last executing test programs:

1m14.978141654s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

47.232033371s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

47.231747571s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

39.891483593s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

18.415653537s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

10.960019919s ago: executing program 3 (id=2733):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100)
recvmsg(r2, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0x0)

9.782606906s ago: executing program 3 (id=2743):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000080), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000440)={0x0, 0x6800, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="30010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000030000000800010001000000040004800800020001000000080108802c0007800800ffeac3bc0000080006001c0000000800060000000000080005"], 0x130}}, 0x0)

9.629549662s ago: executing program 3 (id=2746):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x0, {0x0, 0x0, 0x10}}}}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}]}, 0x44}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x34, 0x3e, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@typed={0x4}, @nested={0x19, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @typed={0x8, 0x0, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="513f94279b"]}]}, 0x34}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r6, 0xf05, 0x0, 0x0, {0x8}}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, r6, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x11}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff516d}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20048850}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
close(r7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x7, 0x2, 0x1000}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r8}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r9, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r5)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r14=>0x0})
r15 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmsg(r15, &(0x7f0000000480)={&(0x7f0000000400)=@l2, 0x80, &(0x7f0000000900)=[{&(0x7f0000000600)=""/123, 0x7b}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000340)=""/33, 0x21}, {&(0x7f0000000680)=""/68, 0x44}, {&(0x7f0000000700)=""/137, 0x89}, {&(0x7f00000007c0)=""/187, 0xbb}], 0x6, &(0x7f0000001a40)=""/101, 0x65}, 0x40)
sendmsg$NL80211_CMD_NEW_INTERFACE(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x4b}, @val={0x8, 0x3, r14}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_to_batadv\x00'}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r4, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, r10, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x36}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x3000c080}, 0x24000000)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r3, 0x300, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r14}, @val={0xc, 0x99, {0x0, 0x66}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000085}, 0x20008010)

9.360313456s ago: executing program 3 (id=2748):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r3, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000001400)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c988ca", 0xfdef}], 0x1)

8.789393645s ago: executing program 3 (id=2757):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x7}, 0xa}, 0x1c)

7.822449937s ago: executing program 3 (id=2768):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000001801000020e4db5e8a6848a020732500000000002020ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000009500000000000000257a8b918a2cb37abb95cc60deaf1af9077a77a18834b3217e416d05b56474bf89a2b624ec5af6db9d670a24696c15c7945f875ae063decebd02195a71622b39142b9947fc3f08e3e94f4e68aea4d413ab83b70000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000008000000000000000000030000"])
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r0, 0x1, 0x2, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc}]}]}, @IFLA_IFALIAS={0x14, 0x14, 'geneve0\x00'}]}, 0x48}}, 0x0)

3.349440275s ago: executing program 0 (id=2799):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockname$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000180)=0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x4df9}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x58}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x18, 0x1, 0x0, 0x0, {0x80, 0x0, 0x2}}, 0x14}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000001c0)={0x43, 0x3, 0x2}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'veth1_to_hsr\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x15000000, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x8, 0x6, @local}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1=0xe000030a}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x48}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)

3.274593013s ago: executing program 2 (id=2800):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f00000000c0), 0x4)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x48, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x99e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}]]}, 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x34}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000000050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c000880040002400000000000000000f000014000000000000000000900030073797a3200000000280004800800024000000000080001"], 0xd0}}, 0x0)

3.063843714s ago: executing program 0 (id=2803):
socket(0x10, 0x3, 0x0)
r0 = socket(0x15, 0x5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000d18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='ext4_ext_remove_space_done\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
connect$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast2}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f00000003c0))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="0f060b7988d0e433454eac5b3bf9aa281383a37e35de94df591b29965d3d2e3a077018eacb73ff67ac4742e179043ccdc728de39e454f8761e58601ed395dc781e49ec1c24df917950f19a9606eb8ec436c15c8c262b7802f6cfbf5e50cf405840675e563541", 0xff8d}], 0x1}, 0x40)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r7, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_u8={{0x11}}, @ip_retopts={{0x10, 0x110, 0xe}}], 0x38}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="424079237ca234ef9b69722c000100", @ANYRES16=r8, @ANYBLOB="050000000000000000006100010008000300", @ANYRES32=r9, @ANYBLOB="10007d800400020004000200d7fe0100"], 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1c32573d18000000000000000000000000004acaf16c0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000097909a07b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0xc00000, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=<r11=>r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYRESDEC=r11, @ANYRESOCT=r10, @ANYRES32=r10], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r12}, 0x10)
r13 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r13, 0x0, 0x18, &(0x7f0000000300)=0x1, 0x4)
bind$inet(r13, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
recvmsg(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/78, 0x4e}], 0x1}, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r3, &(0x7f0000000dc0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a00)={0x0}, 0x1, 0x0, 0x0, 0x24000081}, 0x884)
socket$kcm(0x10, 0x2, 0x4)

3.051949389s ago: executing program 1 (id=2804):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r1, &(0x7f0000000100)="c0bb43c62978f6f6cdf30f0a2aa14b0bc55d904ba0ce2bdbc64d6f3fbd16ef0c9b7a50ea6829f5dce81543ca5bd4f82c861966aacad32df6e26805ce79575974e9ae82ae4be7156b4299879110b987a55426fc4f4396d986a0dcf8169a4a41572c81aa6b9e8ea3db1193b79831bc5f93cbf64524a182a479cf721bc5d58cbf3d991b7e75e2c7ad4d5cdb7232c6cd6e44d95ff76972f3858488be7c18c6df3951092b4db2deeadf6d1292f1e8492212912b23f8cf54da50a3f0365eb3fb09336ef88bb4d5b207051ac57e863a43473ec16d49a5141f55d1ae7229"}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000000202020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000002c0)={<r2=>0x0, 0x35, "b607ada678387d9f8f1ae73deddad9045297fe9d50038a7cce8c17fbe9781799330fbf07fd81c62a9972cf99eb454b7a9294898448"}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000340)={r2}, 0x8)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000a300))
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan0\x00'})
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f00000031c0)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3ff}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000001100)=0x4, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bind$inet6(r0, &(0x7f0000005a40)={0xa, 0x4e24, 0x80000000, @private2}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000005d40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040), 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x0, 0x4, 0xcfe1}, 0x48)
socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)

2.891922142s ago: executing program 0 (id=2805):
syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@generic={0x7, 0x2}]}}, {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x3, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)

2.82947685s ago: executing program 0 (id=2806):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r1}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x1080000, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000002a000900000000000000000004"], 0x18}, 0x1, 0x3000000}, 0x0)

2.820778163s ago: executing program 2 (id=2807):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@can_newroute={0x3c, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_AND={0x15, 0x1, {{{}, 0x0, 0x0, 0x0, 0x0, "0f90bab55ea49d8d"}, 0x2}}, @CGW_MOD_UID={0x8}, @CGW_CS_XOR={0x8, 0x5, {0x0, 0xffffffffffffffff}}]}, 0x3c}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r4, 0x10d, 0xee, 0x0, &(0x7f00000000c0))
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x154, 0x10, 0x113, 0x0, 0x0, {{@in=@loopback, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@remote, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x7, 0x0, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0x154}}, 0x0)

2.586465046s ago: executing program 1 (id=2808):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000800"/16], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000120080850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000007000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.473247568s ago: executing program 2 (id=2809):
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x0, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendto$packet(r0, &(0x7f0000000000)="4dcdc7c6223e00000000ffff8137", 0x71, 0x0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-intel\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
write(r2, &(0x7f0000000000)="b1", 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'bond0\x00'})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={0xffffffffffffffff, 0x0, 0x0, 0x63, &(0x7f0000000a80), &(0x7f0000000b80)=""/99, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c00), 0x0, 0x3, 0x0, 0x1}, 0x50)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000440), 0x4)

2.471934244s ago: executing program 1 (id=2810):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r3, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(0xffffffffffffffff, &(0x7f0000001400)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c988ca", 0xfdef}], 0x1)

2.37579519s ago: executing program 4 (id=1191):
unshare(0x36030200)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r0=>0xffffffffffffffff, 0x5, 0x40, 0xffffffff})
r1 = openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800004, 0x11, r1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x70}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0xa, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2.331907552s ago: executing program 2 (id=2811):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000080)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r0, &(0x7f0000002dc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)='\x00', 0x1}], 0x1}}], 0x1, 0x400004c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x16, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

442.404985ms ago: executing program 0 (id=2812):
syz_emit_ethernet(0x7a, 0x0, 0x0)

441.599341ms ago: executing program 2 (id=2813):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
sendto(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x20008881, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
unshare(0x20400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r1, r0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x268040, 0x0)
openat$cgroup_freezer_state(r2, &(0x7f00000001c0), 0x2, 0x0)
pipe(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="180000006a00dd870000596252ff36eb00"/33], 0x18}}, 0x0)
unshare(0x24020400)
getsockname$packet(r4, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000340000006ce70768af5fa6a0340000000000000000030000000003000000020000000000000000000000000000010500000120000000000000000000"], 0x0, 0x4e}, 0x20)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400010067656e657665000000000000"], 0x40}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r7}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r3, 0xc4009420, &(0x7f0000000b00)={0x8, 0x2, {0x80000000000007, @usage=0x1, 0x0, 0x6, 0x7000, 0x8001, 0xb811, 0x6, 0x2, @usage=0x5, 0x2, 0x6, [0x5, 0x0, 0x6, 0x6, 0x7, 0x114]}, {0x6, @struct={0x8001, 0x401}, 0x0, 0x6, 0x5, 0x4, 0x1, 0x40, 0x1, @struct={0x1, 0x1000}, 0x9, 0x80000001, [0x400, 0x7, 0x80000001, 0x2bbe272c, 0x0, 0x4a9]}, {0x1, @usage=0x2a3f, 0x0, 0x401, 0x4, 0xfffffffffffffffd, 0x526f, 0xfffffffffffffffe, 0x58, @usage=0x1, 0x9, 0x826b, [0x930, 0x6, 0x80000001, 0x7fffffff, 0x100, 0x239]}, {0x6, 0xffffffffffffffff}})

410.113993ms ago: executing program 1 (id=2814):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000c00000000002800000028000000020000000100000000000001e5ff0000080000000000000001000084060004000000000001"], 0x0, 0x42}, 0x20)

272.808247ms ago: executing program 0 (id=2815):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x6, 0x5, 0x1000}, 0x48)
mmap$xdp(&(0x7f0000fe9000/0x14000)=nil, 0x14000, 0x0, 0x400e033, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)="fe", 0x1}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91", 0x450}], 0x2}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x0)
recvmmsg(r1, &(0x7f0000004480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @local, 0x5}]}, &(0x7f0000000180)=0x10)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x7d, &(0x7f00000000c0)={r4, @in={{0x2, 0x0, @empty}}}, 0x9c)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)

191.36534ms ago: executing program 1 (id=2816):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x39, 0x9, 0x0, 0x2, {0x1}, [@typed={0x4}, @nested={0x4, 0x5}]}, 0x1c}}, 0x0)

36.136128ms ago: executing program 1 (id=2817):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000006280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021300000001c0a05010000000000000000070000000900020073797a31000000000900010073797a30"], 0xb4}}, 0x0) (fail_nth: 17)

0s ago: executing program 2 (id=2818):
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000000)="1c5c47cc3add2aa79d38b9ded4daa4f4", 0x10)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x8920, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="9fdf8739f8ed48e9adfc3868eb0100180000000000000034000000340000000400000000000000000000030000000003000000020000000000000000000000000000010500000010000000020000000000000c0000000000002e00"], 0x0, 0x50}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c000c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05af3a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df871a8e782339bc424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2c85c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb78183e7e68de9dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbefd9a6bb70f60eb9c01dd2fc79a957c84f236909fcdcd548b3d360c4b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009de2323f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a90400000037c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d55185ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e671d305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aafc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d2986334c25e454474f92e65828b018174a9f4738b8c71fbdead06ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a379ed4c6267965af78b861bd335312538cec97966b8973d4e299d9802264d06e40ae11861d242d1128dcedeb44030df12ef68ffce8d141e8960ef790fb0078215d65f96eb55db8cbcb060000000d988374e45451a694ffe38a1d03912b31c98d42e1a1bda1290de1a499a5d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553ecece78d4c1541c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a7d72fcdb0a11993d54d97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a9236558fea2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68dff0f0000000000000e0bf9878516f532639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483be1920efcb413798c2b636243e0a37262ca47dfeefa1ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8edc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f24bb68f486e172932ecb204b4d807536a75942e1b9d6dc28ab8e19e1111dd893e8d5bc5642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c290fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240ea3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4055f05558ab397a94d560a15b81f339f6a4caf2ee2fd01f34dca330000000000000004000000000000000000000000000000000000000000000000000000000095e6f945ba9a941cef5e70b8c152321e1516551c05afc85ad4f4ef9824b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374b281c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd6f7fd7f8898c70b5c65f2e28f22e98389557affbda5e1850d66a4a1ee73b2084681f880a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829504ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca15981090ded672f5af8a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd31091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a474bd163d4e58252f3d571c36b1793db8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f3919eb7cfbd7cc03bbfb8c698ecc137d96711100e01031aa74fad86b99eebf0527552a9331e646c424b14ffbb8e725000000000000bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc86784c9f940d9fb0464a72ce635e14b80dc5c1c64e8f58c570e7afd83ee77f157c146aa747b728969aeb4abb1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846f4cf48a5c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d685ac3d9a9710f938ad16eeb8342278f1c1cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cbe91c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706e587f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2cc0e7c217b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af999dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae25824264f80dee5f95be1b9deb11b7db45b9f15b7b55d8fdbedd8b2ff891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2be0d1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84034faf8421a22c4b4c17a3d24a4aeee0d0850371feefd77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2b59654d49a11c6736ac63e8eb383760fc2b5c976dacf3dda7191c757f28e44f6a5f95db7055f7ed983f5665210f20a49"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r2, &(0x7f0000000040)={0x24, @short}, 0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x20e, 0x5ee, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000003300ff310006ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d74733e0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)

kernel console output (not intermixed with test programs):

