last executing test programs:

1m4.895624671s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

54.476718295s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

43.066511266s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

28.491092815s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

15.45692673s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

7.792554612s ago: executing program 0 (id=2270):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8}, @NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0x11}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0xd}, @NFTA_NAT_TYPE={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2c, r5, 0x201, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x80}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000002c0)={0x0, 0x2, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x30}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
r6 = socket$igmp(0x2, 0x3, 0x2)
socket$pppoe(0x18, 0x1, 0x0)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MTU={0x8, 0x3}]}, 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {}, {0x0, 0xd}}}, 0x24}}, 0x0)

7.58266577s ago: executing program 0 (id=2274):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x8100, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_newnexthop={0x28, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP={0x8, 0x8, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}]}, 0x28}}, 0x0)

7.408571728s ago: executing program 0 (id=2275):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
write$bt_hci(0xffffffffffffffff, 0x0, 0x5)
socket(0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2000000000000280, &(0x7f0000000780)=ANY=[], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r2, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r2, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1800", @ANYBLOB], 0x18}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000680)=ANY=[@ANYBLOB="f8000000100001000000000000000000fe800000000000000000000000000000ac1414000000eb053c55bdf4cdd400"/72, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14140000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000800160000000000"], 0xf8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r4, 0x11, 0x0, 0x0, &(0x7f0000000040)=0xfffffffffffffeaa)
sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)='l', 0x1}], 0x1}, 0x400c005)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x800442d2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000010000000000000000000000950000000000000046682d562c3163536e83a7f6ac12a8b52f0d70aa97a91fa46cdcefe7534fda04cace652409e818c0b1da96d9c9fa8e9523840100cbac3c07a0bf00ff9513b150a632c33ca9a009870000000000000000000000000000002cd50db1486b80ee61ff6ddaa4bf0609a8ef7fd07f4c556489cf61cf8e63e826fff67d3299ca9f9b85cdcd75b85bb1775f4ff03b75aa7b6aa1a7e9a2b91d103d541bce370d9e6810dec2fe8300dc5edf3f6aa43810579aedb7e19fbacb5bd5e5337b507559ca6acc6471ecad2746ab01526ace07000000c1ea01c13a2406007d0efb7e91a9dbde2353f035347270d076c93f1b1a810cb2c7d72ee9ce76e6da15600893bc36f6502f75a8acc045e2315b"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

3.992775709s ago: executing program 4 (id=2301):
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x4})
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close(r1)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000001a0001002cbd7000fedbdf250a145e010003fd06000600000800"], 0x2c}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$kcm(0x29, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r7 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r7, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x40}}, ["", "", "", ""]}, 0x24}}, 0xc084)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r7, r6})
sendmsg$kcm(r5, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x1a002}], 0x1}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x50, 0x0, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x50}}, 0x0)

3.707227358s ago: executing program 4 (id=2304):
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842ba4470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], 0x0, 0x0, 0x100a, &(0x7f0000001400)=""/4106}, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_int(r2, 0x0, 0xf, &(0x7f00000009c0), 0x4)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback}], 0x10)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000001440), &(0x7f0000001480)=0x8)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000d40)=@nat={'nat\x00', 0x670, 0x5, 0x490, 0xf8, 0xf8, 0xfeffffff, 0x220, 0x2f0, 0x3f8, 0x3f8, 0xffffffff, 0x3f8, 0x3f8, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'veth1_to_team\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@tcp={{0x30}}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@set={{0x40}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @icmp_id}}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'vlan0\x00'}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@ttl={{0x28}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0xc0, 0x108, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4f0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x15, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000001800000000000004000000018110100", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000060a30100ffffffff18000000f7ffffff000000000010000045b91000010000000915feffffffffff9500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x7ff, 0xf5, &(0x7f0000000340)=""/245, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x7, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0x8, 0x0, 0x200}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000500)=[r6, r6, r6], &(0x7f0000000540)=[{0x1, 0x2, 0x5, 0x4}, {0x0, 0x4, 0x2, 0xb}, {0x4, 0x5, 0xf, 0x2}], 0x10, 0x6}, 0x90)
recvmsg$unix(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/160, 0xa0}], 0x1, 0x0, 0x18}, 0x0)

3.217685442s ago: executing program 2 (id=2309):
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x4})
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close(r1)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000001a0001002cbd7000fedbdf250a145e010003fd06000600000800"], 0x2c}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$kcm(0x29, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r7 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r7, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x40}}, ["", "", "", ""]}, 0x24}}, 0xc084)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r7, r6})
sendmsg$kcm(r5, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x1a002}], 0x1}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x50, 0x0, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x50}}, 0x0)

2.891219991s ago: executing program 3 (id=2312):
r0 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$netlink(r0, &(0x7f0000003d40)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000027c0)=ANY=[@ANYBLOB="144d05209fe184"], 0x10}], 0x1}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000ec0)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb88a800008100000086dd60"], 0x0)

2.842399894s ago: executing program 3 (id=2313):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x2a, &(0x7f0000002c40)={0xe, 0xf, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0x81020000}, {0x65}}, [], {{0x7, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3}}}, &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.795701559s ago: executing program 1 (id=1473):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB="84000000", @ANYRES32=0x0, @ANYBLOB="000300e3ffff7f0000003f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000004005e802c005e802000010000000000000000000000000000000000000000000000000000000000080009000000000004005e801c005e800800050000000000080005000000000008000900000000000c005e800800090000000000"], 0x84}}, 0x20004814)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000002f90780000000000000000042008060000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200002800000000000000000800655800000004"], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=r3, @ANYRESHEX=r1, @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r6 = socket$inet6(0xa, 0x80000, 0x7fffffbf)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='veth1\x00', 0x10)
bind$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="0218000014000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc02000000000000000000000000000005004653e14bd27d0bbb9b0600000000000a00"/152], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x800448d4, &(0x7f0000000000)={0x0, 0x1, '\x00X('})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000f14010000000000000000000800010000000000005b014f9f530ed5b3ba790600000000000000"], 0x20}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='leases_conflict\x00'}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280060002400000000008000500", @ANYRES32=r12, @ANYBLOB="c8012cc5c972165ce9f0db06b169a260b3d127e5287c75bafd4e55f36a08de82ac7c835b1ab565157b0a46a0ad3b0176e5ffc62a8b1e23696db74447d48e50bd626c239198fb9524ab86c5f632cec0301b38fb8e693d8b68a8c47d95c806010000000000000081bdffa531e251f12ea28fd9c7f777e2f83aef975431f0c0201c"], 0x44}}, 0x0)

2.791408662s ago: executing program 4 (id=2314):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
r1 = socket$packet(0x11, 0xa, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x41}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x34, r3, 0x1, 0x0, 0x0, {0x15}, [@ETHTOOL_A_DEBUG_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0x34}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendfile(r6, r5, &(0x7f0000000200)=0x672b, 0x80)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data}}}}}, 0x0)

1.639473856s ago: executing program 0 (id=2315):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x6558, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP={0x8, 0x8, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}]}, 0x30}}, 0x0)

1.63368794s ago: executing program 2 (id=2316):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

1.633068993s ago: executing program 3 (id=2317):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=0x20, 0x4)
write$binfmt_misc(r0, &(0x7f0000000300)=ANY=[], 0x6)

1.632708564s ago: executing program 4 (id=2318):
syz_emit_ethernet(0x6a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @gre={{0x6, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @rand_addr, {[@generic={0x0, 0x2}]}}}}}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x15, &(0x7f00000008c0)=@raw={'raw\x00', 0x4001, 0x3, 0x258, 0xd8, 0x0, 0x148, 0x0, 0x148, 0x1c0, 0x240, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @remote, 0xff, 0xff000000, 'caif0\x00', 'team_slave_1\x00', {0xff}, {}, 0x89, 0x0, 0x3}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@icmp={{0x28}, {0x5, '4@'}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @common=@unspec=@STANDARD={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b8)
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)

1.524888181s ago: executing program 0 (id=2319):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
connect$unix(r1, &(0x7f0000000800)=@file={0x0, './file0\x00'}, 0x6e)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
close(0xffffffffffffffff)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000940)={@ifindex, 0xffffffffffffffff, 0x33, 0xc}, 0x20)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000007c0)=0x14)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{0xffffffffffffffff, 0x1}], 0x1, 0x0, 0x0, 0x3)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRESDEC=r2, @ANYRES8], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x30}, 0x90)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/259, 0xf6}, {&(0x7f0000000a80)=""/217, 0xd2}, {&(0x7f0000000680)=""/228, 0xe4}, {0x0, 0x31}], 0x4}, 0x10100)
bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYRES16=r3], 0x20}}, 0x40000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_PRI(r5, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="9f00f5df24d802000000a80000000000000000090000000000ee151175f4690acc461fb7cd29d13b2277bb4eba61f3378df5be2c70d5fc0e043317ea2aa297defbcef46823996609ff0430aefda2a0c820f493644ea69805de98f3078fbe20339d11fa90bf0be4d7e90d7d9b15102e2a5df7bc6151a0d5de261ebfd0424d2a987ce43005d176323c52dc55b6b1cc04a34001fcab9d382ee0f6b9e3fc907949f674686e3562a690052ae0a42c0f99fdaa9f96bc75a0ee0212e15935a0dacecc7c62f47de520aa57a01e8aea8400"/233], 0x38}, 0x1, 0x0, 0x0, 0x24008800}, 0x40015)
socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r6, 0x84, 0x7b, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040), 0x4)

1.524660009s ago: executing program 2 (id=2320):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000240)={0x1d, r1, 0x2}, 0x18)
connect$can_j1939(r0, &(0x7f0000000280)={0x1d, r1}, 0x18)
sendmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff06, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000010000d0400"/20, @ANYRES32=r2, @ANYBLOB="01000000000002004c0012800b00010067726574617000003c000280060011004e240000060018001f0100000800070000ffffff06000f000400000008001400390000000800040001000100060010"], 0x6c}}, 0x0)

1.524351938s ago: executing program 3 (id=2321):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)={0x5c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x40, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "e84cad483d2058fc"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="88df7aceebdb8d6266f5420d8707f034e7bf87f541a7234e"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="499f28b2e1ea83e55723d70db3f0a2f5"}]}]}, 0x5c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r5}, 0x10)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x38)
r6 = socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$kcm(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000600)={0x3c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x9, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}]}, 0x3c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008031, 0xffffffffffffffff, 0x0)
r10 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r10, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="dc00f400"], 0x10, 0x7000000}, 0xf401}], 0x1, 0x0)

1.514240473s ago: executing program 4 (id=2322):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)={0x5c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x40, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "e84cad483d2058fc"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="88df7aceebdb8d6266f5420d8707f034e7bf87f541a7234e"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="499f28b2e1ea83e55723d70db3f0a2f5"}]}]}, 0x5c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r5}, 0x10)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x38)
r6 = socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$kcm(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000600)={0x3c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x9, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}]}, 0x3c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008031, 0xffffffffffffffff, 0x0)
r10 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r10, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="dc00f400"], 0x10, 0x7000000}, 0xf401}], 0x1, 0x0)

1.31293332s ago: executing program 2 (id=2323):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f00000005c0)={0x0, 0xf0ff, &(0x7f0000000140)={&(0x7f0000000c80)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)

1.195012426s ago: executing program 2 (id=2324):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x81}, @initr0, @exit]}, &(0x7f0000000040)='GPL\x00', 0xa}, 0x90)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14, 0x800)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000002640)={'wlan1\x00'})
bind$packet(r1, &(0x7f00000001c0)={0x11, 0x11, 0x0, 0x1, 0xf9, 0x6, @multicast}, 0x14)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000017c0)=@newtaction={0xe80, 0x30, 0x25, 0x0, 0x0, {}, [{0xe6c, 0x1, [@m_pedit={0xe68, 0x1, 0x0, 0x0, {{0xa}, {0xe3c, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x18, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x1}, [{0x0, 0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe80}}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, "aa"}], 0x18}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r5, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"])
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="140100001f000100000000000000000006"], 0x114}], 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.18786367s ago: executing program 3 (id=2325):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0}}], 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x38)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4)

1.090256031s ago: executing program 4 (id=2326):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
write$bt_hci(0xffffffffffffffff, 0x0, 0x5)
socket(0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2000000000000280, &(0x7f0000000780)=ANY=[], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r2, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r2, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1800", @ANYBLOB], 0x18}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000680)=ANY=[@ANYBLOB="f8000000100001000000000000000000fe800000000000000000000000000000ac1414000000eb053c55bdf4cdd400"/72, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14140000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000800160000000000"], 0xf8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r4, 0x11, 0x0, 0x0, &(0x7f0000000040)=0xfffffffffffffeaa)
sendmsg$inet(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)='l', 0x1}], 0x1}, 0x400c005)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x800442d2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000010000000000000000000000950000000000000046682d562c3163536e83a7f6ac12a8b52f0d70aa97a91fa46cdcefe7534fda04cace652409e818c0b1da96d9c9fa8e9523840100cbac3c07a0bf00ff9513b150a632c33ca9a009870000000000000000000000000000002cd50db1486b80ee61ff6ddaa4bf0609a8ef7fd07f4c556489cf61cf8e63e826fff67d3299ca9f9b85cdcd75b85bb1775f4ff03b75aa7b6aa1a7e9a2b91d103d541bce370d9e6810dec2fe8300dc5edf3f6aa43810579aedb7e19fbacb5bd5e5337b507559ca6acc6471ecad2746ab01526ace07000000c1ea01c13a2406007d0efb7e91a9dbde2353f035347270d076c93f1b1a810cb2c7d72ee9ce76e6da15600893bc36f6502f75a8acc045e2315b"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

860.606428ms ago: executing program 3 (id=2327):
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x4})
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close(r1)
r3 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r3, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000001a0001002cbd7000fedbdf250a145e010003fd06000600000800"], 0x2c}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$kcm(0x29, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r7 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r7, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x40}}, ["", "", "", ""]}, 0x24}}, 0xc084)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r7, r6})
sendmsg$kcm(r5, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x1a002}], 0x1}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x50, 0x0, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x50}}, 0x0)

257.688899ms ago: executing program 2 (id=2328):
socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x60, &(0x7f0000000040)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="03011400ff05431200000800ad0001140000002f2600ac14141fe001e502808a8972bd0b72e410820c521b061fe4fdfe4b449430ebb52997e36e039b1e598825f80100a3c06376c330760bfe6f6297c63215d73193db4e453bf9f153a167d50261a67a"], 0xdd12}], 0x1}, 0x0)

