last executing test programs:

1m42.252338061s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

1m27.305418928s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

1m12.100444976s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

47.147041968s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

27.731819011s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

24.054568126s ago: executing program 4 (id=580):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x5}]}, 0x24}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x18, &(0x7f0000000840)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000001c00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv6_getaddr={0x2c, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {}, [@IFA_LOCAL={0x14, 0x2, @private1}]}, 0x2c}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="6b0000001000ee00000000000000800000001a00", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800c0001006d6163766c616e00200002801c0005800a000400aaaaaaaaaabb00000a0004000000000000000000"], 0x50}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'wpan3\x00'})
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000800)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r10, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x1c, r8, 0x329, 0x0, 0x0, {0x16}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}]}, 0x1c}}, 0x0)

23.656533801s ago: executing program 4 (id=585):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000050019000100000008000400400d000018000180140002006e657464657673696d30"], 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)

13.656103573s ago: executing program 4 (id=635):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
r1 = socket$alg(0x26, 0x5, 0x0)
accept$alg(r1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(0x0, r0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0), 0xc, &(0x7f00000005c0)={&(0x7f0000000240)={0x354, r2, 0x4, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xb}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1fe9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1ffe000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_NODE={0x16c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa8a}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ID={0xf7, 0x3, "dfc0b047685d951e0ddacdf01b11d9b08efdc9116f7f780f03d89b51ccbfe910c64225e5949d1cb648e2f4f83d5120254a39a9ad104be8470d2244daa8034da01a12eb0eaca865ac36bf5d5ad20bfa7e851a7f01085033b0e1f54a7728a27b337e8261f4b472c869e7e0172c31be6f0d35c952423124e04952d0e279956c1ce647835a43def532c9db0814426d7b8fa44180f5cf34cbc5fc49ef6d8896c9c5ff77bf69f2282df3cfb367a90bd5f8188c6e31a0d19e4107fcffa55923d46cf0abe8e090041eee74ebada18741778746373f0bfb5286efec7d82218338f72bdd1d56ac079fbf0f6b0bcc97daf1aeb4367708f22f"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "2aa15952c654cdb507b718e3bc9abc8db08071d6891a67ee904b1ea29e74e2a9"}}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x7, @mcast2, 0x40}}, {0x14, 0x2, @in={0x2, 0x4e22, @broadcast}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x805}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6c1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}]}, @TIPC_NLA_MEDIA={0x7c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x36}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x28}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x31ef}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x354}, 0x1, 0x0, 0x0, 0x48051}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x3a}, 0x90)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r3, 0x8983, &(0x7f0000000640))
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)

11.757996298s ago: executing program 4 (id=645):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000050019000100000008000400400d000018000180140002006e657464657673696d30"], 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)

9.502296283s ago: executing program 3 (id=8):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001900010000000000000000001d0100000c000b"], 0x30}}, 0x0)

3.254823131s ago: executing program 1 (id=684):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000580)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r1], 0x398}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYRES8=r2, @ANYRES16=r5], 0x4c}, 0x1, 0x0, 0x0, 0x850}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r2)
socket$unix(0x1, 0x5, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab000e271f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1ff032aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e0800000092e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9be7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa5200002fe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb0972d39e4b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e501ddddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b605908000000f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c332c34812382e57c0e0d83f3f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217b6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f2b88cd544b2a8e1b05ea7cf51578169fff7765f9978883b4b5983b42a35a05dabfc325ec2a2ec2f9b0882fdcf5d6f72272d2ff0d8eea60f5494ba42b4d40f144f0ab680a6f40f9094d3afb58a1efd6109894b8605c6b3b3f020c222f6446195b2274f634fbb737948a1f36ea729467e132385e9da614e4625175f4443b97a675934db90010e4b884200c3546c4d86d712c3939e11be3343f693846f509ad4c445ade5cd6d126d5694462ac5d3b527c3bd51c0a715a28d65fe94b255d02cdc1fab99b5b9c352f1b284115e4046285a824d22b6f0afbed8d6096a72fef72ebd6aae78b02fa1993e8fe2020ae93aae2bcfffa40b98549f1fb9fcefa74329909a207336d07f6f59da423ac5fa47852055d5ce6d2c56bdbbcdbf3458ba478c669f39d5272e65c90908ea2cb86d38f8ebf80a8cb85d8399b42403c94b8662af5cf1411526f177b4d476169a5d5a8c37d0d8893a77d0bd47b8a0bba60b3e26094209c889585f997ff556bcd2cc223f9c0c44de9d0fe1b5a8a815f652e79747d3e1f413fa0575d51f652d22883e143065c5ad74bdc864754ba3dad5a8fc8fc2c807d1a51dfb29884adee415c13f2ce14d307bd6165ec6ba68a766adfcbe444ea72d586bb47dd98a225467aab538a77667d19bae2e51727ba6d190e6d7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000440)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r7, &(0x7f0000000180), 0xc)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r7, &(0x7f0000000ac0)=[{{0x0, 0xfffffffffffffdea, 0x0}}], 0x1, 0x2021, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x891c, 0x0)
connect$qrtr(r8, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
writev(r8, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
unshare(0x20400)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000540), 0xc7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r9, 0x0)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x0, 0x34, 0x43}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000f79453625b72eca91d05388a9c414d7faae55f00fffeb5432526419201b944e269413c4f9c0c83611f5b7a7f5d972d4503ca0a9273d72e2200b1cbfa03c93ccd17fb19815f374c2363dda17822116fcaf8def45b1f71d7741a7312"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r10, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)

3.100160406s ago: executing program 0 (id=686):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b40), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001c00)={&(0x7f0000000040)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x8, 0x66}}}}}, 0x28}}, 0x0)

2.810644299s ago: executing program 0 (id=688):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x90}}, 0x0)

2.740488031s ago: executing program 1 (id=690):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r4, @ANYBLOB="0c00990000000000000000000800a100ffff0000080026008d03000008009f"], 0x40}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x89f6, &(0x7f0000000040)={'bridge_slave_0\x00', @random="4f33e363a4b1"})
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020d0000020000f17895ebc9ec0d048022b94f6eaf952ed55dac6b35e324e62b58c8749107d72538cc2306f14d0deacf5fb9f46325ce7f7fa7"], 0x10}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0)

2.686150999s ago: executing program 0 (id=691):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4), 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}}, 0x0)

2.526597685s ago: executing program 2 (id=692):
socket$packet(0x11, 0x2, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x39, 0xfc768fe990f47b25, 0x0, 0x0, {0xb, 0x7c}}, 0x14}}, 0x24004000)
ppoll(&(0x7f0000000200)=[{r3, 0x80a9}], 0x1, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000080), 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='@'], 0x40}}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x20000004, &(0x7f0000000080)={0x2, 0x2, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800450000340000000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8c001f0090780000080a80ea83c13994304a1800"], 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x766, @empty, 0x9}, 0x1c)

2.458284557s ago: executing program 0 (id=693):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x5}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="a4000000a5eeebdbe9badda5cff4287e32a162db2694c8297ae915e272184524a316d61abf104e8a16f2492d790536b851d09808069af9ac0d45388c2ebc90a216892d70eeab9f", @ANYRES16, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="56000e008000000008021100000108021100000150505050505000000000000000000000640000000006010101010101010003010005030000002a010072060303030303037107000000000000007606000000000000000018000e800400010005000200e900000005000300d7000000080026007109000008000c006400000008000d0000000000"], 0xa4}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x18, &(0x7f0000000840)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000001c00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv6_getaddr={0x2c, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {}, [@IFA_LOCAL={0x14, 0x2, @private1}]}, 0x2c}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)=ANY=[@ANYBLOB="6b0000001000ee00000000000000800000001a00", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800c0001006d6163766c616e00200002801c0005800a000400aaaaaaaaaabb00000a0004000000000000000000"], 0x50}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'wpan3\x00'})
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000800)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x1c, r7, 0x329, 0x0, 0x0, {0x16}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1c}}, 0x0)

2.436495371s ago: executing program 4 (id=694):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
r1 = socket$alg(0x26, 0x5, 0x0)
accept$alg(r1, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(0x0, r0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0), 0xc, &(0x7f00000005c0)={&(0x7f0000000240)={0x35c, r2, 0x4, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xb}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1fe9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1ffe000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_NODE={0x16c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa8a}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ID={0xf7, 0x3, "dfc0b047685d951e0ddacdf01b11d9b08efdc9116f7f780f03d89b51ccbfe910c64225e5949d1cb648e2f4f83d5120254a39a9ad104be8470d2244daa8034da01a12eb0eaca865ac36bf5d5ad20bfa7e851a7f01085033b0e1f54a7728a27b337e8261f4b472c869e7e0172c31be6f0d35c952423124e04952d0e279956c1ce647835a43def532c9db0814426d7b8fa44180f5cf34cbc5fc49ef6d8896c9c5ff77bf69f2282df3cfb367a90bd5f8188c6e31a0d19e4107fcffa55923d46cf0abe8e090041eee74ebada18741778746373f0bfb5286efec7d82218338f72bdd1d56ac079fbf0f6b0bcc97daf1aeb4367708f22f"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "2aa15952c654cdb507b718e3bc9abc8db08071d6891a67ee904b1ea29e74e2a9"}}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x7, @mcast2, 0x40}}, {0x14, 0x2, @in={0x2, 0x4e22, @broadcast}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x805}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6c1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x36}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x28}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x18, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x31ef}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x35c}, 0x1, 0x0, 0x0, 0x48051}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x3a}, 0x90)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r3, 0x8983, &(0x7f0000000640))
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)

2.358546752s ago: executing program 1 (id=695):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r0, 0xc)
socket$inet_dccp(0x2, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_rdma(0x10, 0x3, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000008200000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x300}, 0x0, 0x0)

