL80211_ATTR_FILS_ERP_RRK={0x4}, @NL80211_ATTR_FILS_ERP_RRK={0xdb, 0xfc, "932ec4f518960fc75318c3675730b462da33f24345fd337ceaeab396de11e5aa5e527a88b2ecff61f834669c7d7af346777f39a3279e0dcba5bdf43c014a9fa7a94ee0245a7dfae7885ee47dd5fae02768bebcd36704506364f15574e6895aee96d3f72e381f593f19aecc6c31117e677ce877f8634066bd9e1f800e50257c14726a8a670585dd15008206c0f8004dfb148be2e57bfbe90aa7f58566bdfdb31ca69adf023d13295458b2942ce127c502bc2cb9672b2931528e26c275c0d9ae65ebc777bef657f043ee8dbc7424c86ca88572cdc8d0452f"}], @fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0xf04, 0xfa, "aa5259f32187725ef8b34afed560c058643a94254cc564a3689a769d19ee51c5645d4f2035e7db0535b073f90cef23371a97476f2ca081579f9ab633fc446b0b6c427028155718078d1f0ac2d257a7aa30949a7720fdaaa0f5f38fe774d2b692556bb2a254ef8fbbfdc8a9bd3114c4f0117e3c415839e61cf9f2eafea06521b8c8fde78c46bad48b5bdb61441acec4d2e01c8c331c4c606dd07b68c09677231f65c83accde83ea757b30f6b541320f8cc32f9f5ee5f1a198ebc61034cfa5039a240cd73bad3b80247fafdbbb4f12f98499b8b3b7fc85f6faf3d9dafa8873f1c40ccef77dbe45555293bef6eaf8642d88b38afe141b1a2972e6feeb7ba4cd63a4dfc20120cab61aef7e9816c4d124bc2e3041e71aa65709ed3fdd3ea3a13cb31de7f76b547ee469f99540ef0af9a574ec44de9ee755383e0779855dcab29a1f3bd30a19accd888f7b0854b088c15e4427692a583c21946d9a85e8828e0288074c029795865701d96350e9d339544a54d8f43ca540210e490a1ef07f8b26e5af9c8340423259ef49ae7011b55256d1198493fcf02bd143ed5075458ef7222bb46f31339714e5084bc16605e2053e116a6997e402def37d91b61b382533b78cd1b736110fc3b962eb88204aaa8e0aca862a02e3c8aaa3b28be48970044fa1d96de81a6dafe1f01cde3614a1a5462c9af15840f546efe1ffac13f1b23e053a1ee142fb1e146619a0f73e726905ab73a41b5eb96ba5e69cc6a02596731d7d82ced7d9d5ca21e958ba805d46f1726b84c801b6da13b1d280a716bb88bc0364cbd253d9d70c565ddeac2982f50642d2ef7b07c8c146d7e17d12b740d0111f3cba9578ee79c31e7ac494f3664ed0e658efc2e16c8696bde24cbba541fec787ed27a50fb836445ddb28fd147fba91e98b7b491cc933cbb06ed3db46e8482645b296c1dc86c604240582e94a7b708007604fc9d6e504ccaab71290a941b4f5ec56d7f4a3c0d5498656ce83388e7fc4f556477c7ce335735367fd9f7ee47b0b484af32c834f28ea6f0e65773ee7bfeab41f1e66ab4d04a7a0cb2e5089afb17c623cbd4fba57217bc12473cb742743e7687f374aaba4719a7df957ba38e304839ed450763e406a91a753211dea1fd5722f6d8f7b52719188821d6f4eb5743720ecfbde768d0e84d1906f18d5f9a9797fa6fbc9f85b0764d6207177071f1081e081e6a05220e78ac267a198980135d8e6d6f06177c3a83061ddc5d1cd8132438c748794a3e0c963f2eb3bc7b5b53a82eed180939b925497d52cb21467058d05185b9c269b85f0d34d787df662564e3df8af0710dae846b11e40469af084cf63f30e0ae95616d87c9a5201b9ebf4f92b882f41a02bcd98fc7a8aa865188d567efe4f1c3cf619ff2378a5ad57464deff6315d9f1c0cb0164b1915415152c8b32c4ee1d64ad3d5dd819cbc86d47a12f0b49481a04e28b8513c235ab5a20481905f681a1f0b0901e1b6805e365c4343592daf11a89ed7a14024333c4a05ad02748fdac2d146fd636ddf416a733a4e84c916dc661895d0cfce04cbc0726ec4e9eb5cb884e11aab3a5626783d3a126e469179868cf58bbbb0d9532fa8046738bd98a9f66358bf39509873514b3680512bc823b6f7f8509659badd14c46be2dd713df785529c53e7756960ed320b5f3de9fa9447ea4a182e634636ab2ff58faea327605c35699c89c96209d09804da8d56d2a04a4cfecdcbc29c6f397c9fbd5e2df2c1b27657e7afe404dd5956b3a67a9748e8688acb6559c04ccad3e778889d2f95153ce3f460f992771a701f982b9cce383334af31a020b8daa92c53ce167dbbc6e6a0ea5995f1e88d9bc27a2838da93005455bf629c87ec375409e85cd6db28be6476fa04d52126ca2b9441a1c14395c25e44f9e137f24b6815800c99c4c3fd3646781924675027f04ac5ef343de3eb2cd3c437bc2bc54facf1a37294f54a514a15175bdc6cc9fc1b6bfa82ca225257930bd963f3d411abe121f66fba8435c662e80fb1d66fdea5de8b6e84dc41dc87ebbd9d811c95aeeed940815fa9127e4d6bdb162e8b9c3816ee099e4dc78d91e37c0e374c96e06032f9c4e7956ad25cbf9a5f14d2e1a1ad94268e5a7443547298afe0923309f279047bd90a0c6b1aab079d614304b166ea49939a4350dedbdfec6c8ec444f3cf484044965bb6b989b06c312c423e9988b6f93574fc2d0cba0a77e74f15e18b85638ae508266be040c63112ffa471fc58b5870faffab63fa323ca1fefc1151611853872e340d693f489f7c110401b43b40dcfcc04d106e113d6b4b1cac719674c20a16314a47b9239bf734a95eee443c52ca6062d4fdacfd838a47ff926c0f9b40e0a204ea744887824c6e76dcdaaaaf1387f8a228c69a90809fedc3f4f2747a63eaca9a94ce0f2a12ac7e4a3427e9bc7d00415527dbc71185910c7f2670bb9464d12691db2a2b4ff4b2a8d72728f0bcf31f9a54a0f1d15bbfd24e351570d2278fa68713b53c55721c6b09035332f86f068e364680b156ba804a59ce44c8e1de0c931803ec938e08c7f064dc8c32ee07d98ab4a142e609147df820c7b78400b644a53686ff09bea6ae7fd3899c56cc83b6967683f5fd9115ad80e1a7a896fd655180152e396733fddd2b9e05cd3b6750fa4fd52e202d90230c2c22af5c071bb646de779f858a01d5ecf9d9a52b521ae5934ae3d268ecdb46cccbfc8a0555080cab263fb0f15acb0aa00f708f5f32b951bdbd835b5904806cb0de7252b66aee29d3ca0950b2f252e6c063f445458738f97ce2ef66f99811dd68c579aa9dbfea961177df5b8c512b1bc6aa325df4d44778343697d63a07dc40756de3567d665631d7a131a9cb9caa24b82600df3032d7c001dd8f4e0bf300733a8b16d2db750c535df4123e6c8b528eaf66f81b213d72b55f6b73a1e8b91c67270fb148414590f40af916f31aa9832ed077ae2204d59e1b9f971e2c2e334f05d0397decbcdcf5f413fe440724bcaf3bd61756f5d7f3ad5c19fac9c9534754f1ec93e47a5a0c785be50e893ad98bc62b29cf3ef6d3459f9725ea35c7526655b28d5b6edaf3340a611e31ab763926e0d7a9edebe6c1152a83652c213f6c5554fd4741fe7ca0b0a3c1b534dbb768b243d90c3cff86547aa63f06c09a5671210380421b7090c6ebfc0af3931439beb2bbadc4ad7ed888d1ec4d6081daa459394eaea60ea9d4c9f47f8858d64b725a829f5e9ce3d4c021180579b9d0535a60662d3ab4a5e9f5c1b4ad4bbadc78140c0b2d131fb8c54afac53179639f494a1a23acd81fabe61e8bdcd1d786860d5ecc04090119cfe6d86132028403955db7e4fc0543011eacb392d70d2db216bad35883b55b60d93cd12fb54bfc724a44d4c88b673f763fd5abbeb9c1a9ff320eb65cd1402ce2416060ad480441e699afdc20d29034235a86f67ae40bd44c5c6124c1011d042260e50b21cfc7c10794b59163ca4c8e689b85848dce8a7c138a4a5aa690532218d557bba81801ae118a62fbe4f8d54ff53eec5b8d7020fd1d8e602fe072f6f07a2bb0abf2e1c19f55e7658d1689f98869c127742d80ee9773a032dbff1433eebe169df91773563d35ec319486eaff403d0f369b2b1f41d933c321065cc34cfd9ea8fb3f8d0aae2a2e9a4361ac1dd895e88963530ae56b42f132fad59b453f638251f9daf2c355060e1e6c476698548e7f0d16543ec763ea35354f19549f20bd6901edece67aa71efb4154b6d668f6ffe677ac18562c1899f09488a1601b1a16a67e4af6d9217f211562d3e76f7948672ca399b1b64e3c1f4afd8cca75a40170abd17c9bdc18ff9b7b6a789f680016ed4da05d91d827c3dbcf5babea4e130612a5bf916d782b2aa476dd439d91fb923fc5fd5fb1b81063f6acaac53c87ab240f1f3425bfa11d1746d74345b2863625845be8f6b3d00d52efc0f15daea40761a36645b7f899581443b394df9f2154118b30ac934ea9bb451b6201939a56cab40b8d3c859b05c15e48a9ce19922760438f091f49b21b8905a1bd42c3f21467bbad336761ec34e732cbc4dbd7541ed9e3e5722c36b3df625bbdec4990b6d9f5f6e16253cd477c44312dba889fbf7f81c9d5535307bf9193b651eb635560b1f38c16a8bbc2a6dd87a57c3949eea2c50cf339b28c8cd6d3ab0905a712c1affb787a5227037c0ae3c8d23fb498b571c67af7029f58951f62e936b1a2263dc1231d6b77c68a818d571424462604306475b5428c428b5b502749d519d67583a07ee2188481366e0cf9cc524a904c76e61f27df4759a63aa093acf15393486806c3a33a57e530e42883a7ce5a848682c178f085ca4efbda35c713d427ce0dff863f84862a6098683b56bb6956a5d50d78933c1ab94a6988031b36ce6bc709fdfa152e60cdaac9bb3ca3ed186b8922dfea7c1de0257e5aeb9f7d238ea67c07a7d67852c8920c10255e37259f919a1dee17a1c94633e0a8eef856be1d74e0eb9efc72cc7f688e4e8284ca3fbdd4ec2ed5018e9a8964a00c1ecd8c38daa6bf241f79e80470758bbc578faa38b11714135a28484006f96f4d67bad257a3076503b21a10e73860148d357b8a09f831f306ed043a1a0d51ef7292d7a96fae14eabea5907f8fcbe8fa9d823481966aea8cba6cf319b74945282ae8244b25dbad482d06ec9a10988b28c63206c993487cce1be7c016da80780842d2cc4047738db62070d0d47f033b79e0595260e1c84b0511ab8181d1b44c27b04a205bcab205f16b018523c73b29ed60192920228da5af0ccc74304aa2bca6a17d9b39f6ccd95ce6c173e1edc1467b265384e79177323b5ba6d93a89ddf94e9f6ecf197c3101933db834e255d4c3606633f4c9a4f6c7430a8db65cc65b8877c8009e1dcfe17b17b020e9694a47ccdc01f843a4bf04af7286782e53dbe9f291c27026e1f5e69d60b4da241e3f21694d2c84d3ff13856d9ff4b3319bdabc9bc32c3cd71f306be39558679f07b620a60db219706f5edbe75ec9617aad72b98e75876455ef9a9c120d4e5a687b84197058a425dbed1d5590360d9ecd67911327e3bdd5a4fff044ea92fbed0add825256f289c029d0648da981e684e69626fb55b6d530809c360b9ec098b22a639a56358295cd33fcbe154242684110acf31e84c01810bcd6218620ee171390176aa297ed9aca01330851416fefa83a7477a80042456c1aa8bbb935402ad1e65db0b43e81b6dab58a72d2d6d6a0b65b60fd1f1f2cf8694f3b8810cdc1310492e4cd83f6523304b48b262b6aade7aaad07496fb627c7916577335570a71a6cf0711c6de612b710a75c819780bb4ecc7bfd547302123c24db821c8866492ee135fe1b333aea45b0f716dd1548127a59f639912ad0b21c7f95a94a058b0b7e33497f2de8453add070e8e90a1b0255766a"}], @fils_params=[@NL80211_ATTR_FILS_ERP_RRK={0x43, 0xfc, "904752e12650f8b84d1d9ebcab542846e0bb8fdb4cf5729a38a612bb453e1f048901adbd790691f07cd5580d1f3d305c0d85565d821c9a234773fe0857d579"}, @NL80211_ATTR_FILS_ERP_REALM={0x4}, @NL80211_ATTR_FILS_ERP_RRK={0xd6, 0xfc, "7becdac060a04e90715a562ee41fa5f58a8f82642fe6378bf0adde07146650321526f752b5274662d79fe634e754d464e79dd73faf8818e6a273a89ec8962bddb4c7d8c028b1e8056070cdcfab1403105af90fec87aa61453b5f83ec84f850b4db8b39ab0a2f0e3433b138058f4e2d4e7dcdd8ca7fa2bc4699c2ff2ee14917e3a086b586be9436a4306493c16e1ae289874823b0a182c6c19b7dd140b4038666357b754b98db80592463b7e7aa17801ec43650a8c634a76b75d05caa651f15ee180c2fd508afd7b071594511132b1aa47418"}], @NL80211_ATTR_IE={0xa9, 0x2a, [@rann={0x7e, 0x15, {{}, 0xb, 0xb, @broadcast, 0x100, 0x7, 0x401}}, @mesh_id={0x72, 0x6}, @fast_bss_trans={0x37, 0x84, {0xf7, 0x2, "8fe99715288bef0fdd3bfff7dd26b21a", "9f6fef8ed5e87cd6cf455f204f2ec288a72f98cd6666d7aa2a800d85e00c2281", "93d8cef8a1324ff5943b316484c7831eff47b672060d2d47d63c0580e5b3072e", [{0x1, 0x1f, "27da939181831da3ff6544156fc9aea34e31a15af2e30b2ea28f4b14dec4b5"}, {0x1, 0xf, "81f8a7c20d262d55573677fb4f253d"}]}}]}]}, 0x14dc}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000003c0)={@multicast1, @empty, <r4=>0x0}, &(0x7f0000000400)=0xc)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000500)}, 0x20)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f0000001f80)=ANY=[@ANYBLOB="0204000002"], 0x10}}, 0x0)
getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f0000001f80)=<r7=>0x0, &(0x7f0000001fc0)=0x4)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000002240)=@bpf_tracing={0x1a, 0xd, &(0x7f0000002000)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @jmp={0x5, 0x0, 0xc, 0x1, 0xb, 0x18, 0xffffffffffffffff}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000002080)='syzkaller\x00', 0x8, 0x63, &(0x7f00000020c0)=""/99, 0x41100, 0x20, '\x00', r4, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000002140)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000002180)={0x1, 0x1, 0x9, 0xa}, 0x10, 0x1bb19, 0xffffffffffffffff, 0x4, &(0x7f00000021c0)=[0x1, r5, r3, r5, r5, r5, r3, r3], &(0x7f0000002200)=[{0x3, 0x2, 0xf, 0x9}, {0x2, 0x1, 0xe, 0x6}, {0x2, 0x2, 0x8, 0x5}, {0x2, 0x2, 0x7, 0x8}], 0x10, 0x3}, 0x90)
r9 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000002300), 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002480)={@ifindex=r7, 0xffffffffffffffff, 0x22, 0x28, r8, @link_fd=r9}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140625000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

694.573772ms ago: executing program 4 (id=4470):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000001c0)={@val={0xa}, @void, @eth={@broadcast, @remote, @val={@void}, {@ipv4={0x830, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data={0x4, 0x100}}}}}}}, 0x42)

563.918312ms ago: executing program 0 (id=4471):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x12000000, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078008001240000600000500010006000000050005000a10440005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e6574000000"], 0x5c}}, 0x0)
r3 = accept$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000001c0)=0x14)