parse: 10 callbacks suppressed
[  295.268344][T12753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2355'.
[  295.360663][T12729] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  295.433291][T12757] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2356'.
[  295.455359][T12729] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.472566][T12729] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 41358 - 0
[  295.497489][T12729] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 37319 - 0
[  295.622419][ T9005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.649190][ T9005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.734633][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.758950][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.793912][T12729] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 37319 - 0
[  295.807636][T12729] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 41358 - 0
[  295.818082][T12729] netdevsim netdevsim2 eth0: set [1, 2] type 2 family 0 port 6081 - 0
[  295.855802][T12729] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 37319 - 0
[  295.868946][T12729] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 41358 - 0
[  295.878878][T12729] netdevsim netdevsim2 eth1: set [1, 2] type 2 family 0 port 6081 - 0
[  295.988092][T12729] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 37319 - 0
[  296.009801][T12729] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 41358 - 0
[  296.032833][T12729] netdevsim netdevsim2 eth2: set [1, 2] type 2 family 0 port 6081 - 0
[  296.098674][T12729] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 37319 - 0
[  296.120490][T12729] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 41358 - 0
[  296.144469][T12729] netdevsim netdevsim2 eth3: set [1, 2] type 2 family 0 port 6081 - 0
[  296.394820][T12779] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  296.549627][ T1094] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.655578][ T1094] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.821673][ T1094] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.256084][ T1094] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.432105][ T1094] bridge_slave_1: left allmulticast mode
[  297.438478][ T1094] bridge_slave_1: left promiscuous mode
[  297.444329][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.455987][ T1094] bridge_slave_0: left allmulticast mode
[  297.463841][ T1094] bridge_slave_0: left promiscuous mode
[  297.469871][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.144012][T12802] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2367'.
[  298.372281][ T5100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  298.388980][ T5100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  298.402060][ T5100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  298.421983][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  298.433584][ T5100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  298.442096][ T5100] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  298.452271][ T5100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  298.477275][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  298.493447][ T1094] bond0 (unregistering): Released all slaves
[  298.863669][T12814] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 37319 - 0
[  298.875491][T12814] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 41358 - 0
[  298.890405][T12814] netdevsim netdevsim2 eth3 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0
[  298.956007][T12814] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 37319 - 0
[  298.969227][T12814] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 41358 - 0
[  298.981145][T12814] netdevsim netdevsim2 eth2 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0
[  299.022695][ T1094] hsr_slave_0: left promiscuous mode
[  299.032593][ T1094] hsr_slave_1: left promiscuous mode
[  299.050316][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.064181][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.075553][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.091169][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.122121][ T1094] veth1_macvtap: left promiscuous mode
[  299.127884][ T1094] veth0_macvtap: left promiscuous mode
[  299.133616][ T1094] veth1_vlan: left promiscuous mode
[  299.139695][ T1094] veth0_vlan: left promiscuous mode
[  299.768827][ T1094] team0 (unregistering): Port device team_slave_1 removed
[  299.822466][ T1094] team0 (unregistering): Port device team_slave_0 removed
[  300.580590][ T5100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  300.607826][ T5100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  300.630355][ T5100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  300.649289][ T5100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  300.671356][ T5100] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  300.678894][ T5100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  300.941976][T12814] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 37319 - 0
[  300.964690][T12814] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 41358 - 0
[  300.995398][T12814] netdevsim netdevsim2 eth1 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0
[  301.128377][T12841] lo speed is unknown, defaulting to 1000
[  301.154809][T12814] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 37319 - 0
[  301.199538][T12814] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 41358 - 0
[  301.217366][T12814] netdevsim netdevsim2 eth0 (unregistering): unset [1, 2] type 2 family 0 port 6081 - 0
[  301.398397][T12858] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2383'.
[  301.512549][T12814] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 37319 - 0
[  301.524884][T12814] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 41358 - 0
[  301.552172][T12814] netdevsim netdevsim2 eth0: set [1, 2] type 2 family 0 port 6081 - 0
[  301.689356][T12814] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 37319 - 0
[  301.711022][T12814] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 41358 - 0
[  301.731788][T12814] netdevsim netdevsim2 eth1: set [1, 2] type 2 family 0 port 6081 - 0
[  301.799009][T12814] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 37319 - 0
[  301.819420][T12814] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 41358 - 0
[  301.842891][T12814] netdevsim netdevsim2 eth2: set [1, 2] type 2 family 0 port 6081 - 0
[  301.887295][T12864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2385'.
[  301.975490][T12814] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 37319 - 0
[  302.013088][T12814] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 41358 - 0
[  302.025446][T12814] netdevsim netdevsim2 eth3: set [1, 2] type 2 family 0 port 6081 - 0
[  302.116671][T12866] veth0_vlan: left promiscuous mode
[  302.349074][T12877] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2389'.
[  302.593405][T12841] chnl_net:caif_netlink_parms(): no params data found
[  302.797114][ T5111] Bluetooth: hci4: command tx timeout
[  302.810614][T12865] delete_channel: no stack
[  302.871080][T12898] team0: entered promiscuous mode
[  302.927284][T12898] team_slave_0: entered promiscuous mode
[  302.933335][T12898] team_slave_1: entered promiscuous mode
[  302.956019][T12898] dummy0: entered promiscuous mode
[  303.006834][T12903] netlink: 'syz.2.2396': attribute type 13 has an invalid length.
[  303.168270][T12841] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.199452][T12841] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.227783][T12841] bridge_slave_0: entered allmulticast mode
[  303.245965][T12841] bridge_slave_0: entered promiscuous mode
[  303.265962][T12913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2398'.
[  303.274157][T12841] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.322918][T12841] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.335870][   T29] audit: type=1804 audit(1719717276.535:14): pid=12912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2399" name="/root/syzkaller.zfPeNo/565/cgroup.controllers" dev="sda1" ino=1978 res=1 errno=0
[  303.364321][T12841] bridge_slave_1: entered allmulticast mode
[  303.389684][T12841] bridge_slave_1: entered promiscuous mode
[  303.512558][T12914] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  303.549919][T12914] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  303.583849][T12841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.625496][T12921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2400'.
[  303.668599][T12841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.841807][T12841] team0: Port device team_slave_0 added
[  303.872978][T12841] team0: Port device team_slave_1 added
[  304.030570][T12841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.054270][T12841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.097374][T12841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.165304][T12841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.188008][T12841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.276418][T12841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.307063][T12939] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  304.587809][T12841] hsr_slave_0: entered promiscuous mode
[  304.660441][T12841] hsr_slave_1: entered promiscuous mode
[  304.686999][T12841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  304.694949][T12841] Cannot create hsr debugfs directory
[  304.711777][T12949] netlink: 'syz.2.2409': attribute type 1 has an invalid length.
[  304.736493][T12949] netlink: 191384 bytes leftover after parsing attributes in process `syz.2.2409'.
[  304.876667][ T5111] Bluetooth: hci4: command tx timeout
[  304.919502][T12951] vlan4: entered promiscuous mode
[  304.943876][T12951] bond0: entered promiscuous mode
[  304.965900][T12951] bond_slave_0: entered promiscuous mode
[  304.989032][T12951] bond_slave_1: entered promiscuous mode
[  304.998074][T12951] bridge0: entered promiscuous mode
[  305.022860][T12951] bond0: left promiscuous mode
[  305.038008][T12951] bond_slave_0: left promiscuous mode
[  305.043806][T12951] bond_slave_1: left promiscuous mode
[  305.057617][T12951] bridge0: left promiscuous mode
[  305.098205][T12961] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2413'.
[  305.118867][ T5100] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  305.128582][ T5100] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  305.137437][ T5100] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  305.145742][ T5100] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  305.165561][ T5100] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  305.173587][ T5100] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  305.269069][T12951] syz.2.2409 (12951) used greatest stack depth: 17616 bytes left
[  305.296710][T12965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2414'.
[  305.386095][ T1094] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.513700][ T1094] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.544489][T12962] lo speed is unknown, defaulting to 1000
[  305.622333][ T1094] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.825402][T12979] netlink: 'syz.1.2420': attribute type 22 has an invalid length.
[  306.273682][T12996] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1025 (only 8 groups)
[  306.275895][ T1094] bridge_slave_1: left allmulticast mode
[  306.304843][ T1094] bridge_slave_1: left promiscuous mode
[  306.320013][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.351564][ T1094] bridge_slave_0: left allmulticast mode
[  306.359184][ T1094] bridge_slave_0: left promiscuous mode
[  306.365794][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.957074][ T5100] Bluetooth: hci4: command tx timeout
[  307.250374][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  307.269704][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  307.282016][ T5100] Bluetooth: hci3: command tx timeout
[  307.296264][ T1094] bond0 (unregistering): Released all slaves
[  307.313768][T12997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  307.512401][T12962] chnl_net:caif_netlink_parms(): no params data found
[  307.791455][T12841] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  307.891597][T12841] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  307.980681][ T1094] team0: left promiscuous mode
[  307.985632][ T1094] team_slave_0: left promiscuous mode
[  308.027169][ T1094] team_slave_1: left promiscuous mode
[  308.043918][ T1094] dummy0: left promiscuous mode
[  308.055286][ T1094] hsr_slave_0: left promiscuous mode
[  308.067256][ T1094] hsr_slave_1: left promiscuous mode
[  308.073624][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  308.097551][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0
[  308.115346][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  308.134844][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1
[  308.140112][T13033] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2434'.
[  308.190707][ T1094] veth1_macvtap: left promiscuous mode
[  308.197166][ T1094] veth0_macvtap: left promiscuous mode
[  308.203078][ T1094] veth1_vlan: left promiscuous mode
[  308.920995][ T1094] team0 (unregistering): Port device team_slave_1 removed
[  308.973001][ T1094] team0 (unregistering): Port device team_slave_0 removed
[  309.047352][ T5100] Bluetooth: hci4: command tx timeout
[  309.358966][ T5100] Bluetooth: hci3: command tx timeout
[  309.544120][T12841] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  309.561843][T12841] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  309.586714][T13024] netlink: 'syz.0.2433': attribute type 11 has an invalid length.
[  309.612142][T13029] team_slave_0: entered promiscuous mode
[  309.618416][T13029] team_slave_1: entered promiscuous mode
[  309.624316][T13029] bond_slave_0: entered promiscuous mode
[  309.630567][T13029] bond_slave_1: entered promiscuous mode
[  309.639428][T13029] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  309.657584][T13029] team_slave_0: left promiscuous mode
[  309.663080][T13029] team_slave_1: left promiscuous mode
[  309.669077][T13029] bond_slave_0: left promiscuous mode
[  309.674565][T13029] bond_slave_1: left promiscuous mode
[  309.741196][ T5148] lo speed is unknown, defaulting to 1000
[  309.959786][T12962] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.997888][T12962] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.005645][T12962] bridge_slave_0: entered allmulticast mode
[  310.059248][T12962] bridge_slave_0: entered promiscuous mode
[  310.105599][T12962] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.140906][T12962] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.165582][T12962] bridge_slave_1: entered allmulticast mode
[  310.204191][T12962] bridge_slave_1: entered promiscuous mode
[  310.215683][T13058] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2440'.
[  310.420215][T12962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.434001][T12962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.571347][T12962] team0: Port device team_slave_0 added
[  310.591886][T12962] team0: Port device team_slave_1 added
[  310.606001][T13071] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2443'.
[  310.618425][T13071] netlink: 'syz.2.2443': attribute type 15 has an invalid length.
[  310.638824][T13071] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  310.647786][T13071] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  310.656018][T13071] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  310.664350][T13071] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  310.673886][T13071] vxlan0: entered promiscuous mode
[  310.783161][T12962] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.792199][T12962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.820440][T12962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.845307][T13072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2445'.
[  310.875509][T12962] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.885542][T13072] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2445'.
[  310.895334][T12962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.927359][T12962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.003655][T13086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2448'.
[  311.098554][T12962] hsr_slave_0: entered promiscuous mode
[  311.112869][T12962] hsr_slave_1: entered promiscuous mode
[  311.124000][T12962] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  311.133421][T12962] Cannot create hsr debugfs directory
[  311.232162][T12841] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.396014][T12841] 8021q: adding VLAN 0 to HW filter on device team0
[  311.437773][ T5100] Bluetooth: hci3: command tx timeout
[  311.456224][  T783] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.463502][  T783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.495114][  T783] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.502377][  T783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  311.561875][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  312.079712][T13114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2458'.
[  312.150188][T12841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.236640][T13119] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1025 (only 8 groups)
[  312.384017][T12962] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  312.497795][T12962] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  312.506088][T13125] netlink: 'syz.2.2461': attribute type 1 has an invalid length.
[  312.506117][T13125] netlink: 'syz.2.2461': attribute type 3 has an invalid length.
[  312.506136][T13125] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2461'.
[  312.562523][T12962] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  312.588360][T13125] NCSI netlink: No device for ifindex 0