1.458355663s ago: executing program 1 (id=696):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYRES64=r4, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100677265000c00028008000400ffff000008000a00", @ANYRES32=r4, @ANYBLOB="5e311cc1828b226f59c4113864dabe2b2728d59f759faac059410e5ead5a7f1e989df2aa865de3b20d654f7e3ad022af7cb2ec16357700901f8f1c78968815c2488fe2e70ab59c057989d1d46588ad7a5348a88f61e50ecf1836343272be9f2772da1ee130815ec04121b99d39858ac428faebfc0b3381b41e76008f2c139f702aec556cd49a07a0ff9a9326e4352c338d2f733b9c99bee0ab99f8da798b7ae241861d25e4906cc215652bf30840af4691db9389d6ec4e6dddc1894fac93df4384a6c06edce0947c117ef79692d90a5b74395df55ed0f1", @ANYRES8=r0], 0x40}, 0x1, 0x0, 0x0, 0x40801}, 0x40001)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'wlan1\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1a, 0x4, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000240)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$SIOCAX25GETINFO(0xffffffffffffffff, 0x89ed, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r8, 0x400c6615, &(0x7f00000001c0)={0x0, @adiantum, 0x0, @desc3})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x8000000003c)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000880))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="540100001900000000000000000000011d01000008000500000400001e01060000ff000000c87b656e285d281181111413f0081ddc21c51ffc7e9526ed8503c2aa9a5e0a96d01a3ad6c30d6baa1bdf0f6c4db0f4286fccba8944cee7e579a8dc8b3cde07b51c0a437334c8c52b2cc9301fdc5a473aaf13fbd5536aa0c719f9e37963f8e40ae29ee94ccd6deef4750b5d9d6e8dc3967a4a5190ce4bc0dc8fac276a4270ecd5de8334dbb9a2c0797698e4386e2c1872d2a04e6904ccd29d2a7b59082689da09000000a9a619fa91f33a33723f92930f8a430d10ca1d979db27615a77556811503f3e6f300770b42f29d54f7f5f2fbe93144d1ee8a63e74d5f84c61acf20e8931d09f7c29048edbaff2ea4b29242fd9eec8082002947c4fa12d0fbffe2c4befd00dbf6ad242710a12236ec1625ac06613fc5f12f6500001500040000000000000000002d2fd7ac2612dea201000000"], 0x154}}, 0x0)
connect$inet6(r9, &(0x7f0000000140)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c)

957.969469ms ago: executing program 2 (id=697):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003ac0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}], 0x1, 0x0)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60040011000a740100053582c137153e37024801", 0x27}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffdf2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60350005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r3=>0x0}, &(0x7f00000005c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x23, &(0x7f0000000000)={r3}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x10, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@alu={0x7, 0x1, 0xb, 0x4, 0x1, 0x20, 0x1}]}, &(0x7f0000000000)='syzkaller\x00', 0xffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000000c0)=@security={'security\x00', 0xe, 0x4, 0x2f0, 0xffffffff, 0x0, 0x198, 0xa8, 0xffffffff, 0xffffffff, 0x300, 0x300, 0x300, 0xffffffff, 0x4, 0x0, {[{{@ip={@remote, @multicast2, 0x0, 0x0, 'veth1_virt_wifi\x00', 'rose0\x00', {}, {}, 0x0, 0x0, 0xb0}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@mcast1}}}, {{@uncond, 0x0, 0x70, 0xe0}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "217871f2aea983909e950bfeed19cf01a41446497da38b7bd75b1d17e6bae3d62c0499817ac7b96a8d8d478909515a727cceff5c2037932b307e838be0aa5021"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x350)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300626f6e645f736c6176655f300000000008000a00", @ANYRES32=0x0, @ANYBLOB="31640ba80b61e31f1520cf3c4fd13316ea78ec4477c2b339811d10410340f50143bdb1913f7cb14560f936d7b4b06a75861a0a2aac5adb00174f3e166a58ae2e8859646451535ec45910262f2e48b5071f770658013665a5140375d824f7fe580333215927c099188cdb1a"], 0x3c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

887.874097ms ago: executing program 2 (id=698):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000100e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0xa6ffffff)

794.566378ms ago: executing program 2 (id=699):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000440)={0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x7d, &(0x7f00000000c0)=@assoc_value={r2}, 0x8)

785.182029ms ago: executing program 2 (id=700):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)
r2 = socket$inet(0x2, 0x802, 0x1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r4 = accept4(r3, 0x0, 0x0, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r5, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001a80)={0x24, 0x14, 0x1, 0x0, 0x0, {0x2c}, [@INET_DIAG_REQ_BYTECODE={0x9, 0x1, "d07d0754d6"}, @INET_DIAG_REQ_BYTECODE={0x4}]}, 0x24}}, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000005b00)=[{{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000a00)=""/68, 0x44}], 0x1}}], 0x1, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r7, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}], 0x1}}], 0x1, 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r6, 0x0, 0x3, &(0x7f0000000040), 0x4)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)
write(r2, &(0x7f0000000080)="08008edf773c8000", 0xfd)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0x1, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0x10}, {0xc, 0x9, {0xf5}}}}]}]}, 0x70}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x18}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0xf, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000100000000000001811f60f", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000050000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000bb000000b7000000000000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

426.795535ms ago: executing program 0 (id=701):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c30000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1d5d6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe2c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9a3359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069d532749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b87cf6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a57f810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604f8e86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd3536460000000000000000000000000000000000000000001e000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775aea28905c3a1ace5f05689ae67e26856816"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141644089ffe4d2f87e5860c6aab845013f2325f1a39014403048da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
syz_emit_ethernet(0x3e, &(0x7f0000000640)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast}, @echo={0x8, 0x0, 0x0, 0x0, 0x0, "2a3603e9b788dcae20d2da36f687882b40f47bbf"}}}}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r5=>0x0})
socket(0x11, 0xa, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x48, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000b00000000000a000900aaaaaaaaaaaa000008000300", @ANYRES32=r5, @ANYBLOB], 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="4c00007a72deffffff0000000000000000000002", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010069703667726500001c000280080005000000000008000400090000000600"], 0x4c}, 0x1, 0x0, 0x0, 0x24004800}, 0x0)
socket(0x840000000002, 0x3, 0x100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008800800030001"], 0x48}}, 0x0)
pipe(&(0x7f0000000140))
sendmmsg$inet(r6, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x11}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r7, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4}, 0x90)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x297880e5d24e7381}, 0x9c)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r8, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, 0x2, 0x8, 0x101, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x16}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x8000)

371.602368ms ago: executing program 4 (id=702):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x2d5dc0000000000, 0x800003})
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1a003})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x6}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}}, 0x840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r3}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)={0x38, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x4, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x0]}]}]}]}, 0x38}}, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x17, 0x0, 0x1b, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r10, <r11=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r11, 0x0, 0x0}, 0x20)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000140)={'netpci0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @dev})

219.75731ms ago: executing program 1 (id=703):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4), 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}}, 0x0)

217.32663ms ago: executing program 2 (id=704):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000050019000100000008000400400d000018000180140002006e657464657673696d30"], 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)

23.541121ms ago: executing program 0 (id=705):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
socket(0x80000000000000a, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b704000000000000850000003300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
unshare(0x20000400)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000001ec0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

0s ago: executing program 1 (id=706):
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc5a, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
r0 = socket(0xb, 0x4, 0xff)
ioctl$sock_netrom_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={0x0, @default, @bpq0, 0x4, 'syz0\x00', @default, 0xa, 0x7, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
connect$unix(r0, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