accept$packet(r3, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a09040000000000000000020000000900020073797a32000000000900010073797a300098000038000480340001800b0001007470726f787900002400028008000140000000010800014000000002080003400000000a0800024000000009050007"], 0x94}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628)

428.252701ms ago: executing program 2 (id=4472):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv6_getnexthop={0x20, 0x6a, 0xf5715ac9c25cb36b, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r2}]}, 0x20}}, 0x0)
socket(0x2, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x22, &(0x7f0000000180)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)
sendmsg$FOU_CMD_DEL(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x1c}}, 0x0)

246.438063ms ago: executing program 4 (id=4473):
syz_extract_tcp_res$synack(&(0x7f0000000000)={<r0=>0x41424344, <r1=>0x41424344}, 0x1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010000100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32=r0, @ANYBLOB="0a001b000000000000000000"], 0x2c}, {&(0x7f0000001340)=ANY=[@ANYRES32, @ANYRES64, @ANYRESHEX, @ANYRESOCT=r2, @ANYBLOB="00000000d75d17e6193fafe207b25360fb1fe2edb8f9c597102ce16b0c0000000000000e606ba7ea7d9370a898e71cb4221e5812adb4e9523a5ebc6fbc658f059046c3c0dd5113a2f11b9b31df04832500b95fba147ad27370100207d17ce4220f6088557280ce35d818943e3ce2a9e2e563798fe050ae7deb9af8bc40ae4c5c192893aaad4c455a8c2add65c8eb347a63160f499849be4bee1af1173a6d35e34b878f0eeb3c0835be8098cbd73a226c2d9c436c7f255dd2486792a0d3fe067196805bbe0afc8acae7bf9a22dd2c110e8d09b4db2c26833cc3a80f69a99fd74eda0d4a69f2b68598c567bbba674c96dd2d09dad5d1f422ae1ede", @ANYRESOCT, @ANYRES64=0x0, @ANYRES64], 0x200}, {&(0x7f0000000380)=ANY=[], 0x3b0}, {&(0x7f0000000d40)=ANY=[@ANYRES16, @ANYBLOB="0d0007002f5d3a402dd34bcfd20000003c1334834595d3f4e4e63f5d3b7ad1c6d138330cf1e89df2acc44aede49d376ac1cad9609428c0a064dbce92af3f22b5e25004591bd045208ffebf1a54355ed0712aea727f932e35d97023a78656b8db0b82484b79a61ff29dd0fe1170231abbe632a75af5f43a85e41c401df58a7a2497e3b5231f5a37eee344adfcdd5181569d0a4a195af10d6dd8dcc234469e00b19feeb94b2f72d824e0a2b99e34aaf3d39af4105c4bd413e03a647da81523dfe9333f932010da3278a64a505cd104c8d4f7c41b904804c87e2de405f8f688acfd39991d58caf457dc03e97b2edb2492b32469a2a8228baeb7006114e6379fd0476cbceb1bec9b01babafbfd7d4bee5b76e8e1f42b39f9f84f555ae3a4cbc0f982dee80af161adf4"], 0x16c}], 0x4}, 0x0)
socket$inet6(0xa, 0x5, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000bc0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500003c0000000000069078e0000002ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=r0, @ANYBLOB="ac020000907825b146dbcd236ae502c4682c0000fe0ef98951088fd7"], 0x0)
syz_emit_ethernet(0x1bd, &(0x7f0000001180)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0820421f01af0064000004069078ac1e1101ac1414bb44144c83ac1414aa00000000ac14140bffffff267f4585205c263801bcd4a183b029c1070b09df9cc2070000008916050a6dcef592d271e5a7071132a3158496d5045716be07822aa5940606bcdd82d90000442c92930a01010000000008ac1414aa000009590a010101000004006401010200000f37008646ffffffff020ee594fcb5ab2e3e56b7767d4f010e7fcef44148f6a2bfb2b14a470007883fe48ad5010736b148a1670203de00044cca0004e668060b5258e5f25695e25cfd830ffee000000164010101ac1e0101441ca841ac1414aa00000a60ac14141b000007ffffffffff0000000300004e224e", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="f1800fff907800a222020402fe0bf98947808fd4fae08a010506000000032204b1b2fe06e2d4c3d9fe06e2d4c3d900008113e16a2df8b6ce0039b4e1d30ef9e175fdf4901b0053292ddb70b43fa23b0072349689e2cf68174ac74ac887887b1e1adbcc912cbb373098f053d15ce399820a0502ca272498b1c0be62da26d939c47be313edde0095c22b928f29bb87729ee4ffeab1c1d2f3"], 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaa2aaaabb86dd6000fbff002406fffe800000000000d7788d879c00000000000000000000fe8000000000000000000000000000aa00002000", @ANYRES32=0x41424344, @ANYRES32=r1, @ANYBLOB="9020000090780000050a0000000000000000050600000000"], 0x0)

108.592447ms ago: executing program 2 (id=4474):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x700, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}, @IFLA_BR_NF_CALL_IPTABLES={0x5}]}}}]}, 0x44}}, 0x0)

0s ago: executing program 0 (id=4475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f00000021c0)={0x2, 0x0, @local}, 0x10)
sendmsg$rds(r1, &(0x7f0000002180)={&(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000001fc0)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000000c0)=[{&(0x7f00000006c0)=""/4096, 0x1000}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x90}, 0x0)
r2 = epoll_create1(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006067c09e8fe55a10a0015400400142603600e120800060000001001a8001600a400044003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r6, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r6, 0x84, 0x5, &(0x7f00000001c0)={r8, @in6={{0xa, 0x0, 0x0, @dev}}}, 0x84)
r9 = accept(r4, 0x0, 0x0)
epoll_pwait(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r2)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r9)
r11 = socket(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r12=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x24, r10, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r12}]}, 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

ON: forcing a failure.
[  296.816800][T14624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.849667][T14624] CPU: 0 PID: 14624 Comm: syz.4.3255 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  296.859892][T14624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  296.869967][T14624] Call Trace:
[  296.873261][T14624]  <TASK>
[  296.876207][T14624]  dump_stack_lvl+0x241/0x360
[  296.880913][T14624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.886138][T14624]  ? __pfx__printk+0x10/0x10
[  296.890757][T14624]  ? snprintf+0xda/0x120
[  296.895022][T14624]  should_fail_ex+0x3b0/0x4e0
[  296.899728][T14624]  _copy_to_user+0x2f/0xb0
[  296.904164][T14624]  simple_read_from_buffer+0xca/0x150
[  296.909557][T14624]  proc_fail_nth_read+0x1e9/0x250
[  296.914605][T14624]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.920181][T14624]  ? rw_verify_area+0x520/0x6b0
[  296.925046][T14624]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.930612][T14624]  vfs_read+0x204/0xbc0
[  296.934796][T14624]  ? __pfx_lock_release+0x10/0x10
[  296.939840][T14624]  ? fput+0x193/0x210
[  296.943845][T14624]  ? __pfx_vfs_read+0x10/0x10
[  296.948573][T14624]  ? __fget_files+0x29/0x470
[  296.953184][T14624]  ? __fget_files+0x3f6/0x470
[  296.957897][T14624]  ksys_read+0x1a0/0x2c0
[  296.962161][T14624]  ? __pfx_ksys_read+0x10/0x10
[  296.966943][T14624]  ? do_syscall_64+0x100/0x230
[  296.971731][T14624]  ? do_syscall_64+0xb6/0x230
[  296.976433][T14624]  do_syscall_64+0xf3/0x230
[  296.980954][T14624]  ? clear_bhb_loop+0x35/0x90
[  296.985658][T14624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.991568][T14624] RIP: 0033:0x7f42baf746bc
[  296.995998][T14624] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  297.015623][T14624] RSP: 002b:00007f42bbd3b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.024065][T14624] RAX: ffffffffffffffda RBX: 00007f42bb104038 RCX: 00007f42baf746bc
[  297.032055][T14624] RDX: 000000000000000f RSI: 00007f42bbd3b0b0 RDI: 0000000000000005
[  297.040044][T14624] RBP: 00007f42bbd3b0a0 R08: 0000000000000000 R09: 0000000000000000
[  297.048034][T14624] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[  297.056023][T14624] R13: 000000000000006e R14: 00007f42bb104038 R15: 00007ffc6f8e3378
[  297.064025][T14624]  </TASK>
[  297.225735][T14636] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3259'.
[  297.259147][T14636] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3259'.
[  297.939518][T14648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3263'.
[  298.144711][T14667] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3271'.
[  298.981384][T14719] netlink: 'syz.3.3292': attribute type 9 has an invalid length.
[  299.512050][T14735] netlink: 'syz.4.3298': attribute type 10 has an invalid length.
[  299.603233][T14740] netlink: 'syz.2.3300': attribute type 10 has an invalid length.
[  299.612654][T14740] geneve0: entered promiscuous mode
[  299.656245][T14740] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  299.948886][T14759] netlink: 'syz.1.3308': attribute type 1 has an invalid length.
[  300.036394][T14759] bond4: entered promiscuous mode
[  300.155347][T14765] SET target dimension over the limit!
[  300.801914][T14795] netlink: 'syz.3.3322': attribute type 3 has an invalid length.
[  300.811033][T14795] __nla_validate_parse: 3 callbacks suppressed
[  300.811048][T14795] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3322'.
[  300.850976][T14796] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3323'.
[  302.656076][T14862] FAULT_INJECTION: forcing a failure.
[  302.656076][T14862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.702317][T14862] CPU: 0 PID: 14862 Comm: syz.1.3345 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  302.712612][T14862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  302.722686][T14862] Call Trace:
[  302.725979][T14862]  <TASK>
[  302.728917][T14862]  dump_stack_lvl+0x241/0x360
[  302.733618][T14862]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.738836][T14862]  ? __pfx__printk+0x10/0x10
[  302.743445][T14862]  ? iovec_from_user+0x61/0x240
[  302.748307][T14862]  ? __pfx_lock_release+0x10/0x10
[  302.753356][T14862]  should_fail_ex+0x3b0/0x4e0
[  302.758059][T14862]  _copy_from_user+0x2f/0xe0
[  302.762661][T14862]  ____sys_sendmsg+0x2e4/0x7d0
[  302.767448][T14862]  ? __pfx_____sys_sendmsg+0x10/0x10
[  302.772764][T14862]  __sys_sendmmsg+0x3b2/0x740
[  302.777475][T14862]  ? __pfx___sys_sendmmsg+0x10/0x10
[  302.782727][T14862]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  302.788645][T14862]  ? ksys_write+0x23e/0x2c0
[  302.793165][T14862]  ? __pfx_lock_release+0x10/0x10
[  302.798224][T14862]  ? vfs_write+0x7c4/0xc90
[  302.802665][T14862]  ? __mutex_unlock_slowpath+0x21d/0x750
[  302.808314][T14862]  ? __pfx_vfs_write+0x10/0x10
[  302.813125][T14862]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  302.819126][T14862]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  302.825475][T14862]  ? do_syscall_64+0x100/0x230
[  302.830264][T14862]  __x64_sys_sendmmsg+0xa0/0xb0
[  302.835134][T14862]  do_syscall_64+0xf3/0x230
[  302.839660][T14862]  ? clear_bhb_loop+0x35/0x90
[  302.844363][T14862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.850288][T14862] RIP: 0033:0x7effe2b75bd9
[  302.854707][T14862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.874334][T14862] RSP: 002b:00007effe39ba048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  302.882756][T14862] RAX: ffffffffffffffda RBX: 00007effe2d03f60 RCX: 00007effe2b75bd9
[  302.890717][T14862] RDX: 0000000000000001 RSI: 0000000020000c80 RDI: 0000000000000003
[  302.898676][T14862] RBP: 00007effe39ba0a0 R08: 0000000000000000 R09: 0000000000000000
[  302.906721][T14862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.914692][T14862] R13: 000000000000004d R14: 00007effe2d03f60 R15: 00007ffc5b348388
[  302.922704][T14862]  </TASK>
[  303.107681][T14860] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3344'.
[  304.783463][T14879] netlink: 'syz.0.3350': attribute type 4 has an invalid length.
[  304.811220][T14878] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3350'.
[  305.701581][T14921] netlink: 'syz.0.3365': attribute type 20 has an invalid length.
[  306.136687][T14937] FAULT_INJECTION: forcing a failure.