[  312.595081][T12962] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  312.604619][T13128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2462'.
[  312.774987][T12841] veth0_vlan: entered promiscuous mode
[  312.832666][T12841] veth1_vlan: entered promiscuous mode
[  312.884985][T12962] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.948839][T12841] veth0_macvtap: entered promiscuous mode
[  313.069369][T12841] veth1_macvtap: entered promiscuous mode
[  313.111982][T12962] 8021q: adding VLAN 0 to HW filter on device team0
[  313.160740][T13142] x_tables: duplicate underflow at hook 1
[  313.181466][T13142] sctp: [Deprecated]: syz.1.2465 (pid 13142) Use of int in max_burst socket option.
[  313.181466][T13142] Use struct sctp_assoc_value instead
[  313.213178][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.222758][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.252866][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.275281][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.286288][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.311944][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.323180][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.337825][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.362388][T12841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.393971][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.401426][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.460760][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.482955][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.494479][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.519858][ T5100] Bluetooth: hci3: command tx timeout
[  313.524295][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.565136][T12841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.588690][T12841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.611962][T12841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.651345][T13151] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2469'.
[  313.715525][T12962] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  313.776240][T12841] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.797915][T12841] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.808030][T12841] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.817904][T12841] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.136094][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.166231][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.255279][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.302760][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.381289][T12962] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.610271][T12962] veth0_vlan: entered promiscuous mode
[  314.658487][T12962] veth1_vlan: entered promiscuous mode
[  314.769932][T12962] veth0_macvtap: entered promiscuous mode
[  314.811167][T12962] veth1_macvtap: entered promiscuous mode
[  314.914912][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.938281][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.960651][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  314.981822][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.003385][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.024993][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.051854][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  315.074369][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.105984][T12962] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.151292][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.164685][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.187098][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.209074][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.232576][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.268124][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.309355][T12962] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  315.342660][T12962] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  315.370819][T12962] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.481801][T13197] netlink: 'syz.1.2478': attribute type 1 has an invalid length.
[  315.524360][T12962] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.535219][T13197] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2478'.
[  315.547230][T12962] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.556047][T12962] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.583440][T13197] NCSI netlink: No device for ifindex 0
[  315.589807][T12962] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.647128][T13197] SET target dimension over the limit!
[  315.811414][ T1041] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.024758][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.037895][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.095778][ T1041] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.146241][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.154830][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.198842][ T1041] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.269036][ T1041] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.365647][ T1041] bridge_slave_1: left allmulticast mode
[  316.372281][ T1041] bridge_slave_1: left promiscuous mode
[  316.378827][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.389955][ T1041] bridge_slave_0: left allmulticast mode
[  316.395845][ T1041] bridge_slave_0: left promiscuous mode
[  316.403503][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.867519][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.882814][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.900549][ T1041] bond0 (unregistering): Released all slaves
[  317.200659][T13212] Cannot find add_set index 0 as target
[  317.473475][T13219] dummy0: entered promiscuous mode
[  317.521723][T13229] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2487'.
[  317.857289][ T5111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  317.873443][ T5111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  317.889495][ T5111] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  317.912864][ T5111] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  317.923591][ T5111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  317.933159][ T5111] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  317.998130][T13207] delete_channel: no stack
[  318.098584][ T1041] hsr_slave_0: left promiscuous mode
[  318.125428][ T1041] hsr_slave_1: left promiscuous mode
[  318.147665][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.161315][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  318.179406][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.195396][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  318.242463][ T1041] veth1_macvtap: left promiscuous mode
[  318.248680][ T1041] veth0_macvtap: left promiscuous mode
[  318.255151][ T1041] veth1_vlan: left promiscuous mode
[  318.261352][ T1041] veth0_vlan: left promiscuous mode
[  319.251440][ T1041] team0 (unregistering): Port device team_slave_1 removed
[  319.312295][ T1041] team0 (unregistering): Port device team_slave_0 removed
[  319.843475][T13224] veth0_vlan: left promiscuous mode
[  319.885048][T13246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2490'.
[  319.923512][T13218] dummy0: left promiscuous mode
[  319.967264][T13246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2490'.
[  319.998212][ T5111] Bluetooth: hci4: command tx timeout
[  320.250588][T13258] netlink: 124 bytes leftover after parsing attributes in process `syz.3.2493'.
[  320.305399][T13258] netlink: 124 bytes leftover after parsing attributes in process `syz.3.2493'.
[  320.421424][T13263] (unnamed net_device) (uninitialized): option use_carrier: invalid value (2)
[  320.931117][T13285] xt_TCPMSS: Only works on TCP SYN packets
[  320.964846][T13235] chnl_net:caif_netlink_parms(): no params data found
[  321.379795][T13298] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2507'.
[  321.505865][T13235] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.528174][T13235] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.535614][T13235] bridge_slave_0: entered allmulticast mode
[  321.564650][T13235] bridge_slave_0: entered promiscuous mode
[  321.585219][T13235] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.607650][T13235] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.625269][T13235] bridge_slave_1: entered allmulticast mode
[  321.635808][T13235] bridge_slave_1: entered promiscuous mode
[  321.655233][T13309] netlink: 'syz.0.2509': attribute type 3 has an invalid length.
[  321.793351][T13235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.830320][T13235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.889423][T13325] x_tables: unsorted underflow at hook 2
[  321.909188][T13326] netlink: 210620 bytes leftover after parsing attributes in process `syz.1.2516'.
[  321.924141][T13326] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  321.932432][T13235] team0: Port device team_slave_0 added
[  321.943667][T13235] team0: Port device team_slave_1 added
[  321.951898][T13326] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  322.052943][T13235] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.081633][T13235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.087784][ T5111] Bluetooth: hci4: command tx timeout
[  322.117244][T13235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.175956][T13333] bridge1: entered promiscuous mode
[  322.221579][T13333] bridge1: entered allmulticast mode
[  322.240204][T13338] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2518'.
[  322.361575][T13331] netlink: 'syz.0.2515': attribute type 10 has an invalid length.
[  322.399117][T13331] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  322.412909][T13331] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  322.436679][T13235] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.443681][T13235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.477162][T13235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.652470][T13235] hsr_slave_0: entered promiscuous mode
[  322.670311][T13347] Bluetooth: MGMT ver 1.22
[  322.680254][T13235] hsr_slave_1: entered promiscuous mode
[  322.737420][T13235] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  322.745401][T13235] Cannot create hsr debugfs directory
[  322.855816][   T29] audit: type=1804 audit(1719717296.055:15): pid=13356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2523" name="/root/syzkaller.8uvbuH/586/cgroup.controllers" dev="sda1" ino=1953 res=1 errno=0
[  323.154805][T13366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2524'.
[  323.240498][T13370] bridge: RTM_NEWNEIGH with invalid state 0x0
[  324.156755][ T5111] Bluetooth: hci4: command tx timeout
[  324.204122][T13410] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(58129230759164) <= P.seqno(0) <= S.SWH(58129230759238)) and (P.ackno exists or LAWL(183630817703211) <= P.ackno(183630817703212) <= S.AWH(183630817703212), sending SYNC...
[  324.207972][T13235] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  324.250829][T13235] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  324.303939][T13235] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  324.344696][T13235] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  324.764589][T13235] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.822121][T13235] 8021q: adding VLAN 0 to HW filter on device team0
[  324.865570][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.872842][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.900796][T13433] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2546'.
[  324.924238][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.931529][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.079945][T13440] netlink: 'syz.2.2549': attribute type 1 has an invalid length.
[  325.208530][T13447] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2551'.
[  325.730534][T13472] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2554'.
[  325.829157][T13476] tipc: Resetting bearer <eth:bridge0>
[  325.843952][T13476] bridge0: port 2(–eth0_vlan) entered disabled state
[  325.851487][T13476] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.887475][T13471] –eth0_vlan: left allmulticast mode
[  325.900982][T13471] –eth0_vlan: left promiscuous mode
[  325.908952][T13471] bridge0: port 2(–eth0_vlan) entered disabled state
[  325.923858][T13471] bridge_slave_0: left promiscuous mode
[  325.931154][T13471] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.985523][T13471] tipc: Disabling bearer <eth:bridge0>
[  326.067921][T13235] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.237291][ T5111] Bluetooth: hci4: command tx timeout
[  326.395772][T13466] dvmrp0: entered allmulticast mode
[  326.606126][ T9005] dvmrp0 (unregistering): left allmulticast mode
[  326.684134][T13477] delete_channel: no stack
[  326.758054][T13235] veth0_vlan: entered promiscuous mode
[  326.773932][T13235] veth1_vlan: entered promiscuous mode
[  326.839012][T13235] veth0_macvtap: entered promiscuous mode
[  326.852785][T13235] veth1_macvtap: entered promiscuous mode
[  326.882489][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.897537][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.908032][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.919855][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.930222][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.940866][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.951537][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.963563][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.975717][T13235] batman_adv: batadv0: Interface activated: batadv_slave_0
[  327.001152][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.015047][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.027356][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.039045][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.050812][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.061972][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.072039][T13235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.082621][T13235] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.094831][T13235] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.114242][T13235] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.125845][T13235] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.141611][T13235] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.151367][T13235] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.244972][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.254241][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.282786][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.293133][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.329740][ T1110] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.542636][ T1110] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.609729][ T1110] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.669137][ T1110] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.797836][ T1110] bridge_slave_1: left allmulticast mode
[  330.805325][ T1110] bridge_slave_1: left promiscuous mode
[  330.827625][ T1110] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.848496][ T1110] bridge_slave_0: left allmulticast mode
[  330.854225][ T1110] bridge_slave_0: left promiscuous mode
[  330.870746][ T1110] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.080120][ T5100] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  331.103151][ T5100] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  331.118454][ T5100] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  331.142882][ T5100] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  331.163013][ T5100] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  331.177744][ T5100] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  331.489358][ T1110] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  331.503268][ T1110] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.518633][ T1110] bond0 (unregistering): Released all slaves
[  331.781296][T13494] chnl_net:caif_netlink_parms(): no params data found
[  331.912576][ T1110] hsr_slave_0: left promiscuous mode
[  331.921732][ T1110] hsr_slave_1: left promiscuous mode
[  331.935493][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  331.944211][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_0
[  331.953392][ T1110] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  331.962048][ T1110] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.991362][ T1110] veth1_macvtap: left promiscuous mode
[  331.997735][ T1110] veth0_macvtap: left promiscuous mode
[  332.003630][ T1110] veth1_vlan: left promiscuous mode
[  332.011130][ T1110] veth0_vlan: left promiscuous mode
[  332.643269][ T1110] team0 (unregistering): Port device team_slave_1 removed
[  332.700876][ T1110] team0 (unregistering): Port device team_slave_0 removed
[  333.253055][T13494] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.262483][T13494] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.271738][T13494] bridge_slave_0: entered allmulticast mode
[  333.278612][ T5100] Bluetooth: hci4: command tx timeout
[  333.291258][T13494] bridge_slave_0: entered promiscuous mode
[  333.305658][T13494] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.317804][T13494] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.325190][T13494] bridge_slave_1: entered allmulticast mode
[  333.332901][T13494] bridge_slave_1: entered promiscuous mode
[  333.394772][T13494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.409305][T13494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.471019][T13494] team0: Port device team_slave_0 added
[  333.483976][T13494] team0: Port device team_slave_1 added