ould impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.630684][ T6324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  141.784308][ T6324] hsr_slave_0: entered promiscuous mode
[  141.831435][ T6324] hsr_slave_1: entered promiscuous mode
[  141.840584][ T5117] Bluetooth: hci0: command tx timeout
[  141.900493][ T6324] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  141.908299][ T6324] Cannot create hsr debugfs directory
[  142.715597][ T6432] chnl_net:caif_netlink_parms(): no params data found
[  142.960590][ T5117] Bluetooth: hci2: command tx timeout
[  143.628133][ T6432] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.657221][ T6432] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.676207][ T6432] bridge_slave_0: entered allmulticast mode
[  143.692550][ T6432] bridge_slave_0: entered promiscuous mode
[  143.722041][ T6432] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.744725][ T6432] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.772377][ T6432] bridge_slave_1: entered allmulticast mode
[  143.791166][ T6432] bridge_slave_1: entered promiscuous mode
[  143.923554][ T5117] Bluetooth: hci0: command tx timeout
[  143.961403][ T6503] veth2: entered allmulticast mode
[  143.994744][ T6432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.057261][ T6432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.224229][ T6509] xt_CT: You must specify a L4 protocol and not use inversions on it
[  144.318560][ T6432] team0: Port device team_slave_0 added
[  144.367820][ T6511] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  144.385979][ T6432] team0: Port device team_slave_1 added
[  144.499893][ T6324] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  144.537018][ T6324] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  144.565306][ T6519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[  144.574599][ T6519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[  144.650409][ T6324] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  144.678400][ T6324] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  144.720209][ T6432] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.748301][ T6432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.776814][ T6432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.810430][ T6432] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.817424][ T6432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.869300][ T6432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.027438][ T6432] hsr_slave_0: entered promiscuous mode
[  145.040845][ T5117] Bluetooth: hci2: command tx timeout
[  145.091446][ T6432] hsr_slave_1: entered promiscuous mode
[  145.134126][ T6432] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.142687][ T6432] Cannot create hsr debugfs directory
[  145.698724][ T6432] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.854393][ T6432] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.952084][ T6324] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.075015][ T6432] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.152492][ T6324] 8021q: adding VLAN 0 to HW filter on device team0
[  146.205862][ T6432] bond0: (slave netdevsim0): Releasing backup interface
[  146.225427][ T6432] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.259246][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.266465][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.299141][  T930] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.306459][  T930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.407806][ T6324] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  146.613891][ T6432] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  146.653088][ T6432] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  146.691543][ T6432] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  146.734083][ T6432] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  146.763093][ T6562] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.283'.
[  147.042619][ T6324] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.121876][ T5117] Bluetooth: hci2: command tx timeout
[  147.239392][ T6432] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.398525][ T6432] 8021q: adding VLAN 0 to HW filter on device team0
[  147.462218][ T6324] veth0_vlan: entered promiscuous mode
[  147.485236][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.492477][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.555912][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.563160][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.593907][ T6324] veth1_vlan: entered promiscuous mode
[  147.890612][ T6324] veth0_macvtap: entered promiscuous mode
[  147.917398][ T6324] veth1_macvtap: entered promiscuous mode
[  148.022407][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.059351][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.093684][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.105710][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.121544][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.151838][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.171558][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.193742][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.233259][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.272035][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.293819][ T6324] batman_adv: batadv0: Interface activated: batadv_slave_0
[  148.339389][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.375940][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.407187][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.428183][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.440028][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.460021][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.490665][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.514947][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.538126][ T6324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.554912][ T6324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.579281][ T6324] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.668788][ T6324] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.740192][ T6324] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.776264][ T6619] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.295'.
[  148.794717][ T6324] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.824265][ T6324] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.934010][ T6432] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.145386][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.179876][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.201405][ T5117] Bluetooth: hci2: command tx timeout
[  149.227740][ T6432] veth0_vlan: entered promiscuous mode
[  149.286820][ T6432] veth1_vlan: entered promiscuous mode
[  149.312439][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.343202][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.401559][ T6432] veth0_macvtap: entered promiscuous mode
[  149.443318][ T6432] veth1_macvtap: entered promiscuous mode
[  149.513851][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.546215][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.561571][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.585590][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.598953][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.620040][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.653870][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.678501][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.700140][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.720485][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.740244][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.784492][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.820213][ T6432] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.058404][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.078686][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.100368][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.118674][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.129212][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.163851][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.200386][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.237019][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.271674][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.293659][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.324098][ T6432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.375457][ T6432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.416895][ T6432] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.475782][ T6432] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.520386][ T6432] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.545363][ T6432] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.570450][ T6432] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.726241][ T2802] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.927875][ T2802] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.066304][ T2802] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.142062][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.150018][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.184987][ T2802] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.218845][ T2436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.230316][ T2436] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.396237][ T2802] bridge_slave_1: left allmulticast mode
[  151.403500][ T2802] bridge_slave_1: left promiscuous mode
[  151.409322][ T2802] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.442164][ T2802] bridge_slave_0: left allmulticast mode
[  151.447853][ T2802] bridge_slave_0: left promiscuous mode
[  151.454153][ T2802] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.114542][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  152.124921][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  152.136383][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  152.149087][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  152.158157][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  152.167523][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  152.618070][ T2802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.662087][ T2802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.683902][ T2802] bond0 (unregistering): Released all slaves
[  153.247185][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.306'.
[  153.292527][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.306'.
[  153.680382][ T2802] hsr_slave_0: left promiscuous mode
[  153.704890][ T2802] hsr_slave_1: left promiscuous mode
[  153.731366][ T2802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.762279][ T2802] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.800625][ T2802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.847332][ T2802] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.923686][ T2802] veth1_macvtap: left promiscuous mode
[  153.931458][ T2802] veth0_macvtap: left promiscuous mode
[  153.937184][ T2802] veth1_vlan: left promiscuous mode
[  153.954595][ T2802] veth0_vlan: left promiscuous mode
[  154.241613][ T5117] Bluetooth: hci0: command tx timeout
[  154.850150][ T2802] team0 (unregistering): Port device team_slave_1 removed
[  154.895495][ T2802] team0 (unregistering): Port device team_slave_0 removed
[  155.263917][ T6724] netlink: 'syz.1.310': attribute type 21 has an invalid length.
[  155.272689][ T6724] netlink: 156 bytes leftover after parsing attributes in process `syz.1.310'.
[  155.307714][ T6735] netlink: 'syz.0.312': attribute type 10 has an invalid length.
[  155.400094][ T6735] team0: Port device netdevsim0 added
[  155.413668][ T6747] FAULT_INJECTION: forcing a failure.
[  155.413668][ T6747] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  155.422376][ T6738] netlink: 'syz.0.312': attribute type 10 has an invalid length.
[  155.436112][ T6747] CPU: 0 PID: 6747 Comm: syz.4.315 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  155.445781][ T6747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  155.455844][ T6747] Call Trace:
[  155.459145][ T6747]  <TASK>
[  155.462105][ T6747]  dump_stack_lvl+0x241/0x360
[  155.466838][ T6747]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.472072][ T6747]  ? __pfx__printk+0x10/0x10
[  155.476706][ T6747]  should_fail_ex+0x3b0/0x4e0
[  155.481423][ T6747]  prepare_alloc_pages+0x1da/0x5d0
[  155.486584][ T6747]  __alloc_pages_noprof+0x166/0x6c0
[  155.491814][ T6747]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  155.497580][ T6747]  alloc_pages_mpol_noprof+0x3e8/0x680
[  155.503065][ T6747]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  155.509068][ T6747]  ? alloc_pages_noprof+0xef/0x170
[  155.514202][ T6747]  get_free_pages_noprof+0xc/0x30
[  155.519255][ T6747]  kasan_populate_vmalloc_pte+0x38/0xe0
[  155.524837][ T6747]  __apply_to_page_range+0x8a8/0xe50
[  155.530147][ T6747]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  155.536412][ T6747]  ? __pfx___apply_to_page_range+0x10/0x10
[  155.542237][ T6747]  ? do_raw_spin_unlock+0x13c/0x8b0
[  155.547443][ T6747]  ? kmem_cache_alloc_node_noprof+0x1c4/0x320
[  155.553527][ T6747]  alloc_vmap_area+0x1d41/0x23e0
[  155.558497][ T6747]  ? __pfx_alloc_vmap_area+0x10/0x10
[  155.563965][ T6747]  ? __kasan_kmalloc+0x98/0xb0
[  155.568750][ T6747]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  155.574741][ T6747]  ? __get_vm_area_node+0x113/0x270
[  155.579960][ T6747]  ? prealloc_init+0x139/0x840
[  155.584747][ T6747]  __get_vm_area_node+0x1a9/0x270
[  155.589789][ T6747]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  155.595717][ T6747]  ? prealloc_init+0x139/0x840
[  155.600609][ T6747]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  155.607064][ T6747]  ? __pfx___might_resched+0x10/0x10
[  155.612360][ T6747]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  155.618178][ T6747]  bpf_map_area_alloc+0xfc/0x120
[  155.623125][ T6747]  ? prealloc_init+0x139/0x840
[  155.627899][ T6747]  prealloc_init+0x139/0x840
[  155.632515][ T6747]  htab_map_alloc+0x86e/0xe70
[  155.637207][ T6747]  map_create+0x90c/0x1200
[  155.641721][ T6747]  ? security_bpf+0x87/0xb0
[  155.646233][ T6747]  __sys_bpf+0x6d1/0x810
[  155.650486][ T6747]  ? __pfx___sys_bpf+0x10/0x10