0s ago: executing program 0 (id=2329):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r1, 0x0, 0x0)
close(r1)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
ioctl$SIOCAX25GETINFOOLD(0xffffffffffffffff, 0x89e9, &(0x7f0000000040))
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000200)={0x1d, r4, 0x3, {0x2}}, 0x18)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2}, 0x0)
recvfrom(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockname(r2, 0x0, 0x0)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r6, 0x104, 0x4, &(0x7f0000000080)=0x3de, 0x4)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000500170000000000060018"], 0x50}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

kernel console output (not intermixed with test programs):

000
[  207.809678][ T6650] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.966860][ T6650] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.021342][   T47] IPVS: starting estimator thread 0...
[  208.026753][T10070] FAULT_INJECTION: forcing a failure.
[  208.026753][T10070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.060773][T10018] caif0 speed is unknown, defaulting to 1000
[  208.083654][T10070] CPU: 0 PID: 10070 Comm: syz.4.1653 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  208.093524][T10070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  208.103620][T10070] Call Trace:
[  208.106900][T10070]  <TASK>
[  208.109826][T10070]  dump_stack_lvl+0x241/0x360
[  208.114505][T10070]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.119700][T10070]  ? __pfx__printk+0x10/0x10
[  208.124374][T10070]  ? __pfx_lock_release+0x10/0x10
[  208.129404][T10070]  should_fail_ex+0x3b0/0x4e0
[  208.134084][T10070]  _copy_from_iter+0x1f6/0x1960
[  208.138932][T10070]  ? __virt_addr_valid+0x183/0x530
[  208.144044][T10070]  ? __pfx_lock_release+0x10/0x10
[  208.149077][T10070]  ? __pfx__copy_from_iter+0x10/0x10
[  208.154383][T10070]  ? __virt_addr_valid+0x183/0x530
[  208.159494][T10070]  ? __virt_addr_valid+0x183/0x530
[  208.164609][T10070]  ? __virt_addr_valid+0x45f/0x530
[  208.169815][T10070]  ? __phys_addr_symbol+0x2f/0x70
[  208.174861][T10070]  ? __check_object_size+0x49c/0x900
[  208.180159][T10070]  bcm_rx_setup+0x76a/0x18f0
[  208.184766][T10070]  bcm_sendmsg+0x2d5/0x7a0
[  208.189188][T10070]  ? __pfx_bcm_sendmsg+0x10/0x10
[  208.194187][T10070]  ? __import_iovec+0x536/0x820
[  208.199034][T10070]  ? aa_sock_msg_perm+0x91/0x160
[  208.203970][T10070]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  208.209253][T10070]  ? security_socket_sendmsg+0x87/0xb0
[  208.214740][T10070]  ? __pfx_bcm_sendmsg+0x10/0x10
[  208.219674][T10070]  __sock_sendmsg+0x221/0x270
[  208.224355][T10070]  ____sys_sendmsg+0x525/0x7d0
[  208.229126][T10070]  ? __pfx_____sys_sendmsg+0x10/0x10
[  208.234425][T10070]  __sys_sendmsg+0x2b0/0x3a0
[  208.239017][T10070]  ? __pfx___sys_sendmsg+0x10/0x10
[  208.244125][T10070]  ? vfs_write+0x7c4/0xc90
[  208.248574][T10070]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  208.254989][T10070]  ? do_syscall_64+0x100/0x230
[  208.259751][T10070]  ? do_syscall_64+0xb6/0x230
[  208.264424][T10070]  do_syscall_64+0xf3/0x230
[  208.268931][T10070]  ? clear_bhb_loop+0x35/0x90
[  208.273607][T10070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.279495][T10070] RIP: 0033:0x7f5872f75b59
[  208.283915][T10070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.303524][T10070] RSP: 002b:00007f5873d51048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.311941][T10070] RAX: ffffffffffffffda RBX: 00007f5873103f60 RCX: 00007f5872f75b59
[  208.319907][T10070] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  208.327895][T10070] RBP: 00007f5873d510a0 R08: 0000000000000000 R09: 0000000000000000
[  208.335880][T10070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.343853][T10070] R13: 000000000000000b R14: 00007f5873103f60 R15: 00007fffb0c04e68
[  208.351841][T10070]  </TASK>
[  208.383099][T10069] IPVS: using max 22 ests per chain, 52800 per kthread
[  208.487058][ T6650] bridge_slave_1: left allmulticast mode
[  208.492769][ T6650] bridge_slave_1: left promiscuous mode
[  208.499804][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.517402][ T6650] bridge_slave_0: left allmulticast mode
[  208.523353][ T6650] bridge_slave_0: left promiscuous mode
[  208.529163][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.050562][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  209.062375][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  209.076714][ T6650] bond0 (unregistering): Released all slaves
[  209.095536][T10077] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1655'.
[  209.107281][T10077] bridge_slave_1: left allmulticast mode
[  209.113691][T10077] bridge_slave_1: left promiscuous mode
[  209.119457][T10077] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.132625][T10077] bridge_slave_0: left allmulticast mode
[  209.146443][T10077] bridge_slave_0: left promiscuous mode
[  209.162549][T10077] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.228602][T10078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1656'.
[  209.268231][T10018] caif0 speed is unknown, defaulting to 1000
[  209.477313][T10044] chnl_net:caif_netlink_parms(): no params data found
[  209.524054][ T5101] Bluetooth: hci2: command tx timeout
[  209.642639][T10099] FAULT_INJECTION: forcing a failure.
[  209.642639][T10099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.658799][T10099] CPU: 0 PID: 10099 Comm: syz.4.1659 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  209.668664][T10099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  209.678810][T10099] Call Trace:
[  209.682116][T10099]  <TASK>
[  209.685066][T10099]  dump_stack_lvl+0x241/0x360
[  209.689784][T10099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.695008][T10099]  ? __pfx__printk+0x10/0x10
[  209.699618][T10099]  ? snprintf+0xda/0x120
[  209.703866][T10099]  should_fail_ex+0x3b0/0x4e0
[  209.708544][T10099]  _copy_to_user+0x2f/0xb0
[  209.712962][T10099]  simple_read_from_buffer+0xca/0x150
[  209.718343][T10099]  proc_fail_nth_read+0x1e9/0x250
[  209.723372][T10099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.728983][T10099]  ? rw_verify_area+0x520/0x6b0
[  209.733831][T10099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.739375][T10099]  vfs_read+0x204/0xbc0
[  209.743529][T10099]  ? __pfx_lock_release+0x10/0x10
[  209.748556][T10099]  ? __pfx_vfs_read+0x10/0x10
[  209.753230][T10099]  ? __fget_files+0x29/0x470
[  209.757818][T10099]  ? __fget_files+0x3f6/0x470
[  209.762498][T10099]  ksys_read+0x1a0/0x2c0
[  209.766757][T10099]  ? __pfx_ksys_read+0x10/0x10
[  209.771520][T10099]  ? do_syscall_64+0x100/0x230
[  209.776281][T10099]  ? do_syscall_64+0xb6/0x230
[  209.780956][T10099]  do_syscall_64+0xf3/0x230
[  209.785454][T10099]  ? clear_bhb_loop+0x35/0x90
[  209.790127][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.796018][T10099] RIP: 0033:0x7f5872f7463c
[  209.800427][T10099] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  209.820030][T10099] RSP: 002b:00007f5873d30040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  209.828491][T10099] RAX: ffffffffffffffda RBX: 00007f5873104038 RCX: 00007f5872f7463c
[  209.836485][T10099] RDX: 000000000000000f RSI: 00007f5873d300b0 RDI: 0000000000000005
[  209.844457][T10099] RBP: 00007f5873d300a0 R08: 0000000000000000 R09: 0000000000000000
[  209.852420][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.860400][T10099] R13: 000000000000006e R14: 00007f5873104038 R15: 00007fffb0c04e68
[  209.868405][T10099]  </TASK>
[  210.041353][T10018] caif0 speed is unknown, defaulting to 1000
[  210.144446][T10044] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.169306][T10044] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.187363][T10044] bridge_slave_0: entered allmulticast mode
[  210.204533][T10044] bridge_slave_0: entered promiscuous mode
[  210.238732][T10044] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.254671][T10044] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.266090][T10044] bridge_slave_1: entered allmulticast mode
[  210.274311][T10044] bridge_slave_1: entered promiscuous mode
[  210.319952][T10018] caif0 speed is unknown, defaulting to 1000
[  210.355755][T10044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.382114][T10044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.509007][T10044] team0: Port device team_slave_0 added
[  210.534860][T10044] team0: Port device team_slave_1 added
[  210.556732][T10124] netlink: 'syz.3.1668': attribute type 3 has an invalid length.
[  210.583044][T10124] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1668'.
[  210.592085][T10124] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1668'.
[  210.631160][T10044] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.651968][T10044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.712953][T10044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.731603][T10018] caif0 speed is unknown, defaulting to 1000
[  210.732808][T10044] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.749561][T10044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.780114][T10044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.891116][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1670'.
[  210.927884][T10044] hsr_slave_0: entered promiscuous mode
[  210.961634][T10044] hsr_slave_1: entered promiscuous mode
[  210.973423][T10044] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.992797][T10044] Cannot create hsr debugfs directory
[  211.041225][T10138] batadv0: entered promiscuous mode
[  211.339020][ T5148] IPVS: starting estimator thread 0...
[  211.444884][T10149] IPVS: using max 27 ests per chain, 64800 per kthread
[  211.494934][ T6650] hsr_slave_0: left promiscuous mode
[  211.513972][ T6650] hsr_slave_1: left promiscuous mode
[  211.534511][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.553216][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.573790][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  211.591602][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.613795][ T5101] Bluetooth: hci2: command tx timeout
[  211.640728][ T6650] veth1_macvtap: left promiscuous mode
[  211.646531][ T6650] veth0_macvtap: left promiscuous mode
[  211.652281][ T6650] veth1_vlan: left promiscuous mode
[  211.658372][ T6650] veth0_vlan: left promiscuous mode
[  211.941565][T10175] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1683'.
[  212.233209][ T6650] team0 (unregistering): Port device team_slave_1 removed
[  212.274202][ T6650] team0 (unregistering): Port device team_slave_0 removed
[  212.966059][T10192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1685'.
[  213.027368][T10191] ip6gretap0: entered promiscuous mode
[  213.061091][T10191] ip6gretap0: left promiscuous mode
[  213.087524][T10195] validate_nla: 1 callbacks suppressed
[  213.087545][T10195] netlink: 'syz.3.1690': attribute type 11 has an invalid length.
[  213.102184][T10195] netlink: 198064 bytes leftover after parsing attributes in process `syz.3.1690'.
[  213.271409][T10199] unknown channel width for channel at 909000KHz?
[  213.290173][T10199] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1692'.
[  213.328917][T10044] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  213.344403][T10044] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  213.364775][T10044] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  213.392540][T10044] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  213.451312][T10207] FAULT_INJECTION: forcing a failure.
[  213.451312][T10207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.492009][T10207] CPU: 1 PID: 10207 Comm: syz.2.1695 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  213.501884][T10207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  213.511969][T10207] Call Trace:
[  213.515275][T10207]  <TASK>
[  213.518236][T10207]  dump_stack_lvl+0x241/0x360
[  213.522954][T10207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.528190][T10207]  ? __pfx__printk+0x10/0x10
[  213.532809][T10207]  ? __pfx_lock_release+0x10/0x10
[  213.537864][T10207]  should_fail_ex+0x3b0/0x4e0
[  213.542550][T10207]  _copy_from_user+0x2f/0xe0
[  213.547142][T10207]  copy_msghdr_from_user+0xae/0x680
[  213.552332][T10207]  ? __pfx___might_resched+0x10/0x10
[  213.557637][T10207]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  213.563466][T10207]  ? __might_fault+0xaa/0x120
[  213.568151][T10207]  do_recvmmsg+0x40f/0xae0
[  213.572571][T10207]  ? __pfx_lock_release+0x10/0x10
[  213.577620][T10207]  ? __pfx_do_recvmmsg+0x10/0x10
[  213.582588][T10207]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  213.588493][T10207]  ? ksys_write+0x23e/0x2c0
[  213.593003][T10207]  ? __pfx_lock_release+0x10/0x10
[  213.598050][T10207]  ? vfs_write+0x7c4/0xc90
[  213.602487][T10207]  ? __mutex_unlock_slowpath+0x21d/0x750
[  213.608140][T10207]  ? __fget_files+0x3f6/0x470
[  213.612847][T10207]  __x64_sys_recvmmsg+0x199/0x250
[  213.617903][T10207]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  213.623482][T10207]  ? do_syscall_64+0x100/0x230
[  213.628279][T10207]  ? do_syscall_64+0xb6/0x230
[  213.632975][T10207]  do_syscall_64+0xf3/0x230
[  213.637485][T10207]  ? clear_bhb_loop+0x35/0x90
[  213.642166][T10207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.648057][T10207] RIP: 0033:0x7fddd4975b59
[  213.652466][T10207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.672084][T10207] RSP: 002b:00007fddd56fd048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  213.680526][T10207] RAX: ffffffffffffffda RBX: 00007fddd4b04038 RCX: 00007fddd4975b59
[  213.688518][T10207] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000008
[  213.696487][T10207] RBP: 00007fddd56fd0a0 R08: 0000000000000000 R09: 0000000000000000
[  213.704452][T10207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  213.712418][T10207] R13: 000000000000006e R14: 00007fddd4b04038 R15: 00007ffd24b57738
[  213.720431][T10207]  </TASK>
[  213.740721][T10044] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.757779][ T5101] Bluetooth: hci2: command tx timeout
[  213.776397][T10044] 8021q: adding VLAN 0 to HW filter on device team0
[  213.795908][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.803131][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  213.814618][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.821805][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.871242][T10044] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  214.039297][T10223] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1697'.
[  214.131844][T10226] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1698'.
[  214.278520][T10044] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.330796][T10239] FAULT_INJECTION: forcing a failure.
[  214.330796][T10239] name failslab, interval 1, probability 0, space 0, times 0
[  214.345979][T10239] CPU: 0 PID: 10239 Comm: syz.2.1702 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  214.355834][T10239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  214.365918][T10239] Call Trace:
[  214.369220][T10239]  <TASK>
[  214.372185][T10239]  dump_stack_lvl+0x241/0x360
[  214.376897][T10239]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.382127][T10239]  ? __pfx__printk+0x10/0x10
[  214.386758][T10239]  ? __pfx___might_resched+0x10/0x10
[  214.392083][T10239]  should_fail_ex+0x3b0/0x4e0
[  214.396792][T10239]  ? rxrpc_alloc_peer+0x80/0x340
[  214.401762][T10239]  should_failslab+0x9/0x20
[  214.406293][T10239]  kmalloc_trace_noprof+0x6c/0x2c0
[  214.411436][T10239]  rxrpc_alloc_peer+0x80/0x340
[  214.416228][T10239]  ? rxrpc_lookup_peer+0x259/0x8b0
[  214.421349][T10239]  rxrpc_lookup_peer+0x3ea/0x8b0
[  214.426301][T10239]  rxrpc_do_sendmsg+0xdaf/0x1910
[  214.431262][T10239]  ? __pfx_rxrpc_do_sendmsg+0x10/0x10
[  214.436641][T10239]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  214.442356][T10239]  ? do_raw_spin_unlock+0x13c/0x8b0
[  214.447559][T10239]  ? rxrpc_sendmsg+0x5d8/0x920
[  214.452322][T10239]  ? __pfx_rxrpc_sendmsg+0x10/0x10
[  214.457425][T10239]  __sock_sendmsg+0x221/0x270
[  214.462102][T10239]  ____sys_sendmsg+0x525/0x7d0
[  214.466872][T10239]  ? __pfx_____sys_sendmsg+0x10/0x10
[  214.472169][T10239]  __sys_sendmmsg+0x3b2/0x740
[  214.476851][T10239]  ? __pfx___sys_sendmmsg+0x10/0x10
[  214.482075][T10239]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  214.487981][T10239]  ? ksys_write+0x23e/0x2c0
[  214.492489][T10239]  ? __pfx_lock_release+0x10/0x10
[  214.497514][T10239]  ? vfs_write+0x7c4/0xc90
[  214.501931][T10239]  ? __mutex_unlock_slowpath+0x21d/0x750
[  214.507565][T10239]  ? __pfx_vfs_write+0x10/0x10
[  214.512345][T10239]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  214.518323][T10239]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  214.524697][T10239]  ? do_syscall_64+0x100/0x230
[  214.529461][T10239]  __x64_sys_sendmmsg+0xa0/0xb0
[  214.534331][T10239]  do_syscall_64+0xf3/0x230
[  214.538854][T10239]  ? clear_bhb_loop+0x35/0x90
[  214.543545][T10239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.549440][T10239] RIP: 0033:0x7fddd4975b59