[  306.136687][T14937] name failslab, interval 1, probability 0, space 0, times 0
[  306.185534][T14937] CPU: 0 PID: 14937 Comm: syz.3.3372 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  306.195741][T14937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  306.205816][T14937] Call Trace:
[  306.209107][T14937]  <TASK>
[  306.212045][T14937]  dump_stack_lvl+0x241/0x360
[  306.216753][T14937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.221974][T14937]  ? __pfx__printk+0x10/0x10
[  306.226594][T14937]  ? __pfx___might_resched+0x10/0x10
[  306.231914][T14937]  should_fail_ex+0x3b0/0x4e0
[  306.236619][T14937]  ? __d_alloc+0x31/0x700
[  306.240965][T14937]  should_failslab+0x9/0x20
[  306.245492][T14937]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[  306.251244][T14937]  __d_alloc+0x31/0x700
[  306.255420][T14937]  d_alloc_parallel+0xdf/0x1600
[  306.260293][T14937]  ? __asan_memset+0x23/0x50
[  306.264904][T14937]  ? __asan_memset+0x23/0x50
[  306.269512][T14937]  ? lockdep_init_map_type+0xa1/0x910
[  306.274908][T14937]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  306.280735][T14937]  ? __pfx_d_alloc_parallel+0x10/0x10
[  306.286228][T14937]  ? __init_waitqueue_head+0xae/0x150
[  306.291625][T14937]  __lookup_slow+0x117/0x3f0
[  306.296235][T14937]  ? __pfx___lookup_slow+0x10/0x10
[  306.301363][T14937]  ? __d_lookup+0x85/0x7e0
[  306.305819][T14937]  lookup_one_len+0x18b/0x2d0
[  306.310515][T14937]  ? __pfx_lookup_one_len+0x10/0x10
[  306.315734][T14937]  ? mntput+0x65/0xc0
[  306.319743][T14937]  start_creating+0x187/0x310
[  306.324447][T14937]  __debugfs_create_file+0x73/0x4b0
[  306.329669][T14937]  ieee80211_debugfs_recreate_netdev+0x275/0x1400
[  306.336112][T14937]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  306.342993][T14937]  ? ieee80211_setup_sdata+0x8e6/0xb70
[  306.348489][T14937]  ieee80211_if_change_type+0x648/0xad0
[  306.354072][T14937]  ieee80211_change_iface+0xd2/0x4f0
[  306.359377][T14937]  ? cfg80211_mlme_purge_registrations+0x1fa/0x230
[  306.365906][T14937]  cfg80211_change_iface+0x782/0xf30
[  306.371226][T14937]  nl80211_set_interface+0x5b5/0x830
[  306.376571][T14937]  ? __pfx_nl80211_set_interface+0x10/0x10
[  306.382393][T14937]  genl_rcv_msg+0xb14/0xec0
[  306.386901][T14937]  ? mark_lock+0x9a/0x350
[  306.391233][T14937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  306.396271][T14937]  ? __pfx_lock_acquire+0x10/0x10
[  306.401289][T14937]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  306.406655][T14937]  ? __pfx_nl80211_set_interface+0x10/0x10
[  306.412451][T14937]  ? __pfx_nl80211_post_doit+0x10/0x10
[  306.417935][T14937]  ? __pfx___might_resched+0x10/0x10
[  306.423235][T14937]  netlink_rcv_skb+0x1e3/0x430
[  306.428000][T14937]  ? __pfx_genl_rcv_msg+0x10/0x10
[  306.433016][T14937]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  306.438306][T14937]  ? __netlink_deliver_tap+0x77e/0x7c0
[  306.443786][T14937]  genl_rcv+0x28/0x40
[  306.447769][T14937]  netlink_unicast+0x7ea/0x980
[  306.452533][T14937]  ? __pfx_netlink_unicast+0x10/0x10
[  306.457810][T14937]  ? __virt_addr_valid+0x183/0x520
[  306.462919][T14937]  ? __check_object_size+0x49c/0x900
[  306.468200][T14937]  ? bpf_lsm_netlink_send+0x9/0x10
[  306.473347][T14937]  netlink_sendmsg+0x8db/0xcb0
[  306.478116][T14937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.483395][T14937]  ? __import_iovec+0x536/0x820
[  306.488237][T14937]  ? aa_sock_msg_perm+0x91/0x160
[  306.493170][T14937]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  306.498444][T14937]  ? security_socket_sendmsg+0x87/0xb0
[  306.503896][T14937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.509175][T14937]  __sock_sendmsg+0x221/0x270
[  306.513857][T14937]  ____sys_sendmsg+0x525/0x7d0
[  306.518622][T14937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  306.523914][T14937]  __sys_sendmsg+0x2b0/0x3a0
[  306.528500][T14937]  ? __pfx___sys_sendmsg+0x10/0x10
[  306.533606][T14937]  ? vfs_write+0x7c4/0xc90
[  306.538065][T14937]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  306.544391][T14937]  ? do_syscall_64+0x100/0x230
[  306.549159][T14937]  ? do_syscall_64+0xb6/0x230
[  306.553833][T14937]  do_syscall_64+0xf3/0x230
[  306.558334][T14937]  ? clear_bhb_loop+0x35/0x90
[  306.563010][T14937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.568901][T14937] RIP: 0033:0x7fb159175bd9
[  306.573335][T14937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.592935][T14937] RSP: 002b:00007fb159f4e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  306.601347][T14937] RAX: ffffffffffffffda RBX: 00007fb159303f60 RCX: 00007fb159175bd9
[  306.610442][T14937] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  306.618422][T14937] RBP: 00007fb159f4e0a0 R08: 0000000000000000 R09: 0000000000000000
[  306.626488][T14937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  306.634482][T14937] R13: 000000000000004d R14: 00007fb159303f60 R15: 00007ffc252fe348
[  306.642464][T14937]  </TASK>
[  306.693107][T14952] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3374'.
[  306.724832][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  306.736375][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  306.759485][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  306.775674][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  306.784463][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  306.799091][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  306.952854][T14965] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3383'.
[  306.982458][T14965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3383'.
[  307.001705][T14951] lo speed is unknown, defaulting to 1000
[  307.386975][ T9857] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.435842][T14974] netlink: 'syz.1.3385': attribute type 3 has an invalid length.
[  307.645558][ T9857] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.785792][T14979] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3387'.
[  307.911504][ T9857] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.077396][ T9857] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode
[  308.118642][ T9857] team0: Port device netdevsim0 removed
[  308.146185][ T9857] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.193400][T14951] chnl_net:caif_netlink_parms(): no params data found
[  308.434260][T15008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3395'.
[  308.472505][T15008] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.480002][T15008] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.615433][T14951] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.630685][T14951] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.645106][T14951] bridge_slave_0: entered allmulticast mode
[  308.666143][T14951] bridge_slave_0: entered promiscuous mode
[  308.684945][ T9857] bridge_slave_1: left allmulticast mode
[  308.704482][ T9857] bridge_slave_1: left promiscuous mode
[  308.710362][ T9857] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.734471][ T9857] bridge_slave_0: left allmulticast mode
[  308.740158][ T9857] bridge_slave_0: left promiscuous mode
[  308.755602][ T9857] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.817324][T15021] syz.2.3401: vmalloc error: size 17179873280, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  308.854674][   T53] Bluetooth: hci5: command tx timeout
[  308.872683][T15021] CPU: 1 PID: 15021 Comm: syz.2.3401 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  308.882880][T15021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  308.893046][T15021] Call Trace:
[  308.896345][T15021]  <TASK>
[  308.899297][T15021]  dump_stack_lvl+0x241/0x360
[  308.904008][T15021]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.909237][T15021]  ? __pfx__printk+0x10/0x10
[  308.913867][T15021]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  308.920387][T15021]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  308.926896][T15021]  warn_alloc+0x278/0x410
[  308.931230][T15021]  ? stack_depot_save_flags+0x29/0x830
[  308.936775][T15021]  ? __vmalloc_node_range_noprof+0x10b/0x1460
[  308.942835][T15021]  ? __pfx_warn_alloc+0x10/0x10
[  308.947682][T15021]  ? kasan_save_track+0x3f/0x80
[  308.952523][T15021]  ? __kasan_kmalloc+0x98/0xb0
[  308.957283][T15021]  ? xsk_setsockopt+0x598/0x950
[  308.962136][T15021]  ? do_sock_setsockopt+0x3af/0x720
[  308.967330][T15021]  ? __sys_setsockopt+0x1ae/0x250
[  308.972344][T15021]  ? __x64_sys_setsockopt+0xb5/0xd0
[  308.977541][T15021]  ? do_syscall_64+0xf3/0x230
[  308.982218][T15021]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.988288][T15021]  __vmalloc_node_range_noprof+0x130/0x1460
[  308.994460][T15021]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  309.000781][T15021]  ? __kasan_kmalloc+0x98/0xb0
[  309.005539][T15021]  ? xskq_create+0x54/0x170
[  309.010040][T15021]  vmalloc_user_noprof+0x74/0x80
[  309.014972][T15021]  ? xskq_create+0xb6/0x170
[  309.019466][T15021]  xskq_create+0xb6/0x170
[  309.023807][T15021]  xsk_init_queue+0xa1/0x100
[  309.028406][T15021]  xsk_setsockopt+0x598/0x950
[  309.033080][T15021]  ? __pfx_xsk_setsockopt+0x10/0x10
[  309.038273][T15021]  ? __pfx_lock_acquire+0x10/0x10
[  309.043284][T15021]  ? aa_sock_opt_perm+0x79/0x120
[  309.048216][T15021]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  309.053753][T15021]  ? security_socket_setsockopt+0x87/0xb0
[  309.059467][T15021]  ? __pfx_xsk_setsockopt+0x10/0x10
[  309.064743][T15021]  do_sock_setsockopt+0x3af/0x720
[  309.069765][T15021]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  309.075303][T15021]  ? __fget_files+0x29/0x470
[  309.079888][T15021]  ? __fget_files+0x3f6/0x470
[  309.084596][T15021]  __sys_setsockopt+0x1ae/0x250
[  309.089442][T15021]  __x64_sys_setsockopt+0xb5/0xd0
[  309.094461][T15021]  do_syscall_64+0xf3/0x230
[  309.098964][T15021]  ? clear_bhb_loop+0x35/0x90
[  309.103639][T15021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.109525][T15021] RIP: 0033:0x7fdbec775bd9
[  309.113931][T15021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.133542][T15021] RSP: 002b:00007fdbed553048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  309.141963][T15021] RAX: ffffffffffffffda RBX: 00007fdbec903f60 RCX: 00007fdbec775bd9
[  309.149929][T15021] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[  309.157893][T15021] RBP: 00007fdbec7e4e60 R08: 0000000000000004 R09: 0000000000000000
[  309.165855][T15021] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  309.173821][T15021] R13: 000000000000004d R14: 00007fdbec903f60 R15: 00007ffee74490a8
[  309.181807][T15021]  </TASK>
[  309.301975][T15021] Mem-Info:
[  309.324728][T15021] active_anon:6415 inactive_anon:0 isolated_anon:0
[  309.324728][T15021]  active_file:1586 inactive_file:38242 isolated_file:0
[  309.324728][T15021]  unevictable:768 dirty:160 writeback:0
[  309.324728][T15021]  slab_reclaimable:10094 slab_unreclaimable:119384
[  309.324728][T15021]  mapped:13734 shmem:4480 pagetables:621
[  309.324728][T15021]  sec_pagetables:0 bounce:0
[  309.324728][T15021]  kernel_misc_reclaimable:0
[  309.324728][T15021]  free:1371388 free_pcp:498 free_cma:0
[  309.420549][T15021] Node 0 active_anon:22060kB inactive_anon:0kB active_file:6344kB inactive_file:152884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:54936kB dirty:636kB writeback:0kB shmem:12984kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11028kB pagetables:2384kB sec_pagetables:0kB all_unreclaimable? no
[  309.484316][T15021] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  309.554091][T15021] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  309.613559][T15021] lowmem_reserve[]: 0 2571 2571 0 0
[  309.629346][T15021] Node 0 DMA32 free:1517972kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:12720kB inactive_anon:0kB active_file:6344kB inactive_file:152564kB unevictable:1536kB writepending:636kB present:3129332kB managed:2659880kB mlocked:0kB bounce:0kB free_pcp:15928kB local_pcp:1740kB free_cma:0kB
[  309.662419][T15021] lowmem_reserve[]: 0 0 0 0 0
[  309.667668][T15021] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  309.697490][T15021] lowmem_reserve[]: 0 0 0 0 0
[  309.698077][ T9857] bridge0 (unregistering): left allmulticast mode
[  309.702239][T15021] Node 1 Normal free:3951560kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  309.740192][T15021] lowmem_reserve[]: 0 0 0 0 0
[  309.746029][T15021] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  309.759343][T15021] Node 0 DMA32: 408*4kB (UM) 170*8kB (UME) 54*16kB (UME) 81*32kB (UME) 134*64kB (UME) 93*128kB (UME) 52*256kB (UME) 22*512kB (UME) 20*1024kB (UME) 14*2048kB (UME) 346*4096kB (UM) = 1517872kB
[  309.781075][T15021] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  309.793202][T15021] Node 1 Normal: 2*4kB (U) 8*8kB (UM) 8*16kB (UM) 6*32kB (UM) 9*64kB (U) 2*128kB (U) 5*256kB (UM) 3*512kB (UM) 1*1024kB (U) 1*2048kB (U) 963*4096kB (M) = 3951560kB
[  309.810645][T15021] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  309.823726][T15021] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  309.837889][T15021] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  309.847957][T15021] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  309.857501][T15021] 41108 total pagecache pages
[  309.862551][T15021] 0 pages in swap cache
[  309.866892][T15021] Free swap  = 124996kB
[  309.871258][T15021] Total swap = 124996kB
[  309.875765][T15021] 2097051 pages RAM
[  309.879566][T15021] 0 pages HighMem/MovableOnly
[  309.885917][T15021] 400871 pages reserved
[  309.893131][T15021] 0 pages cma reserved
[  310.058154][ T9857] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  310.070074][ T9857] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  310.083343][ T9857] bond0 (unregistering): Released all slaves
[  310.184807][ T9857] bond1 (unregistering): Released all slaves
[  310.198742][ T9857] bond2 (unregistering): Released all slaves
[  310.300638][ T9857] bond3 (unregistering): Released all slaves
[  310.311919][T14951] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.319346][T14951] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.327617][T14951] bridge_slave_1: entered allmulticast mode
[  310.335166][T14951] bridge_slave_1: entered promiscuous mode
[  310.363657][T15034] bond_slave_0: entered promiscuous mode
[  310.369767][T15034] bond_slave_1: entered promiscuous mode
[  310.501421][ T9857] tipc: Disabling bearer <udp:s>
[  310.523881][ T9857] tipc: Left network mode
[  310.532411][T14951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.583132][T14951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.650136][ T9857] IPVS: stopping master sync thread 9049 ...
[  310.680542][T14951] team0: Port device team_slave_0 added
[  310.729172][T14951] team0: Port device team_slave_1 added
[  310.801679][T15032] bond_slave_0: left promiscuous mode
[  310.807624][T15032] bond_slave_1: left promiscuous mode
[  310.832630][T14951] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.850959][T14951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.908811][T14951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.940292][   T53] Bluetooth: hci5: command tx timeout
[  310.984533][T14951] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.991514][T14951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.073394][T14951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.108574][T15065] netlink: 188 bytes leftover after parsing attributes in process `syz.2.3414'.
[  311.305908][T14951] hsr_slave_0: entered promiscuous mode
[  311.325955][T14951] hsr_slave_1: entered promiscuous mode
[  311.342388][T14951] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  311.364894][T14951] Cannot create hsr debugfs directory
[  311.635620][ T9857] hsr_slave_0: left promiscuous mode
[  311.644815][ T9857] hsr_slave_1: left promiscuous mode
[  311.705476][ T9857] team0: left promiscuous mode
[  311.710296][ T9857] team_slave_0: left promiscuous mode
[  311.728566][ T9857] team_slave_1: left promiscuous mode
[  311.742202][ T9857] veth1_macvtap: left promiscuous mode
[  311.756824][ T9857] veth1_vlan: left allmulticast mode
[  311.773167][ T9857] veth1_vlan: left promiscuous mode
[  311.782938][ T9857] veth0_vlan: left promiscuous mode
[  311.840787][T15084] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3423'.
[  312.118394][ T9857] pim6reg (unregistering): left allmulticast mode
[  312.638068][ T9857] team0 (unregistering): Port device team_slave_1 removed
[  312.680351][ T9857] team0 (unregistering): Port device team_slave_0 removed
[  312.954475][T15084] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3423'.
[  313.015033][   T53] Bluetooth: hci5: command tx timeout
[  313.257325][T15109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3428'.
[  313.281119][T15109] netlink: 'syz.1.3428': attribute type 18 has an invalid length.
[  313.336264][T15109] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  313.345829][T15109] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  313.355161][T15109] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  313.364425][T15109] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  313.374447][T15109] vxlan0: entered promiscuous mode
[  313.704650][ T9857] IPVS: stop unused estimator thread 0...