[  155.655273][ T6747]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  155.661266][ T6747]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  155.667603][ T6747]  ? do_syscall_64+0x100/0x230
[  155.672380][ T6747]  __x64_sys_bpf+0x7c/0x90
[  155.676802][ T6747]  do_syscall_64+0xf3/0x230
[  155.681329][ T6747]  ? clear_bhb_loop+0x35/0x90
[  155.686033][ T6747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.692035][ T6747] RIP: 0033:0x7f77bc575f19
[  155.696489][ T6747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.716124][ T6747] RSP: 002b:00007f77bd415048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.724566][ T6747] RAX: ffffffffffffffda RBX: 00007f77bc705f60 RCX: 00007f77bc575f19
[  155.732545][ T6747] RDX: 0000000000000048 RSI: 0000000020000100 RDI: 0000000000000000
[  155.740525][ T6747] RBP: 00007f77bd4150a0 R08: 0000000000000000 R09: 0000000000000000
[  155.748505][ T6747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  155.756751][ T6747] R13: 000000000000000b R14: 00007f77bc705f60 R15: 00007ffdc3d55b48
[  155.764750][ T6747]  </TASK>
[  155.789661][ T6738] team0: Port device netdevsim0 removed
[  155.804781][ T6738] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  156.077392][ T6756] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.318'.
[  156.229322][ T6688] chnl_net:caif_netlink_parms(): no params data found
[  156.324830][ T5117] Bluetooth: hci0: command tx timeout
[  156.730252][ T6688] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.746720][ T6688] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.763991][ T6688] bridge_slave_0: entered allmulticast mode
[  156.776390][ T6688] bridge_slave_0: entered promiscuous mode
[  156.792069][ T6688] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.816155][ T6688] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.855050][ T6688] bridge_slave_1: entered allmulticast mode
[  156.906046][ T6688] bridge_slave_1: entered promiscuous mode
[  157.039690][ T6688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.077246][ T6688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.224164][ T6793] netlink: 52 bytes leftover after parsing attributes in process `syz.1.324'.
[  157.264370][ T6688] team0: Port device team_slave_0 added
[  157.294925][ T6688] team0: Port device team_slave_1 added
[  157.494848][ T6799] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  157.559244][ T6688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.574016][ T6688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.629925][ T6688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.664652][ T6688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.686543][ T6688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.721358][ T6688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.976268][ T6812] lo speed is unknown, defaulting to 1000
[  157.992454][ T6688] hsr_slave_0: entered promiscuous mode
[  158.047889][ T6688] hsr_slave_1: entered promiscuous mode
[  158.089810][ T6688] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.100977][ T6688] Cannot create hsr debugfs directory
[  158.118134][ T6812] lo speed is unknown, defaulting to 1000
[  158.294005][ T6812] lo speed is unknown, defaulting to 1000
[  158.401251][ T5117] Bluetooth: hci0: command tx timeout
[  158.518113][ T6831] netlink: 28 bytes leftover after parsing attributes in process `syz.1.336'.
[  158.583085][ T6831] netlink: 28 bytes leftover after parsing attributes in process `syz.1.336'.
[  158.860247][ T6843] netlink: 52 bytes leftover after parsing attributes in process `syz.1.337'.
[  159.067672][ T6812] infiniband syz0: set down
[  159.092212][ T6812] infiniband syz0: added lo
[  159.115551][ T6812] syz0: rxe_create_cq: returned err = -12
[  159.138573][ T6812] infiniband syz0: Couldn't create ib_mad CQ
[  159.148370][ T5162] lo speed is unknown, defaulting to 1000
[  159.170771][ T6812] infiniband syz0: Couldn't open port 1
[  159.282664][ T6812] RDS/IB: syz0: added
[  159.302596][ T6812] smc: adding ib device syz0 with port count 1
[  159.308981][ T6812] smc:    ib device syz0 port 1 has pnetid 
[  159.387889][   T58] lo speed is unknown, defaulting to 1000
[  159.408037][ T6812] lo speed is unknown, defaulting to 1000
[  159.709281][ T6688] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  159.748176][ T6688] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  159.789444][ T6688] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  159.818783][ T6688] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  160.163612][ T6812] lo speed is unknown, defaulting to 1000
[  160.197553][ T6688] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.318180][ T6688] 8021q: adding VLAN 0 to HW filter on device team0
[  160.380108][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.387327][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.452907][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.460144][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.488702][ T5117] Bluetooth: hci0: command tx timeout
[  160.637876][ T6688] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  160.930251][ T6812] lo speed is unknown, defaulting to 1000
[  161.265313][ T6899] netlink: 52 bytes leftover after parsing attributes in process `syz.0.348'.
[  161.447691][ T6688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.691421][ T6688] veth0_vlan: entered promiscuous mode
[  161.734383][ T6812] lo speed is unknown, defaulting to 1000
[  161.740845][ T6688] veth1_vlan: entered promiscuous mode
[  161.875613][ T6688] veth0_macvtap: entered promiscuous mode
[  161.918752][ T6688] veth1_macvtap: entered promiscuous mode
[  162.013577][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.057563][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.108579][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.138517][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.168266][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.199424][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.229873][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.269730][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.300167][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.329795][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.374630][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.405533][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.442224][ T6688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.456737][ T6812] lo speed is unknown, defaulting to 1000
[  162.480215][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.549445][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.600233][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.638426][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.688424][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.715487][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.745882][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.783489][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.814092][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.845037][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.876212][ T6688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.910315][ T6688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.942517][ T6688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.999063][ T6812] lo speed is unknown, defaulting to 1000
[  163.002922][ T6688] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.045842][ T6688] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.090568][ T6688] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.099331][ T6688] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.391139][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.419768][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.536522][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.559765][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.730986][ T6812] lo speed is unknown, defaulting to 1000
[  164.617641][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.0.358'.
[  164.639601][ T6951] netlink: 16 bytes leftover after parsing attributes in process `syz.2.359'.
[  164.655145][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.0.358'.
[  164.667582][ T6951] netlink: 4 bytes leftover after parsing attributes in process `syz.2.359'.
[  165.181904][ T6963] netlink: 20 bytes leftover after parsing attributes in process `syz.4.362'.
[  165.555602][ T2436] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.074635][ T2436] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.205459][ T2436] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.349129][ T2436] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.557810][ T2436] bridge_slave_1: left allmulticast mode
[  166.590533][ T2436] bridge_slave_1: left promiscuous mode
[  166.596390][ T2436] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.650668][ T2436] bridge_slave_0: left allmulticast mode
[  166.656382][ T2436] bridge_slave_0: left promiscuous mode
[  166.681386][ T2436] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.819006][ T6979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.366'.
[  166.989891][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  166.999696][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  167.017356][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  167.028504][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  167.037503][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  167.060543][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  167.515894][ T2436] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.532612][ T2436] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.544778][ T2436] bond0 (unregistering): Released all slaves
[  168.162844][ T6980] lo speed is unknown, defaulting to 1000
[  168.170747][ T6997] netlink: 16 bytes leftover after parsing attributes in process `syz.0.371'.
[  168.197089][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.0.371'.
[  168.381052][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.372'.
[  168.410714][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.372'.
[  169.120739][ T5117] Bluetooth: hci0: command tx timeout
[  169.135038][ T2436] hsr_slave_0: left promiscuous mode
[  169.153080][ T2436] hsr_slave_1: left promiscuous mode
[  169.171379][ T2436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.178843][ T2436] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.187452][ T2436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.195190][ T2436] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.230847][ T2436] veth1_macvtap: left promiscuous mode
[  169.236439][ T2436] veth0_macvtap: left promiscuous mode
[  169.242277][ T2436] veth1_vlan: left promiscuous mode
[  169.247657][ T2436] veth0_vlan: left promiscuous mode
[  170.346802][ T2436] team0 (unregistering): Port device team_slave_1 removed
[  170.427824][ T2436] team0 (unregistering): Port device team_slave_0 removed
[  171.175180][ T7038] FAULT_INJECTION: forcing a failure.
[  171.175180][ T7038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.200616][ T5117] Bluetooth: hci0: command tx timeout
[  171.203512][ T7038] CPU: 1 PID: 7038 Comm: syz.4.380 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  171.215890][ T7038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  171.225967][ T7038] Call Trace:
[  171.229268][ T7038]  <TASK>
[  171.232219][ T7038]  dump_stack_lvl+0x241/0x360
[  171.236940][ T7038]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.242182][ T7038]  ? __pfx__printk+0x10/0x10
[  171.246820][ T7038]  ? __pfx_lock_release+0x10/0x10
[  171.251910][ T7038]  should_fail_ex+0x3b0/0x4e0
[  171.256624][ T7038]  _copy_from_user+0x2f/0xe0
[  171.261254][ T7038]  csum_and_copy_from_iter_full+0x1fe/0x1df0
[  171.267280][ T7038]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  171.273730][ T7038]  ? trace_kmalloc+0x1f/0xd0
[  171.278350][ T7038]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[  171.284985][ T7038]  ? __build_skb_around+0x245/0x3d0
[  171.290233][ T7038]  ip_generic_getfrag+0x158/0x310
[  171.295299][ T7038]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  171.300881][ T7038]  ? raw6_getfrag+0x104/0x350
[  171.305721][ T7038]  ? skb_put+0x114/0x1f0
[  171.310016][ T7038]  __ip6_append_data+0x3047/0x4070
[  171.315202][ T7038]  ? __pfx_raw6_getfrag+0x10/0x10
[  171.320277][ T7038]  ? __pfx___ip6_append_data+0x10/0x10
[  171.325774][ T7038]  ? ip6_setup_cork+0x9fd/0xfb0
[  171.330676][ T7038]  ip6_append_data+0x264/0x3a0
[  171.335485][ T7038]  ? __pfx_raw6_getfrag+0x10/0x10
[  171.340561][ T7038]  rawv6_sendmsg+0x18f1/0x23c0
[  171.345393][ T7038]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  171.350564][ T7038]  ? aa_sk_perm+0x967/0xab0
[  171.355123][ T7038]  ? __might_fault+0xaa/0x120
[  171.359850][ T7038]  ? inet_sendmsg+0x330/0x390
[  171.364567][ T7038]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  171.369893][ T7038]  ? security_socket_sendmsg+0x87/0xb0
[  171.375403][ T7038]  __sock_sendmsg+0x1a6/0x270
[  171.380212][ T7038]  ____sys_sendmsg+0x525/0x7d0
[  171.385032][ T7038]  ? __pfx_____sys_sendmsg+0x10/0x10
[  171.390402][ T7038]  __sys_sendmsg+0x2b0/0x3a0
[  171.395027][ T7038]  ? __pfx___sys_sendmsg+0x10/0x10
[  171.400266][ T7038]  ? vfs_write+0x7c4/0xc90
[  171.404881][ T7038]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  171.411254][ T7038]  ? do_syscall_64+0x100/0x230
[  171.416071][ T7038]  ? do_syscall_64+0xb6/0x230
[  171.420789][ T7038]  do_syscall_64+0xf3/0x230
[  171.425328][ T7038]  ? clear_bhb_loop+0x35/0x90
[  171.430031][ T7038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.435943][ T7038] RIP: 0033:0x7f77bc575f19
[  171.440371][ T7038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.460005][ T7038] RSP: 002b:00007f77bd415048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.468460][ T7038] RAX: ffffffffffffffda RBX: 00007f77bc705f60 RCX: 00007f77bc575f19
[  171.476655][ T7038] RDX: 0000000000044004 RSI: 00000000200000c0 RDI: 0000000000000003
[  171.484639][ T7038] RBP: 00007f77bd4150a0 R08: 0000000000000000 R09: 0000000000000000
[  171.492615][ T7038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.500595][ T7038] R13: 000000000000000b R14: 00007f77bc705f60 R15: 00007ffdc3d55b48
[  171.508598][ T7038]  </TASK>
[  171.631648][ T6980] chnl_net:caif_netlink_parms(): no params data found
[  171.834347][ T7053] netlink: 16 bytes leftover after parsing attributes in process `syz.0.384'.