[  214.553855][T10239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.573468][T10239] RSP: 002b:00007fddd571e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  214.581889][T10239] RAX: ffffffffffffffda RBX: 00007fddd4b03f60 RCX: 00007fddd4975b59
[  214.589856][T10239] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003
[  214.597826][T10239] RBP: 00007fddd571e0a0 R08: 0000000000000000 R09: 0000000000000000
[  214.605794][T10239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  214.613759][T10239] R13: 000000000000000b R14: 00007fddd4b03f60 R15: 00007ffd24b57738
[  214.621742][T10239]  </TASK>
[  214.665817][T10044] veth0_vlan: entered promiscuous mode
[  214.696138][T10044] veth1_vlan: entered promiscuous mode
[  214.784421][T10044] veth0_macvtap: entered promiscuous mode
[  214.810000][T10044] veth1_macvtap: entered promiscuous mode
[  214.837257][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  214.858621][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.868671][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  214.880191][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.890190][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  214.900950][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.910961][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  214.921462][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.934500][T10044] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.951042][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  214.965356][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  214.986047][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.003672][T10249] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1705'.
[  215.018197][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.028322][T10044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.047234][T10044] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.060441][T10044] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.078421][T10044] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.088267][T10044] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.102652][T10044] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.117553][T10044] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.317118][T10260] sctp: [Deprecated]: syz.0.1708 (pid 10260) Use of struct sctp_assoc_value in delayed_ack socket option.
[  215.317118][T10260] Use struct sctp_sack_info instead
[  215.355216][T10260] netlink: 'syz.0.1708': attribute type 15 has an invalid length.
[  215.362437][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1709'.
[  215.363616][T10260] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1708'.
[  215.387867][ T6656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.402804][ T6656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.436783][ T6656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.447911][ T6656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.457610][T10260] syz.0.1708 (10260) used greatest stack depth: 17400 bytes left
[  215.485658][T10272] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1710'.
[  215.722275][T10278] syzkaller1: entered promiscuous mode
[  215.731130][T10278] syzkaller1: entered allmulticast mode
[  216.573651][T10327] FAULT_INJECTION: forcing a failure.
[  216.573651][T10327] name failslab, interval 1, probability 0, space 0, times 0
[  216.593360][T10327] CPU: 1 PID: 10327 Comm: syz.4.1731 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  216.603213][T10327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  216.613266][T10327] Call Trace:
[  216.616539][T10327]  <TASK>
[  216.619471][T10327]  dump_stack_lvl+0x241/0x360
[  216.624147][T10327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.629356][T10327]  ? __pfx__printk+0x10/0x10
[  216.633955][T10327]  ? ref_tracker_alloc+0x332/0x490
[  216.639072][T10327]  should_fail_ex+0x3b0/0x4e0
[  216.643782][T10327]  ? skb_clone+0x20c/0x390
[  216.648200][T10327]  should_failslab+0x9/0x20
[  216.652708][T10327]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  216.658108][T10327]  skb_clone+0x20c/0x390
[  216.662375][T10327]  __netlink_deliver_tap+0x3cc/0x7c0
[  216.667667][T10327]  ? netlink_deliver_tap+0x2e/0x1b0
[  216.672867][T10327]  netlink_deliver_tap+0x19d/0x1b0
[  216.678003][T10327]  netlink_unicast+0x7be/0x990
[  216.682789][T10327]  ? __pfx_netlink_unicast+0x10/0x10
[  216.688068][T10327]  ? __virt_addr_valid+0x183/0x530
[  216.693178][T10327]  ? __check_object_size+0x49c/0x900
[  216.698457][T10327]  ? bpf_lsm_netlink_send+0x9/0x10
[  216.703576][T10327]  netlink_sendmsg+0x8e4/0xcb0
[  216.708369][T10327]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.713653][T10327]  ? arch_stack_walk+0x16d/0x1b0
[  216.718585][T10327]  ? aa_sock_msg_perm+0x91/0x160
[  216.723522][T10327]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  216.728801][T10327]  ? security_socket_sendmsg+0x87/0xb0
[  216.734314][T10327]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.739590][T10327]  __sock_sendmsg+0x221/0x270
[  216.744270][T10327]  sock_sendmsg+0x134/0x200
[  216.748769][T10327]  ? __pfx_sock_sendmsg+0x10/0x10
[  216.753799][T10327]  ? splice_direct_to_actor+0x502/0xc90
[  216.759342][T10327]  ? do_splice_direct+0x28c/0x3e0
[  216.764362][T10327]  ? do_sendfile+0x56d/0xe20
[  216.768942][T10327]  ? __se_sys_sendfile64+0x17c/0x1e0
[  216.774219][T10327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.780287][T10327]  ? iov_iter_bvec+0x4e/0x180
[  216.784977][T10327]  splice_to_socket+0xa13/0x10b0
[  216.789933][T10327]  ? __pfx_splice_to_socket+0x10/0x10
[  216.795342][T10327]  ? __pfx_splice_to_socket+0x10/0x10
[  216.800710][T10327]  direct_splice_actor+0x11e/0x220
[  216.805822][T10327]  splice_direct_to_actor+0x58e/0xc90
[  216.811206][T10327]  ? __pfx_direct_splice_actor+0x10/0x10
[  216.816834][T10327]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  216.822725][T10327]  ? __fget_files+0x29/0x470
[  216.827312][T10327]  ? __pfx_lock_release+0x10/0x10
[  216.832336][T10327]  do_splice_direct+0x28c/0x3e0
[  216.837189][T10327]  ? __pfx_do_splice_direct+0x10/0x10
[  216.842558][T10327]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  216.848449][T10327]  ? security_file_permission+0x7f/0xa0
[  216.853996][T10327]  ? rw_verify_area+0x1d2/0x6b0
[  216.858848][T10327]  do_sendfile+0x56d/0xe20
[  216.863276][T10327]  ? __pfx_do_sendfile+0x10/0x10
[  216.868218][T10327]  __se_sys_sendfile64+0x17c/0x1e0
[  216.873327][T10327]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  216.878952][T10327]  ? do_syscall_64+0x100/0x230
[  216.883713][T10327]  ? do_syscall_64+0xb6/0x230
[  216.888384][T10327]  do_syscall_64+0xf3/0x230
[  216.892887][T10327]  ? clear_bhb_loop+0x35/0x90
[  216.897567][T10327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.903458][T10327] RIP: 0033:0x7f5872f75b59
[  216.907871][T10327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.927469][T10327] RSP: 002b:00007f5873d51048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  216.935883][T10327] RAX: ffffffffffffffda RBX: 00007f5873103f60 RCX: 00007f5872f75b59
[  216.943848][T10327] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 000000000000000a
[  216.951815][T10327] RBP: 00007f5873d510a0 R08: 0000000000000000 R09: 0000000000000000
[  216.959779][T10327] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[  216.967742][T10327] R13: 000000000000000b R14: 00007f5873103f60 R15: 00007fffb0c04e68
[  216.975722][T10327]  </TASK>
[  217.050643][T10331] __nla_validate_parse: 3 callbacks suppressed
[  217.050663][T10331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1732'.
[  217.236926][T10341] netlink: 'syz.4.1736': attribute type 1 has an invalid length.
[  217.250108][T10341] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.1736'.
[  217.266031][T10341] netlink: 'syz.4.1736': attribute type 1 has an invalid length.
[  217.400122][T10351] netlink: 'syz.2.1739': attribute type 3 has an invalid length.
[  217.410190][T10355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1738'.
[  217.412085][T10351] netlink: 'syz.2.1739': attribute type 3 has an invalid length.
[  217.486648][T10357] netlink: 'syz.4.1741': attribute type 8 has an invalid length.
[  217.502152][T10357] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1741'.
[  218.039577][T10379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1748'.
[  218.197609][T10384] sctp: [Deprecated]: syz.0.1752 (pid 10384) Use of struct sctp_assoc_value in delayed_ack socket option.
[  218.197609][T10384] Use struct sctp_sack_info instead
[  218.227564][T10384] netlink: 'syz.0.1752': attribute type 15 has an invalid length.
[  218.253750][T10384] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1752'.
[  218.482359][T10397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1755'.
[  218.652368][T10413] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1761'.
[  218.771287][ T6650] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.194256][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  219.208667][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  219.217133][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  219.228527][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  219.233057][T10427] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  219.250696][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  219.258438][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  219.326969][T10426] caif0 speed is unknown, defaulting to 1000
[  219.403408][T10431] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1768'.
[  219.789076][T10441] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1772'.
[  219.932417][T10426] chnl_net:caif_netlink_parms(): no params data found
[  220.044264][T10467] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  220.302196][T10426] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.316506][T10426] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.331514][T10426] bridge_slave_0: entered allmulticast mode
[  220.355001][T10426] bridge_slave_0: entered promiscuous mode
[  220.370811][T10426] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.379340][T10426] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.387990][T10426] bridge_slave_1: entered allmulticast mode
[  220.395540][T10426] bridge_slave_1: entered promiscuous mode
[  220.507625][T10426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.558803][ T6650] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.579969][T10426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  220.714052][ T6650] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.780911][T10426] team0: Port device team_slave_0 added
[  220.845241][ T6650] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.899594][T10426] team0: Port device team_slave_1 added
[  221.040752][T10426] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.056796][T10426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.085286][T10426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.099474][T10426] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.108268][T10426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.144391][T10426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.284443][ T5107] Bluetooth: hci2: command tx timeout
[  221.358983][T10426] hsr_slave_0: entered promiscuous mode
[  221.389891][T10426] hsr_slave_1: entered promiscuous mode
[  221.405837][T10426] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  221.435409][T10426] Cannot create hsr debugfs directory
[  221.621324][ T6650] bridge_slave_1: left allmulticast mode
[  221.633043][ T6650] bridge_slave_1: left promiscuous mode
[  221.642214][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.669983][ T6650] bridge_slave_0: left allmulticast mode
[  221.687068][ T6650] bridge_slave_0: left promiscuous mode
[  221.706303][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.170766][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  222.190089][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  222.211824][ T6650] bond0 (unregistering): Released all slaves
[  222.688458][T10566] netlink: 'syz.3.1800': attribute type 14 has an invalid length.
[  222.776267][T10553] __nla_validate_parse: 9 callbacks suppressed
[  222.776281][T10553] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1799'.
[  223.077188][ T6650] hsr_slave_0: left promiscuous mode
[  223.087868][ T6650] hsr_slave_1: left promiscuous mode
[  223.095005][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.102480][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.111332][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.121131][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.148186][ T6650] veth1_macvtap: left promiscuous mode
[  223.154301][ T6650] veth0_macvtap: left promiscuous mode
[  223.159950][ T6650] veth1_vlan: left promiscuous mode
[  223.165724][ T6650] veth0_vlan: left promiscuous mode
[  223.287657][T10579] xt_CT: You must specify a L4 protocol and not use inversions on it
[  223.373185][ T5107] Bluetooth: hci2: command tx timeout
[  223.894452][ T6650] team0 (unregistering): Port device team_slave_1 removed
[  223.950659][ T6650] team0 (unregistering): Port device team_slave_0 removed
[  224.356522][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1802'.
[  224.367310][T10576] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1803'.
[  224.468288][T10593] netlink: 'syz.0.1808': attribute type 8 has an invalid length.
[  224.509824][T10593] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1808'.
[  224.586504][T10595] syzkaller0: refused to change device tx_queue_len
[  224.750613][T10606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1810'.
[  224.812118][T10426] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  224.861751][T10426] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  224.889611][T10426] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  224.914903][T10426] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  224.990009][T10615] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1811'.
[  225.198545][T10426] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.262366][T10426] 8021q: adding VLAN 0 to HW filter on device team0
[  225.294168][T10627] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1813'.
[  225.308707][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.315957][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  225.347459][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.354703][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.443549][ T5107] Bluetooth: hci2: command tx timeout
[  225.581459][T10637] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1819'.
[  225.700105][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1819'.
[  225.802341][T10649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1820'.
[  225.856538][T10426] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.904328][T10426] veth0_vlan: entered promiscuous mode
[  225.921901][T10426] veth1_vlan: entered promiscuous mode
[  225.956566][T10426] veth0_macvtap: entered promiscuous mode
[  225.976655][T10426] veth1_macvtap: entered promiscuous mode
[  226.008051][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.020090][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.030222][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.040996][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.051114][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.062489][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.073302][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.085756][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.101474][T10426] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.120270][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.131528][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.147540][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.160009][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.178645][T10426] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.190039][T10426] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.207509][T10426] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.221126][T10426] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.230480][T10426] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.249044][T10426] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.258438][T10426] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.401443][ T6654] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.413685][ T6654] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.459045][T10664] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  226.474040][ T6654] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.481955][ T6654] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.254735][T10710] netlink: 'syz.2.1843': attribute type 8 has an invalid length.
[  227.507626][T10723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.172419][T10749] __nla_validate_parse: 8 callbacks suppressed
[  228.172440][T10749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1856'.
[  228.470810][T10765] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1863'.
[  228.575873][T10767] set match dimension is over the limit!