[  333.544378][T13494] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.553203][T13494] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.583238][T13494] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.598199][T13494] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.605532][T13494] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.632658][T13494] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.700052][T13494] hsr_slave_0: entered promiscuous mode
[  333.713093][T13494] hsr_slave_1: entered promiscuous mode
[  333.721449][T13494] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.730270][T13494] Cannot create hsr debugfs directory
[  334.183062][T13494] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  334.194420][T13494] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  334.205402][T13494] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  334.221874][T13494] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  334.322027][T13494] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.373858][T13494] 8021q: adding VLAN 0 to HW filter on device team0
[  334.388872][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.396023][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.413631][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.420832][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  334.638005][T13494] 8021q: adding VLAN 0 to HW filter on device batadv0
[  334.875217][T13494] veth0_vlan: entered promiscuous mode
[  334.891718][T13494] veth1_vlan: entered promiscuous mode
[  334.925742][T13494] veth0_macvtap: entered promiscuous mode
[  334.945189][T13494] veth1_macvtap: entered promiscuous mode
[  334.970366][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  334.982065][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  334.992824][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.005329][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.017441][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.029352][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.044603][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.058403][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.072486][T13494] batman_adv: batadv0: Interface activated: batadv_slave_0
[  335.085260][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  335.097001][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.109719][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  335.122115][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.133232][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  335.144474][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.159904][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  335.171812][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.184443][T13494] batman_adv: batadv0: Interface activated: batadv_slave_1
[  335.204333][T13494] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  335.215435][T13494] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  335.228678][T13494] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  335.240031][T13494] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  335.342731][ T9008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  335.350798][ T9008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  335.366815][ T5100] Bluetooth: hci4: command tx timeout
[  335.401257][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  335.412408][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.737864][ T1041] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.471252][ T5111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  339.482933][ T5111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  339.493290][ T5111] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  339.504034][ T5111] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  339.514853][ T5111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  339.535292][ T5111] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  339.722199][T13513] chnl_net:caif_netlink_parms(): no params data found
[  339.811106][T13513] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.819977][T13513] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.829090][T13513] bridge_slave_0: entered allmulticast mode
[  339.839632][T13513] bridge_slave_0: entered promiscuous mode
[  339.850451][T13513] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.859538][T13513] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.870175][T13513] bridge_slave_1: entered allmulticast mode
[  339.879542][T13513] bridge_slave_1: entered promiscuous mode
[  339.924178][T13513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.938232][T13513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.984518][T13513] team0: Port device team_slave_0 added
[  339.994690][T13513] team0: Port device team_slave_1 added
[  340.030889][T13513] batman_adv: batadv0: Adding interface: batadv_slave_0
[  340.040599][T13513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.070287][T13513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.085647][T13513] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.094808][T13513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.124670][T13513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.183863][T13513] hsr_slave_0: entered promiscuous mode
[  340.191777][T13513] hsr_slave_1: entered promiscuous mode
[  340.200169][T13513] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  340.208801][T13513] Cannot create hsr debugfs directory
[  340.488398][ T1041] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.555693][ T1041] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.641905][ T1041] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.773614][ T1041] bridge_slave_1: left allmulticast mode
[  340.780579][ T1041] bridge_slave_1: left promiscuous mode
[  340.788932][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.801324][ T1041] bridge_slave_0: left allmulticast mode
[  340.808251][ T1041] bridge_slave_0: left promiscuous mode
[  340.814072][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.274430][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.289245][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.302246][ T1041] bond0 (unregistering): Released all slaves
[  341.581986][ T1041] hsr_slave_0: left promiscuous mode
[  341.589277][ T1041] hsr_slave_1: left promiscuous mode
[  341.595393][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.597246][ T5111] Bluetooth: hci4: command tx timeout
[  341.611172][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.633245][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.642274][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.671420][ T1041] veth1_macvtap: left promiscuous mode
[  341.677273][ T1041] veth0_macvtap: left promiscuous mode
[  341.682999][ T1041] veth1_vlan: left promiscuous mode
[  341.689167][ T1041] veth0_vlan: left promiscuous mode
[  342.309141][ T1041] team0 (unregistering): Port device team_slave_1 removed
[  342.363700][ T1041] team0 (unregistering): Port device team_slave_0 removed
[  342.982380][T13513] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  342.995123][T13513] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  343.024787][T13513] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  343.035571][T13513] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  343.221360][T13513] 8021q: adding VLAN 0 to HW filter on device bond0
[  343.260920][T13513] 8021q: adding VLAN 0 to HW filter on device team0
[  343.304794][T13527] bridge: RTM_NEWNEIGH with invalid state 0x0
[  343.318073][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.325517][ T5098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  343.344569][T13521] delete_channel: no stack
[  343.372138][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.379413][ T5098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  343.482333][T13533] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2563'.
[  343.687842][ T5111] Bluetooth: hci4: command tx timeout
[  344.194753][T13513] 8021q: adding VLAN 0 to HW filter on device batadv0
[  344.359195][   T29] audit: type=1804 audit(1719717317.565:16): pid=13571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2573" name="/root/syzkaller.zfPeNo/624/cgroup.controllers" dev="sda1" ino=1982 res=1 errno=0
[  345.134463][T13513] veth0_vlan: entered promiscuous mode
[  345.206181][T13590] dvmrp0: entered allmulticast mode
[  345.321787][T13513] veth1_vlan: entered promiscuous mode
[  345.736105][ T1094] dvmrp0 (unregistering): left allmulticast mode
[  345.760095][ T5111] Bluetooth: hci4: command tx timeout
[  345.788116][T13513] veth0_macvtap: entered promiscuous mode
[  345.823686][T13513] veth1_macvtap: entered promiscuous mode
[  345.895530][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.946450][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.001659][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.032590][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.042809][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.054422][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.066593][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  346.081718][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.104724][T13513] batman_adv: batadv0: Interface activated: batadv_slave_0
[  346.159895][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.191270][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.220881][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.253473][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.275579][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.308078][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.320630][T13513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.342012][T13513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.369415][T13513] batman_adv: batadv0: Interface activated: batadv_slave_1
[  346.375245][T13648] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2589'.
[  346.455093][T13513] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  346.466035][T13513] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  346.477082][T13513] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  346.486793][T13513] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.704774][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.739684][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.861050][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.883459][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.021720][T13666] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  347.032410][T13666] macvlan1: entered allmulticast mode
[  347.047363][T13666] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  347.294625][T13687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2598'.
[  347.309311][T13691] netlink: 'syz.1.2600': attribute type 7 has an invalid length.
[  347.359776][T13691] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2600'.
[  347.440592][T13684] syz.0.2598: vmalloc error: size 10485760, failed to allocated page array size 20480, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  347.501206][T13684] CPU: 1 PID: 13684 Comm: syz.0.2598 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  347.512220][T13684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  347.522510][T13684] Call Trace:
[  347.525823][T13684]  <TASK>
[  347.528888][T13684]  dump_stack_lvl+0x241/0x360
[  347.534366][T13684]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.539619][T13684]  ? __pfx__printk+0x10/0x10
[  347.544252][T13684]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  347.550741][T13684]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  347.557375][T13684]  warn_alloc+0x278/0x410
[  347.561756][T13684]  ? __pfx_warn_alloc+0x10/0x10
[  347.566644][T13684]  ? hash_netport_create+0x356/0x1040
[  347.572036][T13684]  ? __get_vm_area_node+0x23d/0x270
[  347.577357][T13684]  __vmalloc_node_range_noprof+0x69f/0x1460
[  347.583728][T13684]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  347.590075][T13684]  ? rcu_is_watching+0x15/0xb0
[  347.595026][T13684]  ? trace_kmalloc+0x1f/0xd0
[  347.599626][T13684]  ? __kmalloc_node_noprof+0x247/0x440
[  347.605136][T13684]  ? kvmalloc_node_noprof+0x72/0x190
[  347.610449][T13684]  kvmalloc_node_noprof+0x142/0x190
[  347.616131][T13684]  ? hash_netport_create+0x356/0x1040
[  347.621521][T13684]  hash_netport_create+0x356/0x1040
[  347.626751][T13684]  ? __pfx_hash_netport_create+0x10/0x10
[  347.632401][T13684]  ip_set_create+0xa5c/0x1900
[  347.637097][T13684]  ? ip_set_create+0x45e/0x1900
[  347.641960][T13684]  ? __mutex_trylock_common+0xa/0x2e0
[  347.647357][T13684]  ? __pfx_ip_set_create+0x10/0x10
[  347.652494][T13684]  ? trace_contention_end+0x3c/0x120
[  347.657821][T13684]  ? nfnetlink_rcv_msg+0x225/0x1180
[  347.663032][T13684]  nfnetlink_rcv_msg+0xbec/0x1180
[  347.668155][T13684]  ? kernel_text_address+0xa7/0xe0
[  347.673290][T13684]  ? nfnetlink_rcv_msg+0x225/0x1180
[  347.678609][T13684]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  347.684119][T13684]  ? netlink_deliver_tap+0x19d/0x1b0
[  347.689414][T13684]  ? netlink_unicast+0x7be/0x990
[  347.694363][T13684]  ? netlink_sendmsg+0x8e4/0xcb0
[  347.699311][T13684]  ? __sock_sendmsg+0x221/0x270
[  347.704177][T13684]  ? ____sys_sendmsg+0x525/0x7d0
[  347.709158][T13684]  ? __sys_sendmsg+0x2b0/0x3a0
[  347.713962][T13684]  ? do_syscall_64+0xf3/0x230
[  347.718680][T13684]  netlink_rcv_skb+0x1e3/0x430
[  347.723462][T13684]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  347.729397][T13684]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  347.734735][T13684]  ? apparmor_capable+0x138/0x1b0
[  347.739807][T13684]  ? bpf_lsm_capable+0x9/0x10
[  347.744512][T13684]  ? security_capable+0x90/0xb0
[  347.749388][T13684]  nfnetlink_rcv+0x297/0x2a90
[  347.754093][T13684]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  347.760092][T13684]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  347.766435][T13684]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  347.772358][T13684]  ? lockdep_hardirqs_on+0x99/0x150
[  347.777664][T13684]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  347.782798][T13684]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  347.788703][T13684]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  347.795055][T13684]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  347.801688][T13684]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  347.808656][T13684]  ? rcu_is_watching+0x15/0xb0
[  347.813446][T13684]  ? rcu_read_unlock_special+0x470/0x550
[  347.819184][T13684]  ? skb_clone+0x240/0x390
[  347.823619][T13684]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  347.829648][T13684]  ? __netlink_deliver_tap+0x77e/0x7c0
[  347.835138][T13684]  ? __rcu_read_unlock+0xa1/0x110
[  347.840228][T13684]  netlink_unicast+0x7f0/0x990
[  347.845013][T13684]  ? __pfx_netlink_unicast+0x10/0x10
[  347.850322][T13684]  ? __virt_addr_valid+0x183/0x520
[  347.855483][T13684]  ? __check_object_size+0x49c/0x900
[  347.860807][T13684]  ? bpf_lsm_netlink_send+0x9/0x10
[  347.865977][T13684]  netlink_sendmsg+0x8e4/0xcb0
[  347.870818][T13684]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.876508][T13684]  ? __import_iovec+0x536/0x820
[  347.881930][T13684]  ? aa_sock_msg_perm+0x91/0x160
[  347.886981][T13684]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  347.892281][T13684]  ? security_socket_sendmsg+0x87/0xb0
[  347.898125][T13684]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.903484][T13684]  __sock_sendmsg+0x221/0x270
[  347.908256][T13684]  ____sys_sendmsg+0x525/0x7d0
[  347.913101][T13684]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.918447][T13684]  __sys_sendmsg+0x2b0/0x3a0
[  347.923275][T13684]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.928480][T13684]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  347.935231][T13684]  ? do_syscall_64+0x100/0x230
[  347.940027][T13684]  ? do_syscall_64+0xb6/0x230
[  347.944725][T13684]  do_syscall_64+0xf3/0x230
[  347.949435][T13684]  ? clear_bhb_loop+0x35/0x90
[  347.954132][T13684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.961290][T13684] RIP: 0033:0x7fba02375b99
[  347.965760][T13684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.986185][T13684] RSP: 002b:00007fba0318b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.994878][T13684] RAX: ffffffffffffffda RBX: 00007fba02503fa0 RCX: 00007fba02375b99
[  348.002866][T13684] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 000000000000000d
[  348.011031][T13684] RBP: 00007fba023f677e R08: 0000000000000000 R09: 0000000000000000
[  348.019039][T13684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  348.027035][T13684] R13: 000000000000000b R14: 00007fba02503fa0 R15: 00007ffe35456eb8
[  348.035076][T13684]  </TASK>
[  348.066828][T13694] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2598'.
[  348.083001][ T5100] Bluetooth: hci4: command tx timeout
[  348.088996][T13684] Mem-Info:
[  348.092161][T13684] active_anon:3043 inactive_anon:0 isolated_anon:0
[  348.092161][T13684]  active_file:1559 inactive_file:38656 isolated_file:0
[  348.092161][T13684]  unevictable:768 dirty:93 writeback:0
[  348.092161][T13684]  slab_reclaimable:9924 slab_unreclaimable:104966
[  348.092161][T13684]  mapped:13156 shmem:1262 pagetables:616
[  348.092161][T13684]  sec_pagetables:0 bounce:0
[  348.092161][T13684]  kernel_misc_reclaimable:0
[  348.092161][T13684]  free:1392032 free_pcp:1076 free_cma:0
[  348.140648][T13684] Node 0 active_anon:12172kB inactive_anon:0kB active_file:6236kB inactive_file:154548kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52624kB dirty:368kB writeback:0kB shmem:3512kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11048kB pagetables:2464kB sec_pagetables:0kB all_unreclaimable? no