[  171.850070][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.0.384'.
[  171.985036][ T7062] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.044066][ T7062] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.056998][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.385'.
[  172.114102][ T7066] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  172.259674][ T6980] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.301590][ T6980] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.312351][ T6980] bridge_slave_0: entered allmulticast mode
[  172.320129][ T6980] bridge_slave_0: entered promiscuous mode
[  172.382976][ T6980] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.403676][ T6980] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.425259][ T6980] bridge_slave_1: entered allmulticast mode
[  172.452702][ T6980] bridge_slave_1: entered promiscuous mode
[  172.617050][ T6980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.667037][ T6980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.853046][ T6980] team0: Port device team_slave_0 added
[  172.892007][ T6980] team0: Port device team_slave_1 added
[  173.041425][ T6980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.064354][ T6980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.170390][ T6980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.215710][ T6980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.240220][ T6980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.280517][ T5117] Bluetooth: hci0: command tx timeout
[  173.302309][ T6980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.476092][ T6980] hsr_slave_0: entered promiscuous mode
[  173.492209][ T6980] hsr_slave_1: entered promiscuous mode
[  173.511581][ T6980] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  173.543172][ T6980] Cannot create hsr debugfs directory
[  173.846781][ T7105] netlink: 24 bytes leftover after parsing attributes in process `syz.1.393'.
[  174.469623][ T7114] netlink: 16 bytes leftover after parsing attributes in process `syz.1.395'.
[  174.499397][ T7114] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'.
[  175.192236][ T6980] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  175.208633][ T6980] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  175.247225][ T6980] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  175.288845][ T6980] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  175.361334][ T5117] Bluetooth: hci0: command tx timeout
[  175.708824][ T6980] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.759094][ T7134] team_slave_0: entered promiscuous mode
[  175.765204][ T7134] team_slave_1: entered promiscuous mode
[  175.791771][ T7134] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  175.817903][ T7134] team_slave_0: left promiscuous mode
[  175.823494][ T7134] team_slave_1: left promiscuous mode
[  175.952138][ T6980] 8021q: adding VLAN 0 to HW filter on device team0
[  176.012028][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.019223][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.062472][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.069671][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.227861][ T6980] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  176.423159][ T7151] netlink: 16 bytes leftover after parsing attributes in process `syz.1.406'.
[  176.441351][ T7151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.406'.
[  176.993306][ T6980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.175984][ T6980] veth0_vlan: entered promiscuous mode
[  177.252648][ T6980] veth1_vlan: entered promiscuous mode
[  177.334388][ T6980] veth0_macvtap: entered promiscuous mode
[  177.368969][ T6980] veth1_macvtap: entered promiscuous mode
[  177.438730][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.479599][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.530493][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.571853][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.600316][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.640216][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.669721][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.709588][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.750544][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.767598][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.814040][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.880313][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.917508][ T6980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.999061][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.033311][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.063669][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.110793][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.160971][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.200424][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.238666][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.286447][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.320060][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.348292][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.377129][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.408162][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.452443][ T6980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.478874][ T7203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.416'.
[  178.584478][ T6980] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.643953][ T6980] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.678624][ T6980] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.703881][ T6980] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.034703][ T1036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.080742][ T1036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.172481][ T7218] netlink: 16 bytes leftover after parsing attributes in process `syz.4.419'.
[  179.190894][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.419'.
[  179.237137][ T7221] netlink: 40 bytes leftover after parsing attributes in process `syz.1.420'.
[  179.327139][ T2436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.373621][ T2436] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.678432][ T7232] netlink: 24 bytes leftover after parsing attributes in process `syz.4.422'.
[  179.725024][ T7232] netlink: 24 bytes leftover after parsing attributes in process `syz.4.422'.
[  179.770985][ T7232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.422'.
[  179.795210][ T7232] netlink: 28 bytes leftover after parsing attributes in process `syz.4.422'.
[  180.314628][ T7256] netlink: 16 bytes leftover after parsing attributes in process `syz.1.429'.
[  180.540770][ T7262] netlink: 16 bytes leftover after parsing attributes in process `syz.1.431'.
[  180.652330][ T7265] Cannot find del_set index 0 as target
[  180.798468][ T1036] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.110151][ T1036] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.258739][ T1036] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.423098][ T1036] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.735428][ T1036] bridge_slave_1: left allmulticast mode
[  181.752671][ T1036] bridge_slave_1: left promiscuous mode
[  181.758570][ T1036] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.787212][ T1036] bridge_slave_0: left allmulticast mode
[  181.810342][ T1036] bridge_slave_0: left promiscuous mode
[  181.816131][ T1036] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.649460][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  182.680680][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  182.696646][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  182.719572][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  182.737008][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  182.744998][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  182.885146][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  182.895964][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  182.910609][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  182.922213][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  182.930122][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  182.938928][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  183.184315][ T1036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.199603][ T1036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.218346][ T1036] bond0 (unregistering): Released all slaves
[  183.254803][ T7294] netlink: 'syz.0.437': attribute type 29 has an invalid length.
[  183.383990][ T7295] lo speed is unknown, defaulting to 1000
[  183.794438][ T7317] __nla_validate_parse: 2 callbacks suppressed
[  183.794460][ T7317] netlink: 16 bytes leftover after parsing attributes in process `syz.4.443'.
[  184.154184][ T7290] lo speed is unknown, defaulting to 1000
[  184.235877][ T7324] netlink: 16 bytes leftover after parsing attributes in process `syz.0.444'.
[  184.800554][ T5117] Bluetooth: hci0: command tx timeout
[  184.960686][   T54] Bluetooth: hci3: command tx timeout
[  185.260574][ T1036] hsr_slave_0: left promiscuous mode
[  185.277106][ T1036] hsr_slave_1: left promiscuous mode
[  185.302477][ T7349] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.449'.
[  185.340678][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.348165][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.401620][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.424155][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.492552][ T1036] veth1_macvtap: left promiscuous mode
[  185.498243][ T1036] veth0_macvtap: left promiscuous mode
[  185.508500][ T1036] veth1_vlan: left promiscuous mode
[  185.528836][ T1036] veth0_vlan: left promiscuous mode
[  186.565566][ T1036] team0 (unregistering): Port device team_slave_1 removed
[  186.644290][ T1036] team0 (unregistering): Port device team_slave_0 removed
[  186.882083][   T54] Bluetooth: hci0: command tx timeout
[  187.043143][   T54] Bluetooth: hci3: command tx timeout
[  187.505890][ T7295] chnl_net:caif_netlink_parms(): no params data found
[  188.189231][ T7295] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.219903][ T7295] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.238448][ T7295] bridge_slave_0: entered allmulticast mode
[  188.248983][ T7295] bridge_slave_0: entered promiscuous mode
[  188.292372][ T7295] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.299555][ T7295] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.352382][ T7295] bridge_slave_1: entered allmulticast mode
[  188.371347][ T7295] bridge_slave_1: entered promiscuous mode
[  188.392771][ T7373] netlink: 16 bytes leftover after parsing attributes in process `syz.0.454'.
[  188.637985][ T7295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.692070][ T7384] netlink: 24 bytes leftover after parsing attributes in process `syz.0.455'.
[  188.737428][ T7290] chnl_net:caif_netlink_parms(): no params data found
[  188.758145][ T7295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.927172][ T7295] team0: Port device team_slave_0 added
[  188.960776][   T54] Bluetooth: hci0: command tx timeout
[  189.007637][ T7295] team0: Port device team_slave_1 added
[  189.064997][ T7395] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.459'.
[  189.120552][   T54] Bluetooth: hci3: command tx timeout
[  189.304633][ T1036] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.432245][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.469390][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.526404][ T7295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.548797][ T7295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.562023][ T7295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.612722][ T7295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.668237][ T1036] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.836277][ T1036] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.930506][ T7290] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.950564][ T7290] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.957870][ T7290] bridge_slave_0: entered allmulticast mode
[  189.992325][ T7290] bridge_slave_0: entered promiscuous mode
[  190.009905][ T7290] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.017317][ T7290] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.025806][ T7290] bridge_slave_1: entered allmulticast mode
[  190.033796][ T7290] bridge_slave_1: entered promiscuous mode
[  190.058205][ T1036] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.153627][ T7295] hsr_slave_0: entered promiscuous mode
[  190.222495][ T7295] hsr_slave_1: entered promiscuous mode
[  190.251229][ T7295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.267380][ T7295] Cannot create hsr debugfs directory
[  190.446861][ T7290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.477002][ T7290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.746376][ T7290] team0: Port device team_slave_0 added
[  190.781630][ T7290] team0: Port device team_slave_1 added
[  191.015486][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.040701][   T54] Bluetooth: hci0: command tx timeout
[  191.046194][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.113988][ T7290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.192743][ T7427] netlink: 16 bytes leftover after parsing attributes in process `syz.0.464'.
[  191.200512][   T54] Bluetooth: hci3: command tx timeout
[  191.243885][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.295186][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.340469][ T7290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.424939][ T1036] bridge_slave_1: left allmulticast mode
[  191.438009][ T1036] bridge_slave_1: left promiscuous mode
[  191.457033][ T1036] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.474624][ T1036] bridge_slave_0: left allmulticast mode
[  191.480636][ T1036] bridge_slave_0: left promiscuous mode
[  191.486462][ T1036] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.509282][ T7439] netlink: 36 bytes leftover after parsing attributes in process `syz.4.467'.
[  192.219330][ T1036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  192.237783][ T1036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  192.249217][ T1036] bond0 (unregistering): Released all slaves