[  313.948765][T14951] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  313.985593][T14951] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  314.018968][T14951] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  314.068658][T14951] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  314.342409][T15164] netlink: 'syz.2.3447': attribute type 7 has an invalid length.
[  314.363756][T15164] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3447'.
[  314.382153][T14951] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.444579][T14951] 8021q: adding VLAN 0 to HW filter on device team0
[  314.491427][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.498631][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.531414][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.538604][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.686079][T14951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  314.812573][T15189] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3454'.
[  314.918599][T15195] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3457'.
[  314.954896][T15189] netlink: 'syz.3.3454': attribute type 1 has an invalid length.
[  314.962665][T15189] netlink: 9328 bytes leftover after parsing attributes in process `syz.3.3454'.
[  314.996001][T15189] netlink: 'syz.3.3454': attribute type 2 has an invalid length.
[  315.019182][T15189] netlink: 'syz.3.3454': attribute type 1 has an invalid length.
[  315.085633][T14951] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.094518][   T53] Bluetooth: hci5: command tx timeout
[  315.224301][T15210] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.3462'.
[  315.236550][T15210] openvswitch: netlink: IP tunnel dst address not specified
[  315.411058][T15225] x_tables: duplicate underflow at hook 2
[  315.686484][T14951] veth0_vlan: entered promiscuous mode
[  315.720062][T14951] veth1_vlan: entered promiscuous mode
[  315.794716][T14951] veth0_macvtap: entered promiscuous mode
[  315.817068][T14951] veth1_macvtap: entered promiscuous mode
[  315.876648][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.907858][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.928715][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.952898][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.973313][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.013784][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.038310][T14951] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.059209][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.083661][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.096571][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.117195][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.138111][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.155858][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.168723][T14951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.190319][T14951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.215161][T14951] batman_adv: batadv0: Interface activated: batadv_slave_1
[  316.245536][T15255] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3479'.
[  316.325468][T14951] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.353196][T14951] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.366123][T14951] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.376514][T14951] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.739881][ T2452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.764502][ T2452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.798818][T15277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3486'.
[  316.860879][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.888966][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.981684][T15292] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3490'.
[  317.139222][T15302] netlink: 830 bytes leftover after parsing attributes in process `syz.0.3493'.
[  317.417222][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[  317.585390][T15333] netlink: 'syz.2.3504': attribute type 10 has an invalid length.
[  317.680949][T15339] netlink: 'syz.3.3505': attribute type 3 has an invalid length.
[  317.689385][T15339] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3505'.
[  317.849039][T15345] x_tables: duplicate underflow at hook 2
[  317.870866][T15345] netlink: 'syz.4.3508': attribute type 9 has an invalid length.
[  317.894369][T15345] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.3508'.
[  318.003259][T15352] FAULT_INJECTION: forcing a failure.
[  318.003259][T15352] name failslab, interval 1, probability 0, space 0, times 0
[  318.044535][T15352] CPU: 1 PID: 15352 Comm: syz.0.3511 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  318.054742][T15352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  318.064815][T15352] Call Trace:
[  318.068108][T15352]  <TASK>
[  318.071051][T15352]  dump_stack_lvl+0x241/0x360
[  318.075762][T15352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.080985][T15352]  ? __pfx__printk+0x10/0x10
[  318.085601][T15352]  ? __pfx___might_resched+0x10/0x10
[  318.090910][T15352]  ? __kasan_kmalloc+0x98/0xb0
[  318.095688][T15352]  ? __genradix_ptr_alloc+0x196/0x460
[  318.101085][T15352]  should_fail_ex+0x3b0/0x4e0
[  318.105790][T15352]  ? sctp_auth_asoc_copy_shkeys+0x13b/0x580
[  318.111709][T15352]  should_failslab+0x9/0x20
[  318.116240][T15352]  kmalloc_trace_noprof+0x6c/0x2c0
[  318.121381][T15352]  sctp_auth_asoc_copy_shkeys+0x13b/0x580
[  318.127137][T15352]  sctp_association_new+0x15aa/0x23f0
[  318.132546][T15352]  sctp_connect_new_asoc+0x2d8/0x6c0
[  318.137857][T15352]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  318.143691][T15352]  ? sctp_sendmsg+0xbb9/0x3520
[  318.148473][T15352]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  318.154038][T15352]  ? security_sctp_bind_connect+0x90/0xb0
[  318.159777][T15352]  sctp_sendmsg+0x219a/0x3520
[  318.164464][T15352]  ? __pfx_sctp_sendmsg+0x10/0x10
[  318.169481][T15352]  ? __pfx_aa_sk_perm+0x10/0x10
[  318.174333][T15352]  ? inet_sendmsg+0x330/0x390
[  318.179005][T15352]  __sock_sendmsg+0x1a6/0x270
[  318.183807][T15352]  __sys_sendto+0x3a4/0x4f0
[  318.188326][T15352]  ? __pfx___sys_sendto+0x10/0x10
[  318.193361][T15352]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  318.199334][T15352]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  318.205667][T15352]  __x64_sys_sendto+0xde/0x100
[  318.210956][T15352]  do_syscall_64+0xf3/0x230
[  318.215465][T15352]  ? clear_bhb_loop+0x35/0x90
[  318.220163][T15352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.226051][T15352] RIP: 0033:0x7f8deb575bd9
[  318.230456][T15352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.250049][T15352] RSP: 002b:00007f8dec3e8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  318.258458][T15352] RAX: ffffffffffffffda RBX: 00007f8deb703f60 RCX: 00007f8deb575bd9
[  318.266420][T15352] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000003
[  318.274379][T15352] RBP: 00007f8dec3e80a0 R08: 000000002005ffe4 R09: 000000000000001c
[  318.282337][T15352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.290295][T15352] R13: 000000000000004d R14: 00007f8deb703f60 R15: 00007ffcc48eecf8
[  318.298270][T15352]  </TASK>
[  318.408361][T15361] delete_channel: no stack
[  318.500864][T15369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3514'.
[  318.770055][T15382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  319.020873][T15400] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3527'.
[  319.047766][T15400] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3527'.
[  319.096992][T15403] team0: Device vlan2 is already an upper device of the team interface
[  319.288495][T15412] netlink: 'syz.1.3530': attribute type 6 has an invalid length.
[  319.421894][T15421] netlink: 'syz.1.3536': attribute type 8 has an invalid length.
[  319.528399][T15425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3532'.
[  319.592058][T15434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  319.624406][T15434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  319.633366][T15430] can: request_module (can-proto-0) failed.
[  319.785897][T15446] netlink: 'syz.1.3544': attribute type 13 has an invalid length.
[  319.978049][T15458] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  320.021202][T15462] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  320.120500][T15464] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  320.242458][T15473] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  320.556073][T15490] sch_tbf: burst 0 is lower than device team0 mtu (1514) !
[  320.907550][T15508] netlink: 'syz.1.3566': attribute type 40 has an invalid length.
[  321.451292][T15543] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  321.572854][T15551] netlink: 'syz.0.3580': attribute type 2 has an invalid length.
[  321.822619][T15562] netlink: 'syz.4.3584': attribute type 9 has an invalid length.
[  321.994384][T15582] netlink: 'syz.0.3588': attribute type 1 has an invalid length.
[  322.028530][T15582] __nla_validate_parse: 8 callbacks suppressed
[  322.028548][T15582] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3588'.
[  322.119781][T15590] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.3588'.
[  322.143166][T15592] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3592'.
[  322.597079][T15617] vlan2: entered allmulticast mode
[  322.602340][T15617] mac80211_hwsim hwsim32 wlan1: entered allmulticast mode
[  322.628409][T15617] mac80211_hwsim hwsim32 wlan1: left allmulticast mode
[  322.701059][T15623] netlink: 'syz.0.3605': attribute type 21 has an invalid length.
[  322.843220][T15629] netlink: 'syz.1.3608': attribute type 10 has an invalid length.
[  322.865497][T15629] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3608'.
[  322.886609][T15635] IPv6: NLM_F_REPLACE set, but no existing node found!
[  322.901302][T15629] netlink: 'syz.1.3608': attribute type 10 has an invalid length.
[  323.232986][T15664] netlink: 292 bytes leftover after parsing attributes in process `syz.3.3619'.
[  323.380388][T15669] can: request_module (can-proto-0) failed.
[  323.459040][T15669] geneve3: entered promiscuous mode
[  323.471383][T15669] geneve3: entered allmulticast mode
[  323.671920][T15690] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3628'.
[  323.698986][T15690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3628'.
[  323.716388][T15690] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3628'.
[  323.725669][T15690] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3628'.
[  324.054568][T15712] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3638'.
[  324.280760][T15719] vlan2: entered allmulticast mode
[  324.814779][T15747] ipip0: entered promiscuous mode
[  324.855027][T15751] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  324.862278][T15751] IPv6: NLM_F_CREATE should be set when creating new route
[  325.617282][T15794] validate_nla: 8 callbacks suppressed
[  325.617303][T15794] netlink: 'syz.1.3662': attribute type 43 has an invalid length.
[  326.411940][T15822] lo speed is unknown, defaulting to 1000
[  326.475091][T15830] netlink: 'syz.4.3678': attribute type 13 has an invalid length.
[  326.493087][T15835] netlink: 'syz.3.3676': attribute type 3 has an invalid length.
[  326.803211][T15844] xt_ipvs: protocol family 7 not supported
[  326.810324][T15849] netlink: 'syz.3.3682': attribute type 2 has an invalid length.
[  326.976579][T15858] lo speed is unknown, defaulting to 1000
[  327.127181][T15865] netlink: 'syz.3.3688': attribute type 8 has an invalid length.
[  327.185579][T15854] __nla_validate_parse: 15 callbacks suppressed
[  327.185599][T15854] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3685'.
[  327.264699][T15868] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3689'.
[  327.293427][T15868] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3689'.
[  327.652548][T15892] netlink: 'syz.0.3698': attribute type 2 has an invalid length.
[  327.717751][T15892] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3698'.
[  328.468878][T15953] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3717'.
[  328.663228][T15966] xt_CT: You must specify a L4 protocol and not use inversions on it
[  328.821406][T15977] FAULT_INJECTION: forcing a failure.
[  328.821406][T15977] name failslab, interval 1, probability 0, space 0, times 0
[  328.834117][T15977] CPU: 0 PID: 15977 Comm: syz.1.3726 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  328.844286][T15977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  328.854350][T15977] Call Trace:
[  328.857625][T15977]  <TASK>
[  328.860549][T15977]  dump_stack_lvl+0x241/0x360
[  328.865248][T15977]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.870449][T15977]  ? __pfx__printk+0x10/0x10
[  328.875045][T15977]  should_fail_ex+0x3b0/0x4e0
[  328.879723][T15977]  ? skb_clone+0x20c/0x390
[  328.884151][T15977]  should_failslab+0x9/0x20
[  328.888665][T15977]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  328.894049][T15977]  skb_clone+0x20c/0x390
[  328.898291][T15977]  ? dev_queue_xmit_nit+0x220/0xc10
[  328.903491][T15977]  dev_queue_xmit_nit+0x419/0xc10
[  328.908517][T15977]  ? dev_queue_xmit_nit+0x2b/0xc10
[  328.913639][T15977]  ? validate_xmit_skb+0xa04/0x1120
[  328.918849][T15977]  dev_hard_start_xmit+0x15f/0x7e0
[  328.923964][T15977]  ? __pfx_validate_xmit_skb+0x10/0x10
[  328.929425][T15977]  __dev_queue_xmit+0x1b0e/0x3d30
[  328.934479][T15977]  ? __dev_queue_xmit+0x2d2/0x3d30
[  328.939611][T15977]  ? __pfx___dev_queue_xmit+0x10/0x10
[  328.944988][T15977]  ? __copy_skb_header+0x437/0x5b0
[  328.950114][T15977]  ? __asan_memcpy+0x40/0x70
[  328.954702][T15977]  ? __copy_skb_header+0x437/0x5b0
[  328.959814][T15977]  ? __skb_clone+0x454/0x6c0
[  328.964409][T15977]  ? skb_clone+0x240/0x390
[  328.968823][T15977]  __netlink_deliver_tap+0x54d/0x7c0
[  328.974131][T15977]  ? netlink_deliver_tap+0x2e/0x1b0
[  328.979335][T15977]  netlink_deliver_tap+0x19d/0x1b0
[  328.984442][T15977]  netlink_unicast+0x7b8/0x980
[  328.989207][T15977]  ? __pfx_netlink_unicast+0x10/0x10
[  328.994481][T15977]  ? __virt_addr_valid+0x183/0x520
[  328.999589][T15977]  ? __check_object_size+0x49c/0x900
[  329.004868][T15977]  ? bpf_lsm_netlink_send+0x9/0x10
[  329.009976][T15977]  netlink_sendmsg+0x8db/0xcb0
[  329.014747][T15977]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.020024][T15977]  ? __import_iovec+0x536/0x820
[  329.024862][T15977]  ? aa_sock_msg_perm+0x91/0x160
[  329.029793][T15977]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  329.035069][T15977]  ? security_socket_sendmsg+0x87/0xb0
[  329.040522][T15977]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.045795][T15977]  __sock_sendmsg+0x221/0x270
[  329.050473][T15977]  ____sys_sendmsg+0x525/0x7d0
[  329.055235][T15977]  ? __pfx_____sys_sendmsg+0x10/0x10
[  329.060521][T15977]  __sys_sendmsg+0x2b0/0x3a0
[  329.065102][T15977]  ? __pfx___sys_sendmsg+0x10/0x10
[  329.070203][T15977]  ? vfs_write+0x7c4/0xc90
[  329.074644][T15977]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  329.080960][T15977]  ? do_syscall_64+0x100/0x230
[  329.085718][T15977]  ? do_syscall_64+0xb6/0x230
[  329.090386][T15977]  do_syscall_64+0xf3/0x230
[  329.094885][T15977]  ? clear_bhb_loop+0x35/0x90
[  329.099556][T15977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.105438][T15977] RIP: 0033:0x7effe2b75bd9
[  329.109842][T15977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.129438][T15977] RSP: 002b:00007effe39ba048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  329.137840][T15977] RAX: ffffffffffffffda RBX: 00007effe2d03f60 RCX: 00007effe2b75bd9
[  329.145800][T15977] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  329.153765][T15977] RBP: 00007effe39ba0a0 R08: 0000000000000000 R09: 0000000000000000
[  329.161732][T15977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.169693][T15977] R13: 000000000000004d R14: 00007effe2d03f60 R15: 00007ffc5b348388
[  329.177671][T15977]  </TASK>
[  329.218592][T15972] netlink: 164688 bytes leftover after parsing attributes in process `syz.0.3724'.
[  329.235333][T15972] netlink: zone id is out of range
[  329.240556][T15972] netlink: zone id is out of range
[  329.259584][T15972] netlink: zone id is out of range
[  329.272474][T15972] netlink: zone id is out of range
[  329.279526][T15972] netlink: zone id is out of range
[  329.291292][T15972] netlink: zone id is out of range
[  329.298198][T15972] netlink: zone id is out of range
[  329.322505][T15972] netlink: zone id is out of range
[  329.336394][T15972] netlink: zone id is out of range
[  329.351836][T15972] netlink: zone id is out of range
[  329.406686][T15984] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3728'.
[  329.655343][T15998] netlink: 'syz.1.3735': attribute type 10 has an invalid length.