[  228.656809][T10772] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'.
[  228.757332][ T6656] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.578937][T10792] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1874'.
[  229.613092][T10792] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1874'.
[  229.654054][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  229.665466][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  229.674072][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  229.682073][T10801] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1876'.
[  229.682230][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  229.702233][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  229.711957][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  229.802846][T10803] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1873'.
[  229.828873][T10798] caif0 speed is unknown, defaulting to 1000
[  229.861033][T10810] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1878'.
[  230.383399][T10798] chnl_net:caif_netlink_parms(): no params data found
[  230.500671][T10825] Cannot find set identified by id 0 to match
[  230.591616][T10798] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.613572][T10798] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.620793][T10798] bridge_slave_0: entered allmulticast mode
[  230.651695][T10798] bridge_slave_0: entered promiscuous mode
[  230.677247][T10798] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.698641][T10798] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.700449][T10830] FAULT_INJECTION: forcing a failure.
[  230.700449][T10830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.718131][T10798] bridge_slave_1: entered allmulticast mode
[  230.727314][T10830] CPU: 0 PID: 10830 Comm: syz.0.1882 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  230.737171][T10830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  230.737255][T10798] bridge_slave_1: entered promiscuous mode
[  230.747219][T10830] Call Trace:
[  230.747230][T10830]  <TASK>
[  230.747239][T10830]  dump_stack_lvl+0x241/0x360
[  230.747266][T10830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.747284][T10830]  ? __pfx__printk+0x10/0x10
[  230.747305][T10830]  ? __pfx_lock_release+0x10/0x10
[  230.747332][T10830]  should_fail_ex+0x3b0/0x4e0
[  230.747357][T10830]  _copy_from_user+0x2f/0xe0
[  230.747382][T10830]  copy_msghdr_from_user+0xae/0x680
[  230.747403][T10830]  ? __pfx___might_resched+0x10/0x10
[  230.747428][T10830]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  230.747453][T10830]  ? __might_fault+0xaa/0x120
[  230.747476][T10830]  __sys_sendmmsg+0x374/0x740
[  230.813605][T10830]  ? __pfx___sys_sendmmsg+0x10/0x10
[  230.818846][T10830]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  230.824737][T10830]  ? ksys_write+0x23e/0x2c0
[  230.829240][T10830]  ? __pfx_lock_release+0x10/0x10
[  230.834265][T10830]  ? vfs_write+0x7c4/0xc90
[  230.838682][T10830]  ? __mutex_unlock_slowpath+0x21d/0x750
[  230.844310][T10830]  ? __pfx_vfs_write+0x10/0x10
[  230.849096][T10830]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  230.855073][T10830]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  230.861396][T10830]  ? do_syscall_64+0x100/0x230
[  230.866157][T10830]  __x64_sys_sendmmsg+0xa0/0xb0
[  230.871008][T10830]  do_syscall_64+0xf3/0x230
[  230.875501][T10830]  ? clear_bhb_loop+0x35/0x90
[  230.880174][T10830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.886064][T10830] RIP: 0033:0x7f2444f75b59
[  230.890476][T10830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.910073][T10830] RSP: 002b:00007f2445dbd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  230.918488][T10830] RAX: ffffffffffffffda RBX: 00007f2445103f60 RCX: 00007f2444f75b59
[  230.926458][T10830] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  230.934422][T10830] RBP: 00007f2445dbd0a0 R08: 0000000000000000 R09: 0000000000000000
[  230.942387][T10830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  230.950349][T10830] R13: 000000000000004d R14: 00007f2445103f60 R15: 00007ffc8d211648
[  230.958329][T10830]  </TASK>
[  231.071237][T10798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  231.100941][T10798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  231.111522][T10837] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1883'.
[  231.189326][T10798] team0: Port device team_slave_0 added
[  231.215398][T10798] team0: Port device team_slave_1 added
[  231.249987][T10845] xt_CT: You must specify a L4 protocol and not use inversions on it
[  231.318933][T10798] batman_adv: batadv0: Adding interface: batadv_slave_0
[  231.338510][T10798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.370690][T10847] No such timeout policy "syz0"
[  231.388770][T10798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  231.441968][ T6656] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.464784][T10798] batman_adv: batadv0: Adding interface: batadv_slave_1
[  231.471779][T10798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.498107][T10798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  231.521616][T10855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1891'.
[  231.578901][ T6656] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.687442][T10798] hsr_slave_0: entered promiscuous mode
[  231.694691][T10798] hsr_slave_1: entered promiscuous mode
[  231.701570][T10798] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  231.710326][T10798] Cannot create hsr debugfs directory
[  231.740840][ T6656] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.764473][ T5101] Bluetooth: hci2: command tx timeout
[  231.786781][T10866] set match dimension is over the limit!
[  232.171383][ T6656] bridge_slave_1: left allmulticast mode
[  232.182930][ T6656] bridge_slave_1: left promiscuous mode
[  232.188769][ T6656] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.208677][ T6656] bridge_slave_0: left allmulticast mode
[  232.214598][ T6656] bridge_slave_0: left promiscuous mode
[  232.220380][ T6656] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.785661][ T6656] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.799204][ T6656] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.812380][ T6656] bond0 (unregistering): Released all slaves
[  233.370950][ T6656] hsr_slave_0: left promiscuous mode
[  233.397100][ T6656] hsr_slave_1: left promiscuous mode
[  233.404722][ T6656] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.414274][ T6656] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.428002][ T6656] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.443761][ T6656] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.470458][ T6656] veth1_macvtap: left promiscuous mode
[  233.481670][ T6656] veth0_macvtap: left promiscuous mode
[  233.487985][ T6656] veth1_vlan: left promiscuous mode
[  233.493610][ T6656] veth0_vlan: left promiscuous mode
[  233.843246][ T5101] Bluetooth: hci2: command tx timeout
[  234.191595][ T6656] team0 (unregistering): Port device team_slave_1 removed
[  234.249428][ T6656] team0 (unregistering): Port device team_slave_0 removed
[  234.707651][T10798] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  234.770424][T10798] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  234.796034][T10798] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  234.849136][T10798] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  235.280587][T10798] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.382556][T10798] 8021q: adding VLAN 0 to HW filter on device team0
[  235.405279][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.412494][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.475181][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.482386][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.507019][T10962] __nla_validate_parse: 5 callbacks suppressed
[  235.507039][T10962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1923'.
[  235.923941][ T5101] Bluetooth: hci2: command tx timeout
[  236.029502][T10798] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.108487][T10798] veth0_vlan: entered promiscuous mode
[  236.152673][T10798] veth1_vlan: entered promiscuous mode
[  236.267409][T10798] veth0_macvtap: entered promiscuous mode
[  236.291724][T10798] veth1_macvtap: entered promiscuous mode
[  236.350969][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.367532][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.377928][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.390933][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.401466][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.412628][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.429139][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.440511][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.454834][T10798] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.472148][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.485201][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.498968][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.509977][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.520260][T10798] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.531444][T10798] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.546617][T10798] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.575423][T10798] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.594291][T10798] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.607141][T10798] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.624109][T10798] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.747606][T11019] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1938'.
[  236.765813][ T6650] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.783336][ T6650] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.865710][ T6656] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.881747][ T6656] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.338857][T11048] syz.2.1951[11048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  237.339015][T11048] syz.2.1951[11048] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  237.380543][T11050] netlink: 'syz.3.1952': attribute type 8 has an invalid length.
[  237.402424][T11050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1952'.
[  237.749343][T11068] netlink: 'syz.2.1957': attribute type 8 has an invalid length.
[  237.761836][T11068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1957'.
[  238.109876][T11085] netlink: 'syz.0.1963': attribute type 8 has an invalid length.
[  238.118699][T11085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1963'.
[  238.377668][T11092] syz.3.1966[11092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  238.377769][T11092] syz.3.1966[11092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  238.778801][   T29] audit: type=1107 audit(1721302267.554:2): pid=11109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='­:ä˜åØÔY$ø�ÉøìnJšð5…£ÕÝ9Iàcc}·Ö¨“Vä}L(‡š¿Î¤Oé*?Sý\H¤SsdÄȈùLâ©YÛž‚ÓD|·Uòª
sH;䃗='
[  238.870835][T11117] netlink: 'syz.0.1974': attribute type 8 has an invalid length.
[  238.880056][T11117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1974'.
[  238.892159][T11119] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1972'.
[  238.942281][T11120] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1972'.
[  238.948630][T11119] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  238.960492][T11119] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  238.969371][T11119] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  238.978154][T11119] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  238.991837][T11119] vxlan0: entered promiscuous mode
[  239.152329][T11130] FAULT_INJECTION: forcing a failure.
[  239.152329][T11130] name failslab, interval 1, probability 0, space 0, times 0
[  239.169041][T11130] CPU: 1 PID: 11130 Comm: syz.0.1979 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  239.178905][T11130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  239.188984][T11130] Call Trace:
[  239.192271][T11130]  <TASK>
[  239.195215][T11130]  dump_stack_lvl+0x241/0x360
[  239.199924][T11130]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.205141][T11130]  ? __pfx__printk+0x10/0x10
[  239.209769][T11130]  should_fail_ex+0x3b0/0x4e0
[  239.214466][T11130]  ? __alloc_skb+0x1c3/0x440
[  239.219081][T11130]  should_failslab+0x9/0x20
[  239.223599][T11130]  kmem_cache_alloc_node_noprof+0x71/0x320
[  239.229430][T11130]  __alloc_skb+0x1c3/0x440
[  239.233867][T11130]  ? __pfx___might_resched+0x10/0x10
[  239.239167][T11130]  ? __pfx___alloc_skb+0x10/0x10
[  239.244126][T11130]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  239.250259][T11130]  ? security_socket_getpeersec_dgram+0x88/0xb0
[  239.256520][T11130]  netlink_sendmsg+0x638/0xcb0
[  239.261315][T11130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.266620][T11130]  ? __import_iovec+0x536/0x820
[  239.271479][T11130]  ? aa_sock_msg_perm+0x91/0x160
[  239.276423][T11130]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  239.281717][T11130]  ? security_socket_sendmsg+0x87/0xb0
[  239.287172][T11130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.292443][T11130]  __sock_sendmsg+0x221/0x270
[  239.297110][T11130]  ____sys_sendmsg+0x525/0x7d0
[  239.301869][T11130]  ? __pfx_____sys_sendmsg+0x10/0x10
[  239.307149][T11130]  ? __might_fault+0xaa/0x120
[  239.311826][T11130]  __sys_sendmmsg+0x3b2/0x740
[  239.316502][T11130]  ? __pfx___sys_sendmmsg+0x10/0x10
[  239.321713][T11130]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  239.327613][T11130]  ? ksys_write+0x23e/0x2c0
[  239.332127][T11130]  ? __pfx_lock_release+0x10/0x10
[  239.337146][T11130]  ? vfs_write+0x7c4/0xc90
[  239.341555][T11130]  ? __mutex_unlock_slowpath+0x21d/0x750
[  239.347179][T11130]  ? __pfx_vfs_write+0x10/0x10
[  239.351949][T11130]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  239.357916][T11130]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  239.364252][T11130]  ? do_syscall_64+0x100/0x230
[  239.369002][T11130]  __x64_sys_sendmmsg+0xa0/0xb0
[  239.373861][T11130]  do_syscall_64+0xf3/0x230
[  239.378380][T11130]  ? clear_bhb_loop+0x35/0x90
[  239.383074][T11130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.388973][T11130] RIP: 0033:0x7f2444f75b59
[  239.393374][T11130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.412973][T11130] RSP: 002b:00007f2445dbd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  239.421377][T11130] RAX: ffffffffffffffda RBX: 00007f2445103f60 RCX: 00007f2444f75b59
[  239.429363][T11130] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  239.437353][T11130] RBP: 00007f2445dbd0a0 R08: 0000000000000000 R09: 0000000000000000
[  239.445339][T11130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.453486][T11130] R13: 000000000000004d R14: 00007f2445103f60 R15: 00007ffc8d211648
[  239.461479][T11130]  </TASK>
[  239.478693][ T6670] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.061655][T11152] netlink: 'syz.4.1985': attribute type 8 has an invalid length.
[  240.090834][T11152] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1985'.
[  240.109128][T11154] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1986'.
[  240.160632][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  240.171770][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  240.183974][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  240.195251][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  240.203345][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  240.210812][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  240.298339][T11155] caif0 speed is unknown, defaulting to 1000
[  240.831281][T11185] netlink: 'syz.3.1997': attribute type 8 has an invalid length.
[  240.846989][T11185] __nla_validate_parse: 2 callbacks suppressed
[  240.847008][T11185] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1997'.
[  241.020797][T11155] chnl_net:caif_netlink_parms(): no params data found
[  241.237591][T11155] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.264835][T11155] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.280873][T11155] bridge_slave_0: entered allmulticast mode
[  241.303075][T11155] bridge_slave_0: entered promiscuous mode
[  241.320765][T11155] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.334533][T11155] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.354165][T11155] bridge_slave_1: entered allmulticast mode
[  241.370070][T11155] bridge_slave_1: entered promiscuous mode
[  241.407621][ T6670] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.537228][T11225] netlink: 'syz.0.2010': attribute type 8 has an invalid length.
[  241.545871][T11225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2010'.
[  241.619794][ T6670] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.654730][T11155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.674345][T11155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.747217][ T6670] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.777313][T11155] team0: Port device team_slave_0 added
[  241.786694][T11155] team0: Port device team_slave_1 added