[  192.525747][ T7453] netlink: 191416 bytes leftover after parsing attributes in process `syz.4.470'.
[  192.540911][ T7290] hsr_slave_0: entered promiscuous mode
[  192.548364][ T7290] hsr_slave_1: entered promiscuous mode
[  192.566230][ T7290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.575919][ T7290] Cannot create hsr debugfs directory
[  193.098774][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.1.475'.
[  193.714420][ T1036] hsr_slave_0: left promiscuous mode
[  193.742957][ T1036] hsr_slave_1: left promiscuous mode
[  193.756819][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.786561][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.806036][ T1036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.832236][ T1036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.912075][ T1036] veth1_macvtap: left promiscuous mode
[  193.917684][ T1036] veth0_macvtap: left promiscuous mode
[  193.949329][ T1036] veth1_vlan: left promiscuous mode
[  193.968541][ T1036] veth0_vlan: left promiscuous mode
[  194.567356][ T1254] ieee802154 phy0 wpan0: encryption failed: -22
[  194.600340][ T1254] ieee802154 phy1 wpan1: encryption failed: -22
[  195.244356][ T7496] FAULT_INJECTION: forcing a failure.
[  195.244356][ T7496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.277930][ T7496] CPU: 1 PID: 7496 Comm: syz.0.478 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  195.287634][ T7496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  195.297729][ T7496] Call Trace:
[  195.301036][ T7496]  <TASK>
[  195.304005][ T7496]  dump_stack_lvl+0x241/0x360
[  195.308729][ T7496]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.313963][ T7496]  ? __pfx__printk+0x10/0x10
[  195.318588][ T7496]  ? __pfx_lock_release+0x10/0x10
[  195.323656][ T7496]  should_fail_ex+0x3b0/0x4e0
[  195.328377][ T7496]  _copy_from_user+0x2f/0xe0
[  195.333008][ T7496]  copy_msghdr_from_user+0xae/0x680
[  195.338243][ T7496]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  195.344081][ T7496]  __sys_sendmsg+0x23d/0x3a0
[  195.348678][ T7496]  ? __pfx___sys_sendmsg+0x10/0x10
[  195.353802][ T7496]  ? vfs_write+0x7c4/0xc90
[  195.358261][ T7496]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  195.364602][ T7496]  ? do_syscall_64+0x100/0x230
[  195.369388][ T7496]  ? do_syscall_64+0xb6/0x230
[  195.374080][ T7496]  do_syscall_64+0xf3/0x230
[  195.378593][ T7496]  ? clear_bhb_loop+0x35/0x90
[  195.383286][ T7496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.389195][ T7496] RIP: 0033:0x7fe38ad75f19
[  195.393617][ T7496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.413229][ T7496] RSP: 002b:00007fe38baf5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.421654][ T7496] RAX: ffffffffffffffda RBX: 00007fe38af05f60 RCX: 00007fe38ad75f19
[  195.429629][ T7496] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  195.437607][ T7496] RBP: 00007fe38baf50a0 R08: 0000000000000000 R09: 0000000000000000
[  195.445583][ T7496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.453562][ T7496] R13: 000000000000000b R14: 00007fe38af05f60 R15: 00007fff0adfee58
[  195.461554][ T7496]  </TASK>
[  195.640677][ T1036] team0 (unregistering): Port device team_slave_1 removed
[  195.723088][ T1036] team0 (unregistering): Port device team_slave_0 removed
[  195.723282][ T7502] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.480'.
[  196.342812][ T2802] smc: removing ib device syz0
[  196.603652][ T7295] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  196.658232][ T5117] Bluetooth: hci4: command 0x0406 tx timeout
[  196.739736][ T7295] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  196.978337][ T7515] netlink: 16 bytes leftover after parsing attributes in process `syz.1.485'.
[  196.998741][ T7295] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  197.112175][ T7295] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  198.314400][ T7295] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.398065][ T7533] xt_cluster: you have exceeded the maximum number of cluster nodes (768 > 32)
[  198.516000][ T7295] 8021q: adding VLAN 0 to HW filter on device team0
[  198.771645][ T5162] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.778997][ T5162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.892211][ T7290] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  198.938033][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.945358][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.042683][ T7290] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  199.121130][ T7290] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  199.205548][ T7290] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  199.288840][ T7295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  199.896410][ T7290] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.982164][ T7290] 8021q: adding VLAN 0 to HW filter on device team0
[  200.028263][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.035643][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.147474][ T7295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.213914][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.221161][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.301398][ T7555] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.490'.
[  200.584066][ T7295] veth0_vlan: entered promiscuous mode
[  200.619013][ T7295] veth1_vlan: entered promiscuous mode
[  200.794460][ T7295] veth0_macvtap: entered promiscuous mode
[  200.844950][ T7295] veth1_macvtap: entered promiscuous mode
[  200.939966][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.000548][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.040463][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.068609][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.099832][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.128763][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.153017][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.183915][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.213368][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.260420][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.304302][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.369588][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.410388][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.440362][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.499280][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.511682][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.540377][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.550380][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.570824][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.590783][ T7295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.620552][ T7295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.642297][ T7295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.713801][ T7295] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.761174][ T7295] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.769963][ T7295] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.810334][ T7295] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.877185][ T7290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.930142][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.496'.
[  202.224590][ T7290] veth0_vlan: entered promiscuous mode
[  202.275371][ T7290] veth1_vlan: entered promiscuous mode
[  202.312416][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.351490][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.382054][ T7592] netlink: 'syz.1.498': attribute type 9 has an invalid length.
[  202.507002][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.537769][ T7290] veth0_macvtap: entered promiscuous mode
[  202.550673][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.585669][ T7290] veth1_macvtap: entered promiscuous mode
[  202.634265][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.662442][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.686092][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.708965][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.730216][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.764219][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.801029][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.823543][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.847093][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.881985][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.913756][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.943371][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.973984][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.058302][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.114613][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.148778][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.171929][ T7614] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.500'.
[  203.190708][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.220378][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.261644][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.320483][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.361313][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.390575][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.434177][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.476669][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.541100][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.587723][ T7625] block nbd0: NBD_DISCONNECT
[  203.592003][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.620824][ T7616] netlink: 40 bytes leftover after parsing attributes in process `syz.2.436'.
[  203.644072][ T7625] block nbd0: Send disconnect failed -32
[  203.650017][ T7625] block nbd0: shutting down sockets
[  203.681855][ T7290] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.700424][ T7290] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.741082][ T7290] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.760655][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  203.774352][ T7290] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.803119][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  203.873009][   T41] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  203.884263][   T41] Buffer I/O error on dev nbd0, logical block 0, async page read
[  203.893475][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  203.925747][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  203.934374][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  203.977274][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.068466][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.100531][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.167320][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.221596][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.228129][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.249908][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.285290][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.330561][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.338504][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.401402][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.444036][ T2802] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.456098][ T5401] ldm_validate_partition_table(): Disk read failed.
[  204.495054][ T2802] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.530417][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.539599][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.601801][ T5401] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  204.650372][ T5401] Buffer I/O error on dev nbd0, logical block 0, async page read
[  204.681508][ T5401] Dev nbd0: unable to read RDB block 0
[  204.687465][ T5401]  nbd0: unable to read partition table
[  204.753270][ T5401] ldm_validate_partition_table(): Disk read failed.
[  204.792645][ T7636] x_tables: duplicate underflow at hook 2
[  204.817471][ T5401] Dev nbd0: unable to read RDB block 0
[  204.829186][ T5401]  nbd0: unable to read partition table
[  204.850909][ T7636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.504'.
[  205.162905][ T5117] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  205.173041][ T5117] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  205.185550][ T5117] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  205.198044][ T5117] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  205.221759][ T5117] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  205.229485][ T5117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  206.114346][ T1097] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.343735][ T1097] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.496903][ T1097] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.674172][ T1097] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.806545][ T7647] chnl_net:caif_netlink_parms(): no params data found
[  207.121180][ T1097] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.283264][   T54] Bluetooth: hci0: command tx timeout
[  207.326008][ T7693] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.511'.
[  207.350660][ T1097] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.567562][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  207.578588][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  207.588552][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  207.589859][ T1097] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.628861][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  207.640021][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  207.648202][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  207.661921][ T7647] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.710028][ T7647] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.737754][ T7647] bridge_slave_0: entered allmulticast mode
[  207.760543][ T7647] bridge_slave_0: entered promiscuous mode
[  207.782786][ T7647] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.790090][ T7647] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.832055][ T7647] bridge_slave_1: entered allmulticast mode
[  207.855338][ T7647] bridge_slave_1: entered promiscuous mode
[  208.039666][ T1097] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.243508][ T7647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.269488][ T7647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.469107][ T7647] team0: Port device team_slave_0 added