[  348.174740][T13684] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  348.247308][T13684] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  348.307790][T13684] lowmem_reserve[]: 0 2571 2571 0 0
[  348.315170][T13684] Node 0 DMA32 free:1606768kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:12412kB inactive_anon:0kB active_file:6236kB inactive_file:154244kB unevictable:1536kB writepending:404kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:780kB local_pcp:780kB free_cma:0kB
[  348.368706][T13684] lowmem_reserve[]: 0 0 0 0 0
[  348.401880][T13684] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:304kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  348.490409][T13684] lowmem_reserve[]: 0 0 0 0 0
[  348.511402][T13684] Node 1 Normal free:3946780kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:2512kB local_pcp:1256kB free_cma:0kB
[  348.598552][T13684] lowmem_reserve[]: 0 0 0 0 0
[  348.603590][T13684] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  348.676104][T13684] Node 0 DMA32: 3*4kB (UME) 38*8kB (UME) 122*16kB (UM) 248*32kB (UME) 120*64kB (UME) 31*128kB (UME) 34*256kB (UME) 15*512kB (UME) 10*1024kB (UME) 5*2048kB (UME) 377*4096kB (UM) = 1602908kB
[  348.763712][T13684] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  348.792503][T13684] Node 1 Normal: 1*4kB (U) 0*8kB 2*16kB (U) 1*32kB (U) 3*64kB (UM) 3*128kB (U) 3*256kB (UM) 4*512kB (UM) 1*1024kB (U) 3*2048kB (U) 961*4096kB (M) = 3946884kB
[  348.863868][T13684] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  348.892776][T13684] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  348.933240][T13684] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  348.957645][T13684] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  348.976676][T13684] 41498 total pagecache pages
[  348.981439][T13684] 0 pages in swap cache
[  348.985626][T13684] Free swap  = 124996kB
[  349.008115][T13684] Total swap = 124996kB
[  349.030300][T13684] 2097051 pages RAM
[  349.034278][T13684] 0 pages HighMem/MovableOnly
[  349.046544][T13684] 400875 pages reserved
[  349.057184][T13684] 0 pages cma reserved
[  349.170130][T13730] netlink: 'syz.2.2610': attribute type 1 has an invalid length.
[  349.290049][T13732] batadv_slave_1: entered promiscuous mode
[  349.639199][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  349.651306][ T5099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  349.665810][ T5099] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  349.703965][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  349.714679][ T5099] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  349.724681][ T5099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  349.803185][ T8991] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  349.814304][ T8991] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.825089][ T8991] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 54676 - 0
[  349.838699][ T8991] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 39117 - 0
[  349.968547][ T8991] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  349.979448][ T8991] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.993647][ T8991] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 54676 - 0
[  350.013536][ T8991] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 39117 - 0
[  350.043427][T13752] netlink: 'syz.2.2615': attribute type 4 has an invalid length.
[  350.130056][ T8991] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  350.143999][ T8991] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.155375][ T8991] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 54676 - 0
[  350.166179][ T5099] Bluetooth: hci4: command 0x0405 tx timeout
[  350.180595][ T8991] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 39117 - 0
[  350.226113][T13732] batadv_slave_1: left promiscuous mode
[  350.461302][ T8991] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  350.507239][ T8991] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.532636][ T8991] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 54676 - 0
[  350.556883][ T8991] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 39117 - 0
[  350.821154][T13743] chnl_net:caif_netlink_parms(): no params data found
[  350.925442][ T8991] bridge_slave_1: left allmulticast mode
[  350.938997][ T8991] bridge_slave_1: left promiscuous mode
[  350.944815][ T8991] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.954956][ T8991] bridge_slave_0: left allmulticast mode
[  350.963535][ T8991] bridge_slave_0: left promiscuous mode
[  350.970350][ T8991] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.132877][ T8991] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  351.432459][ T8991] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  351.841658][ T5111] Bluetooth: hci0: command tx timeout
[  351.876205][ T8991] team0: Port device bond0 removed
[  351.895475][ T8991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  351.912346][ T8991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  351.925521][ T8991] bond0 (unregistering): Released all slaves
[  351.944759][ T8991] bond1 (unregistering): Released all slaves
[  351.961663][ T8991] bond2 (unregistering): Released all slaves
[  351.980109][ T8991] bond3 (unregistering): Released all slaves
[  352.002933][ T8991] bond4 (unregistering): Released all slaves
[  352.133451][T13743] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.141615][T13743] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.149693][T13743] bridge_slave_0: entered allmulticast mode
[  352.157762][T13743] bridge_slave_0: entered promiscuous mode
[  352.165933][ T8991] tipc: Left network mode
[  352.173894][T13743] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.181939][T13743] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.189827][T13743] bridge_slave_1: entered allmulticast mode
[  352.200152][T13743] bridge_slave_1: entered promiscuous mode
[  352.277861][T13743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.292682][T13743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.369306][T13743] team0: Port device team_slave_0 added
[  352.382953][T13743] team0: Port device team_slave_1 added
[  352.713759][T13743] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.728155][T13743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.778259][T13743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.813551][ T8991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  352.832272][ T8991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  352.847993][ T8991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  352.855782][ T8991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  352.903799][ T8991] veth0_macvtap: left promiscuous mode
[  352.968596][ T5099] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  352.980411][ T5099] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  352.991598][ T5099] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  353.002235][ T5099] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  353.011097][ T5099] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  353.021995][ T5099] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  353.927990][ T5111] Bluetooth: hci0: command tx timeout
[  353.992049][ T8991] team0 (unregistering): Port device team_slave_1 removed
[  354.056176][ T8991] team0 (unregistering): Port device team_slave_0 removed
[  354.630680][T13743] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.646244][T13743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.679142][T13743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.907342][T13743] hsr_slave_0: entered promiscuous mode
[  354.931371][T13832] FAULT_INJECTION: forcing a failure.
[  354.931371][T13832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.945894][T13743] hsr_slave_1: entered promiscuous mode
[  354.951370][T13832] CPU: 0 PID: 13832 Comm: syz.2.2637 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  354.961651][T13832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  354.972304][T13832] Call Trace:
[  354.975608][T13832]  <TASK>
[  354.978569][T13832]  dump_stack_lvl+0x241/0x360
[  354.983277][T13832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  354.988614][T13832]  ? __pfx__printk+0x10/0x10
[  354.993246][T13832]  ? __pfx_lock_release+0x10/0x10
[  354.998486][T13832]  should_fail_ex+0x3b0/0x4e0
[  355.003393][T13832]  _copy_from_user+0x2f/0xe0
[  355.008106][T13832]  copy_msghdr_from_user+0xae/0x680
[  355.013434][T13832]  ? __pfx___might_resched+0x10/0x10
[  355.018948][T13832]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  355.024894][T13832]  ? __might_fault+0xaa/0x120
[  355.030077][T13832]  do_recvmmsg+0x40f/0xae0
[  355.034660][T13832]  ? __pfx_lock_release+0x10/0x10
[  355.039733][T13832]  ? __pfx_do_recvmmsg+0x10/0x10
[  355.044726][T13832]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  355.050886][T13832]  ? ksys_write+0x23e/0x2c0
[  355.055620][T13832]  ? __pfx_lock_release+0x10/0x10
[  355.061026][T13832]  ? vfs_write+0x7c4/0xc90
[  355.066054][T13832]  ? __mutex_unlock_slowpath+0x21d/0x750
[  355.072210][T13832]  ? __fget_files+0x3f6/0x470
[  355.077490][T13832]  __x64_sys_recvmmsg+0x199/0x250
[  355.082640][T13832]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  355.088230][T13832]  ? do_syscall_64+0x100/0x230
[  355.093031][T13832]  ? do_syscall_64+0xb6/0x230
[  355.097728][T13832]  do_syscall_64+0xf3/0x230
[  355.102245][T13832]  ? clear_bhb_loop+0x35/0x90
[  355.106968][T13832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.112908][T13832] RIP: 0033:0x7ff660d75b99
[  355.117442][T13832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.137082][T13832] RSP: 002b:00007ff661c17048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  355.145649][T13832] RAX: ffffffffffffffda RBX: 00007ff660f03fa0 RCX: 00007ff660d75b99
[  355.153654][T13832] RDX: 0400000000000284 RSI: 0000000020000040 RDI: 0000000000000003
[  355.162012][T13832] RBP: 00007ff661c170a0 R08: 0000000000000000 R09: 0000000000000000
[  355.170193][T13832] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  355.178640][T13832] R13: 000000000000004d R14: 00007ff660f03fa0 R15: 00007ffe6229c488
[  355.186925][T13832]  </TASK>
[  355.193611][ T5111] Bluetooth: hci4: command tx timeout
[  355.201474][T13743] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  355.227303][T13743] Cannot create hsr debugfs directory
[  355.278901][T13837] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2639'.
[  355.352195][T13837] IPVS: Error connecting to the multicast addr
[  355.397425][T13837] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2639'.
[  355.916191][ T8995] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.996927][ T5111] Bluetooth: hci0: command tx timeout
[  356.066792][ T8995] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.215373][ T8995] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.275879][T13800] chnl_net:caif_netlink_parms(): no params data found
[  356.390321][ T8995] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.738664][T13800] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.745988][T13800] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.763750][T13800] bridge_slave_0: entered allmulticast mode
[  356.775016][T13800] bridge_slave_0: entered promiscuous mode
[  356.784984][T13743] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  356.819833][T13743] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  356.842647][T13800] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.860432][T13800] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.874206][T13800] bridge_slave_1: entered allmulticast mode
[  356.890129][T13800] bridge_slave_1: entered promiscuous mode
[  356.952960][T13743] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  357.120063][T13743] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  357.226160][T13800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.276996][ T5111] Bluetooth: hci4: command tx timeout
[  357.434380][T13800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.435047][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  357.467309][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  357.477149][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  357.493244][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  357.509723][ T5099] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  357.518970][ T5099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  357.530446][ T8995] bridge_slave_1: left allmulticast mode
[  357.536132][ T8995] bridge_slave_1: left promiscuous mode
[  357.576726][ T8995] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.601804][ T8995] bridge_slave_0: left allmulticast mode
[  357.608380][ T8995] bridge_slave_0: left promiscuous mode
[  357.614287][ T8995] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.008146][ T5111] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  358.023615][ T5111] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  358.034794][ T5111] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  358.049747][ T5111] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  358.062152][ T5111] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  358.076987][ T5100] Bluetooth: hci0: command tx timeout
[  358.083534][ T5111] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  358.369381][ T8995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.383240][ T8995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.397238][ T8995] bond0 (unregistering): Released all slaves
[  358.433477][T13800] team0: Port device team_slave_0 added
[  358.465531][T13899] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2656'.
[  358.498644][T13900] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  358.511331][T13900] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  358.544589][T13800] team0: Port device team_slave_1 added
[  358.661140][T13800] batman_adv: batadv0: Adding interface: batadv_slave_0
[  358.669869][T13800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  358.696838][T13800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  358.741848][T13800] batman_adv: batadv0: Adding interface: batadv_slave_1
[  358.752278][T13800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  358.780437][T13800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  358.943301][T13800] hsr_slave_0: entered promiscuous mode
[  358.963844][T13800] hsr_slave_1: entered promiscuous mode
[  358.973454][T13800] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  358.986491][T13800] Cannot create hsr debugfs directory
[  359.053770][ T8995] hsr_slave_0: left promiscuous mode
[  359.070043][ T8995] hsr_slave_1: left promiscuous mode
[  359.077642][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  359.085240][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  359.096038][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  359.104437][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  359.135761][ T8995] veth1_macvtap: left promiscuous mode
[  359.146558][ T8995] veth0_macvtap: left promiscuous mode
[  359.152698][ T8995] veth1_vlan: left promiscuous mode
[  359.167988][ T8995] veth0_vlan: left promiscuous mode
[  359.366652][ T5099] Bluetooth: hci4: command tx timeout
[  359.606716][ T5099] Bluetooth: hci3: command tx timeout
[  360.081073][ T8995] team0 (unregistering): Port device team_slave_1 removed
[  360.135961][ T8995] team0 (unregistering): Port device team_slave_0 removed
[  360.158166][ T5099] Bluetooth: hci5: command tx timeout
[  361.438527][ T5099] Bluetooth: hci4: command tx timeout
[  361.486276][T13881] chnl_net:caif_netlink_parms(): no params data found
[  361.553716][T13915] dvmrp0: entered allmulticast mode
[  361.624433][T13743] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.648868][T13895] chnl_net:caif_netlink_parms(): no params data found
[  361.676918][ T5099] Bluetooth: hci3: command tx timeout
[  361.925917][T13743] 8021q: adding VLAN 0 to HW filter on device team0
[  362.112587][ T8995] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.153723][T13881] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.162090][T13881] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.171163][T13881] bridge_slave_0: entered allmulticast mode
[  362.192530][T13881] bridge_slave_0: entered promiscuous mode
[  362.202656][T13881] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.212429][T13881] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.223185][T13881] bridge_slave_1: entered allmulticast mode
[  362.236888][ T5099] Bluetooth: hci5: command tx timeout
[  362.247906][T13881] bridge_slave_1: entered promiscuous mode
[  362.281209][T13895] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.290066][T13895] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.302603][T13895] bridge_slave_0: entered allmulticast mode
[  362.311790][T13895] bridge_slave_0: entered promiscuous mode
[  362.321181][T13942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2665'.
[  362.357155][ T8995] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.398940][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.406428][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.431027][T13895] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.438712][T13895] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.446470][T13895] bridge_slave_1: entered allmulticast mode
[  362.454119][T13895] bridge_slave_1: entered promiscuous mode
[  362.520054][T13881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  362.583916][ T8995] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.629782][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.638548][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.758713][T13881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.869228][ T8995] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.896913][T13895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  362.966284][T13895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.997848][T13881] team0: Port device team_slave_0 added