[  241.838917][T11155] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.851230][T11155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.882642][T11155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.905325][T11155] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.923457][T11155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.987392][T11155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.102163][ T6670] bridge_slave_1: left allmulticast mode
[  242.110435][ T6670] bridge_slave_1: left promiscuous mode
[  242.116551][ T6670] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.131046][ T6670] bridge_slave_0: left allmulticast mode
[  242.137266][ T6670] bridge_slave_0: left promiscuous mode
[  242.143231][ T6670] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.258412][ T5101] Bluetooth: hci2: command tx timeout
[  242.406878][T11260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2018'.
[  242.607032][ T6670] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.619909][ T6670] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.631835][ T6670] bond0 (unregistering): Released all slaves
[  242.648466][T11155] hsr_slave_0: entered promiscuous mode
[  242.656415][T11155] hsr_slave_1: entered promiscuous mode
[  242.662773][T11155] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.671987][T11155] Cannot create hsr debugfs directory
[  242.781272][T11268] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2021'.
[  243.078203][T11284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2024'.
[  243.403141][T11295] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2029'.
[  243.536824][ T6670] hsr_slave_0: left promiscuous mode
[  243.554079][ T6670] hsr_slave_1: left promiscuous mode
[  243.560799][ T6670] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.574038][ T6670] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.582133][ T6670] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.590351][ T6670] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.621112][ T6670] veth1_macvtap: left promiscuous mode
[  243.627745][ T6670] veth0_macvtap: left promiscuous mode
[  243.633975][ T6670] veth1_vlan: left promiscuous mode
[  243.639356][ T6670] veth0_vlan: left promiscuous mode
[  243.725586][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2032'.
[  244.167471][ T6670] team0 (unregistering): Port device team_slave_1 removed
[  244.208412][ T6670] team0 (unregistering): Port device team_slave_0 removed
[  244.330548][ T5101] Bluetooth: hci2: command tx timeout
[  244.595915][T11302] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2031'.
[  244.806983][T11320] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2036'.
[  245.100751][T11338] netlink: 'syz.4.2043': attribute type 8 has an invalid length.
[  245.111725][T11338] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2043'.
[  245.457606][T11155] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  245.512101][T11155] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  245.545498][T11155] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  245.576289][T11155] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  245.859623][T11155] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.899966][T11155] 8021q: adding VLAN 0 to HW filter on device team0
[  245.928703][ T1165] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.935930][ T1165] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.953456][T11377] __nla_validate_parse: 1 callbacks suppressed
[  245.953475][T11377] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2055'.
[  245.977759][ T1165] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.984992][ T1165] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.095445][T11155] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.424530][ T5101] Bluetooth: hci2: command tx timeout
[  246.560384][T11396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2063'.
[  246.593774][T11155] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.707972][T11155] veth0_vlan: entered promiscuous mode
[  246.753987][T11155] veth1_vlan: entered promiscuous mode
[  246.769288][T11405] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2065'.
[  246.782810][T11405] FAULT_INJECTION: forcing a failure.
[  246.782810][T11405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.812350][T11405] CPU: 1 PID: 11405 Comm: syz.0.2065 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  246.822219][T11405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  246.832310][T11405] Call Trace:
[  246.835616][T11405]  <TASK>
[  246.838564][T11405]  dump_stack_lvl+0x241/0x360
[  246.843266][T11405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.848483][T11405]  ? __pfx__printk+0x10/0x10
[  246.853100][T11405]  ? snprintf+0xda/0x120
[  246.857372][T11405]  should_fail_ex+0x3b0/0x4e0
[  246.862084][T11405]  _copy_to_user+0x2f/0xb0
[  246.866534][T11405]  simple_read_from_buffer+0xca/0x150
[  246.871936][T11405]  proc_fail_nth_read+0x1e9/0x250
[  246.876989][T11405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.882566][T11405]  ? rw_verify_area+0x520/0x6b0
[  246.887451][T11405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.893026][T11405]  vfs_read+0x204/0xbc0
[  246.897213][T11405]  ? __pfx_lock_release+0x10/0x10
[  246.902271][T11405]  ? __pfx_vfs_read+0x10/0x10
[  246.906979][T11405]  ? __fget_files+0x29/0x470
[  246.911590][T11405]  ? __fget_files+0x3f6/0x470
[  246.916343][T11405]  ksys_read+0x1a0/0x2c0
[  246.920594][T11405]  ? __pfx_ksys_read+0x10/0x10
[  246.925359][T11405]  ? do_syscall_64+0x100/0x230
[  246.930120][T11405]  ? do_syscall_64+0xb6/0x230
[  246.934791][T11405]  do_syscall_64+0xf3/0x230
[  246.939290][T11405]  ? clear_bhb_loop+0x35/0x90
[  246.943964][T11405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.949860][T11405] RIP: 0033:0x7f2444f7463c
[  246.954276][T11405] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  246.973874][T11405] RSP: 002b:00007f2445dbd040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  246.982282][T11405] RAX: ffffffffffffffda RBX: 00007f2445103f60 RCX: 00007f2444f7463c
[  246.990247][T11405] RDX: 000000000000000f RSI: 00007f2445dbd0b0 RDI: 0000000000000004
[  246.998217][T11405] RBP: 00007f2445dbd0a0 R08: 0000000000000000 R09: 0000000000000000
[  247.006185][T11405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.014151][T11405] R13: 000000000000004d R14: 00007f2445103f60 R15: 00007ffc8d211648
[  247.022133][T11405]  </TASK>
[  247.033733][T11155] veth0_macvtap: entered promiscuous mode
[  247.072819][T11155] veth1_macvtap: entered promiscuous mode
[  247.150905][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.176228][T11408] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2066'.
[  247.182119][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.203554][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.237815][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.263702][T11410] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2067'.
[  247.275063][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.287071][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.298700][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.309879][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.328773][T11155] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.358973][T11412] netlink: 'syz.4.2068': attribute type 8 has an invalid length.
[  247.372630][T11412] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2068'.
[  247.408903][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.436010][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.456355][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.471456][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.494404][T11155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.512779][T11155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.531031][T11155] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.586900][T11155] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.616518][T11155] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.625617][T11155] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.640819][T11155] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.823894][T11429] sctp: [Deprecated]: syz.0.2074 (pid 11429) Use of int in max_burst socket option deprecated.
[  247.823894][T11429] Use struct sctp_assoc_value instead
[  247.854183][ T6656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.862046][ T6656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.912448][T11434] nbd: illegal input index -1
[  247.929576][ T6672] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.938876][ T6672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.964611][T11433] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2074'.
[  248.000117][T11433] netlink: 'syz.0.2074': attribute type 6 has an invalid length.
[  248.029718][T11433] netlink: 'syz.0.2074': attribute type 5 has an invalid length.
[  248.043889][T11433] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  248.047208][T11437] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  248.052795][T11433] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  248.068826][T11433] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  248.077717][T11433] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  248.095540][T11433] vxlan0: entered promiscuous mode
[  248.152147][T11433] netlink: 'syz.0.2074': attribute type 3 has an invalid length.
[  248.850161][T11444] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2078'.
[  248.926152][T11448] netlink: 'syz.4.2080': attribute type 8 has an invalid length.
[  248.943899][T11448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2080'.
[  249.020459][T11451] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2081'.
[  250.597590][ T6652] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.557518][T11519] Cannot find set identified by id 0 to match
[  251.736660][T11529] cannot load conntrack support for proto=3
[  251.765966][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  251.775601][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  251.785191][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  251.797477][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  251.806675][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  251.815038][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  251.927795][T11530] caif0 speed is unknown, defaulting to 1000
[  251.943205][T11535] __nla_validate_parse: 6 callbacks suppressed
[  251.943234][T11535] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2106'.
[  252.342478][T11542] netlink: 'syz.2.2109': attribute type 1 has an invalid length.
[  252.484937][ T6652] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.547855][T11530] chnl_net:caif_netlink_parms(): no params data found
[  252.717384][ T6652] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.777379][T11560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2114'.
[  252.863680][T11558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2113'.
[  252.893552][ T6652] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.019130][T11530] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.037644][T11530] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.047478][T11530] bridge_slave_0: entered allmulticast mode
[  253.058722][T11530] bridge_slave_0: entered promiscuous mode
[  253.079757][T11530] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.098034][T11530] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.108009][T11530] bridge_slave_1: entered allmulticast mode
[  253.120856][T11530] bridge_slave_1: entered promiscuous mode
[  253.276697][T11530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.325633][ T6652] bridge_slave_1: left allmulticast mode
[  253.331334][ T6652] bridge_slave_1: left promiscuous mode
[  253.345805][ T6652] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.358832][ T6652] bridge_slave_0: left allmulticast mode
[  253.369187][ T6652] bridge_slave_0: left promiscuous mode
[  253.380082][ T6652] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.478101][T11587] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2117'.
[  253.508678][T11590] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2118'.
[  253.931691][ T5101] Bluetooth: hci2: command tx timeout
[  253.971148][ T6652] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.988252][ T6652] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.007497][ T6652] bond0 (unregistering): Released all slaves
[  254.025432][T11530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.295167][T11530] team0: Port device team_slave_0 added
[  254.316630][T11530] team0: Port device team_slave_1 added
[  254.346664][T11610] set match dimension is over the limit!
[  254.471559][T11615] FAULT_INJECTION: forcing a failure.
[  254.471559][T11615] name failslab, interval 1, probability 0, space 0, times 0
[  254.506162][T11615] CPU: 1 PID: 11615 Comm: syz.2.2125 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  254.516041][T11615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  254.526124][T11615] Call Trace:
[  254.529436][T11615]  <TASK>
[  254.532385][T11615]  dump_stack_lvl+0x241/0x360
[  254.537096][T11615]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.542321][T11615]  ? __pfx__printk+0x10/0x10
[  254.546941][T11615]  ? __pfx_validate_chain+0x10/0x10
[  254.552174][T11615]  should_fail_ex+0x3b0/0x4e0
[  254.556909][T11615]  ? skcipher_next_slow+0x117/0x480
[  254.562140][T11615]  should_failslab+0x9/0x20
[  254.566678][T11615]  __kmalloc_noprof+0xd8/0x400
[  254.571480][T11615]  skcipher_next_slow+0x117/0x480
[  254.576544][T11615]  skcipher_walk_next+0x634/0xba0
[  254.581623][T11615]  skcipher_walk_virt+0xaa/0x130
[  254.586589][T11615]  ? __pfx_sm4_aesni_avx2_ctr_enc_blk16+0x10/0x10
[  254.593381][T11615]  sm4_avx_ctr_crypt+0xf0/0x630
[  254.598274][T11615]  ? __pfx_sm4_aesni_avx2_ctr_enc_blk16+0x10/0x10
[  254.604723][T11615]  ? __pfx_sm4_avx_ctr_crypt+0x10/0x10
[  254.610219][T11615]  ? __virt_addr_valid+0x183/0x530
[  254.615339][T11615]  ? sg_next+0x99/0xb0
[  254.619418][T11615]  ? scatterwalk_ffwd+0x23a/0x380
[  254.624447][T11615]  ? __virt_addr_valid+0x183/0x530
[  254.629569][T11615]  ? simd_skcipher_encrypt+0x55/0x130
[  254.634941][T11615]  ? __asan_memcpy+0x40/0x70
[  254.639546][T11615]  ? irq_fpu_usable+0x87/0xa0
[  254.644231][T11615]  ? cryptd_skcipher_child+0xd/0x40
[  254.649441][T11615]  crypto_gcm_encrypt+0x341/0x760
[  254.654490][T11615]  tls_push_record+0x19a7/0x3790
[  254.659459][T11615]  bpf_exec_tx_verdict+0xb78/0x1260
[  254.664676][T11615]  ? get_user_pages_fast+0xcc/0x160
[  254.669890][T11615]  ? __pfx_get_user_pages_fast+0x10/0x10
[  254.675542][T11615]  ? __pfx_bpf_exec_tx_verdict+0x10/0x10
[  254.681241][T11615]  ? sk_msg_alloc+0xab1/0xb60
[  254.685930][T11615]  ? __phys_addr+0xba/0x170
[  254.690453][T11615]  tls_sw_sendmsg+0x1cc6/0x2890
[  254.695362][T11615]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  254.700609][T11615]  ? __pfx_aa_sk_perm+0x10/0x10
[  254.705469][T11615]  ? sock_rps_record_flow+0x1a/0x400
[  254.710774][T11615]  ? inet_send_prepare+0x21/0x260
[  254.715806][T11615]  ? inet_send_prepare+0x5a/0x260
[  254.720857][T11615]  __sock_sendmsg+0xef/0x270
[  254.725459][T11615]  sock_write_iter+0x2dd/0x400
[  254.730244][T11615]  ? __pfx_sock_write_iter+0x10/0x10
[  254.735599][T11615]  do_iter_readv_writev+0x60a/0x890
[  254.740847][T11615]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  254.746584][T11615]  ? bpf_lsm_file_permission+0x9/0x10
[  254.751954][T11615]  ? security_file_permission+0x7f/0xa0
[  254.757516][T11615]  ? rw_verify_area+0x1d2/0x6b0
[  254.762385][T11615]  vfs_writev+0x37c/0xbb0
[  254.766725][T11615]  ? __pfx_lock_acquire+0x10/0x10
[  254.771745][T11615]  ? __pfx_vfs_writev+0x10/0x10
[  254.776589][T11615]  ? vfs_write+0x7c4/0xc90
[  254.781029][T11615]  ? __fget_files+0x29/0x470
[  254.785643][T11615]  do_writev+0x1b1/0x350
[  254.789903][T11615]  ? __pfx_do_writev+0x10/0x10
[  254.794674][T11615]  ? do_syscall_64+0x100/0x230
[  254.799447][T11615]  ? do_syscall_64+0xb6/0x230
[  254.804135][T11615]  do_syscall_64+0xf3/0x230
[  254.808667][T11615]  ? clear_bhb_loop+0x35/0x90
[  254.813358][T11615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.819287][T11615] RIP: 0033:0x7fddd4975b59
[  254.824061][T11615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.843697][T11615] RSP: 002b:00007fddd571e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  254.852162][T11615] RAX: ffffffffffffffda RBX: 00007fddd4b03f60 RCX: 00007fddd4975b59
[  254.860156][T11615] RDX: 0000000000000004 RSI: 00000000200009c0 RDI: 0000000000000003
[  254.868144][T11615] RBP: 00007fddd571e0a0 R08: 0000000000000000 R09: 0000000000000000
[  254.876126][T11615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.884118][T11615] R13: 000000000000000b R14: 00007fddd4b03f60 R15: 00007ffd24b57738
[  254.892122][T11615]  </TASK>
[  255.087660][T11530] batman_adv: batadv0: Adding interface: batadv_slave_0
[  255.126012][T11530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.204361][T11530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  255.255423][T11530] batman_adv: batadv0: Adding interface: batadv_slave_1