[  208.511052][ T7715] netlink: 40 bytes leftover after parsing attributes in process `syz.1.514'.
[  208.598051][ T7647] team0: Port device team_slave_1 added
[  208.841101][ T1097] bridge_slave_1: left allmulticast mode
[  208.850727][ T1097] bridge_slave_1: left promiscuous mode
[  208.856513][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.883039][ T1097] bridge_slave_0: left allmulticast mode
[  208.899199][ T1097] bridge_slave_0: left promiscuous mode
[  208.909642][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.951466][ T1097] bridge_slave_1: left allmulticast mode
[  208.957456][ T1097] bridge_slave_1: left promiscuous mode
[  208.970744][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.009794][ T1097] bridge_slave_0: left allmulticast mode
[  209.030325][ T1097] bridge_slave_0: left promiscuous mode
[  209.042662][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.103712][ T1097] bond_slave_0: left promiscuous mode
[  209.109515][ T1097] bond_slave_1: left promiscuous mode
[  209.371387][   T54] Bluetooth: hci0: command tx timeout
[  209.760651][   T54] Bluetooth: hci1: command tx timeout
[  210.575933][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.609749][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.631907][ T1097] bond0 (unregistering): Released all slaves
[  210.778623][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.792102][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.817280][ T1097] bond0 (unregistering): Released all slaves
[  210.853403][ T7647] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.869101][ T7647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.929834][ T7647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.028119][ T7728] netlink: 4 bytes leftover after parsing attributes in process `syz.0.517'.
[  211.090251][ T7735] netlink: 72 bytes leftover after parsing attributes in process `syz.1.518'.
[  211.171578][ T7647] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.179010][ T7647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.255694][ T7647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.440425][ T5117] Bluetooth: hci0: command tx timeout
[  211.573209][ T7647] hsr_slave_0: entered promiscuous mode
[  211.638127][ T7647] hsr_slave_1: entered promiscuous mode
[  211.690867][ T7647] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.698212][ T7746] netlink: 191416 bytes leftover after parsing attributes in process `syz.0.521'.
[  211.718427][ T7647] Cannot create hsr debugfs directory
[  211.851891][ T5117] Bluetooth: hci1: command tx timeout
[  212.001936][ T5117] Bluetooth: hci5: command 0x0406 tx timeout
[  212.348852][ T7700] chnl_net:caif_netlink_parms(): no params data found
[  213.068588][ T1097] hsr_slave_0: left promiscuous mode
[  213.108135][ T1097] hsr_slave_1: left promiscuous mode
[  213.127606][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.156577][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.195007][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.220419][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  213.293142][ T1097] hsr_slave_0: left promiscuous mode
[  213.299409][ T1097] hsr_slave_1: left promiscuous mode
[  213.312875][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.330740][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.364765][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.380379][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  213.509054][ T1097] veth1_macvtap: left promiscuous mode
[  213.520415][   T54] Bluetooth: hci0: command tx timeout
[  213.537431][ T1097] veth0_macvtap: left promiscuous mode
[  213.544349][ T1097] veth1_vlan: left promiscuous mode
[  213.549718][ T1097] veth0_vlan: left promiscuous mode
[  213.585218][ T1097] veth1_macvtap: left promiscuous mode
[  213.590919][ T1097] veth0_macvtap: left promiscuous mode
[  213.596611][ T1097] veth1_vlan: left promiscuous mode
[  213.610538][ T1097] veth0_vlan: left promiscuous mode
[  213.922470][   T54] Bluetooth: hci1: command tx timeout
[  215.035193][ T1097] team0 (unregistering): Port device team_slave_1 removed
[  215.088400][ T1097] team0 (unregistering): Port device team_slave_0 removed
[  215.874529][ T1097] team0 (unregistering): Port device team_slave_1 removed
[  215.921258][ T1097] team0 (unregistering): Port device team_slave_0 removed
[  216.010873][   T54] Bluetooth: hci1: command tx timeout
[  216.420155][ T7700] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.450749][ T7700] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.458118][ T7700] bridge_slave_0: entered allmulticast mode
[  216.485332][ T7700] bridge_slave_0: entered promiscuous mode
[  216.534402][ T7799] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.531'.
[  216.620187][ T7700] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.643428][ T7700] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.661872][ T7700] bridge_slave_1: entered allmulticast mode
[  216.688440][ T7700] bridge_slave_1: entered promiscuous mode
[  216.871323][ T7700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.884065][ T7700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.108974][ T7700] team0: Port device team_slave_0 added
[  217.142504][ T7700] team0: Port device team_slave_1 added
[  217.260560][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.272584][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.334029][ T7700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.399307][ T7700] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.418926][ T7700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.487333][ T7700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.746114][ T7647] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  217.812598][ T7700] hsr_slave_0: entered promiscuous mode
[  217.819804][ T7700] hsr_slave_1: entered promiscuous mode
[  217.844991][ T7647] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  217.866751][ T7647] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  217.923243][ T7647] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  218.817193][ T7647] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.955364][ T7647] 8021q: adding VLAN 0 to HW filter on device team0
[  219.093383][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.100613][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.224251][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.231647][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.496838][ T7700] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  219.555993][ T7700] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  219.599540][ T7700] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  219.633164][ T7853] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.543'.
[  219.643210][ T7700] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  220.122450][ T7700] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.224224][ T7700] 8021q: adding VLAN 0 to HW filter on device team0
[  220.265121][ T7647] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.340327][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.347609][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.369862][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.377190][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.587488][ T7881] FAULT_INJECTION: forcing a failure.
[  220.587488][ T7881] name failslab, interval 1, probability 0, space 0, times 0
[  220.619658][ T7881] CPU: 0 PID: 7881 Comm: syz.0.548 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  220.629360][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  220.639453][ T7881] Call Trace:
[  220.642771][ T7881]  <TASK>
[  220.645729][ T7881]  dump_stack_lvl+0x241/0x360
[  220.650458][ T7881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.655720][ T7881]  ? __pfx__printk+0x10/0x10
[  220.660353][ T7881]  ? __pfx___might_resched+0x10/0x10
[  220.665695][ T7881]  ? dynamic_dname+0x141/0x1b0
[  220.670504][ T7881]  should_fail_ex+0x3b0/0x4e0
[  220.675217][ T7881]  ? tomoyo_encode+0x26f/0x540
[  220.680031][ T7881]  should_failslab+0x9/0x20
[  220.684576][ T7881]  __kmalloc_noprof+0xd8/0x400
[  220.689425][ T7881]  tomoyo_encode+0x26f/0x540
[  220.694091][ T7881]  ? __pfx_sockfs_dname+0x10/0x10
[  220.699164][ T7881]  tomoyo_realpath_from_path+0x59e/0x5e0
[  220.704859][ T7881]  tomoyo_path_number_perm+0x23a/0x880
[  220.710364][ T7881]  ? tomoyo_path_number_perm+0x208/0x880
[  220.716057][ T7881]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  220.722130][ T7881]  ? __fget_files+0x29/0x470
[  220.726765][ T7881]  ? __fget_files+0x3f6/0x470
[  220.731493][ T7881]  ? __fget_files+0x29/0x470
[  220.736141][ T7881]  security_file_ioctl+0x75/0xb0
[  220.741126][ T7881]  __se_sys_ioctl+0x47/0x170
[  220.745771][ T7881]  do_syscall_64+0xf3/0x230
[  220.750354][ T7881]  ? clear_bhb_loop+0x35/0x90
[  220.755074][ T7881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.761018][ T7881] RIP: 0033:0x7fe38ad75f19
[  220.765484][ T7881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.785210][ T7881] RSP: 002b:00007fe38baf5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  220.793664][ T7881] RAX: ffffffffffffffda RBX: 00007fe38af05f60 RCX: 00007fe38ad75f19
[  220.801666][ T7881] RDX: 0000000020000040 RSI: 0000000000008b2a RDI: 0000000000000005
[  220.809668][ T7881] RBP: 00007fe38baf50a0 R08: 0000000000000000 R09: 0000000000000000
[  220.817670][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.825676][ T7881] R13: 000000000000000b R14: 00007fe38af05f60 R15: 00007fff0adfee58
[  220.833727][ T7881]  </TASK>
[  220.879262][ T7881] ERROR: Out of memory at tomoyo_realpath_from_path.
[  221.085025][ T7647] veth0_vlan: entered promiscuous mode
[  221.191915][ T7647] veth1_vlan: entered promiscuous mode
[  221.330983][ T7647] veth0_macvtap: entered promiscuous mode
[  221.373973][ T7647] veth1_macvtap: entered promiscuous mode
[  221.423896][ T7700] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.458319][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.481041][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.500011][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.534430][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.566638][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.588773][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.598891][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.633573][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.666250][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.698793][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.734029][ T7647] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.821460][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.842531][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.859179][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.887708][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.914696][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.951335][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.985920][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.999380][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.050924][ T7647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.088064][ T7647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.122571][ T7647] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.189646][ T7647] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.220656][ T7647] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.229477][ T7647] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.270468][ T7647] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.484745][ T7700] veth0_vlan: entered promiscuous mode
[  222.570281][ T7700] veth1_vlan: entered promiscuous mode
[  222.673285][ T2436] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.705973][ T2436] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.896247][ T7700] veth0_macvtap: entered promiscuous mode
[  222.941797][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.953743][ T7700] veth1_macvtap: entered promiscuous mode
[  222.980416][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.038668][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.084586][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.110295][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.130171][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.159204][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.199119][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.220949][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.239995][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.250538][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.272212][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.295209][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.309876][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.327334][ T7700] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.361168][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.388167][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.405229][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.429305][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.452468][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.477941][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.489120][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.500223][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.531917][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.550905][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.570743][ T7700] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.600827][ T7700] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.629172][ T7700] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.751517][ T7700] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.773381][ T7700] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.793695][ T7700] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.812609][ T7700] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.972302][ T7929] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.554'.
[  224.106940][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.131748][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.268378][ T7937] netlink: 104 bytes leftover after parsing attributes in process `syz.2.557'.