[  330.064256][T16024] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  330.124426][T16030] netlink: 'syz.1.3746': attribute type 29 has an invalid length.
[  330.152163][T16030] netlink: 'syz.1.3746': attribute type 29 has an invalid length.
[  330.162463][T16030] netlink: 'syz.1.3746': attribute type 29 has an invalid length.
[  330.318813][T16035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3747'.
[  330.591975][T16053] IPv6: NLM_F_REPLACE set, but no existing node found!
[  330.866852][T16069] batadv0: entered promiscuous mode
[  330.902353][T16069] 8021q: adding VLAN 0 to HW filter on device batadv0
[  331.024400][T16081] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3761'.
[  331.234710][T16095] FAULT_INJECTION: forcing a failure.
[  331.234710][T16095] name failslab, interval 1, probability 0, space 0, times 0
[  331.251010][T16095] CPU: 1 PID: 16095 Comm: syz.4.3769 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  331.261205][T16095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  331.271280][T16095] Call Trace:
[  331.274579][T16095]  <TASK>
[  331.277526][T16095]  dump_stack_lvl+0x241/0x360
[  331.282235][T16095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.287459][T16095]  ? __pfx__printk+0x10/0x10
[  331.292082][T16095]  should_fail_ex+0x3b0/0x4e0
[  331.296781][T16095]  ? __alloc_skb+0x1c3/0x440
[  331.301390][T16095]  should_failslab+0x9/0x20
[  331.305911][T16095]  kmem_cache_alloc_node_noprof+0x71/0x320
[  331.311747][T16095]  __alloc_skb+0x1c3/0x440
[  331.316186][T16095]  ? __pfx___alloc_skb+0x10/0x10
[  331.321140][T16095]  ? netlink_getsockbyfilp+0xd0/0x190
[  331.326526][T16095]  ? netlink_alloc_large_skb+0xb2/0x100
[  331.332095][T16095]  netlink_sendmsg+0x631/0xcb0
[  331.336894][T16095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.342198][T16095]  ? __import_iovec+0x536/0x820
[  331.347061][T16095]  ? aa_sock_msg_perm+0x91/0x160
[  331.352019][T16095]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  331.357319][T16095]  ? security_socket_sendmsg+0x87/0xb0
[  331.362790][T16095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.368090][T16095]  __sock_sendmsg+0x221/0x270
[  331.372794][T16095]  ____sys_sendmsg+0x525/0x7d0
[  331.377586][T16095]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.382903][T16095]  __sys_sendmsg+0x2b0/0x3a0
[  331.387511][T16095]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.392636][T16095]  ? vfs_write+0x7c4/0xc90
[  331.397109][T16095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.403453][T16095]  ? do_syscall_64+0x100/0x230
[  331.408239][T16095]  ? do_syscall_64+0xb6/0x230
[  331.412938][T16095]  do_syscall_64+0xf3/0x230
[  331.417459][T16095]  ? clear_bhb_loop+0x35/0x90
[  331.422162][T16095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.428072][T16095] RIP: 0033:0x7fdba4d75bd9
[  331.432503][T16095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.452118][T16095] RSP: 002b:00007fdba5acc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.460526][T16095] RAX: ffffffffffffffda RBX: 00007fdba4f03f60 RCX: 00007fdba4d75bd9
[  331.468488][T16095] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003
[  331.476443][T16095] RBP: 00007fdba5acc0a0 R08: 0000000000000000 R09: 0000000000000000
[  331.484396][T16095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.492353][T16095] R13: 000000000000000b R14: 00007fdba4f03f60 R15: 00007ffc7a0d7878
[  331.500320][T16095]  </TASK>
[  331.621591][T16104] No such timeout policy "syz0"
[  331.739499][T16110] lo speed is unknown, defaulting to 1000
[  331.954719][T16121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3780'.
[  332.079279][T16134] netlink: 'syz.2.3782': attribute type 2 has an invalid length.
[  332.092077][T16132] netlink: 'syz.0.3783': attribute type 10 has an invalid length.
[  332.607266][T16170] netlink: 'syz.2.3796': attribute type 1 has an invalid length.
[  332.621961][T16170] NCSI netlink: No device for ifindex 0
[  332.938541][T16195] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3805'.
[  332.947227][T16198] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3805'.
[  332.973831][T16199] netlink: 176 bytes leftover after parsing attributes in process `syz.3.3806'.
[  332.989523][T16198] netlink: 268 bytes leftover after parsing attributes in process `syz.4.3805'.
[  333.138749][T16211] netlink: 'syz.0.3810': attribute type 2 has an invalid length.
[  333.269378][T16220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3813'.
[  333.631442][T16239] syzkaller1: entered promiscuous mode
[  333.648982][T16239] syzkaller1: entered allmulticast mode
[  333.732518][T16247] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3821'.
[  334.120521][T16275] netlink: 'syz.0.3831': attribute type 27 has an invalid length.
[  334.265170][T16285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3836'.
[  334.424181][T16275] bridge0: port 4(team0) entered disabled state
[  334.431323][T16275] bridge0: port 3(dummy0) entered disabled state
[  334.438048][T16275] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.445574][T16275] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.310447][T16275] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  335.324267][T16275] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  335.332862][T16275] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  335.344631][T16275] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  335.396831][T16275] gretap1: left promiscuous mode
[  335.401784][T16275] gretap1: left allmulticast mode
[  335.419511][T16275] ipip0: left promiscuous mode
[  335.424455][T16275] ipip0: left allmulticast mode
[  335.433061][T16275] bridge1: left promiscuous mode
[  335.444700][T16275] bond2: left promiscuous mode
[  335.453583][T16275] bond2: left allmulticast mode
[  335.634196][ T5136] lo speed is unknown, defaulting to 1000
[  335.777060][T16304] netlink: 'syz.1.3839': attribute type 1 has an invalid length.
[  335.794846][T16306] netlink: 'syz.0.3838': attribute type 21 has an invalid length.
[  335.802782][T16306] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3838'.
[  335.819173][T16306] netlink: 'syz.0.3838': attribute type 5 has an invalid length.
[  335.831571][T16306] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3838'.
[  335.989425][T16317] netlink: 'syz.2.3844': attribute type 30 has an invalid length.
[  336.174816][T16324] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3846'.
[  336.247266][T16332] netlink: 'syz.2.3850': attribute type 10 has an invalid length.
[  337.172896][T16393] batadv1: entered allmulticast mode
[  337.299935][T16400] validate_nla: 4 callbacks suppressed
[  337.299951][T16400] netlink: 'syz.3.3876': attribute type 2 has an invalid length.
[  337.499551][T16410] netlink: 'syz.0.3882': attribute type 13 has an invalid length.
[  337.569885][T16412] netlink: 'syz.0.3883': attribute type 11 has an invalid length.
[  337.766685][T16423] x_tables: duplicate underflow at hook 1
[  338.027302][T16435] net_ratelimit: 269 callbacks suppressed
[  338.027321][T16435] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  338.075195][T16431] dummy0: entered promiscuous mode
[  338.096955][T16437] __nla_validate_parse: 10 callbacks suppressed
[  338.096973][T16437] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3894'.
[  338.121265][T16431] dummy0: left promiscuous mode
[  338.178129][T16442] bond0: entered promiscuous mode
[  338.188672][T16442] bond_slave_0: entered promiscuous mode
[  338.195004][T16442] bond_slave_1: entered promiscuous mode
[  338.201838][T16442] bond0: left promiscuous mode
[  338.212764][T16442] bond_slave_0: left promiscuous mode
[  338.218773][T16442] bond_slave_1: left promiscuous mode
[  338.345726][T16448] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  338.699030][T16473] netlink: 'syz.0.3908': attribute type 8 has an invalid length.
[  338.889599][T16487] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3912'.
[  338.919857][T16485] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3911'.
[  338.967211][T16489] batman_adv: batadv0: Adding interface: netdevsim0
[  338.974839][T16489] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.005598][T16489] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  339.152636][T16498] netlink: 'syz.1.3916': attribute type 3 has an invalid length.
[  339.174825][T16498] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3916'.
[  339.205163][T16502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3918'.
[  339.379208][T16513] netlink: 'syz.3.3923': attribute type 11 has an invalid length.
[  339.404458][T16514] netlink: 'syz.3.3923': attribute type 11 has an invalid length.
[  339.546737][T16524] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3926'.
[  339.585126][T16527] netlink: 'syz.0.3924': attribute type 3 has an invalid length.
[  339.691092][T16531] netlink: 'syz.1.3929': attribute type 21 has an invalid length.
[  339.706094][T16522] delete_channel: no stack
[  339.947068][T16543] netlink: 'syz.2.3932': attribute type 29 has an invalid length.
[  339.965147][T16541] FAULT_INJECTION: forcing a failure.
[  339.965147][T16541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.979714][T16543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3932'.
[  339.991273][T16543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3932'.
[  340.003317][T16541] CPU: 0 PID: 16541 Comm: syz.1.3931 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  340.013493][T16541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  340.023559][T16541] Call Trace:
[  340.026845][T16541]  <TASK>
[  340.029781][T16541]  dump_stack_lvl+0x241/0x360
[  340.034481][T16541]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.039697][T16541]  ? __pfx__printk+0x10/0x10
[  340.044313][T16541]  ? __pfx_lock_release+0x10/0x10
[  340.049364][T16541]  should_fail_ex+0x3b0/0x4e0
[  340.054072][T16541]  _copy_from_user+0x2f/0xe0
[  340.058677][T16541]  sctp_getsockopt_connectx3+0x2c9/0x730
[  340.064335][T16541]  ? __local_bh_enable_ip+0x168/0x200
[  340.069714][T16541]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  340.075868][T16541]  ? __local_bh_enable_ip+0x168/0x200
[  340.081228][T16541]  ? sctp_getsockopt+0x13a/0xbb0
[  340.086155][T16541]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  340.091869][T16541]  sctp_getsockopt+0x8de/0xbb0
[  340.096621][T16541]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  340.102509][T16541]  do_sock_getsockopt+0x373/0x850
[  340.107528][T16541]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  340.113063][T16541]  ? __fget_files+0x3f6/0x470
[  340.117742][T16541]  __sys_getsockopt+0x271/0x330
[  340.122585][T16541]  ? __pfx___sys_getsockopt+0x10/0x10
[  340.127947][T16541]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.134270][T16541]  ? do_syscall_64+0x100/0x230
[  340.139030][T16541]  __x64_sys_getsockopt+0xb5/0xd0
[  340.144046][T16541]  do_syscall_64+0xf3/0x230
[  340.148540][T16541]  ? clear_bhb_loop+0x35/0x90
[  340.153213][T16541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.159099][T16541] RIP: 0033:0x7effe2b75bd9
[  340.163511][T16541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.183114][T16541] RSP: 002b:00007effe3999048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  340.191517][T16541] RAX: ffffffffffffffda RBX: 00007effe2d04038 RCX: 00007effe2b75bd9
[  340.199477][T16541] RDX: 000000000000006f RSI: 0000000000000084 RDI: 000000000000000f
[  340.207434][T16541] RBP: 00007effe39990a0 R08: 0000000020002100 R09: 0000000000000000
[  340.215392][T16541] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  340.223349][T16541] R13: 000000000000006e R14: 00007effe2d04038 R15: 00007ffc5b348388
[  340.231322][T16541]  </TASK>
[  340.238320][T16544] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3932'.
[  340.592915][T16564] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3939'.
[  340.645051][T16561] veth0_to_hsr: entered promiscuous mode
[  340.687378][T16558] veth0_to_hsr: left promiscuous mode
[  341.012816][T16576] lo speed is unknown, defaulting to 1000
[  341.489179][T16599] bridge0: port 2(bridge_slave_1) entered listening state
[  342.377184][T16653] FAULT_INJECTION: forcing a failure.
[  342.377184][T16653] name failslab, interval 1, probability 0, space 0, times 0
[  342.412553][T16653] CPU: 1 PID: 16653 Comm: syz.1.3972 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  342.422747][T16653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  342.432822][T16653] Call Trace:
[  342.436112][T16653]  <TASK>
[  342.439054][T16653]  dump_stack_lvl+0x241/0x360
[  342.443751][T16653]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.448976][T16653]  ? __pfx__printk+0x10/0x10
[  342.453608][T16653]  ? ref_tracker_alloc+0x332/0x490
[  342.458760][T16653]  should_fail_ex+0x3b0/0x4e0
[  342.463468][T16653]  ? skb_clone+0x20c/0x390
[  342.467900][T16653]  should_failslab+0x9/0x20
[  342.472398][T16653]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  342.477770][T16653]  skb_clone+0x20c/0x390
[  342.482011][T16653]  __netlink_deliver_tap+0x3cc/0x7c0
[  342.487305][T16653]  ? netlink_deliver_tap+0x2e/0x1b0
[  342.492505][T16653]  netlink_deliver_tap+0x19d/0x1b0
[  342.497622][T16653]  netlink_broadcast_filtered+0xe5b/0x1290
[  342.503439][T16653]  genlmsg_multicast_netns+0x93/0xd0
[  342.508732][T16653]  nl80211_send_ap_started+0x4de/0x670
[  342.514206][T16653]  ? __pfx_nl80211_send_ap_started+0x10/0x10
[  342.520191][T16653]  ? trace_rdev_return_int+0x52/0x220
[  342.525560][T16653]  ? rcu_is_watching+0x7e/0xb0
[  342.530313][T16653]  ? trace_rdev_return_int+0x8b/0x220
[  342.535674][T16653]  ? nl80211_start_ap+0x1df9/0x22e0
[  342.540869][T16653]  nl80211_start_ap+0x1eb3/0x22e0
[  342.545897][T16653]  genl_rcv_msg+0xb14/0xec0
[  342.550387][T16653]  ? mark_lock+0x9a/0x350
[  342.554714][T16653]  ? __pfx_genl_rcv_msg+0x10/0x10
[  342.559748][T16653]  ? __pfx_lock_acquire+0x10/0x10
[  342.564763][T16653]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  342.570128][T16653]  ? __pfx_nl80211_start_ap+0x10/0x10
[  342.575492][T16653]  ? __pfx_nl80211_post_doit+0x10/0x10
[  342.580944][T16653]  ? __pfx___might_resched+0x10/0x10
[  342.586232][T16653]  netlink_rcv_skb+0x1e3/0x430
[  342.590992][T16653]  ? __pfx_genl_rcv_msg+0x10/0x10
[  342.596004][T16653]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  342.601288][T16653]  ? __netlink_deliver_tap+0x77e/0x7c0
[  342.606751][T16653]  genl_rcv+0x28/0x40
[  342.610718][T16653]  netlink_unicast+0x7ea/0x980
[  342.615487][T16653]  ? __pfx_netlink_unicast+0x10/0x10
[  342.620762][T16653]  ? __virt_addr_valid+0x183/0x520
[  342.625869][T16653]  ? __check_object_size+0x49c/0x900
[  342.631145][T16653]  ? bpf_lsm_netlink_send+0x9/0x10
[  342.636249][T16653]  netlink_sendmsg+0x8db/0xcb0
[  342.641015][T16653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.646308][T16653]  ? __import_iovec+0x536/0x820
[  342.651155][T16653]  ? aa_sock_msg_perm+0x91/0x160
[  342.656109][T16653]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  342.661393][T16653]  ? security_socket_sendmsg+0x87/0xb0
[  342.666852][T16653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.672132][T16653]  __sock_sendmsg+0x221/0x270
[  342.676814][T16653]  ____sys_sendmsg+0x525/0x7d0
[  342.681579][T16653]  ? __pfx_____sys_sendmsg+0x10/0x10
[  342.686873][T16653]  __sys_sendmsg+0x2b0/0x3a0
[  342.691458][T16653]  ? __pfx___sys_sendmsg+0x10/0x10
[  342.696565][T16653]  ? vfs_write+0x7c4/0xc90
[  342.701011][T16653]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.707335][T16653]  ? do_syscall_64+0x100/0x230
[  342.712099][T16653]  ? do_syscall_64+0xb6/0x230
[  342.716776][T16653]  do_syscall_64+0xf3/0x230
[  342.721274][T16653]  ? clear_bhb_loop+0x35/0x90
[  342.725946][T16653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.731830][T16653] RIP: 0033:0x7effe2b75bd9
[  342.736233][T16653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.755827][T16653] RSP: 002b:00007effe39ba048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  342.764235][T16653] RAX: ffffffffffffffda RBX: 00007effe2d03f60 RCX: 00007effe2b75bd9
[  342.772212][T16653] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000005
[  342.780180][T16653] RBP: 00007effe39ba0a0 R08: 0000000000000000 R09: 0000000000000000
[  342.788141][T16653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.796106][T16653] R13: 000000000000004d R14: 00007effe2d03f60 R15: 00007ffc5b348388
[  342.804086][T16653]  </TASK>
[  343.268498][T16680] FAULT_INJECTION: forcing a failure.