[  255.262409][T11530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.309281][T11530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.412581][T11639] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2133'.
[  255.616220][T11530] hsr_slave_0: entered promiscuous mode
[  255.641102][T11530] hsr_slave_1: entered promiscuous mode
[  255.665329][T11530] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  255.684168][T11530] Cannot create hsr debugfs directory
[  255.714760][ T6652] hsr_slave_0: left promiscuous mode
[  255.728804][ T6652] hsr_slave_1: left promiscuous mode
[  255.746860][ T6652] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.759274][ T6652] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.778081][ T6652] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.799925][ T6652] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.854516][ T6652] veth1_macvtap: left promiscuous mode
[  255.884060][ T6652] veth0_macvtap: left promiscuous mode
[  255.889755][ T6652] veth1_vlan: left promiscuous mode
[  255.905758][ T6652] veth0_vlan: left promiscuous mode
[  256.003216][ T5101] Bluetooth: hci2: command tx timeout
[  256.166001][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  256.172497][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  257.164188][ T6652] team0 (unregistering): Port device team_slave_1 removed
[  257.264944][ T6652] team0 (unregistering): Port device team_slave_0 removed
[  258.083159][ T5101] Bluetooth: hci2: command tx timeout
[  258.347575][T11654] pimreg: entered allmulticast mode
[  258.981062][T11669] cannot load conntrack support for proto=3
[  259.591876][T11530] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  259.623695][T11530] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  259.651407][T11530] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  259.716529][T11530] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  259.873760][T11675] set match dimension is over the limit!
[  259.917583][T11678] Unsupported ieee802154 address type: 0
[  259.953962][T11678] 
: renamed from ipvlan1
[  260.033966][T11530] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.056875][T11530] 8021q: adding VLAN 0 to HW filter on device team0
[  260.069732][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.076972][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.101312][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.108537][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.147380][T11680] sctp: [Deprecated]: syz.4.2145 (pid 11680) Use of int in maxseg socket option.
[  260.147380][T11680] Use struct sctp_assoc_value instead
[  260.171070][ T5101] Bluetooth: hci2: command tx timeout
[  260.201803][T11680] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2145'.
[  260.236657][T11530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  260.617779][T11530] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.750175][T11530] veth0_vlan: entered promiscuous mode
[  260.779014][T11530] veth1_vlan: entered promiscuous mode
[  260.838449][T11702] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2149'.
[  260.850766][T11530] veth0_macvtap: entered promiscuous mode
[  260.872579][T11530] veth1_macvtap: entered promiscuous mode
[  260.934581][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.952447][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.966020][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.983227][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.988661][T11705] FAULT_INJECTION: forcing a failure.
[  260.988661][T11705] name failslab, interval 1, probability 0, space 0, times 0
[  260.993106][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.993125][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.993148][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.993160][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.994725][T11530] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.031119][T11705] CPU: 0 PID: 11705 Comm: syz.4.2151 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  261.064712][T11705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  261.074791][T11705] Call Trace:
[  261.078067][T11705]  <TASK>
[  261.080992][T11705]  dump_stack_lvl+0x241/0x360
[  261.085673][T11705]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.090883][T11705]  ? __pfx__printk+0x10/0x10
[  261.095503][T11705]  should_fail_ex+0x3b0/0x4e0
[  261.100197][T11705]  ? __alloc_skb+0x1c3/0x440
[  261.104787][T11705]  should_failslab+0x9/0x20
[  261.109282][T11705]  kmem_cache_alloc_node_noprof+0x71/0x320
[  261.115085][T11705]  __alloc_skb+0x1c3/0x440
[  261.119506][T11705]  ? __pfx_netlink_unicast+0x10/0x10
[  261.124806][T11705]  ? __pfx___alloc_skb+0x10/0x10
[  261.129763][T11705]  ? nlmsg_notify+0x14c/0x1c0
[  261.134444][T11705]  nf_tables_commit+0x75f3/0x8a40
[  261.139498][T11705]  ? __pfx_nf_tables_commit+0x10/0x10
[  261.144861][T11705]  ? do_syscall_64+0xf3/0x230
[  261.149529][T11705]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.155625][T11705]  ? __kasan_kmalloc+0x98/0xb0
[  261.160391][T11705]  ? nfnetlink_rcv+0x11b8/0x2a90
[  261.165321][T11705]  ? nfnetlink_rcv+0x1219/0x2a90
[  261.170255][T11705]  nfnetlink_rcv+0x1e44/0x2a90
[  261.175044][T11705]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  261.180203][T11705]  ? netlink_deliver_tap+0x2e/0x1b0
[  261.185395][T11705]  ? skb_clone+0x240/0x390
[  261.189809][T11705]  ? __pfx_lock_release+0x10/0x10
[  261.194840][T11705]  ? netlink_deliver_tap+0x2e/0x1b0
[  261.200071][T11705]  netlink_unicast+0x7f0/0x990
[  261.204869][T11705]  ? __pfx_netlink_unicast+0x10/0x10
[  261.210152][T11705]  ? __virt_addr_valid+0x183/0x530
[  261.215295][T11705]  ? __check_object_size+0x49c/0x900
[  261.220589][T11705]  ? bpf_lsm_netlink_send+0x9/0x10
[  261.225706][T11705]  netlink_sendmsg+0x8e4/0xcb0
[  261.230484][T11705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.235766][T11705]  ? __import_iovec+0x536/0x820
[  261.240613][T11705]  ? aa_sock_msg_perm+0x91/0x160
[  261.245550][T11705]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  261.250827][T11705]  ? security_socket_sendmsg+0x87/0xb0
[  261.256285][T11705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.261562][T11705]  __sock_sendmsg+0x221/0x270
[  261.266238][T11705]  ____sys_sendmsg+0x525/0x7d0
[  261.271012][T11705]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.276308][T11705]  __sys_sendmsg+0x2b0/0x3a0
[  261.280898][T11705]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.286003][T11705]  ? vfs_write+0x7c4/0xc90
[  261.290458][T11705]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  261.296783][T11705]  ? do_syscall_64+0x100/0x230
[  261.301542][T11705]  ? do_syscall_64+0xb6/0x230
[  261.306213][T11705]  do_syscall_64+0xf3/0x230
[  261.310709][T11705]  ? clear_bhb_loop+0x35/0x90
[  261.315382][T11705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.321268][T11705] RIP: 0033:0x7f5872f75b59
[  261.325685][T11705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.345294][T11705] RSP: 002b:00007f5873d30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.353709][T11705] RAX: ffffffffffffffda RBX: 00007f5873104038 RCX: 00007f5872f75b59
[  261.361673][T11705] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  261.369634][T11705] RBP: 00007f5873d300a0 R08: 0000000000000000 R09: 0000000000000000
[  261.377600][T11705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.385563][T11705] R13: 000000000000006e R14: 00007f5873104038 R15: 00007fffb0c04e68
[  261.393544][T11705]  </TASK>
[  261.513597][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.542952][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.552826][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.597343][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.639271][T11530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.668465][T11530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.686324][T11714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2153'.
[  261.727115][T11530] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.878829][T11530] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.923042][T11530] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.931797][T11530] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.992979][T11530] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  262.184086][T11728] sctp: [Deprecated]: syz.4.2156 (pid 11728) Use of int in maxseg socket option.
[  262.184086][T11728] Use struct sctp_assoc_value instead
[  262.227291][ T6672] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.244733][ T6672] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.279019][T11728] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2156'.
[  262.367639][ T6672] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.392263][ T6672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.137768][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  263.148289][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  263.163100][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  263.173860][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  263.182237][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  263.189892][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  263.301266][T11738] caif0 speed is unknown, defaulting to 1000
[  263.618142][T11743] Cannot find set identified by id 0 to match
[  264.082306][T11738] chnl_net:caif_netlink_parms(): no params data found
[  264.295603][T11738] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.313205][T11738] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.343183][T11738] bridge_slave_0: entered allmulticast mode
[  264.350574][T11738] bridge_slave_0: entered promiscuous mode
[  264.370684][T11738] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.378193][T11738] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.392542][T11738] bridge_slave_1: entered allmulticast mode
[  264.401858][T11738] bridge_slave_1: entered promiscuous mode
[  264.476461][T11738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.496554][T11738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.591799][T11738] team0: Port device team_slave_0 added
[  264.608521][T11757] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2162'.
[  264.616222][T11738] team0: Port device team_slave_1 added
[  264.712279][T11738] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.733285][T11738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.793016][T11738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.825255][T11738] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.836443][T11738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.870402][T11738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.939104][T11738] hsr_slave_0: entered promiscuous mode
[  264.953500][T11738] hsr_slave_1: entered promiscuous mode
[  264.968525][T11738] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  264.984703][T11738] Cannot create hsr debugfs directory
[  265.203458][ T5107] Bluetooth: hci2: command tx timeout
[  265.256794][ T6672] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.466652][T11738] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.477879][T11738] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.582633][T11738] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.600010][T11738] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.706652][T11738] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.723633][T11738] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.841808][T11738] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.866418][T11738] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.060068][T11738] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  266.069759][T11738] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  266.080285][T11738] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  266.096538][T11738] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  266.221960][T11778] netlink: zone id is out of range
[  266.241049][T11778] netlink: zone id is out of range
[  266.271324][T11776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2167'.
[  266.308765][T11778] netlink: set zone limit has 4 unknown bytes
[  266.428611][T11738] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.488621][T11785] set match dimension is over the limit!
[  266.545973][ T6672] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.568073][ T5101] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  266.579214][ T5101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  266.588253][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  266.597988][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  266.606997][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  266.614898][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  266.627880][T11738] 8021q: adding VLAN 0 to HW filter on device team0
[  266.703572][ T6672] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.725043][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.732192][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.752572][  T932] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.759764][  T932] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.808976][T11788] caif0 speed is unknown, defaulting to 1000
[  266.841491][ T6672] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.867235][T11794] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2173'.
[  267.105329][T11799] FAULT_INJECTION: forcing a failure.
[  267.105329][T11799] name failslab, interval 1, probability 0, space 0, times 0
[  267.133463][T11799] CPU: 1 PID: 11799 Comm: syz.2.2175 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  267.143335][T11799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  267.153416][T11799] Call Trace:
[  267.156742][T11799]  <TASK>
[  267.159681][T11799]  dump_stack_lvl+0x241/0x360
[  267.164393][T11799]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.169617][T11799]  ? __pfx__printk+0x10/0x10
[  267.174230][T11799]  ? __pfx___might_resched+0x10/0x10
[  267.179556][T11799]  should_fail_ex+0x3b0/0x4e0
[  267.184261][T11799]  ? ep_insert+0x4ce/0x1ac0
[  267.188783][T11799]  should_failslab+0x9/0x20
[  267.193301][T11799]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  267.198694][T11799]  ep_insert+0x4ce/0x1ac0
[  267.203058][T11799]  ? __pfx_ep_insert+0x10/0x10
[  267.207846][T11799]  ? do_epoll_ctl+0x43e/0xf70
[  267.212552][T11799]  ? __pfx___mutex_lock+0x10/0x10
[  267.217608][T11799]  ? __fget_files+0x29/0x470
[  267.222225][T11799]  do_epoll_ctl+0x8d2/0xf70
[  267.226752][T11799]  ? do_epoll_ctl+0x771/0xf70
[  267.231460][T11799]  __x64_sys_epoll_ctl+0x161/0x1a0
[  267.236597][T11799]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  267.242238][T11799]  ? do_syscall_64+0x100/0x230
[  267.246999][T11799]  ? do_syscall_64+0xb6/0x230
[  267.251667][T11799]  do_syscall_64+0xf3/0x230
[  267.256163][T11799]  ? clear_bhb_loop+0x35/0x90
[  267.260837][T11799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.266728][T11799] RIP: 0033:0x7fddd4975b59
[  267.271140][T11799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.291095][T11799] RSP: 002b:00007fddd571e048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  267.299507][T11799] RAX: ffffffffffffffda RBX: 00007fddd4b03f60 RCX: 00007fddd4975b59
[  267.307472][T11799] RDX: 0000000000000005 RSI: 0000000000000001 RDI: 0000000000000004
[  267.315432][T11799] RBP: 00007fddd571e0a0 R08: 0000000000000000 R09: 0000000000000000
[  267.323395][T11799] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  267.331381][T11799] R13: 000000000000000b R14: 00007fddd4b03f60 R15: 00007ffd24b57738
[  267.339376][T11799]  </TASK>
[  267.349751][ T5107] Bluetooth: hci2: command tx timeout
[  267.474605][ T6672] bridge_slave_1: left allmulticast mode
[  267.483383][ T6672] bridge_slave_1: left promiscuous mode
[  267.489175][ T6672] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.549407][ T6672] bridge_slave_0: left allmulticast mode
[  267.563539][ T6672] bridge_slave_0: left promiscuous mode
[  267.579585][ T6672] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.329834][ T6672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  268.350599][ T6672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  268.377474][ T6672] bond0 (unregistering): Released all slaves
[  268.609520][T11738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.723095][ T5107] Bluetooth: hci3: command tx timeout
[  268.897973][T11832] pimreg: entered allmulticast mode
[  268.998367][T11788] chnl_net:caif_netlink_parms(): no params data found
[  269.381065][ T5107] Bluetooth: hci2: command tx timeout
[  269.638076][T11788] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.660936][T11788] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.678074][T11788] bridge_slave_0: entered allmulticast mode
[  269.691587][T11788] bridge_slave_0: entered promiscuous mode
[  269.716712][ T6672] hsr_slave_0: left promiscuous mode
[  269.734119][ T6672] hsr_slave_1: left promiscuous mode
[  269.753360][ T6672] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  269.760856][ T6672] batman_adv: batadv0: Removing interface: batadv_slave_0