[  363.012659][T13881] team0: Port device team_slave_1 added
[  363.179012][T13895] team0: Port device team_slave_0 added
[  363.187393][T13881] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.194428][T13881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.221287][T13881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.239320][T13881] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.247536][T13881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.274436][T13881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.313248][T13895] team0: Port device team_slave_1 added
[  363.351688][T13800] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  363.433691][T13895] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.441153][T13895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.473997][T13895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.497508][T13800] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  363.508953][T13800] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  363.548622][T13895] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.555768][T13895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.585045][T13895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.614459][T13800] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  363.625787][ T8995] bridge_slave_1: left allmulticast mode
[  363.633491][ T8995] bridge_slave_1: left promiscuous mode
[  363.640218][ T8995] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.652812][ T8995] bridge_slave_0: left allmulticast mode
[  363.659094][ T8995] bridge_slave_0: left promiscuous mode
[  363.664834][ T8995] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.759574][ T5099] Bluetooth: hci3: command tx timeout
[  364.202216][ T8995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  364.221181][ T8995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.233280][ T8995] bond0 (unregistering): Released all slaves
[  364.270697][T13881] hsr_slave_0: entered promiscuous mode
[  364.279560][T13881] hsr_slave_1: entered promiscuous mode
[  364.287571][T13881] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  364.295396][T13881] Cannot create hsr debugfs directory
[  364.326932][ T5099] Bluetooth: hci5: command tx timeout
[  364.503338][T13895] hsr_slave_0: entered promiscuous mode
[  364.523434][T13895] hsr_slave_1: entered promiscuous mode
[  364.531973][T13895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  364.545919][T13895] Cannot create hsr debugfs directory
[  364.880414][T13743] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.025498][ T8995] hsr_slave_0: left promiscuous mode
[  365.036018][ T8995] hsr_slave_1: left promiscuous mode
[  365.053637][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  365.064141][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  365.084516][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  365.093236][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  365.124538][ T8995] veth1_macvtap: left promiscuous mode
[  365.130383][ T8995] veth0_macvtap: left promiscuous mode
[  365.139222][ T8995] veth1_vlan: left promiscuous mode
[  365.846787][ T5099] Bluetooth: hci3: command tx timeout
[  366.049875][ T8995] team0 (unregistering): Port device team_slave_1 removed
[  366.058842][T13963] Bluetooth: MGMT ver 1.22
[  366.164088][ T8995] team0 (unregistering): Port device team_slave_0 removed
[  366.400750][ T5099] Bluetooth: hci5: command tx timeout
[  366.932486][T13895] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.085802][T13895] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.217860][T13895] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.269470][T13743] veth0_vlan: entered promiscuous mode
[  367.290459][T13743] veth1_vlan: entered promiscuous mode
[  367.348380][T13895] bond0: (slave netdevsim0): Releasing backup interface
[  367.355949][T13895] netdevsim netdevsim0 netdevsim0 (unregistering): left promiscuous mode
[  367.368237][T13895] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.470415][T13743] veth0_macvtap: entered promiscuous mode
[  367.500615][T13743] veth1_macvtap: entered promiscuous mode
[  367.539197][T13800] 8021q: adding VLAN 0 to HW filter on device bond0
[  367.641142][T13743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.653855][T13743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.664867][T13743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.679903][T13743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.692075][T13743] batman_adv: batadv0: Interface activated: batadv_slave_0
[  367.704999][T13743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.716134][T13743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.726623][T13743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.737637][T13743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.751049][T13743] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.805288][T13800] 8021q: adding VLAN 0 to HW filter on device team0
[  367.824346][T13743] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.849314][T13743] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.862966][T13743] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.872596][T13743] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.934292][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.941524][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.034676][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.041983][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.211522][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.236006][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.389694][ T9008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.392649][T13881] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  368.412973][ T9008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.453107][T13881] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  368.521620][T13881] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  368.562809][T13881] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  368.752436][T13895] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  368.795963][T13895] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  368.838813][T13895] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  368.878783][T13895] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  368.930312][T13800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  369.292736][T13881] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.438317][T13881] 8021q: adding VLAN 0 to HW filter on device team0
[  369.479495][T13895] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.517425][T14013] FAULT_INJECTION: forcing a failure.
[  369.517425][T14013] name failslab, interval 1, probability 0, space 0, times 0
[  369.537036][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.544265][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.576518][T14013] CPU: 0 PID: 14013 Comm: syz.2.2680 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  369.586921][T14013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  369.597199][T14013] Call Trace:
[  369.600506][T14013]  <TASK>
[  369.603468][T14013]  dump_stack_lvl+0x241/0x360
[  369.608203][T14013]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.613461][T14013]  ? __pfx__printk+0x10/0x10
[  369.618089][T14013]  ? fib_lookup+0x81/0x450
[  369.622966][T14013]  should_fail_ex+0x3b0/0x4e0
[  369.627665][T14013]  ? dst_alloc+0x12b/0x190
[  369.632096][T14013]  should_failslab+0x9/0x20
[  369.637678][T14013]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  369.643284][T14013]  dst_alloc+0x12b/0x190
[  369.647684][T14013]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[  369.653909][T14013]  ip_route_output_key_hash+0x193/0x2b0
[  369.659986][T14013]  ? mark_lock+0x9a/0x350
[  369.665057][T14013]  ? ip_route_output_key_hash+0xdf/0x2b0
[  369.670738][T14013]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  369.677143][T14013]  __ip4_datagram_connect+0x8c5/0x1260
[  369.682778][T14013]  __ip6_datagram_connect+0x194/0x1230
[  369.688307][T14013]  ? __pfx___ip6_datagram_connect+0x10/0x10
[  369.694251][T14013]  ? l2tp_ip6_connect+0x121/0x3a0
[  369.699305][T14013]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  369.705213][T14013]  ? do_raw_spin_unlock+0x13c/0x8b0
[  369.710456][T14013]  l2tp_ip6_connect+0x175/0x3a0
[  369.715420][T14013]  __sys_connect+0x2df/0x310
[  369.720044][T14013]  ? __pfx___sys_connect+0x10/0x10
[  369.725183][T14013]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  369.731565][T14013]  ? do_syscall_64+0x100/0x230
[  369.736366][T14013]  __x64_sys_connect+0x7a/0x90
[  369.741160][T14013]  do_syscall_64+0xf3/0x230
[  369.745677][T14013]  ? clear_bhb_loop+0x35/0x90
[  369.750370][T14013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.756279][T14013] RIP: 0033:0x7ff660d75b99
[  369.760710][T14013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.780357][T14013] RSP: 002b:00007ff661c17048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  369.788832][T14013] RAX: ffffffffffffffda RBX: 00007ff660f03fa0 RCX: 00007ff660d75b99
[  369.796848][T14013] RDX: 0000000000000020 RSI: 0000000020000840 RDI: 0000000000000003
[  369.804869][T14013] RBP: 00007ff661c170a0 R08: 0000000000000000 R09: 0000000000000000
[  369.812873][T14013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.820871][T14013] R13: 000000000000004d R14: 00007ff660f03fa0 R15: 00007ffe6229c488
[  369.828877][T14013]  </TASK>
[  369.835578][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.842852][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.929963][T13895] 8021q: adding VLAN 0 to HW filter on device team0
[  370.024768][T13800] veth0_vlan: entered promiscuous mode
[  370.049916][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.057275][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.135556][  T783] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.142806][  T783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.161901][T13800] veth1_vlan: entered promiscuous mode
[  370.373919][T13800] veth0_macvtap: entered promiscuous mode
[  370.411014][T13800] veth1_macvtap: entered promiscuous mode
[  370.471825][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.509697][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.526998][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.565037][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.589212][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.625357][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.671008][T13800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  370.692560][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.721392][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.749491][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.770346][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.790295][T13800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.814605][T13800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.844807][T13800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  370.890035][T13800] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.926374][T13800] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.936036][T13800] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.996710][T13800] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.047445][T14052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.195266][T13881] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.229187][ T8995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.249329][ T8995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.343466][T13895] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.375453][ T8989] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.416931][ T8989] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.649487][T13881] veth0_vlan: entered promiscuous mode
[  371.704091][T13881] veth1_vlan: entered promiscuous mode
[  371.730795][T13895] veth0_vlan: entered promiscuous mode
[  371.788767][T13895] veth1_vlan: entered promiscuous mode
[  371.841769][T13881] veth0_macvtap: entered promiscuous mode
[  371.885066][T13881] veth1_macvtap: entered promiscuous mode
[  371.911714][T14064] syz.2.2695[14064] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.911881][T14064] syz.2.2695[14064] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.934290][T13895] veth0_macvtap: entered promiscuous mode
[  371.970536][T14067] netlink: 'syz.2.2695': attribute type 1 has an invalid length.
[  371.986212][T14067] netlink: 112 bytes leftover after parsing attributes in process `syz.2.2695'.
[  372.005986][T13895] veth1_macvtap: entered promiscuous mode
[  372.093899][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.121056][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.146659][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.159258][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.170182][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.182761][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.193207][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.204356][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.227654][T13881] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.243776][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.266529][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.290063][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.301182][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.311805][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.323465][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.334090][T13881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.345558][T13881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.363426][T13881] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.404015][ T8995] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.447403][T13881] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.457180][T13881] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.465937][T13881] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.482010][T13881] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.534739][ T8995] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.550004][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.563203][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.574961][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.590644][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.600588][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.611119][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.621150][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.632048][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.643261][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.653978][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.665484][T13895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.695512][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.710082][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.721731][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.732779][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.743294][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.754272][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.764264][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.775616][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.787815][T13895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.799387][T13895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.811539][T13895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.842640][ T8995] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.875273][T13895] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.891232][T13895] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.902219][T13895] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.911884][T13895] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.956093][ T8995] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.016768][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.024686][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.106053][ T8990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.131641][ T8990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.189487][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.218360][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.252719][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.265998][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.317795][ T8995] bridge_slave_1: left allmulticast mode
[  373.323513][ T8995] bridge_slave_1: left promiscuous mode
[  373.330757][ T8995] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.342666][ T8995] bridge_slave_0: left allmulticast mode
[  373.350097][ T8995] bridge_slave_0: left promiscuous mode
[  373.355887][ T8995] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.785319][ T8995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.805199][ T8995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.824389][ T8995] bond0 (unregistering): Released all slaves
[  374.581398][T14099] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  374.615262][ T8995] hsr_slave_0: left promiscuous mode
[  374.688570][ T8995] hsr_slave_1: left promiscuous mode
[  374.721882][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  374.752782][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.789597][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  374.812539][ T5111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  374.824603][ T5111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  374.838963][ T5111] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  374.841437][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.877936][ T5111] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  374.887902][ T5111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  374.903175][ T5111] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  374.991872][ T8995] veth1_macvtap: left promiscuous mode