[  343.268498][T16680] name failslab, interval 1, probability 0, space 0, times 0
[  343.285406][T16683] validate_nla: 5 callbacks suppressed
[  343.285423][T16683] netlink: 'syz.1.3983': attribute type 3 has an invalid length.
[  343.300240][T16680] CPU: 1 PID: 16680 Comm: syz.0.3985 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  343.310409][T16680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  343.320454][T16680] Call Trace:
[  343.323722][T16680]  <TASK>
[  343.326649][T16680]  dump_stack_lvl+0x241/0x360
[  343.331328][T16680]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.336517][T16680]  ? __pfx__printk+0x10/0x10
[  343.341109][T16680]  should_fail_ex+0x3b0/0x4e0
[  343.345789][T16680]  ? sctp_add_bind_addr+0x89/0x3a0
[  343.350893][T16680]  should_failslab+0x9/0x20
[  343.355388][T16680]  kmalloc_trace_noprof+0x6c/0x2c0
[  343.360491][T16680]  ? __pfx__get_random_bytes+0x10/0x10
[  343.365943][T16680]  sctp_add_bind_addr+0x89/0x3a0
[  343.370877][T16680]  sctp_copy_local_addr_list+0x311/0x500
[  343.376505][T16680]  ? sctp_copy_local_addr_list+0xab/0x500
[  343.382248][T16680]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  343.388396][T16680]  ? sctp_v6_is_any+0x60/0x70
[  343.393073][T16680]  sctp_bind_addr_copy+0xad/0x3b0
[  343.398092][T16680]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  343.404418][T16680]  sctp_connect_new_asoc+0x2f3/0x6c0
[  343.409699][T16680]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  343.415497][T16680]  ? sctp_sendmsg+0xbb9/0x3520
[  343.420249][T16680]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  343.425783][T16680]  ? security_sctp_bind_connect+0x90/0xb0
[  343.431505][T16680]  sctp_sendmsg+0x219a/0x3520
[  343.436181][T16680]  ? __pfx_sctp_sendmsg+0x10/0x10
[  343.441192][T16680]  ? __pfx_aa_sk_perm+0x10/0x10
[  343.446043][T16680]  ? inet_sendmsg+0x330/0x390
[  343.450712][T16680]  __sock_sendmsg+0x1a6/0x270
[  343.455391][T16680]  __sys_sendto+0x3a4/0x4f0
[  343.459887][T16680]  ? __pfx___sys_sendto+0x10/0x10
[  343.464923][T16680]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  343.470893][T16680]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  343.477211][T16680]  __x64_sys_sendto+0xde/0x100
[  343.481965][T16680]  do_syscall_64+0xf3/0x230
[  343.486465][T16680]  ? clear_bhb_loop+0x35/0x90
[  343.491135][T16680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.497022][T16680] RIP: 0033:0x7f8deb575bd9
[  343.501437][T16680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.521035][T16680] RSP: 002b:00007f8dec3e8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  343.529445][T16680] RAX: ffffffffffffffda RBX: 00007f8deb703f60 RCX: 00007f8deb575bd9
[  343.537408][T16680] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000003
[  343.545370][T16680] RBP: 00007f8dec3e80a0 R08: 000000002005ffe4 R09: 000000000000001c
[  343.553330][T16680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.561286][T16680] R13: 000000000000004d R14: 00007f8deb703f60 R15: 00007ffcc48eecf8
[  343.569258][T16680]  </TASK>
[  343.616415][T16687] __nla_validate_parse: 7 callbacks suppressed
[  343.616433][T16687] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3981'.
[  343.625414][T16683] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.3983'.
[  343.993439][T16711] syz.3.3993 uses old SIOCAX25GETINFO
[  344.449113][T16699] smc: net device wg0 applied user defined pnetid SYZ0
[  344.481096][T16699] smc: net device wg0 erased user defined pnetid SYZ0
[  344.582130][T16733] netlink: 'syz.0.4002': attribute type 6 has an invalid length.
[  344.851870][T16744] netlink: 'syz.4.4006': attribute type 29 has an invalid length.
[  344.884202][T16744] netlink: 'syz.4.4006': attribute type 29 has an invalid length.
[  344.923778][T16744] netlink: 'syz.4.4006': attribute type 29 has an invalid length.
[  345.363272][T16763] netlink: 6 bytes leftover after parsing attributes in process `syz.0.4015'.
[  345.561350][T16780] netlink: 'syz.4.4020': attribute type 2 has an invalid length.
[  345.594040][T16780] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4020'.
[  346.176254][T16810] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4029'.
[  346.324893][T16825] netlink: 'syz.4.4033': attribute type 1 has an invalid length.
[  346.362540][T16825] netlink: 'syz.4.4033': attribute type 1 has an invalid length.
[  346.420951][T16825] netlink: 'syz.4.4033': attribute type 1 has an invalid length.
[  346.430574][T16825] netlink: 'syz.4.4033': attribute type 1 has an invalid length.
[  346.531381][T16841] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4038'.
[  346.889268][T16856] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4044'.
[  346.908496][T16858] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4045'.
[  347.063190][T16873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[  347.215227][T16881] IPVS: Error joining to the multicast group
[  347.405122][T16896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4059'.
[  348.016991][T16938] xt_TCPMSS: Only works on TCP SYN packets
[  348.293402][T16951] ipip0: entered promiscuous mode
[  348.744697][T16976] __nla_validate_parse: 8 callbacks suppressed
[  348.744715][T16976] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4090'.
[  348.771893][T16978] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4090'.
[  349.008896][T16993] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4092'.
[  349.376173][T17009] validate_nla: 15 callbacks suppressed
[  349.376193][T17009] netlink: 'syz.1.4100': attribute type 3 has an invalid length.
[  349.406235][T17009] netlink: 201372 bytes leftover after parsing attributes in process `syz.1.4100'.
[  349.615090][T17019] netlink: 'syz.2.4104': attribute type 8 has an invalid length.
[  349.878513][T17028] netlink: 'syz.0.4111': attribute type 9 has an invalid length.
[  349.956332][T17039] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4106'.
[  350.101318][T17050] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4116'.
[  350.181840][T17054] netlink: 'syz.1.4119': attribute type 3 has an invalid length.
[  350.191897][ T9853] tipc: Subscription rejected, illegal request
[  350.667693][T17086] netlink: 10 bytes leftover after parsing attributes in process `syz.4.4130'.
[  350.761187][T17091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4132'.
[  351.045478][T17106] netlink: 'syz.3.4139': attribute type 10 has an invalid length.
[  351.082848][T17106] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  351.120008][T17106] team0: Failed to send options change via netlink (err -105)
[  351.149410][T17106] team0: Port device netdevsim0 added
[  351.165634][T17103] netlink: 'syz.0.4137': attribute type 16 has an invalid length.
[  351.178328][T17103] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4137'.
[  351.381238][T17124] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4144'.
[  351.430141][T17124] IPVS: Error connecting to the multicast addr
[  351.582572][T17131] netlink: 'syz.1.4146': attribute type 29 has an invalid length.
[  351.810793][T17131] netlink: 'syz.1.4146': attribute type 29 has an invalid length.
[  351.827379][T17133] netlink: 'syz.1.4146': attribute type 29 has an invalid length.
[  352.097082][T17152] vxcan1: tx address claim with different name
[  352.414308][T17171] IPVS: Error connecting to the multicast addr
[  352.427707][   T53] Bluetooth: hci5: link tx timeout
[  352.428761][T17173] netlink: 'syz.4.4162': attribute type 1 has an invalid length.
[  352.433302][   T53] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  353.022926][ T5094] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  353.035949][ T5094] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  353.050818][ T5094] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  353.060300][ T5094] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  353.074392][ T5094] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  353.084107][ T5094] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  353.175147][T17198] lo speed is unknown, defaulting to 1000
[  353.457392][T17198] chnl_net:caif_netlink_parms(): no params data found
[  353.676665][T17198] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.699811][T17198] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.708213][T17198] bridge_slave_0: entered allmulticast mode
[  353.716140][T17198] bridge_slave_0: entered promiscuous mode
[  353.727512][T17198] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.751609][T17198] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.769294][T17198] bridge_slave_1: entered allmulticast mode
[  353.781256][T17198] bridge_slave_1: entered promiscuous mode
[  353.909789][T17198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.957618][T17198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.070766][T17259] openvswitch: netlink: Missing key (keys=20040, expected=100)
[  354.164827][T17198] team0: Port device team_slave_0 added
[  354.190204][T17198] team0: Port device team_slave_1 added
[  354.404455][T17277] vlan3: entered promiscuous mode
[  354.409922][T17277] xfrm0: entered promiscuous mode
[  354.431001][T17277] team0: Port device vlan3 added
[  354.493269][T17198] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.528865][T17198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.555975][ T5094] Bluetooth: hci5: command 0x0406 tx timeout
[  354.582454][T17198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.703559][T17198] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.724069][T17198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.782345][T17198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.825278][T17296] team0: entered promiscuous mode
[  354.830366][T17296] team_slave_0: entered promiscuous mode
[  354.847773][T17296] team_slave_1: entered promiscuous mode
[  354.869074][T17296] dummy0: entered promiscuous mode
[  354.880434][T17296] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  354.889350][T17296] Cannot create hsr debugfs directory
[  355.031871][T17198] hsr_slave_0: entered promiscuous mode
[  355.053197][T17198] hsr_slave_1: entered promiscuous mode
[  355.064708][T17198] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  355.072447][T17198] Cannot create hsr debugfs directory
[  355.088895][T17309] validate_nla: 7 callbacks suppressed
[  355.088911][T17309] netlink: 'syz.4.4209': attribute type 10 has an invalid length.
[  355.094037][T17313] __nla_validate_parse: 8 callbacks suppressed
[  355.094051][T17313] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4212'.
[  355.119951][T17309] geneve0: entered promiscuous mode
[  355.148090][T17309] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  355.161645][T17312] netlink: 'syz.3.4211': attribute type 10 has an invalid length.
[  355.174744][   T53] Bluetooth: hci0: command tx timeout
[  355.334028][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  355.545547][T17198] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  355.569781][T17198] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.589535][T17323] Cannot find del_set index 0 as target
[  355.711862][T17198] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  355.730825][T17198] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.853831][T17346] netlink: 'syz.0.4223': attribute type 1 has an invalid length.
[  355.861817][T17346] netlink: 368 bytes leftover after parsing attributes in process `syz.0.4223'.
[  355.879687][T17198] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  355.890696][T17198] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.919647][T17345] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4224'.
[  355.972401][T17198] batman_adv: batadv0: Removing interface: netdevsim0
[  355.998971][T17198] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  356.037901][T17198] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.108902][T17353] netlink: 'syz.3.4227': attribute type 3 has an invalid length.
[  356.143186][T17353] netlink: 'syz.3.4227': attribute type 4 has an invalid length.
[  356.166727][T17353] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4227'.
[  356.177915][T17357] netlink: 'syz.4.4229': attribute type 11 has an invalid length.
[  356.285102][T17198] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  356.314632][T17198] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  356.345942][T17198] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  356.365963][T17198] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  356.626687][T17198] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.682453][T17198] 8021q: adding VLAN 0 to HW filter on device team0
[  356.709775][T16290] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.716997][T16290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  356.776826][T16290] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.784060][T16290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.828754][T17382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4237'.
[  356.898248][T17198] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  357.091878][T17395] lo speed is unknown, defaulting to 1000
[  357.216877][T17405] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4245'.
[  357.254744][ T5089] Bluetooth: hci0: command tx timeout
[  357.304069][T17393] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4241'.
[  357.370288][T17410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4246'.
[  357.411669][T17198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  357.488720][T17198] veth0_vlan: entered promiscuous mode
[  357.528107][T17198] veth1_vlan: entered promiscuous mode
[  357.601982][T17198] veth0_macvtap: entered promiscuous mode
[  357.626368][T17198] veth1_macvtap: entered promiscuous mode
[  357.659659][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.681773][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.694955][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.707352][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.718299][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.731467][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.743293][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.755123][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.767428][T17198] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.775850][T17395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4243'.
[  357.799340][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.810610][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.825345][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.839401][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.850783][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.864820][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.879888][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.901728][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.913515][T17198] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  357.934868][T17198] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.961648][T17198] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.036508][T17198] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.064779][T17198] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.075476][T17198] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.087341][T17198] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.426616][T17443] netlink: 'syz.2.4256': attribute type 10 has an invalid length.
[  358.441999][T17443] team0: Device netdevsim0 is up. Set it down before adding it as a team port
[  358.498145][T17448] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  358.536889][T17440] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4255'.
[  358.769187][ T9857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.790918][ T9857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.847747][T17463] netlink: 'syz.3.4262': attribute type 10 has an invalid length.
[  358.870496][ T9857] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.891582][ T9857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.192344][T17478] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  359.763077][T17496] netlink: 'syz.4.4274': attribute type 4 has an invalid length.
[  359.833857][T17497] netlink: 'syz.4.4274': attribute type 4 has an invalid length.
[  359.871994][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  359.883252][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  359.895409][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  359.912817][T17503] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  359.925703][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  359.944137][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  359.954228][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  360.020239][T17500] lo speed is unknown, defaulting to 1000
[  360.289908][T17524] netlink: 'syz.2.4281': attribute type 29 has an invalid length.
[  360.326975][T17524] netlink: 'syz.2.4281': attribute type 29 has an invalid length.
[  360.341936][T17500] chnl_net:caif_netlink_parms(): no params data found
[  360.384387][T17523] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  360.471548][T17526] netlink: 'syz.2.4281': attribute type 29 has an invalid length.
[  360.544246][T17532] __nla_validate_parse: 4 callbacks suppressed
[  360.544264][T17532] netlink: 6 bytes leftover after parsing attributes in process `syz.2.4284'.
[  360.605006][T17535] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4285'.