[  269.775805][ T6672] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  269.803143][ T6672] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.850934][ T6672] veth1_macvtap: left promiscuous mode
[  269.856968][ T6672] veth0_macvtap: left promiscuous mode
[  269.862608][ T6672] veth1_vlan: left promiscuous mode
[  269.868858][ T6672] veth0_vlan: left promiscuous mode
[  269.879673][T11846] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2181'.
[  270.803321][ T5107] Bluetooth: hci3: command tx timeout
[  270.922175][ T6672] team0 (unregistering): Port device team_slave_1 removed
[  271.051951][ T6672] team0 (unregistering): Port device team_slave_0 removed
[  271.453215][ T5107] Bluetooth: hci2: command tx timeout
[  272.024915][T11788] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.032154][T11788] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.055570][T11788] bridge_slave_1: entered allmulticast mode
[  272.064591][T11788] bridge_slave_1: entered promiscuous mode
[  272.176438][T11788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.205610][T11859] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2183'.
[  272.224973][T11788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.251024][T11857] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2184'.
[  272.378648][T11867] set match dimension is over the limit!
[  272.429780][T11788] team0: Port device team_slave_0 added
[  272.440533][T11788] team0: Port device team_slave_1 added
[  272.472655][T11868] geneve0: invalid flags given to default FDB implementation
[  272.501236][T11788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.508693][T11788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.536100][T11788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.596028][T11788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.604433][T11788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.630918][T11788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.695400][T11738] veth0_vlan: entered promiscuous mode
[  272.714172][T11788] hsr_slave_0: entered promiscuous mode
[  272.727421][T11788] hsr_slave_1: entered promiscuous mode
[  272.735396][T11788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  272.744702][T11788] Cannot create hsr debugfs directory
[  272.784045][T11738] veth1_vlan: entered promiscuous mode
[  272.885948][ T5107] Bluetooth: hci3: command tx timeout
[  272.911630][T11738] veth0_macvtap: entered promiscuous mode
[  272.939664][T11738] veth1_macvtap: entered promiscuous mode
[  273.000169][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.018478][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.030407][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.042044][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.053172][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.064706][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.075503][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.086601][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.099897][T11738] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.138704][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.157740][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.170188][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.180914][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.194552][T11738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.208592][T11738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.221080][T11738] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.259614][T11738] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.270115][T11738] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.281131][T11738] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.290127][T11738] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.451841][ T6670] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.482766][ T6670] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.595718][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.629442][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.638120][T11788] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  273.667786][T11788] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  273.704036][T11788] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  273.730761][T11788] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  273.786029][T11896] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2195'.
[  274.025431][T11906] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2196'.
[  274.040656][T11788] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.105848][T11788] 8021q: adding VLAN 0 to HW filter on device team0
[  274.166676][ T5194] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.173895][ T5194] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.206239][ T5194] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.213479][ T5194] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.412669][T11911] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2198'.
[  274.759097][T11919] Cannot find set identified by id 0 to match
[  274.865713][T11788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.963403][ T5107] Bluetooth: hci3: command tx timeout
[  275.000606][T11788] veth0_vlan: entered promiscuous mode
[  275.052203][T11788] veth1_vlan: entered promiscuous mode
[  275.140513][T11788] veth0_macvtap: entered promiscuous mode
[  275.169017][T11788] veth1_macvtap: entered promiscuous mode
[  275.220345][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.241988][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.278556][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.310270][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.320477][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.345604][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.379337][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.396804][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.411839][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.425290][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.441888][T11788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.532183][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.550918][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.578010][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.606430][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.626762][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.649615][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.671211][T11788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.692222][T11788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.718776][T11788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.766446][T11788] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.785903][T11788] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.795090][T11788] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.804181][T11788] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.918294][T11933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.027190][ T6670] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.050915][ T6670] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.089117][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.113091][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.784684][T11943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2208'.
[  276.818091][T11944] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2207'.
[  277.045682][T11949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2209'.
[  277.151091][T11953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2210'.
[  277.474258][T11961] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2212'.
[  278.233588][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.267125][T11967] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2214'.
[  278.286290][T11971] macvlan3: entered allmulticast mode
[  278.309284][T11971] team0: Port device macvlan3 added
[  279.404964][T11986] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2220'.
[  279.593707][T11990] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2223'.
[  279.677218][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.717898][T11996] wg2: entered promiscuous mode
[  279.726836][T11996] wg2: entered allmulticast mode
[  279.778246][ T5101] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  279.788982][ T5101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  279.798577][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  279.814513][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  279.824030][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  279.835833][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.853457][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  279.940171][T12013] No such timeout policy "syz0"
[  279.946523][T12012] No such timeout policy "syz0"
[  280.016209][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.174869][T12022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  280.321452][T12001] caif0 speed is unknown, defaulting to 1000
[  280.552610][T12027] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.560366][T12027] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.655956][T12027] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2232'.
[  280.665999][   T12] bridge_slave_1: left allmulticast mode
[  280.683259][   T12] bridge_slave_1: left promiscuous mode
[  280.700014][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.716372][   T12] bridge_slave_0: left allmulticast mode
[  280.723080][   T12] bridge_slave_0: left promiscuous mode
[  280.733621][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.924247][T12037] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2235'.
[  281.330509][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.351099][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.366493][   T12] bond0 (unregistering): Released all slaves
[  281.926006][ T5101] Bluetooth: hci3: command tx timeout
[  282.253178][T12059] wg2: entered promiscuous mode
[  282.274629][T12059] wg2: entered allmulticast mode
[  282.333165][T12001] chnl_net:caif_netlink_parms(): no params data found
[  282.416837][   T12] hsr_slave_0: left promiscuous mode
[  282.437845][   T12] hsr_slave_1: left promiscuous mode
[  282.451334][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.467482][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.485095][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.503143][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.531656][   T12] veth1_macvtap: left promiscuous mode
[  282.553123][   T12] veth0_macvtap: left promiscuous mode
[  282.558741][   T12] veth1_vlan: left promiscuous mode
[  282.577857][   T12] veth0_vlan: left promiscuous mode
[  283.614300][   T12] team0 (unregistering): Port device team_slave_1 removed
[  283.720856][   T12] team0 (unregistering): Port device team_slave_0 removed
[  284.003151][ T5101] Bluetooth: hci3: command tx timeout
[  284.610250][T12119] set match dimension is over the limit!
[  284.643032][T12001] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.650648][T12001] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.667511][T12001] bridge_slave_0: entered allmulticast mode
[  284.680358][T12001] bridge_slave_0: entered promiscuous mode
[  284.728031][T12124] wg2: left promiscuous mode
[  284.732685][T12124] wg2: left allmulticast mode
[  284.770256][T12001] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.781667][T12001] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.798873][T12001] bridge_slave_1: entered allmulticast mode
[  284.817585][T12001] bridge_slave_1: entered promiscuous mode
[  284.905492][T12124] wg2: entered promiscuous mode
[  284.927933][T12124] wg2: entered allmulticast mode
[  284.948696][T12001] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.998060][T12001] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.105588][T12001] team0: Port device team_slave_0 added
[  285.130872][T12001] team0: Port device team_slave_1 added
[  285.181689][T12001] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.190854][T12001] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.221643][T12001] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.236562][T12001] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.244616][T12001] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.271230][T12001] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.409270][T12001] hsr_slave_0: entered promiscuous mode
[  285.419671][T12001] hsr_slave_1: entered promiscuous mode
[  285.430738][T12001] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  285.446159][T12001] Cannot create hsr debugfs directory
[  285.881658][T12156] pimreg: entered allmulticast mode
[  286.083260][ T5101] Bluetooth: hci3: command tx timeout
[  286.282797][T12001] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  286.311391][T12001] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  286.349488][T12001] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  286.377131][T12001] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  286.500485][T12184] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2276'.
[  286.644111][T12001] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.698099][T12001] 8021q: adding VLAN 0 to HW filter on device team0
[  286.732146][T12187] netlink: 'syz.4.2278': attribute type 1 has an invalid length.
[  286.748640][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.755879][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.828012][T12193] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2278'.
[  286.851321][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.858562][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.254708][T12206] pimreg: entered allmulticast mode
[  287.312695][T12209] netlink: 'syz.2.2285': attribute type 13 has an invalid length.
[  287.328718][T12209] veth0_macvtap: left promiscuous mode
[  287.339232][T12209] macvtap0: entered allmulticast mode
[  287.362426][T12209] macvtap0: refused to change device tx_queue_len
[  287.444768][T12001] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.586261][T12001] veth0_vlan: entered promiscuous mode
[  287.603466][T12218] netlink: 'syz.2.2287': attribute type 7 has an invalid length.
[  287.611255][T12218] netlink: 'syz.2.2287': attribute type 8 has an invalid length.
[  287.631378][T12001] veth1_vlan: entered promiscuous mode
[  287.675946][T12218] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2287'.
[  287.690929][T12001] veth0_macvtap: entered promiscuous mode
[  287.702801][T12001] veth1_macvtap: entered promiscuous mode
[  287.749097][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.804376][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.834991][T12226] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2288'.
[  287.845358][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.865681][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.878237][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.909716][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.940216][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.973198][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.991894][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.014690][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.041826][T12001] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.061716][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.095196][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.115476][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.133804][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.144334][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.157773][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.169706][ T5101] Bluetooth: hci3: command tx timeout
[  288.175904][T12001] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.189024][T12001] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.201213][T12001] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.212735][T12217] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.219079][T12001] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.231379][T12001] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.247096][T12001] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.257449][T12001] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.452314][ T6672] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.471520][ T6672] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.528943][ T6672] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.549950][ T6672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  288.574824][T12235] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2291'.
[  288.797196][T12237] FAULT_INJECTION: forcing a failure.
[  288.797196][T12237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.857736][T12237] CPU: 1 PID: 12237 Comm: syz.3.2292 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  288.867606][T12237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  288.877684][T12237] Call Trace:
[  288.880966][T12237]  <TASK>
[  288.883895][T12237]  dump_stack_lvl+0x241/0x360