[  375.010861][ T8995] veth0_macvtap: left promiscuous mode
[  375.029712][ T8995] veth1_vlan: left promiscuous mode
[  375.049446][ T8995] veth0_vlan: left promiscuous mode
[  376.030096][T14133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2710'.
[  376.418835][ T8995] team0 (unregistering): Port device team_slave_1 removed
[  376.479720][ T8995] team0 (unregistering): Port device team_slave_0 removed
[  376.971366][ T5099] Bluetooth: hci4: command tx timeout
[  377.357172][T14141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2711'.
[  377.706832][T14152] netlink: 112 bytes leftover after parsing attributes in process `syz.2.2715'.
[  377.726544][T14152] tipc: Enabled bearer <eth:bridge0>, priority 10
[  377.735856][T14153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2716'.
[  377.928235][T14157] Bluetooth: MGMT ver 1.22
[  378.015059][T14102] chnl_net:caif_netlink_parms(): no params data found
[  378.787186][T14177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2723'.
[  378.863054][T14102] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.886030][T14102] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.911748][T14102] bridge_slave_0: entered allmulticast mode
[  378.941250][T14102] bridge_slave_0: entered promiscuous mode
[  378.992912][T14102] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.024742][T14102] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.039008][ T5099] Bluetooth: hci4: command tx timeout
[  379.048661][T14102] bridge_slave_1: entered allmulticast mode
[  379.068917][T14102] bridge_slave_1: entered promiscuous mode
[  379.292192][T14102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  379.334109][T14102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  379.509030][T14102] team0: Port device team_slave_0 added
[  379.538100][T14102] team0: Port device team_slave_1 added
[  379.646688][T14102] batman_adv: batadv0: Adding interface: batadv_slave_0
[  379.668893][T14102] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.747370][T14102] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.807726][T14102] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.835143][T14102] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.897475][T14102] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  380.012470][T14217] tipc: Started in network mode
[  380.019703][T14217] tipc: Node identity 32486628b487, cluster identity 4711
[  380.029820][T14217] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  380.043952][T14216] tipc: Disabling bearer <eth:syzkaller0>
[  380.078082][T14102] hsr_slave_0: entered promiscuous mode
[  380.086078][T14102] hsr_slave_1: entered promiscuous mode
[  380.095528][T14222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2737'.
[  380.105545][T14102] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  380.130469][T14102] Cannot create hsr debugfs directory
[  380.715112][T14237] netlink: 'syz.1.2742': attribute type 10 has an invalid length.
[  380.908819][T14245] netlink: 'syz.3.2746': attribute type 1 has an invalid length.
[  381.126429][ T5099] Bluetooth: hci4: command tx timeout
[  381.291123][T14254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2749'.
[  381.305154][T14102] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  381.351363][T14102] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  381.391863][T14251] tipc: Started in network mode
[  381.417298][T14251] tipc: Node identity 76aa0a35f304, cluster identity 4711
[  381.445334][T14251] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  381.470594][T14102] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  381.488934][T14102] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  381.542251][T14250] tipc: Disabling bearer <eth:syzkaller0>
[  381.813350][T14272] xt_l2tp: missing protocol rule (udp|l2tpip)
[  381.883340][T14102] 8021q: adding VLAN 0 to HW filter on device bond0
[  381.957922][T14102] 8021q: adding VLAN 0 to HW filter on device team0
[  381.991583][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.998865][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  382.060590][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.068023][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  382.463572][T14291] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2764'.
[  382.612634][T14102] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.628784][T14300] tipc: Started in network mode
[  382.640640][T14300] tipc: Node identity a6e39a9db289, cluster identity 4711
[  382.659320][T14300] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.686728][T14299] tipc: Disabling bearer <eth:syzkaller0>
[  382.737838][T14306] netlink: 'syz.1.2769': attribute type 1 has an invalid length.
[  382.746052][T14306] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.2769'.
[  382.758104][T14305] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  382.833065][T14309] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2769'.
[  383.198600][ T5099] Bluetooth: hci4: command tx timeout
[  383.347021][T14321] netlink: 'syz.1.2773': attribute type 1 has an invalid length.
[  383.657623][T14102] veth0_vlan: entered promiscuous mode
[  383.700360][T14102] veth1_vlan: entered promiscuous mode
[  383.726054][T14333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2777'.
[  383.798335][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  383.809676][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  383.819922][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  383.845142][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  383.858608][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  383.866458][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  383.903977][T14102] veth0_macvtap: entered promiscuous mode
[  383.915572][T14102] veth1_macvtap: entered promiscuous mode
[  383.971440][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  383.985114][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  383.995346][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.006556][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.016908][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.028247][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.044474][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.067128][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.086891][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  384.099418][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.127558][T14102] batman_adv: batadv0: Interface activated: batadv_slave_0
[  384.170836][T14346] ip6erspan0: entered allmulticast mode
[  384.203099][T14349] FAULT_INJECTION: forcing a failure.
[  384.203099][T14349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.220268][T14349] CPU: 0 PID: 14349 Comm: syz.1.2782 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  384.230700][T14349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  384.240984][T14349] Call Trace:
[  384.244484][T14349]  <TASK>
[  384.247641][T14349]  dump_stack_lvl+0x241/0x360
[  384.248240][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.252607][T14349]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.268359][T14349]  ? __pfx__printk+0x10/0x10
[  384.273178][T14349]  ? __pfx_lock_release+0x10/0x10
[  384.276123][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.278668][T14349]  should_fail_ex+0x3b0/0x4e0
[  384.278720][T14349]  _copy_from_user+0x2f/0xe0
[  384.278749][T14349]  copy_msghdr_from_user+0xae/0x680
[  384.278783][T14349]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  384.278828][T14349]  __sys_sendmsg+0x23d/0x3a0
[  384.278862][T14349]  ? __pfx___sys_sendmsg+0x10/0x10
[  384.278892][T14349]  ? vfs_write+0x7c4/0xc90
[  384.327850][T14349]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  384.334760][T14349]  ? do_syscall_64+0x100/0x230
[  384.339564][T14349]  ? do_syscall_64+0xb6/0x230
[  384.344349][T14349]  do_syscall_64+0xf3/0x230
[  384.348869][T14349]  ? clear_bhb_loop+0x35/0x90
[  384.353575][T14349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.359486][T14349] RIP: 0033:0x7f41d1b75b99
[  384.363917][T14349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.383631][T14349] RSP: 002b:00007f41d289c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  384.392159][T14349] RAX: ffffffffffffffda RBX: 00007f41d1d03fa0 RCX: 00007f41d1b75b99
[  384.400149][T14349] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  384.408130][T14349] RBP: 00007f41d289c0a0 R08: 0000000000000000 R09: 0000000000000000
[  384.416110][T14349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.424089][T14349] R13: 000000000000000b R14: 00007f41d1d03fa0 R15: 00007ffe79a4bba8
[  384.432117][T14349]  </TASK>
[  384.451765][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.464488][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.476160][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.487982][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.498711][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.509893][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.520326][T14102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  384.531854][T14102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  384.548916][T14102] batman_adv: batadv0: Interface activated: batadv_slave_1
[  384.561234][T14344] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  384.597562][T14343] tipc: Disabling bearer <eth:syzkaller0>
[  384.621029][T14352] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2783'.
[  384.635464][T14352] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes.
[  384.648734][T14352] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[  384.740325][T14102] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.754303][T14102] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.784563][T14102] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.796363][T14102] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.934695][ T9005] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.965353][T14358] netlink: 'syz.1.2786': attribute type 1 has an invalid length.
[  385.020354][T14362] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2787'.
[  385.159875][ T9005] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.190911][T14370] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2789'.
[  385.332621][ T9005] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.589482][ T9005] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.928311][ T5111] Bluetooth: hci3: command tx timeout
[  385.991061][T14390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2795'.
[  386.007924][ T8991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.015885][ T8991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.092148][T14336] chnl_net:caif_netlink_parms(): no params data found
[  386.150838][ T9005] bridge_slave_1: left allmulticast mode
[  386.165547][ T9005] bridge_slave_1: left promiscuous mode
[  386.196687][ T9005] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.228737][ T9005] bridge_slave_0: left allmulticast mode
[  386.234452][ T9005] bridge_slave_0: left promiscuous mode
[  386.249895][ T9005] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.894887][ T9005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.912656][ T9005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.926138][ T9005] bond0 (unregistering): Released all slaves
[  386.970119][T14393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2796'.
[  387.114262][ T9005] tipc: Left network mode
[  387.341023][T14411] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2800'.
[  387.358732][T14411] netlink: 'syz.2.2800': attribute type 2 has an invalid length.
[  387.409736][T14336] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.438069][T14336] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.456669][T14336] bridge_slave_0: entered allmulticast mode
[  387.468864][T14336] bridge_slave_0: entered promiscuous mode
[  387.484626][T14336] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.485851][ T8991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.514502][T14336] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.523672][T14336] bridge_slave_1: entered allmulticast mode
[  387.543347][ T8991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.551726][T14336] bridge_slave_1: entered promiscuous mode
[  387.664772][T14336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.764459][T14426] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2806'.
[  387.817739][T14336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.970163][T14336] team0: Port device team_slave_0 added
[  387.998590][ T5111] Bluetooth: hci3: command tx timeout
[  388.043620][T14336] team0: Port device team_slave_1 added
[  388.136099][ T9005] hsr_slave_0: left promiscuous mode
[  388.162095][ T9005] hsr_slave_1: left promiscuous mode
[  388.180742][ T9005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  388.197939][ T9005] batman_adv: batadv0: Removing interface: batadv_slave_0
[  388.217324][ T9005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  388.224992][ T9005] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.309908][ T9005] veth1_macvtap: left promiscuous mode
[  388.315804][ T9005] veth0_macvtap: left promiscuous mode
[  388.323082][ T9005] veth1_vlan: left promiscuous mode
[  388.328660][ T9005] veth0_vlan: left promiscuous mode
[  389.003803][ T9005] team0 (unregistering): Port device team_slave_1 removed
[  389.057456][ T9005] team0 (unregistering): Port device team_slave_0 removed
[  389.950286][T14437] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  390.003938][T14336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  390.022683][T14336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.077345][ T5111] Bluetooth: hci3: command tx timeout
[  390.112269][T14336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  390.184575][T14336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  390.236987][T14336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.330557][T14452] netlink: 'syz.1.2816': attribute type 5 has an invalid length.
[  390.346664][T14336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  390.555876][T14459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2817'.
[  390.568205][T14459] FAULT_INJECTION: forcing a failure.
[  390.568205][T14459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.569812][T14459] 
[  390.569822][T14459] ======================================================
[  390.569830][T14459] WARNING: possible circular locking dependency detected
[  390.569838][T14459] 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0 Not tainted
[  390.569851][T14459] ------------------------------------------------------
[  390.569858][T14459] syz.1.2817/14459 is trying to acquire lock:
[  390.569869][T14459] ffffffff8e328100 (console_owner){..-.}-{0:0}, at: console_flush_all+0x152/0xfd0
[  390.569931][T14459] 
[  390.569931][T14459] but task is already holding lock:
[  390.569938][T14459] ffff8880b953e858 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  390.569994][T14459] 
[  390.569994][T14459] which lock already depends on the new lock.
[  390.569994][T14459] 
[  390.570002][T14459] 
[  390.570002][T14459] the existing dependency chain (in reverse order) is:
[  390.570010][T14459] 
[  390.570010][T14459] -> #5 (&rq->__lock){-.-.}-{2:2}:
[  390.570044][T14459]        lock_acquire+0x1ed/0x550
[  390.570065][T14459]        _raw_spin_lock_nested+0x31/0x40
[  390.570092][T14459]        raw_spin_rq_lock_nested+0x2a/0x140
[  390.570123][T14459]        task_fork_fair+0x61/0x1e0
[  390.570152][T14459]        sched_cgroup_fork+0x37c/0x410
[  390.570177][T14459]        copy_process+0x21fc/0x3da0
[  390.570198][T14459]        kernel_clone+0x226/0x8f0
[  390.570220][T14459]        user_mode_thread+0x132/0x1a0
[  390.570243][T14459]        rest_init+0x23/0x300
[  390.570266][T14459]        start_kernel+0x47a/0x500
[  390.570290][T14459]        x86_64_start_reservations+0x2a/0x30
[  390.570322][T14459]        x86_64_start_kernel+0x99/0xa0
[  390.570352][T14459]        common_startup_64+0x13e/0x147
[  390.570373][T14459] 
[  390.570373][T14459] -> #4 (&p->pi_lock){-.-.}-{2:2}:
[  390.570400][T14459]        lock_acquire+0x1ed/0x550
[  390.570420][T14459]        _raw_spin_lock_irqsave+0xd5/0x120
[  390.570443][T14459]        try_to_wake_up+0xb0/0x1470
[  390.570467][T14459]        create_worker+0x507/0x720
[  390.570496][T14459]        workqueue_init+0x520/0x8a0
[  390.570525][T14459]        kernel_init_freeable+0x3fe/0x5d0
[  390.570552][T14459]        kernel_init+0x1d/0x2b0
[  390.570574][T14459]        ret_from_fork+0x4b/0x80
[  390.570601][T14459]        ret_from_fork_asm+0x1a/0x30
[  390.570630][T14459] 
[  390.570630][T14459] -> #3 (&pool->lock){-.-.}-{2:2}:
[  390.570656][T14459]        lock_acquire+0x1ed/0x550
[  390.570676][T14459]        _raw_spin_lock+0x2e/0x40
[  390.570697][T14459]        __queue_work+0x6e5/0xee0
[  390.570716][T14459]        queue_work_on+0x1c2/0x380
[  390.570735][T14459]        rpm_suspend+0xe70/0x1730
[  390.570757][T14459]        __pm_runtime_idle+0x131/0x1a0
[  390.570779][T14459]        __device_attach+0x3e5/0x520
[  390.570795][T14459]        bus_probe_device+0x189/0x260
[  390.570815][T14459]        device_add+0x856/0xbf0
[  390.570838][T14459]        serial_base_port_add+0x2b6/0x3f0
[  390.570863][T14459]        serial_core_register_port+0x374/0x2370
[  390.570882][T14459]        serial8250_register_8250_port+0x1433/0x1cd0
[  390.570900][T14459]        serial_pnp_probe+0x4f9/0x9d0
[  390.570917][T14459]        pnp_device_probe+0x2ba/0x460
[  390.570932][T14459]        really_probe+0x2b8/0xad0