[  360.731295][T17500] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.772984][T17500] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.791220][T17500] bridge_slave_0: entered allmulticast mode
[  360.815012][T17500] bridge_slave_0: entered promiscuous mode
[  360.827748][T17500] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.836030][T17500] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.843279][T17500] bridge_slave_1: entered allmulticast mode
[  360.872111][T17500] bridge_slave_1: entered promiscuous mode
[  360.918273][T17552] netlink: 'syz.4.4290': attribute type 10 has an invalid length.
[  360.926844][T17552] netlink: 55 bytes leftover after parsing attributes in process `syz.4.4290'.
[  360.941310][T17552] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  360.949713][T17552] team0: Port device virt_wifi0 added
[  360.993018][T17500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.034667][T17500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  361.164657][T17500] team0: Port device team_slave_0 added
[  361.211679][ T2452] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.239693][T17567] netlink: 'syz.2.4295': attribute type 41 has an invalid length.
[  361.251366][T17500] team0: Port device team_slave_1 added
[  361.286643][T17568] netlink: 'syz.2.4295': attribute type 8 has an invalid length.
[  361.312294][T17500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  361.322473][T17500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.383081][T17500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.425462][T17500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.448045][T17500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.488495][T17500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.676693][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  361.687243][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  361.697412][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  361.708067][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  361.716816][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  361.724852][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  361.779678][T17500] hsr_slave_0: entered promiscuous mode
[  361.813265][T17500] hsr_slave_1: entered promiscuous mode
[  361.827181][T17500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  361.855521][T17500] Cannot create hsr debugfs directory
[  362.054211][ T5089] Bluetooth: hci0: command tx timeout
[  362.126380][T17581] lo speed is unknown, defaulting to 1000
[  362.177470][T17593] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4303'.
[  362.226212][ T2452] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.365566][ T2452] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.508001][T17500] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  362.518765][T17500] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.567372][ T2452] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.620322][T17500] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  362.639836][T17500] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.768889][T17500] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  362.795550][T17500] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.881060][T17596] infiniband syz2: set active
[  362.888295][T17596] infiniband syz2: added bond_slave_0
[  362.895711][T17596] syz2: rxe_create_cq: returned err = -12
[  362.901832][T17596] infiniband syz2: Couldn't create ib_mad CQ
[  362.908883][T17596] infiniband syz2: Couldn't open port 1
[  362.963899][T17500] team0: Port device netdevsim0 removed
[  362.972542][T17500] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 256 - 0
[  362.987535][T17596] RDS/IB: syz2: added
[  362.992330][T17596] smc: adding ib device syz2 with port count 1
[  362.999599][T17596] smc:    ib device syz2 port 1 has pnetid SYZ0 (user defined)
[  363.009876][T17500] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.167926][ T2452] bridge_slave_1: left allmulticast mode
[  363.193993][ T2452] bridge_slave_1: left promiscuous mode
[  363.210105][ T2452] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.245230][ T2452] bridge_slave_0: left allmulticast mode
[  363.267938][ T2452] bridge_slave_0: left promiscuous mode
[  363.283821][ T2452] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.825392][ T5089] Bluetooth: hci3: command tx timeout
[  363.859708][ T2452] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  363.871182][ T2452] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  363.884512][ T2452] bond0 (unregistering): Released all slaves
[  363.922123][T17581] chnl_net:caif_netlink_parms(): no params data found
[  364.135217][ T5089] Bluetooth: hci0: command tx timeout
[  364.364445][T17641] netlink: 'syz.0.4312': attribute type 3 has an invalid length.
[  364.420854][T17581] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.447429][T17581] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.457682][T17581] bridge_slave_0: entered allmulticast mode
[  364.479195][T17581] bridge_slave_0: entered promiscuous mode
[  364.506907][T17581] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.524863][T17581] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.544890][T17581] bridge_slave_1: entered allmulticast mode
[  364.572762][T17581] bridge_slave_1: entered promiscuous mode
[  364.589071][T17500] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  364.629155][T17500] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  364.729640][T17500] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  364.753097][T17581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.778715][T17500] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  364.804945][T17581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.887880][T17581] team0: Port device team_slave_0 added
[  364.916228][T17581] team0: Port device team_slave_1 added
[  365.033306][T17581] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.063878][T17581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.107211][T17581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.132268][T17581] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.149871][T17581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.187307][T17581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.236326][T17660] netlink: 10 bytes leftover after parsing attributes in process `syz.4.4318'.
[  365.261177][T17660] netlink: 'syz.4.4318': attribute type 1 has an invalid length.
[  365.284680][T17660] netlink: 'syz.4.4318': attribute type 4 has an invalid length.
[  365.292438][T17660] netlink: 192 bytes leftover after parsing attributes in process `syz.4.4318'.
[  365.386654][T17581] hsr_slave_0: entered promiscuous mode
[  365.424358][T17581] hsr_slave_1: entered promiscuous mode
[  365.443957][T17581] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  365.451549][T17581] Cannot create hsr debugfs directory
[  365.619447][T17671] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4321'.
[  365.635622][T17671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4321'.
[  365.900828][ T5089] Bluetooth: hci3: command tx timeout
[  366.008489][T17500] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.213701][ T5089] Bluetooth: hci0: command tx timeout
[  366.259379][T17500] 8021q: adding VLAN 0 to HW filter on device team0
[  366.348333][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.355521][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.433087][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.440292][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.587532][T17705] Bluetooth: MGMT ver 1.22
[  366.887993][T17581] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  366.921637][T17581] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  366.971835][T17581] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  367.025591][T17581] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  367.152461][T17500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.179416][T17727] netlink: 'syz.4.4339': attribute type 13 has an invalid length.
[  367.199807][T17727] veth0_macvtap: left promiscuous mode
[  367.207326][T17727] macvtap0: entered allmulticast mode
[  367.239953][T17727] macvtap0: refused to change device tx_queue_len
[  367.436504][T17500] veth0_vlan: entered promiscuous mode
[  367.492926][T17500] veth1_vlan: entered promiscuous mode
[  367.586001][T17581] 8021q: adding VLAN 0 to HW filter on device bond0
[  367.646335][T17500] veth0_macvtap: entered promiscuous mode
[  367.692898][T17500] veth1_macvtap: entered promiscuous mode
[  367.727313][T17581] 8021q: adding VLAN 0 to HW filter on device team0
[  367.780856][ T5136] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.788061][ T5136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  367.881018][ T2452] hsr_slave_0: left promiscuous mode
[  367.895840][ T2452] hsr_slave_1: left promiscuous mode
[  367.912410][ T2452] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  367.921011][ T2452] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.932431][ T2452] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  367.942645][ T2452] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.975347][ T5089] Bluetooth: hci3: command tx timeout
[  368.000744][ T2452] veth1_macvtap: left promiscuous mode
[  368.024034][ T2452] veth0_macvtap: left promiscuous mode
[  368.034108][ T2452] veth1_vlan: left promiscuous mode
[  368.039497][ T2452] veth0_vlan: left promiscuous mode
[  368.294177][ T5089] Bluetooth: hci0: command tx timeout
[  368.723351][ T2452] team0 (unregistering): Port device team_slave_1 removed
[  368.790047][ T2452] team0 (unregistering): Port device team_slave_0 removed
[  369.238252][T17745] IPVS: Error connecting to the multicast addr
[  369.303906][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.311087][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.377056][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  369.398470][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.417979][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  369.440253][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.452286][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  369.470162][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.480928][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  369.492134][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.519581][T17500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  369.643280][T17777] netlink: 'syz.4.4353': attribute type 10 has an invalid length.
[  369.656619][T17777] netlink: 55 bytes leftover after parsing attributes in process `syz.4.4353'.
[  369.687314][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.712778][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.728719][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.743023][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.753443][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.769640][T17781] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4357'.
[  369.779081][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.789536][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.800056][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.810103][T17500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.822458][T17500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.836017][T17500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  369.843405][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4355'.
[  369.874913][T17771] netlink: 'syz.2.4355': attribute type 1 has an invalid length.
[  369.882693][T17771] netlink: 'syz.2.4355': attribute type 2 has an invalid length.
[  369.934469][T17781] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4357'.
[  369.988210][T17500] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.007215][T17500] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.034282][T17500] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.055581][ T5089] Bluetooth: hci3: command tx timeout
[  370.071939][T17500] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.126925][T17785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4357'.
[  370.193176][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  370.199969][    C0] vcan0: j1939_xtp_rx_dat: no rx connection found
[  370.206544][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  370.212989][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.220950][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.228818][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.236799][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.244669][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.252581][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.260443][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.268380][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.276259][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.284199][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.292029][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.299990][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.307852][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.315812][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.323677][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.331591][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.339461][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.347410][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.355288][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.363203][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.371075][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.379074][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.386931][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.394894][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.402730][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.410681][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.418532][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.426481][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.434342][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.442256][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.450131][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.458067][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.465938][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.473879][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.481704][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.489666][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.497541][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.505498][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.513329][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.521303][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.529165][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.537225][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.545440][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.553355][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.561237][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.569188][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.577069][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.585009][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.592842][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.600819][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.608805][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.616768][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.624630][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.632499][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.640340][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.648287][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.656160][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.664117][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.671926][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.679877][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.687733][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.695692][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.703549][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.711456][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.719317][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.727205][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.735061][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.742916][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.750749][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.758685][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.766547][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.774475][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.782314][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.790222][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.798081][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.806032][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.813892][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.821812][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.829683][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.837642][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.845508][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.853414][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.861265][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.869155][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.877005][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.884944][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.892753][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.900668][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.908500][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.916434][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.924279][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.932140][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.939990][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.947871][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.955722][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.963657][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.971476][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.979439][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  370.987288][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  370.995233][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.003057][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.011003][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.018842][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.026766][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.034597][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.042430][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.050275][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.058182][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.066034][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.073916][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.081705][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.092224][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.100139][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.108100][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.115956][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.123934][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.131768][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.139829][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.147687][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.155633][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.163520][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.171388][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.179246][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.187183][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.195050][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.202906][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.210735][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.218626][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.226477][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.234409][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.242214][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.250470][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.258331][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.266277][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.274125][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.282027][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.289862][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.297744][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.305592][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.313539][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.321350][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.329272][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.337126][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.345078][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.352895][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.360809][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.368659][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.376606][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.384467][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.392376][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  371.400224][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  371.464011][T17793] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4358'.
[  371.586267][T17804] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4359'.
[  371.617679][T17804] netlink: 'syz.0.4359': attribute type 9 has an invalid length.
[  371.627799][T17804] netlink: 'syz.0.4359': attribute type 6 has an invalid length.
[  371.857778][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.881249][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.998063][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.016292][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.026354][T17581] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.063354][T17824] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4365'.
[  372.155037][T17581] veth0_vlan: entered promiscuous mode
[  372.168890][T17828] netlink: 188 bytes leftover after parsing attributes in process `syz.2.4368'.
[  372.191752][T17581] veth1_vlan: entered promiscuous mode
[  372.260590][T17835] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  372.346571][T17581] veth0_macvtap: entered promiscuous mode
[  372.372325][T17581] veth1_macvtap: entered promiscuous mode
[  372.432711][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.451890][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.474587][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.489671][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.502433][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.520119][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.530224][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.556402][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.566855][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.577623][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.590520][T17581] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.685496][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.713113][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.738665][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.764469][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.785250][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.809404][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.820390][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.838535][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.850865][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.872989][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.882902][T17581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.903538][T17581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.925634][T17581] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.941175][T17848] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4376'.
[  372.952177][T17848] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.960916][T17848] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.039955][T17581] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.073142][T17581] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.099406][T17581] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.109763][T17581] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.129440][T17862] netlink: 'syz.2.4383': attribute type 10 has an invalid length.
[  373.141890][T17862] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4383'.
[  373.152263][T17862] batadv0: left promiscuous mode
[  373.161477][T17862] bridge0: port 3(batadv0) entered blocking state
[  373.169647][T17862] bridge0: port 3(batadv0) entered disabled state
[  373.178463][T17862] batadv0: entered allmulticast mode
[  373.188945][T17862] batadv0: entered promiscuous mode
[  373.217249][   T11] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  373.226858][   T11] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  373.522157][T17879] netlink: 'syz.4.4387': attribute type 20 has an invalid length.
[  373.531829][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.553267][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.575864][T17881] tipc: Failed to remove unknown binding: 66,1,1/0:3738365786/3738365788
[  373.635770][T17881] tipc: Failed to remove unknown binding: 66,1,1/0:3738365786/3738365788
[  373.665770][T17881] tipc: Failed to remove unknown binding: 66,1,1/0:3738365786/3738365788
[  373.723044][ T9855] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.782603][ T9855] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.863255][T17891] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4392'.
[  373.986124][T17895] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4393'.
[  374.045119][T17905] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4396'.
[  374.070908][T17906] sock: sock_timestamping_bind_phc: sock not bind to device
[  374.310817][T17918] SET target dimension over the limit!
[  374.358491][T17924] tipc: Failed to remove unknown binding: 66,1,1/0:2942129422/2942129424
[  374.386083][T17924] tipc: Failed to remove unknown binding: 66,1,1/0:2942129422/2942129424
[  374.405199][T17924] tipc: Failed to remove unknown binding: 66,1,1/0:2942129422/2942129424
[  374.739353][ T9853] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.271408][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  375.295772][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  375.305361][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  375.316571][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  375.349133][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  375.357889][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  375.437548][ T9853] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.670011][ T9853] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.692407][T17975] netlink: 'syz.3.4421': attribute type 3 has an invalid length.
[  375.729949][T17967] lo speed is unknown, defaulting to 1000
[  375.730984][T17975] netlink: 'syz.3.4421': attribute type 4 has an invalid length.
[  375.764443][T17975] netlink: 'syz.3.4421': attribute type 7 has an invalid length.
[  375.787805][T17975] netlink: 'syz.3.4421': attribute type 8 has an invalid length.
[  375.802431][T17975] netlink: 'syz.3.4421': attribute type 7 has an invalid length.
[  375.851354][T17975] netlink: 198200 bytes leftover after parsing attributes in process `syz.3.4421'.
[  375.902688][ T9853] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.074696][T17979] pim6reg1: entered promiscuous mode
[  376.094020][T17979] pim6reg1: entered allmulticast mode
[  376.343391][T17500] cgroup: fork rejected by pids controller in /syz3
[  376.655120][ T9853] bridge_slave_1: left allmulticast mode
[  376.679130][ T9853] bridge_slave_1: left promiscuous mode
[  376.697059][ T9853] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.744672][ T9853] bridge_slave_0: left allmulticast mode
[  376.773823][ T9853] bridge_slave_0: left promiscuous mode
[  376.779620][ T9853] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.989942][T18018] netlink: 'syz.4.4434': attribute type 29 has an invalid length.
[  377.242663][ T9853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.261366][ T9853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.272531][ T9853] bond0 (unregistering): Released all slaves
[  377.371225][T18018] netlink: 'syz.4.4434': attribute type 29 has an invalid length.
[  377.414907][   T53] Bluetooth: hci3: command tx timeout
[  377.434653][T18020] netlink: 'syz.4.4434': attribute type 29 has an invalid length.
[  377.543737][T18024] __nla_validate_parse: 3 callbacks suppressed
[  377.543757][T18024] netlink: 6 bytes leftover after parsing attributes in process `syz.2.4435'.