[  288.888574][T12237]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.893766][T12237]  ? __pfx__printk+0x10/0x10
[  288.898350][T12237]  ? __pfx_lock_release+0x10/0x10
[  288.903385][T12237]  should_fail_ex+0x3b0/0x4e0
[  288.908062][T12237]  _copy_from_user+0x2f/0xe0
[  288.912653][T12237]  copy_msghdr_from_user+0xae/0x680
[  288.917857][T12237]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  288.923671][T12237]  __sys_sendmsg+0x23d/0x3a0
[  288.928269][T12237]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.933381][T12237]  ? vfs_write+0x7c4/0xc90
[  288.937829][T12237]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  288.944153][T12237]  ? do_syscall_64+0x100/0x230
[  288.948915][T12237]  ? do_syscall_64+0xb6/0x230
[  288.953589][T12237]  do_syscall_64+0xf3/0x230
[  288.958085][T12237]  ? clear_bhb_loop+0x35/0x90
[  288.962757][T12237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.968670][T12237] RIP: 0033:0x7f6679575b59
[  288.973095][T12237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.992710][T12237] RSP: 002b:00007f667a415048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  289.001153][T12237] RAX: ffffffffffffffda RBX: 00007f6679703f60 RCX: 00007f6679575b59
[  289.009121][T12237] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
[  289.017088][T12237] RBP: 00007f667a4150a0 R08: 0000000000000000 R09: 0000000000000000
[  289.025053][T12237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.033016][T12237] R13: 000000000000000b R14: 00007f6679703f60 R15: 00007fff85e0b8d8
[  289.040995][T12237]  </TASK>
[  289.531249][T12255] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2300'.
[  289.621747][T12260] nbd: socks must be embedded in a SOCK_ITEM attr
[  289.746093][T12261] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2301'.
[  290.031141][T12271] Cannot find set identified by id 0 to match
[  290.132080][T12277] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2307'.
[  290.501268][T12287] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2309'.
[  290.630235][T12290] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2311'.
[  290.870485][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.160501][T12312] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  292.271762][T12315] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2321'.
[  292.361777][T12318] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2322'.
[  292.431034][ T5107] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  292.447256][ T5107] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  292.457860][ T5107] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  292.468299][ T5107] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  292.476554][ T5107] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  292.488881][ T5107] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  292.548541][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.681388][T12334] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2324'.
[  292.750769][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.795070][T12321] caif0 speed is unknown, defaulting to 1000
[  292.869659][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.904132][T12338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2327'.
[  293.137130][   T12] bridge_slave_1: left allmulticast mode
[  293.154419][   T12] bridge_slave_1: left promiscuous mode
[  293.170262][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.191275][   T12] bridge_slave_0: left allmulticast mode
[  293.204127][   T12] bridge_slave_0: left promiscuous mode
[  293.215900][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.466521][T12344] skb len=1639 headroom=168 headlen=1639 tailroom=1969
[  293.466521][T12344] mac=(168,0) mac_len=0 net=(168,20) trans=188
[  293.466521][T12344] shinfo(txflags=0 nr_frags=0 gso(size=0 type=0 segs=0))
[  293.466521][T12344] csum(0x12eb start=4843 offset=0 ip_summed=3 complete_sw=0 valid=0 level=0)
[  293.466521][T12344] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[  293.466521][T12344] priority=0x0 mark=0x0 alloc_cpu=0 vlan_all=0x0
[  293.466521][T12344] encapsulation=1 inner(proto=0x0008, mac=192, net=192, trans=244)
[  293.515715][T12344] dev name=veth0_to_team feat=0x000061164fdd19e9
[  293.522085][T12344] skb linear:   00000000: 45 02 06 67 08 e4 00 00 1b 2f 0b 4b ac 14 14 1f
[  293.530668][T12344] skb linear:   00000010: e0 01 e5 02 00 00 08 00 bd 0b 06 4f 10 82 0c 52
[  293.539243][T12344] skb linear:   00000020: 1b 06 73 f5 fd fe 4b 44 94 30 eb b5 29 97 e3 6e
[  293.547816][T12344] skb linear:   00000030: 03 9b 1e 59 88 25 f8 01 00 a3 c0 63 76 c3 30 76
[  293.556380][T12344] skb linear:   00000040: 0b fe 6f 62 97 c6 32 15 d7 31 93 db 4e 45 3b f9
[  293.564959][T12344] skb linear:   00000050: f1 53 a1 67 d5 02 61 a6 7a 00 00 00 29 5e 00 00
[  293.573526][T12344] skb linear:   00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.582062][T12344] skb linear:   00000070: 00 00 00 00 00 00 e9 00 00 00 00 00 00 00 00 00
[  293.590628][T12344] skb linear:   00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.599190][T12344] skb linear:   00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.607786][T12344] skb linear:   000000a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.616350][T12344] skb linear:   000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.624916][T12344] skb linear:   000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.633475][T12344] skb linear:   000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.642001][T12344] skb linear:   000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.650559][T12344] skb linear:   000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.659215][T12344] skb linear:   00000100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.667777][T12344] skb linear:   00000110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.676340][T12344] skb linear:   00000120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  293.684945][T12344] ------------[ cut here ]------------
[  293.690436][T12344] offset (4675) >= skb_headlen() (1639)
[  293.696546][T12344] WARNING: CPU: 0 PID: 12344 at net/core/dev.c:3327 skb_checksum_help+0x5f9/0x730
[  293.705848][T12344] Modules linked in:
[  293.709773][T12344] CPU: 0 PID: 12344 Comm: syz.2.2328 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  293.719668][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  293.729813][T12344] RIP: 0010:skb_checksum_help+0x5f9/0x730
[  293.735627][T12344] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 dd 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 60 fd c5 8c 44 89 f6 89 da e8 78 39 fe f7 90 <0f> 0b 90 90 bb ea ff ff ff e9 65 fd ff ff e8 54 1f 3c f8 c6 05 fb
[  293.755306][T12344] RSP: 0018:ffffc900137aed28 EFLAGS: 00010246
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  293.761412][T12344] RAX: 06de8f3bbe66b900 RBX: 0000000000000667 RCX: 0000000000040000
[  293.769474][T12344] RDX: ffffc900099a9000 RSI: 000000000003ffff RDI: 0000000000040000
[  293.777516][T12344] RBP: 0000000000000667 R08: ffffffff815878a2 R09: fffffbfff1c39d94
[  293.785581][T12344] R10: dffffc0000000000 R11: fffffbfff1c39d94 R12: 1ffff1100f9e0c0e
[  293.793626][T12344] R13: dffffc0000000000 R14: 0000000000001243 R15: ffff88807cf06000
[  293.801629][T12344] FS:  00007fddd571e6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  293.810652][T12344] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  293.817331][T12344] CR2: 000000002000d000 CR3: 000000002ea82000 CR4: 00000000003506f0
[  293.825418][T12344] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  293.833452][T12344] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  293.841448][T12344] Call Trace:
[  293.844805][T12344]  <TASK>
[  293.847781][T12344]  ? __warn+0x163/0x4e0
[  293.851988][T12344]  ? skb_checksum_help+0x5f9/0x730
[  293.857210][T12344]  ? report_bug+0x2b3/0x500
[  293.861769][T12344]  ? skb_checksum_help+0x5f9/0x730
[  293.866992][T12344]  ? handle_bug+0x3e/0x70
[  293.871350][T12344]  ? exc_invalid_op+0x1a/0x50
[  293.876127][T12344]  ? asm_exc_invalid_op+0x1a/0x20
[  293.881196][T12344]  ? __warn_printk+0x292/0x360
[  293.886049][T12344]  ? skb_checksum_help+0x5f9/0x730
[  293.891200][T12344]  ? skb_checksum_help+0x5f8/0x730
[  293.896419][T12344]  ip_do_fragment+0x20d/0x1b30
[  293.901226][T12344]  ? __pfx_ip_finish_output2+0x10/0x10
[  293.906755][T12344]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  293.913171][T12344]  ? __pfx_ip_do_fragment+0x10/0x10
[  293.918397][T12344]  ? kasan_quarantine_put+0xdc/0x230
[  293.923756][T12344]  ? lockdep_hardirqs_on+0x99/0x150
[  293.928997][T12344]  ? __ip_finish_output+0x247/0x400
[  293.934276][T12344]  ? kmem_cache_free+0x145/0x350
[  293.939239][T12344]  ? ip_fragment+0x9a/0x220
[  293.943823][T12344]  __ip_finish_output+0x290/0x400
[  293.948882][T12344]  iptunnel_xmit+0x540/0x9b0
[  293.953564][T12344]  ip_tunnel_xmit+0x2119/0x2950
[  293.958481][T12344]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  293.963754][T12344]  ? gre_build_header+0x341/0xb30
[  293.968820][T12344]  ? __pfx_gre_build_header+0x10/0x10
[  293.974272][T12344]  ? iptunnel_handle_offloads+0x25f/0x650
[  293.980023][T12344]  ipgre_xmit+0x958/0xd40
[  293.984451][T12344]  ? __pfx_ipgre_xmit+0x10/0x10
[  293.989349][T12344]  ? validate_xmit_skb+0x9f9/0x1120
[  293.994648][T12344]  dev_hard_start_xmit+0x27a/0x7e0
[  293.999819][T12344]  __dev_queue_xmit+0x1b63/0x3e90
[  294.004956][T12344]  ? __dev_queue_xmit+0x2da/0x3e90
[  294.010098][T12344]  ? __pskb_pull_tail+0xaee/0x14c0
[  294.015299][T12344]  ? __pfx___dev_queue_xmit+0x10/0x10
[  294.020699][T12344]  ? __pskb_pull_tail+0xf61/0x14c0
[  294.025891][T12344]  ? skb_partial_csum_set+0x105/0x350
[  294.031298][T12344]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  294.036942][T12344]  ? packet_parse_headers+0x7e3/0xaf0
[  294.042360][T12344]  ? packet_xmit+0x68/0x330
[  294.046948][T12344]  packet_sendmsg+0x4bc0/0x6710
[  294.051859][T12344]  ? __pfx___might_resched+0x10/0x10
[  294.057240][T12344]  ? aa_sk_perm+0x967/0xab0
[  294.061783][T12344]  ? __pfx_packet_sendmsg+0x10/0x10
[  294.067079][T12344]  ? __pfx_lock_release+0x10/0x10
[  294.072122][T12344]  ? __import_iovec+0x536/0x820
[  294.077055][T12344]  ? aa_sock_msg_perm+0x91/0x160
[  294.082032][T12344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  294.087389][T12344]  ? security_socket_sendmsg+0x87/0xb0
[  294.092923][T12344]  ? __pfx_packet_sendmsg+0x10/0x10
[  294.098158][T12344]  __sock_sendmsg+0x221/0x270
[  294.102930][T12344]  ____sys_sendmsg+0x525/0x7d0
[  294.107744][T12344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.113153][T12344]  __sys_sendmsg+0x2b0/0x3a0
[  294.117788][T12344]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.123019][T12344]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.129378][T12344]  ? do_syscall_64+0x100/0x230
[  294.134229][T12344]  ? do_syscall_64+0xb6/0x230
[  294.138926][T12344]  do_syscall_64+0xf3/0x230
[  294.143501][T12344]  ? clear_bhb_loop+0x35/0x90
[  294.148203][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.154176][T12344] RIP: 0033:0x7fddd4975b59
[  294.158619][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.178347][T12344] RSP: 002b:00007fddd571e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.186845][T12344] RAX: ffffffffffffffda RBX: 00007fddd4b03f60 RCX: 00007fddd4975b59
[  294.194901][T12344] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  294.202938][T12344] RBP: 00007fddd49e4e5d R08: 0000000000000000 R09: 0000000000000000
[  294.210936][T12344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  294.218991][T12344] R13: 000000000000000b R14: 00007fddd4b03f60 R15: 00007ffd24b57738
[  294.227055][T12344]  </TASK>
[  294.230088][T12344] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  294.237379][T12344] CPU: 0 PID: 12344 Comm: syz.2.2328 Not tainted 6.10.0-syzkaller-04472-g51835949dda3 #0
[  294.247200][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  294.257321][T12344] Call Trace:
[  294.260610][T12344]  <TASK>
[  294.263550][T12344]  dump_stack_lvl+0x241/0x360
[  294.268246][T12344]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.273458][T12344]  ? __pfx__printk+0x10/0x10
[  294.278089][T12344]  ? vscnprintf+0x5d/0x90
[  294.282435][T12344]  panic+0x349/0x860
[  294.286346][T12344]  ? __warn+0x172/0x4e0
[  294.290522][T12344]  ? __pfx_panic+0x10/0x10
[  294.294971][T12344]  __warn+0x346/0x4e0
[  294.298974][T12344]  ? skb_checksum_help+0x5f9/0x730
[  294.304115][T12344]  report_bug+0x2b3/0x500
[  294.308463][T12344]  ? skb_checksum_help+0x5f9/0x730
[  294.313602][T12344]  handle_bug+0x3e/0x70
[  294.317779][T12344]  exc_invalid_op+0x1a/0x50
[  294.322297][T12344]  asm_exc_invalid_op+0x1a/0x20
[  294.327166][T12344] RIP: 0010:skb_checksum_help+0x5f9/0x730
[  294.332919][T12344] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 dd 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 60 fd c5 8c 44 89 f6 89 da e8 78 39 fe f7 90 <0f> 0b 90 90 bb ea ff ff ff e9 65 fd ff ff e8 54 1f 3c f8 c6 05 fb
[  294.352553][T12344] RSP: 0018:ffffc900137aed28 EFLAGS: 00010246
[  294.358645][T12344] RAX: 06de8f3bbe66b900 RBX: 0000000000000667 RCX: 0000000000040000
[  294.366637][T12344] RDX: ffffc900099a9000 RSI: 000000000003ffff RDI: 0000000000040000
[  294.374629][T12344] RBP: 0000000000000667 R08: ffffffff815878a2 R09: fffffbfff1c39d94
[  294.382619][T12344] R10: dffffc0000000000 R11: fffffbfff1c39d94 R12: 1ffff1100f9e0c0e
[  294.390607][T12344] R13: dffffc0000000000 R14: 0000000000001243 R15: ffff88807cf06000
[  294.398608][T12344]  ? __warn_printk+0x292/0x360
[  294.403413][T12344]  ? skb_checksum_help+0x5f8/0x730
[  294.408561][T12344]  ip_do_fragment+0x20d/0x1b30
[  294.413361][T12344]  ? __pfx_ip_finish_output2+0x10/0x10
[  294.418848][T12344]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.425201][T12344]  ? __pfx_ip_do_fragment+0x10/0x10
[  294.430422][T12344]  ? kasan_quarantine_put+0xdc/0x230
[  294.435730][T12344]  ? lockdep_hardirqs_on+0x99/0x150
[  294.440948][T12344]  ? __ip_finish_output+0x247/0x400
[  294.446172][T12344]  ? kmem_cache_free+0x145/0x350
[  294.451122][T12344]  ? ip_fragment+0x9a/0x220
[  294.455641][T12344]  __ip_finish_output+0x290/0x400
[  294.460683][T12344]  iptunnel_xmit+0x540/0x9b0
[  294.465309][T12344]  ip_tunnel_xmit+0x2119/0x2950
[  294.470215][T12344]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  294.475445][T12344]  ? gre_build_header+0x341/0xb30
[  294.480492][T12344]  ? __pfx_gre_build_header+0x10/0x10
[  294.485883][T12344]  ? iptunnel_handle_offloads+0x25f/0x650
[  294.491625][T12344]  ipgre_xmit+0x958/0xd40
[  294.495987][T12344]  ? __pfx_ipgre_xmit+0x10/0x10
[  294.500869][T12344]  ? validate_xmit_skb+0x9f9/0x1120
[  294.506103][T12344]  dev_hard_start_xmit+0x27a/0x7e0
[  294.511257][T12344]  __dev_queue_xmit+0x1b63/0x3e90
[  294.516322][T12344]  ? __dev_queue_xmit+0x2da/0x3e90
[  294.521455][T12344]  ? __pskb_pull_tail+0xaee/0x14c0
[  294.526580][T12344]  ? __pfx___dev_queue_xmit+0x10/0x10
[  294.531979][T12344]  ? __pskb_pull_tail+0xf61/0x14c0
[  294.537115][T12344]  ? skb_partial_csum_set+0x105/0x350
[  294.542514][T12344]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  294.548243][T12344]  ? packet_parse_headers+0x7e3/0xaf0
[  294.553661][T12344]  ? packet_xmit+0x68/0x330
[  294.558187][T12344]  packet_sendmsg+0x4bc0/0x6710
[  294.563083][T12344]  ? __pfx___might_resched+0x10/0x10
[  294.568407][T12344]  ? aa_sk_perm+0x967/0xab0
[  294.572933][T12344]  ? __pfx_packet_sendmsg+0x10/0x10
[  294.578156][T12344]  ? __pfx_lock_release+0x10/0x10
[  294.583196][T12344]  ? __import_iovec+0x536/0x820
[  294.588061][T12344]  ? aa_sock_msg_perm+0x91/0x160
[  294.593014][T12344]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  294.598312][T12344]  ? security_socket_sendmsg+0x87/0xb0
[  294.603796][T12344]  ? __pfx_packet_sendmsg+0x10/0x10
[  294.609023][T12344]  __sock_sendmsg+0x221/0x270
[  294.613727][T12344]  ____sys_sendmsg+0x525/0x7d0
[  294.618519][T12344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.623843][T12344]  __sys_sendmsg+0x2b0/0x3a0
[  294.628453][T12344]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.633634][T12344]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.639983][T12344]  ? do_syscall_64+0x100/0x230
[  294.644768][T12344]  ? do_syscall_64+0xb6/0x230
[  294.649464][T12344]  do_syscall_64+0xf3/0x230
[  294.653986][T12344]  ? clear_bhb_loop+0x35/0x90
[  294.658685][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.664595][T12344] RIP: 0033:0x7fddd4975b59
[  294.669023][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.688650][T12344] RSP: 002b:00007fddd571e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.697091][T12344] RAX: ffffffffffffffda RBX: 00007fddd4b03f60 RCX: 00007fddd4975b59
[  294.705080][T12344] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  294.713075][T12344] RBP: 00007fddd49e4e5d R08: 0000000000000000 R09: 0000000000000000
[  294.721060][T12344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  294.729053][T12344] R13: 000000000000000b R14: 00007fddd4b03f60 R15: 00007ffd24b57738
[  294.737066][T12344]  </TASK>
[  294.740322][T12344] Kernel Offset: disabled
[  294.744702][T12344] Rebooting in 86400 seconds..