[  390.570948][T14459]        __driver_probe_device+0x1a2/0x390
[  390.570964][T14459]        driver_probe_device+0x50/0x430
[  390.570980][T14459]        __driver_attach+0x45f/0x710
[  390.570994][T14459]        bus_for_each_dev+0x239/0x2b0
[  390.571014][T14459]        bus_add_driver+0x346/0x670
[  390.571039][T14459]        driver_register+0x23a/0x320
[  390.571056][T14459]        serial8250_init+0x9e/0x170
[  390.571074][T14459]        do_one_initcall+0x248/0x880
[  390.571095][T14459]        do_initcall_level+0x157/0x210
[  390.571115][T14459]        do_initcalls+0x3f/0x80
[  390.571134][T14459]        kernel_init_freeable+0x435/0x5d0
[  390.571154][T14459]        kernel_init+0x1d/0x2b0
[  390.571171][T14459]        ret_from_fork+0x4b/0x80
[  390.571191][T14459]        ret_from_fork_asm+0x1a/0x30
[  390.571212][T14459] 
[  390.571212][T14459] -> #2 (&dev->power.lock){-.-.}-{2:2}:
[  390.571233][T14459]        lock_acquire+0x1ed/0x550
[  390.571248][T14459]        _raw_spin_lock_irqsave+0xd5/0x120
[  390.571265][T14459]        __pm_runtime_resume+0x112/0x180
[  390.571287][T14459]        __uart_start+0x17c/0x450
[  390.571305][T14459]        uart_write+0x152/0x380
[  390.571323][T14459]        n_tty_write+0xd6a/0x1230
[  390.571337][T14459]        file_tty_write+0x54f/0x9b0
[  390.571355][T14459]        vfs_write+0xa72/0xc90
[  390.571372][T14459]        ksys_write+0x1a0/0x2c0
[  390.571389][T14459]        do_syscall_64+0xf3/0x230
[  390.571404][T14459]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.571421][T14459] 
[  390.571421][T14459] -> #1 (&port_lock_key){-.-.}-{2:2}:
[  390.571440][T14459]        lock_acquire+0x1ed/0x550
[  390.571455][T14459]        _raw_spin_lock_irqsave+0xd5/0x120
[  390.571472][T14459]        serial8250_console_write+0x1a8/0x1770
[  390.571494][T14459]        console_flush_all+0x867/0xfd0
[  390.571515][T14459]        console_unlock+0x13b/0x4d0
[  390.571535][T14459]        vprintk_emit+0x5a6/0x770
[  390.571554][T14459]        _printk+0xd5/0x120
[  390.571576][T14459]        register_console+0x722/0xce0
[  390.571598][T14459]        univ8250_console_init+0x49/0x50
[  390.571616][T14459]        console_init+0x1b8/0x6f0
[  390.571635][T14459]        start_kernel+0x2d3/0x500
[  390.571653][T14459]        x86_64_start_reservations+0x2a/0x30
[  390.571676][T14459]        x86_64_start_kernel+0x99/0xa0
[  390.571699][T14459]        common_startup_64+0x13e/0x147
[  390.571714][T14459] 
[  390.571714][T14459] -> #0 (console_owner){..-.}-{0:0}:
[  390.571733][T14459]        validate_chain+0x18e0/0x5900
[  390.571753][T14459]        __lock_acquire+0x1346/0x1fd0
[  390.571768][T14459]        lock_acquire+0x1ed/0x550
[  390.571782][T14459]        console_flush_all+0x810/0xfd0
[  390.571806][T14459]        console_unlock+0x13b/0x4d0
[  390.571825][T14459]        vprintk_emit+0x5a6/0x770
[  390.571844][T14459]        _printk+0xd5/0x120
[  390.571866][T14459]        should_fail_ex+0x391/0x4e0
[  390.571887][T14459]        strncpy_from_user+0x36/0x2f0
[  390.571908][T14459]        strncpy_from_user_nofault+0x71/0x140
[  390.571926][T14459]        bpf_probe_read_compat_str+0xe9/0x180
[  390.571944][T14459]        bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  390.571956][T14459]        bpf_trace_run4+0x334/0x590
[  390.571978][T14459]        __traceiter_sched_switch+0x98/0xd0
[  390.571999][T14459]        __schedule+0x2587/0x4a20
[  390.572017][T14459]        preempt_schedule_common+0x84/0xd0
[  390.572040][T14459]        preempt_schedule+0xe1/0xf0
[  390.572058][T14459]        preempt_schedule_thunk+0x1a/0x30
[  390.572073][T14459]        vprintk_emit+0x690/0x770
[  390.572092][T14459]        _printk+0xd5/0x120
[  390.572114][T14459]        __nla_validate_parse+0x282e/0x3090
[  390.572129][T14459]        __nla_parse+0x40/0x60
[  390.572143][T14459]        nfnetlink_rcv+0x13c9/0x2a90
[  390.572161][T14459]        netlink_unicast+0x7f0/0x990
[  390.572175][T14459]        netlink_sendmsg+0x8e4/0xcb0
[  390.572191][T14459]        __sock_sendmsg+0x221/0x270
[  390.572207][T14459]        ____sys_sendmsg+0x525/0x7d0
[  390.572229][T14459]        __sys_sendmsg+0x2b0/0x3a0
[  390.572250][T14459]        do_syscall_64+0xf3/0x230
[  390.572264][T14459]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.572280][T14459] 
[  390.572280][T14459] other info that might help us debug this:
[  390.572280][T14459] 
[  390.572285][T14459] Chain exists of:
[  390.572285][T14459]   console_owner --> &p->pi_lock --> &rq->__lock
[  390.572285][T14459] 
[  390.572309][T14459]  Possible unsafe locking scenario:
[  390.572309][T14459] 
[  390.572314][T14459]        CPU0                    CPU1
[  390.572318][T14459]        ----                    ----
[  390.572323][T14459]   lock(&rq->__lock);
[  390.572333][T14459]                                lock(&p->pi_lock);
[  390.572343][T14459]                                lock(&rq->__lock);
[  390.572354][T14459]   lock(console_owner);
[  390.572364][T14459] 
[  390.572364][T14459]  *** DEADLOCK ***
[  390.572364][T14459] 
[  390.572368][T14459] 5 locks held by syz.1.2817/14459:
[  390.572378][T14459]  #0: ffff88802341f6b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100
[  390.572415][T14459]  #1: ffff8880b953e858 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  390.572461][T14459]  #2: ffffffff8e333f60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590
[  390.572504][T14459]  #3: ffffffff8e20fa20 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120
[  390.572548][T14459]  #4: ffffffff8e20f650 (console_srcu){....}-{0:0}, at: console_flush_all+0x152/0xfd0
[  390.572590][T14459] 
[  390.572590][T14459] stack backtrace:
[  390.572596][T14459] CPU: 1 PID: 14459 Comm: syz.1.2817 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  390.572613][T14459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  390.572624][T14459] Call Trace:
[  390.572631][T14459]  <TASK>
[  390.572638][T14459]  dump_stack_lvl+0x241/0x360
[  390.572657][T14459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.572679][T14459]  ? print_circular_bug+0x130/0x1a0
[  390.572702][T14459]  check_noncircular+0x36a/0x4a0
[  390.572732][T14459]  ? __pfx_check_noncircular+0x10/0x10
[  390.572753][T14459]  ? lockdep_lock+0x123/0x2b0
[  390.572768][T14459]  ? add_lock_to_list+0x1de/0x2e0
[  390.572794][T14459]  validate_chain+0x18e0/0x5900
[  390.572825][T14459]  ? __pfx_validate_chain+0x10/0x10
[  390.572846][T14459]  ? sprintf+0xda/0x120
[  390.572865][T14459]  ? vsnprintf+0x1cc3/0x1da0
[  390.572890][T14459]  ? info_print_prefix+0x204/0x310
[  390.572908][T14459]  ? mark_lock+0x9a/0x350
[  390.572926][T14459]  __lock_acquire+0x1346/0x1fd0
[  390.572950][T14459]  lock_acquire+0x1ed/0x550
[  390.572965][T14459]  ? console_flush_all+0x152/0xfd0
[  390.572990][T14459]  ? __pfx_lock_acquire+0x10/0x10
[  390.573005][T14459]  ? __pfx_lock_release+0x10/0x10
[  390.573020][T14459]  ? do_raw_spin_lock+0x14f/0x370
[  390.573051][T14459]  ? do_raw_spin_unlock+0x13c/0x8b0
[  390.573074][T14459]  ? console_flush_all+0x3a8/0xfd0
[  390.573097][T14459]  console_flush_all+0x810/0xfd0
[  390.573118][T14459]  ? console_flush_all+0x152/0xfd0
[  390.573142][T14459]  ? console_flush_all+0x152/0xfd0
[  390.573168][T14459]  ? __pfx_console_flush_all+0x10/0x10
[  390.573191][T14459]  ? __pfx_lock_acquire+0x10/0x10
[  390.573208][T14459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.573230][T14459]  console_unlock+0x13b/0x4d0
[  390.573253][T14459]  ? __pfx_console_unlock+0x10/0x10
[  390.573272][T14459]  ? _printk+0xd5/0x120
[  390.573294][T14459]  ? _printk+0xd5/0x120
[  390.573316][T14459]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  390.573344][T14459]  vprintk_emit+0x5a6/0x770
[  390.573365][T14459]  ? __pfx_vprintk_emit+0x10/0x10
[  390.573385][T14459]  ? validate_chain+0x11e/0x5900
[  390.573410][T14459]  _printk+0xd5/0x120
[  390.573435][T14459]  ? __pfx__printk+0x10/0x10
[  390.573465][T14459]  should_fail_ex+0x391/0x4e0
[  390.573488][T14459]  strncpy_from_user+0x36/0x2f0
[  390.573511][T14459]  strncpy_from_user_nofault+0x71/0x140
[  390.573531][T14459]  bpf_probe_read_compat_str+0xe9/0x180
[  390.573551][T14459]  ? bpf_trace_run4+0x244/0x590
[  390.573572][T14459]  bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  390.573585][T14459]  bpf_trace_run4+0x334/0x590
[  390.573609][T14459]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[  390.573628][T14459]  ? __pfx_bpf_trace_run4+0x10/0x10
[  390.573653][T14459]  ? __pfx_probe_sched_switch+0x10/0x10
[  390.573677][T14459]  ? tracing_record_taskinfo_sched_switch+0x7b/0x390
[  390.573700][T14459]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  390.573721][T14459]  __traceiter_sched_switch+0x98/0xd0
[  390.573744][T14459]  __schedule+0x2587/0x4a20
[  390.573771][T14459]  ? mark_lock+0x9a/0x350
[  390.573789][T14459]  ? __pfx___schedule+0x10/0x10
[  390.573808][T14459]  ? prb_read_valid+0xa9/0xf0
[  390.573832][T14459]  ? preempt_schedule+0xe1/0xf0
[  390.573849][T14459]  preempt_schedule_common+0x84/0xd0
[  390.573869][T14459]  preempt_schedule+0xe1/0xf0
[  390.573887][T14459]  ? __pfx_preempt_schedule+0x10/0x10
[  390.573905][T14459]  ? _printk+0xd5/0x120
[  390.573927][T14459]  ? _printk+0xd5/0x120
[  390.573949][T14459]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  390.573974][T14459]  preempt_schedule_thunk+0x1a/0x30
[  390.573989][T14459]  ? vprintk_emit+0x619/0x770
[  390.574008][T14459]  ? vprintk_emit+0x68b/0x770
[  390.574027][T14459]  vprintk_emit+0x690/0x770
[  390.574052][T14459]  ? __pfx_vprintk_emit+0x10/0x10
[  390.574072][T14459]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  390.574091][T14459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.574115][T14459]  _printk+0xd5/0x120
[  390.574138][T14459]  ? __nla_validate_parse+0x2660/0x3090
[  390.574155][T14459]  ? __pfx__printk+0x10/0x10
[  390.574178][T14459]  ? nft_pernet+0x23/0x240
[  390.574194][T14459]  ? nft_pernet+0x1ef/0x240
[  390.574213][T14459]  __nla_validate_parse+0x282e/0x3090
[  390.574228][T14459]  ? __lock_acquire+0x1346/0x1fd0
[  390.574252][T14459]  ? __pfx___nla_validate_parse+0x10/0x10
[  390.574272][T14459]  ? __pfx_lock_acquire+0x10/0x10
[  390.574288][T14459]  ? nfnl_pernet+0x23/0x240
[  390.574305][T14459]  ? __pfx_lock_release+0x10/0x10
[  390.574327][T14459]  __nla_parse+0x40/0x60
[  390.574344][T14459]  nfnetlink_rcv+0x13c9/0x2a90
[  390.574378][T14459]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  390.574418][T14459]  ? netlink_deliver_tap+0x2e/0x1b0
[  390.574434][T14459]  ? skb_clone+0x240/0x390
[  390.574456][T14459]  ? __pfx_lock_release+0x10/0x10
[  390.574479][T14459]  ? netlink_deliver_tap+0x2e/0x1b0
[  390.574497][T14459]  netlink_unicast+0x7f0/0x990
[  390.574515][T14459]  ? __pfx_netlink_unicast+0x10/0x10
[  390.574529][T14459]  ? __virt_addr_valid+0x183/0x520
[  390.574552][T14459]  ? __check_object_size+0x49c/0x900
[  390.574575][T14459]  ? bpf_lsm_netlink_send+0x9/0x10
[  390.574600][T14459]  netlink_sendmsg+0x8e4/0xcb0
[  390.574623][T14459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.574641][T14459]  ? __import_iovec+0x536/0x820
[  390.574657][T14459]  ? aa_sock_msg_perm+0x91/0x160
[  390.574681][T14459]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  390.574696][T14459]  ? security_socket_sendmsg+0x87/0xb0
[  390.574716][T14459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.574732][T14459]  __sock_sendmsg+0x221/0x270
[  390.574750][T14459]  ____sys_sendmsg+0x525/0x7d0
[  390.574776][T14459]  ? __pfx_____sys_sendmsg+0x10/0x10
[  390.574807][T14459]  __sys_sendmsg+0x2b0/0x3a0
[  390.574830][T14459]  ? __pfx___sys_sendmsg+0x10/0x10
[  390.574851][T14459]  ? vfs_write+0x7c4/0xc90
[  390.574888][T14459]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  390.574905][T14459]  ? do_syscall_64+0x100/0x230
[  390.574921][T14459]  ? do_syscall_64+0xb6/0x230
[  390.574937][T14459]  do_syscall_64+0xf3/0x230
[  390.574952][T14459]  ? clear_bhb_loop+0x35/0x90
[  390.574971][T14459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.574988][T14459] RIP: 0033:0x7f41d1b75b99
[  390.575001][T14459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.575015][T14459] RSP: 002b:00007f41d289c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  390.575030][T14459] RAX: ffffffffffffffda RBX: 00007f41d1d03fa0 RCX: 00007f41d1b75b99
[  390.575046][T14459] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  390.575056][T14459] RBP: 00007f41d289c0a0 R08: 0000000000000000 R09: 0000000000000000
[  390.575066][T14459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  390.575075][T14459] R13: 000000000000000b R14: 00007f41d1d03fa0 R15: 00007ffe79a4bba8
[  390.575093][T14459]  </TASK>
[  392.115858][T14459] CPU: 1 PID: 14459 Comm: syz.1.2817 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  392.126026][T14459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  392.136110][T14459] Call Trace:
[  392.139407][T14459]  <TASK>
[  392.142455][T14459]  dump_stack_lvl+0x241/0x360
[  392.147456][T14459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.152842][T14459]  ? __pfx__printk+0x10/0x10
[  392.157618][T14459]  should_fail_ex+0x3b0/0x4e0
[  392.162397][T14459]  strncpy_from_user+0x36/0x2f0
[  392.167951][T14459]  strncpy_from_user_nofault+0x71/0x140
[  392.173815][T14459]  bpf_probe_read_compat_str+0xe9/0x180
[  392.179936][T14459]  ? bpf_trace_run4+0x244/0x590
[  392.184814][T14459]  bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  392.190285][T14459]  bpf_trace_run4+0x334/0x590
[  392.194999][T14459]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[  392.201089][T14459]  ? __pfx_bpf_trace_run4+0x10/0x10
[  392.206318][T14459]  ? __pfx_probe_sched_switch+0x10/0x10
[  392.211882][T14459]  ? tracing_record_taskinfo_sched_switch+0x7b/0x390
[  392.218587][T14459]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  392.224780][T14459]  __traceiter_sched_switch+0x98/0xd0
[  392.230188][T14459]  __schedule+0x2587/0x4a20
[  392.234916][T14459]  ? mark_lock+0x9a/0x350
[  392.239309][T14459]  ? __pfx___schedule+0x10/0x10
[  392.244245][T14459]  ? prb_read_valid+0xa9/0xf0
[  392.249006][T14459]  ? preempt_schedule+0xe1/0xf0
[  392.254152][T14459]  preempt_schedule_common+0x84/0xd0
[  392.259498][T14459]  preempt_schedule+0xe1/0xf0
[  392.264385][T14459]  ? __pfx_preempt_schedule+0x10/0x10
[  392.269861][T14459]  ? _printk+0xd5/0x120
[  392.274087][T14459]  ? _printk+0xd5/0x120
[  392.278629][T14459]  ? __pfx___down_trylock_console_sem+0x10/0x10
[  392.285046][T14459]  preempt_schedule_thunk+0x1a/0x30
[  392.290444][T14459]  ? vprintk_emit+0x619/0x770
[  392.295142][T14459]  ? vprintk_emit+0x68b/0x770
[  392.299866][T14459]  vprintk_emit+0x690/0x770
[  392.304407][T14459]  ? __pfx_vprintk_emit+0x10/0x10
[  392.309469][T14459]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  392.315498][T14459]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.321870][T14459]  _printk+0xd5/0x120
[  392.325872][T14459]  ? __nla_validate_parse+0x2660/0x3090
[  392.331415][T14459]  ? __pfx__printk+0x10/0x10
[  392.336009][T14459]  ? nft_pernet+0x23/0x240
[  392.340439][T14459]  ? nft_pernet+0x1ef/0x240
[  392.344953][T14459]  __nla_validate_parse+0x282e/0x3090
[  392.350343][T14459]  ? __lock_acquire+0x1346/0x1fd0
[  392.355372][T14459]  ? __pfx___nla_validate_parse+0x10/0x10
[  392.361103][T14459]  ? __pfx_lock_acquire+0x10/0x10
[  392.366136][T14459]  ? nfnl_pernet+0x23/0x240
[  392.370752][T14459]  ? __pfx_lock_release+0x10/0x10
[  392.375794][T14459]  __nla_parse+0x40/0x60
[  392.380044][T14459]  nfnetlink_rcv+0x13c9/0x2a90
[  392.384843][T14459]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  392.389975][T14459]  ? netlink_deliver_tap+0x2e/0x1b0
[  392.395187][T14459]  ? skb_clone+0x240/0x390
[  392.399623][T14459]  ? __pfx_lock_release+0x10/0x10
[  392.404674][T14459]  ? netlink_deliver_tap+0x2e/0x1b0
[  392.409876][T14459]  netlink_unicast+0x7f0/0x990
[  392.414640][T14459]  ? __pfx_netlink_unicast+0x10/0x10
[  392.419917][T14459]  ? __virt_addr_valid+0x183/0x520
[  392.425031][T14459]  ? __check_object_size+0x49c/0x900
[  392.430441][T14459]  ? bpf_lsm_netlink_send+0x9/0x10
[  392.435599][T14459]  netlink_sendmsg+0x8e4/0xcb0
[  392.440387][T14459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  392.445675][T14459]  ? __import_iovec+0x536/0x820
[  392.450525][T14459]  ? aa_sock_msg_perm+0x91/0x160
[  392.455493][T14459]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  392.460841][T14459]  ? security_socket_sendmsg+0x87/0xb0
[  392.466415][T14459]  ? __pfx_netlink_sendmsg+0x10/0x10
[  392.471840][T14459]  __sock_sendmsg+0x221/0x270
[  392.476550][T14459]  ____sys_sendmsg+0x525/0x7d0
[  392.481366][T14459]  ? __pfx_____sys_sendmsg+0x10/0x10
[  392.486704][T14459]  __sys_sendmsg+0x2b0/0x3a0
[  392.491333][T14459]  ? __pfx___sys_sendmsg+0x10/0x10
[  392.496474][T14459]  ? vfs_write+0x7c4/0xc90
[  392.501014][T14459]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  392.507345][T14459]  ? do_syscall_64+0x100/0x230
[  392.512109][T14459]  ? do_syscall_64+0xb6/0x230
[  392.516780][T14459]  do_syscall_64+0xf3/0x230
[  392.521280][T14459]  ? clear_bhb_loop+0x35/0x90
[  392.525952][T14459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.531843][T14459] RIP: 0033:0x7f41d1b75b99
[  392.536287][T14459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.556096][T14459] RSP: 002b:00007f41d289c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  392.564917][T14459] RAX: ffffffffffffffda RBX: 00007f41d1d03fa0 RCX: 00007f41d1b75b99
[  392.572890][T14459] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  392.580870][T14459] RBP: 00007f41d289c0a0 R08: 0000000000000000 R09: 0000000000000000
[  392.588850][T14459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  392.596816][T14459] R13: 000000000000000b R14: 00007f41d1d03fa0 R15: 00007ffe79a4bba8
[  392.604836][T14459]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[