[  377.583346][T17967] chnl_net:caif_netlink_parms(): no params data found
[  377.913894][T17967] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.921139][T17967] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.937711][T17967] bridge_slave_0: entered allmulticast mode
[  377.996028][T17967] bridge_slave_0: entered promiscuous mode
[  378.038288][T17967] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.055108][T17967] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.062406][T17967] bridge_slave_1: entered allmulticast mode
[  378.099945][T17967] bridge_slave_1: entered promiscuous mode
[  378.195144][ T9853] hsr_slave_0: left promiscuous mode
[  378.208751][ T9853] hsr_slave_1: left promiscuous mode
[  378.234079][ T9853] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  378.247555][ T9853] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.269808][ T9853] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.295590][ T9853] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.334983][ T5089] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  378.347063][ T5089] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  378.359125][ T9853] veth1_macvtap: left promiscuous mode
[  378.363888][ T5089] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  378.374506][ T5089] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  378.382877][ T5089] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  378.384965][ T9853] veth0_macvtap: left promiscuous mode
[  378.395807][ T5089] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  378.428706][ T9853] veth1_vlan: left promiscuous mode
[  378.436504][ T9853] veth0_vlan: left promiscuous mode
[  378.867121][ T1243] ieee802154 phy0 wpan0: encryption failed: -22
[  379.162929][ T9853] team0 (unregistering): Port device team_slave_1 removed
[  379.283125][ T9853] team0 (unregistering): Port device team_slave_0 removed
[  379.496021][ T5089] Bluetooth: hci3: command tx timeout
[  379.894513][T17967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  379.942136][T17967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  380.002495][T18049] lo speed is unknown, defaulting to 1000
[  380.030629][T17967] team0: Port device team_slave_0 added
[  380.058882][T17967] team0: Port device team_slave_1 added
[  380.304657][T18079] IPVS: Error joining to the multicast group
[  380.319197][T17967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  380.328413][T18085] netlink: 268 bytes leftover after parsing attributes in process `syz.2.4451'.
[  380.355069][T17967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  380.397584][T17967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  380.435501][T17967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  380.442473][T17967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  380.469639][ T5089] Bluetooth: hci0: command tx timeout
[  380.513032][T17967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  380.513291][T18089] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.4453'.
[  380.569473][T18089] netlink: 16126 bytes leftover after parsing attributes in process `syz.0.4453'.
[  380.658072][T17967] hsr_slave_0: entered promiscuous mode
[  380.681395][T17967] hsr_slave_1: entered promiscuous mode
[  380.701138][T17967] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  380.716663][T17967] Cannot create hsr debugfs directory
[  381.031648][ T9853] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.045265][T18113] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4461'.
[  381.120951][T18109] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4460'.
[  381.519581][ T9853] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.574363][ T5089] Bluetooth: hci3: command tx timeout
[  381.719313][ T9853] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.775582][T18133] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  381.837058][T18133] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  381.847362][T18136] netlink: 'syz.0.4467': attribute type 3 has an invalid length.
[  381.847385][T18136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4467'.
[  381.873422][T18133] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  381.969941][ T9853] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.008217][T18142] netlink: 'syz.4.4469': attribute type 10 has an invalid length.
[  382.045995][T18142] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  382.055490][T18142] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  382.085424][T18142] team0: Failed to send options change via netlink (err -105)
[  382.092908][T18142] team0: Port device netdevsim0 added
[  382.145466][T18049] chnl_net:caif_netlink_parms(): no params data found
[  382.533653][T18049] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.545202][ T5089] Bluetooth: hci0: command tx timeout
[  382.565544][T18049] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.572814][T18049] bridge_slave_0: entered allmulticast mode
[  382.584385][T18049] bridge_slave_0: entered promiscuous mode
[  382.601359][T18049] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.609737][T18049] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.618149][T18049] bridge_slave_1: entered allmulticast mode
[  382.626869][T18049] bridge_slave_1: entered promiscuous mode
[  382.637809][ T9853] bridge_slave_1: left allmulticast mode
[  382.644228][ T9853] bridge_slave_1: left promiscuous mode
[  382.650060][ T9853] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.667228][ T9853] bridge_slave_0: left allmulticast mode
[  382.673078][ T9853] bridge_slave_0: left promiscuous mode
[  382.679825][ T9853] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.866832][T18167] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  383.178561][ T9853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.191468][ T9853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.207450][ T9853] bond0 (unregistering): Released all slaves
[  383.246694][T18162] netlink: 'syz.4.4473': attribute type 27 has an invalid length.
[  383.335299][    C1] ==================================================================
[  383.343409][    C1] BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0
[  383.351331][    C1] Read of size 4 at addr ffff8880695e8008 by task ksoftirqd/1/24
[  383.359064][    C1] 
[  383.361393][    C1] CPU: 1 PID: 24 Comm: ksoftirqd/1 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  383.371390][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  383.381469][    C1] Call Trace:
[  383.384758][    C1]  <TASK>
[  383.387695][    C1]  dump_stack_lvl+0x241/0x360
[  383.392398][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.397607][    C1]  ? __pfx__printk+0x10/0x10
[  383.402179][    C1]  ? _printk+0xd5/0x120
[  383.406327][    C1]  ? __virt_addr_valid+0x183/0x520
[  383.411453][    C1]  ? __virt_addr_valid+0x183/0x520
[  383.416561][    C1]  print_report+0x169/0x550
[  383.421054][    C1]  ? __virt_addr_valid+0x183/0x520
[  383.426153][    C1]  ? __virt_addr_valid+0x183/0x520
[  383.431253][    C1]  ? __virt_addr_valid+0x44e/0x520
[  383.436353][    C1]  ? __phys_addr+0xba/0x170
[  383.440854][    C1]  ? rhashtable_lookup_fast+0x77a/0x9b0
[  383.446400][    C1]  kasan_report+0x143/0x180
[  383.450898][    C1]  ? rhashtable_lookup_fast+0x77a/0x9b0
[  383.456435][    C1]  rhashtable_lookup_fast+0x77a/0x9b0
[  383.461798][    C1]  ? rhashtable_lookup_fast+0xe9/0x9b0
[  383.467245][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  383.472001][    C1]  ? __pfx_rhashtable_lookup_fast+0x10/0x10
[  383.477884][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  383.482641][    C1]  ila_nf_input+0x1fe/0x3c0
[  383.487133][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  383.491886][    C1]  ? ila_nf_input+0xe4/0x3c0
[  383.496468][    C1]  ? __pfx_ila_nf_input+0x10/0x10
[  383.501483][    C1]  nf_hook_slow+0xc3/0x220
[  383.505891][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  383.511072][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  383.516253][    C1]  NF_HOOK+0x29e/0x450
[  383.520304][    C1]  ? skb_orphan+0x4b/0xd0
[  383.524630][    C1]  ? NF_HOOK+0x9a/0x450
[  383.528776][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  383.533353][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  383.538541][    C1]  ? __pfx_ipv6_rcv+0x10/0x10
[  383.543208][    C1]  __netif_receive_skb+0x1ea/0x650
[  383.548316][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  383.553328][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  383.558956][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  383.564924][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  383.571238][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  383.576346][    C1]  ? process_backlog+0x2d9/0x7d0
[  383.581273][    C1]  process_backlog+0x391/0x7d0
[  383.586031][    C1]  ? __pfx_process_backlog+0x10/0x10
[  383.591307][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  383.597276][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  383.603594][    C1]  __napi_poll+0xcb/0x490
[  383.607916][    C1]  net_rx_action+0x7bb/0x10a0
[  383.612590][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  383.617695][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  383.623667][    C1]  handle_softirqs+0x2c4/0x970
[  383.628417][    C1]  ? run_ksoftirqd+0xca/0x130
[  383.633080][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  383.638353][    C1]  run_ksoftirqd+0xca/0x130
[  383.642845][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  383.647949][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  383.653050][    C1]  smpboot_thread_fn+0x544/0xa30
[  383.657975][    C1]  ? smpboot_thread_fn+0x4e/0xa30
[  383.662987][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  383.668438][    C1]  kthread+0x2f0/0x390
[  383.672496][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  383.677939][    C1]  ? __pfx_kthread+0x10/0x10
[  383.682516][    C1]  ret_from_fork+0x4b/0x80
[  383.686921][    C1]  ? __pfx_kthread+0x10/0x10
[  383.691498][    C1]  ret_from_fork_asm+0x1a/0x30
[  383.696263][    C1]  </TASK>
[  383.699266][    C1] 
[  383.701572][    C1] The buggy address belongs to the physical page:
[  383.707977][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x695e8
[  383.716721][    C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  383.723824][    C1] raw: 00fff00000000000 ffffea00019da608 ffff8880b94447b0 0000000000000000
[  383.732395][    C1] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  383.740980][    C1] page dumped because: kasan: bad access detected
[  383.747386][    C1] page_owner tracks the page as freed
[  383.752741][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152dc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 17500, tgid 17500 (syz-executor), ts 360070740442, free_ts 383326057632
[  383.773215][    C1]  post_alloc_hook+0x1f3/0x230
[  383.777972][    C1]  get_page_from_freelist+0x2e4c/0x2f10
[  383.783507][    C1]  __alloc_pages_noprof+0x256/0x6c0
[  383.788693][    C1]  __kmalloc_large_node+0x8b/0x1d0
[  383.793815][    C1]  __kmalloc_node_noprof+0x2d2/0x440
[  383.799119][    C1]  kvmalloc_node_noprof+0x72/0x190
[  383.804236][    C1]  rhashtable_init_noprof+0x534/0xa60
[  383.809607][    C1]  ila_xlat_init_net+0xa0/0x110
[  383.814471][    C1]  ops_init+0x359/0x610
[  383.818724][    C1]  setup_net+0x515/0xca0
[  383.822957][    C1]  copy_net_ns+0x4e2/0x7b0
[  383.827365][    C1]  create_new_namespaces+0x425/0x7b0
[  383.832655][    C1]  unshare_nsproxy_namespaces+0x124/0x180
[  383.838367][    C1]  ksys_unshare+0x619/0xc10
[  383.842865][    C1]  __x64_sys_unshare+0x38/0x40
[  383.847630][    C1]  do_syscall_64+0xf3/0x230
[  383.852128][    C1] page last free pid 9853 tgid 9853 stack trace:
[  383.858433][    C1]  free_unref_page+0xd22/0xea0
[  383.863184][    C1]  __folio_put+0x3b9/0x620
[  383.867586][    C1]  free_large_kmalloc+0x105/0x1c0
[  383.872601][    C1]  kfree+0x1c4/0x360
[  383.876486][    C1]  rhashtable_free_and_destroy+0x7c6/0x920
[  383.882283][    C1]  ila_xlat_exit_net+0x55/0x110
[  383.887119][    C1]  cleanup_net+0x802/0xcc0
[  383.891518][    C1]  process_scheduled_works+0xa2c/0x1830
[  383.897053][    C1]  worker_thread+0x86d/0xd50
[  383.901634][    C1]  kthread+0x2f0/0x390
[  383.905691][    C1]  ret_from_fork+0x4b/0x80
[  383.910095][    C1]  ret_from_fork_asm+0x1a/0x30
[  383.914847][    C1] 
[  383.917154][    C1] Memory state around the buggy address:
[  383.922765][    C1]  ffff8880695e7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  383.930808][    C1]  ffff8880695e7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  383.938850][    C1] >ffff8880695e8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  383.946898][    C1]                       ^
[  383.951210][    C1]  ffff8880695e8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  383.959254][    C1]  ffff8880695e8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  383.967303][    C1] ==================================================================
[  383.975484][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  383.982681][    C1] CPU: 1 PID: 24 Comm: ksoftirqd/1 Not tainted 6.10.0-rc6-syzkaller-00166-g83c36e7cfd74 #0
[  383.992675][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  384.002734][    C1] Call Trace:
[  384.006004][    C1]  <TASK>
[  384.008923][    C1]  dump_stack_lvl+0x241/0x360
[  384.013598][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.018792][    C1]  ? __pfx__printk+0x10/0x10
[  384.023374][    C1]  ? vscnprintf+0x5d/0x90
[  384.027691][    C1]  panic+0x349/0x860
[  384.031576][    C1]  ? check_panic_on_warn+0x21/0xb0
[  384.036686][    C1]  ? __pfx_panic+0x10/0x10
[  384.041097][    C1]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  384.046978][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  384.052856][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  384.059169][    C1]  ? print_report+0x502/0x550
[  384.063840][    C1]  check_panic_on_warn+0x86/0xb0
[  384.068768][    C1]  ? rhashtable_lookup_fast+0x77a/0x9b0
[  384.074309][    C1]  end_report+0x77/0x160
[  384.078538][    C1]  kasan_report+0x154/0x180
[  384.083030][    C1]  ? rhashtable_lookup_fast+0x77a/0x9b0
[  384.088574][    C1]  rhashtable_lookup_fast+0x77a/0x9b0
[  384.093949][    C1]  ? rhashtable_lookup_fast+0xe9/0x9b0
[  384.099432][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  384.104184][    C1]  ? __pfx_rhashtable_lookup_fast+0x10/0x10
[  384.110067][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  384.114827][    C1]  ila_nf_input+0x1fe/0x3c0
[  384.119321][    C1]  ? __pfx_ila_cmpfn+0x10/0x10
[  384.124078][    C1]  ? ila_nf_input+0xe4/0x3c0
[  384.128659][    C1]  ? __pfx_ila_nf_input+0x10/0x10
[  384.133678][    C1]  nf_hook_slow+0xc3/0x220
[  384.138101][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  384.143286][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  384.148478][    C1]  NF_HOOK+0x29e/0x450
[  384.152532][    C1]  ? skb_orphan+0x4b/0xd0
[  384.156851][    C1]  ? NF_HOOK+0x9a/0x450
[  384.160994][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  384.165572][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  384.170763][    C1]  ? __pfx_ipv6_rcv+0x10/0x10
[  384.175429][    C1]  __netif_receive_skb+0x1ea/0x650
[  384.180532][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  384.185547][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  384.191171][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  384.197139][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  384.203455][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  384.208570][    C1]  ? process_backlog+0x2d9/0x7d0
[  384.213504][    C1]  process_backlog+0x391/0x7d0
[  384.218264][    C1]  ? __pfx_process_backlog+0x10/0x10
[  384.223539][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  384.229506][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  384.235823][    C1]  __napi_poll+0xcb/0x490
[  384.240149][    C1]  net_rx_action+0x7bb/0x10a0
[  384.244826][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  384.249931][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  384.255904][    C1]  handle_softirqs+0x2c4/0x970
[  384.260658][    C1]  ? run_ksoftirqd+0xca/0x130
[  384.265325][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  384.270606][    C1]  run_ksoftirqd+0xca/0x130
[  384.275097][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  384.280199][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  384.285298][    C1]  smpboot_thread_fn+0x544/0xa30
[  384.290224][    C1]  ? smpboot_thread_fn+0x4e/0xa30
[  384.295241][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  384.300685][    C1]  kthread+0x2f0/0x390
[  384.304745][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  384.310189][    C1]  ? __pfx_kthread+0x10/0x10
[  384.314766][    C1]  ret_from_fork+0x4b/0x80
[  384.319171][    C1]  ? __pfx_kthread+0x10/0x10
[  384.323749][    C1]  ret_from_fork_asm+0x1a/0x30
[  384.328509][    C1]  </TASK>
[  384.331742][    C1] Kernel Offset: disabled
[  384.336052][    C1] Rebooting in 86400 seconds..