[  224.289295][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.320810][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.510501][ T7942] netlink: 92 bytes leftover after parsing attributes in process `syz.4.560'.
[  224.580618][ T7943] bond0: entered allmulticast mode
[  224.590445][ T7943] bond_slave_0: entered allmulticast mode
[  224.618958][ T7943] bond_slave_1: entered allmulticast mode
[  225.159901][ T2436] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.883023][ T2436] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.204933][ T2436] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.322499][ T2436] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.395621][ T5168] IPVS: starting estimator thread 0...
[  226.501544][ T7962] IPVS: using max 17 ests per chain, 40800 per kthread
[  226.666236][ T2436] bridge_slave_1: left allmulticast mode
[  226.701943][ T2436] bridge_slave_1: left promiscuous mode
[  226.719162][ T2436] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.766805][ T2436] bridge_slave_0: left allmulticast mode
[  226.792924][ T2436] bridge_slave_0: left promiscuous mode
[  226.798744][ T2436] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.058886][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  227.072464][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  227.084354][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  227.092868][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  227.102150][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  227.111735][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  227.535844][ T7990] netlink: 4068 bytes leftover after parsing attributes in process `syz.4.573'.
[  228.056570][ T2436] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.070327][ T2436] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.083521][ T2436] bond0 (unregistering): Released all slaves
[  228.108078][ T7978] veth4: entered allmulticast mode
[  228.344188][ T8012] FAULT_INJECTION: forcing a failure.
[  228.344188][ T8012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.374323][ T8012] CPU: 0 PID: 8012 Comm: syz.0.579 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  228.384115][ T8012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  228.394297][ T8012] Call Trace:
[  228.397615][ T8012]  <TASK>
[  228.400588][ T8012]  dump_stack_lvl+0x241/0x360
[  228.405346][ T8012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.410601][ T8012]  ? __pfx__printk+0x10/0x10
[  228.415239][ T8012]  ? __pfx_lock_release+0x10/0x10
[  228.420333][ T8012]  ? vfs_write+0x7c4/0xc90
[  228.424800][ T8012]  should_fail_ex+0x3b0/0x4e0
[  228.429527][ T8012]  _copy_from_user+0x2f/0xe0
[  228.434166][ T8012]  __sys_bpf+0x1a4/0x810
[  228.438459][ T8012]  ? __pfx___sys_bpf+0x10/0x10
[  228.443284][ T8012]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  228.449327][ T8012]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  228.455704][ T8012]  ? do_syscall_64+0x100/0x230
[  228.460518][ T8012]  __x64_sys_bpf+0x7c/0x90
[  228.464978][ T8012]  do_syscall_64+0xf3/0x230
[  228.469524][ T8012]  ? clear_bhb_loop+0x35/0x90
[  228.474255][ T8012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.480194][ T8012] RIP: 0033:0x7fe38ad75f19
[  228.484651][ T8012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.504384][ T8012] RSP: 002b:00007fe38baf5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  228.512843][ T8012] RAX: ffffffffffffffda RBX: 00007fe38af05f60 RCX: 00007fe38ad75f19
[  228.520871][ T8012] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[  228.528879][ T8012] RBP: 00007fe38baf50a0 R08: 0000000000000000 R09: 0000000000000000
[  228.536893][ T8012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.544899][ T8012] R13: 000000000000000b R14: 00007fe38af05f60 R15: 00007fff0adfee58
[  228.552931][ T8012]  </TASK>
[  229.070676][ T2436] hsr_slave_0: left promiscuous mode
[  229.114143][ T2436] hsr_slave_1: left promiscuous mode
[  229.143109][ T2436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.167657][ T2436] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.187896][ T2436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.210976][   T54] Bluetooth: hci1: command tx timeout
[  229.221633][ T2436] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.260786][ T2436] veth1_macvtap: left promiscuous mode
[  229.266398][ T2436] veth0_macvtap: left promiscuous mode
[  229.281112][ T2436] veth1_vlan: left promiscuous mode
[  229.296755][ T2436] veth0_vlan: left promiscuous mode
[  230.402305][ T5161] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.422491][ T2436] team0 (unregistering): Port device team_slave_1 removed
[  230.499610][ T2436] team0 (unregistering): Port device team_slave_0 removed
[  231.177930][ T8050] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  231.280638][   T54] Bluetooth: hci1: command tx timeout
[  231.467684][ T8056] netlink: 52 bytes leftover after parsing attributes in process `syz.0.588'.
[  231.531110][ T8059] netlink: 36 bytes leftover after parsing attributes in process `syz.1.589'.
[  231.540071][ T8059] netlink: 20 bytes leftover after parsing attributes in process `syz.1.589'.
[  231.633820][ T7979] chnl_net:caif_netlink_parms(): no params data found
[  232.160033][ T7979] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.181194][ T7979] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.199859][ T7979] bridge_slave_0: entered allmulticast mode
[  232.225797][ T7979] bridge_slave_0: entered promiscuous mode
[  232.256577][ T7979] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.272816][ T7979] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.288092][ T7979] bridge_slave_1: entered allmulticast mode
[  232.308703][ T7979] bridge_slave_1: entered promiscuous mode
[  232.324982][ T5161] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  232.496568][ T7979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.513058][ T7979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.607641][ T7979] team0: Port device team_slave_0 added
[  232.657440][ T7979] team0: Port device team_slave_1 added
[  232.883806][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.910366][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.995812][ T7979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.031280][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.038412][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.135891][ T7979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.360434][   T54] Bluetooth: hci1: command tx timeout
[  233.466573][ T7979] hsr_slave_0: entered promiscuous mode
[  233.481537][ T7979] hsr_slave_1: entered promiscuous mode
[  233.541741][ T8113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.601'.
[  233.560466][ T8113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.601'.
[  233.609156][ T8113] netlink: 8 bytes leftover after parsing attributes in process `syz.1.601'.
[  233.644123][ T8118] bond0: entered allmulticast mode
[  233.649405][ T8118] bond_slave_0: entered allmulticast mode
[  233.670330][ T8118] bond_slave_1: entered allmulticast mode
[  233.676417][ T8118] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  234.083957][ T8125] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'.
[  234.120517][ T8125] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'.
[  235.174742][ T8151] netlink: 16 bytes leftover after parsing attributes in process `syz.1.610'.
[  235.306113][ T7979] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  235.344495][ T7979] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  235.397151][ T7979] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  235.445380][ T7979] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  235.450639][   T54] Bluetooth: hci1: command tx timeout
[  235.500182][ T8154] netlink: 'syz.2.613': attribute type 2 has an invalid length.
[  235.545823][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.613'.
[  235.907411][ T7979] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.934390][ T8168] FAULT_INJECTION: forcing a failure.
[  235.934390][ T8168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.960521][ T8168] CPU: 0 PID: 8168 Comm: syz.0.616 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  235.970212][ T8168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  235.980298][ T8168] Call Trace:
[  235.983604][ T8168]  <TASK>
[  235.986563][ T8168]  dump_stack_lvl+0x241/0x360
[  235.991295][ T8168]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.996647][ T8168]  ? __pfx__printk+0x10/0x10
[  236.001272][ T8168]  ? __pfx_lock_release+0x10/0x10
[  236.006342][ T8168]  should_fail_ex+0x3b0/0x4e0
[  236.011070][ T8168]  _copy_from_user+0x2f/0xe0
[  236.015699][ T8168]  core_sys_select+0x508/0x910
[  236.020500][ T8168]  ? __pfx_core_sys_select+0x10/0x10
[  236.025828][ T8168]  ? ksys_write+0x23e/0x2c0
[  236.030395][ T8168]  ? __pfx_set_user_sigmask+0x10/0x10
[  236.035800][ T8168]  ? __fget_files+0x3f6/0x470
[  236.040497][ T8168]  __se_sys_pselect6+0x319/0x3f0
[  236.045456][ T8168]  ? __pfx___se_sys_pselect6+0x10/0x10
[  236.050925][ T8168]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  236.057271][ T8168]  ? do_syscall_64+0x100/0x230
[  236.062046][ T8168]  ? __x64_sys_pselect6+0x21/0xf0
[  236.067098][ T8168]  do_syscall_64+0xf3/0x230
[  236.071630][ T8168]  ? clear_bhb_loop+0x35/0x90
[  236.076327][ T8168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.082233][ T8168] RIP: 0033:0x7fe38ad75f19
[  236.086653][ T8168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.106270][ T8168] RSP: 002b:00007fe38bab3048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  236.114706][ T8168] RAX: ffffffffffffffda RBX: 00007fe38af06110 RCX: 00007fe38ad75f19
[  236.122691][ T8168] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[  236.130666][ T8168] RBP: 00007fe38bab30a0 R08: 0000000000000000 R09: 0000000000000000
[  236.138639][ T8168] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[  236.146619][ T8168] R13: 000000000000006e R14: 00007fe38af06110 R15: 00007fff0adfee58
[  236.154613][ T8168]  </TASK>
[  236.231846][ T7979] 8021q: adding VLAN 0 to HW filter on device team0
[  236.246273][ T5194] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.253501][ T5194] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.307448][ T5194] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.314674][ T5194] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.419521][ T7979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  236.440159][ T7979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  236.615378][ T8183] block nbd2: NBD_DISCONNECT
[  236.620085][ T8183] block nbd2: Send disconnect failed -32
[  236.654669][ T8183] block nbd2: shutting down sockets
[  236.683910][ T5157] blk_print_req_error: 27 callbacks suppressed
[  236.683930][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  236.753721][ T5157] buffer_io_error: 27 callbacks suppressed
[  236.753741][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  236.910742][   T41] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  236.919879][   T41] Buffer I/O error on dev nbd2, logical block 0, async page read
[  236.962652][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.024661][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.091088][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.100216][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.141153][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.173785][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.220568][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.229682][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.305351][ T8201] dccp_invalid_packet: P.Data Offset(100) too large
[  237.333994][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.338769][ T7979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  237.377690][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.427786][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.467416][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.500614][ T5157] ldm_validate_partition_table(): Disk read failed.
[  237.507372][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.566316][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.616684][ T5157] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  237.629070][ T8211] FAULT_INJECTION: forcing a failure.
[  237.629070][ T8211] name failslab, interval 1, probability 0, space 0, times 0
[  237.650204][ T7979] veth0_vlan: entered promiscuous mode
[  237.678312][ T8211] CPU: 0 PID: 8211 Comm: syz.2.627 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  237.681477][ T5157] Buffer I/O error on dev nbd2, logical block 0, async page read
[  237.687990][ T8211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  237.688009][ T8211] Call Trace:
[  237.688019][ T8211]  <TASK>
[  237.688030][ T8211]  dump_stack_lvl+0x241/0x360
[  237.716742][ T8211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.722001][ T8211]  ? __pfx__printk+0x10/0x10
[  237.726645][ T8211]  ? netlink_insert+0x10b7/0x14b0
[  237.731720][ T8211]  should_fail_ex+0x3b0/0x4e0
[  237.736432][ T8211]  ? __alloc_skb+0x1c3/0x440
[  237.741076][ T8211]  should_failslab+0x9/0x20
[  237.743208][ T5157] Dev nbd2: unable to read RDB block 0
[  237.745601][ T8211]  kmem_cache_alloc_node_noprof+0x71/0x320
[  237.756891][ T8211]  __alloc_skb+0x1c3/0x440
[  237.761359][ T8211]  ? __pfx___alloc_skb+0x10/0x10
[  237.766353][ T8211]  ? netlink_autobind+0xd6/0x2f0
[  237.771360][ T8211]  ? netlink_autobind+0x2b0/0x2f0
[  237.776440][ T8211]  netlink_sendmsg+0x638/0xcb0
[  237.779658][ T5157]  nbd2: unable to read partition table
[  237.781250][ T8211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.781287][ T8211]  ? __import_iovec+0x536/0x820
[  237.781316][ T8211]  ? aa_sock_msg_perm+0x91/0x160
[  237.781352][ T8211]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  237.807220][ T8211]  ? security_socket_sendmsg+0x87/0xb0
[  237.812761][ T8211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.818057][ T8211]  __sock_sendmsg+0x221/0x270
[  237.822751][ T8211]  ____sys_sendmsg+0x525/0x7d0
[  237.827537][ T8211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.832857][ T8211]  __sys_sendmsg+0x2b0/0x3a0
[  237.837456][ T8211]  ? __pfx___sys_sendmsg+0x10/0x10
[  237.842583][ T8211]  ? vfs_write+0x7c4/0xc90
[  237.847081][ T8211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.853421][ T8211]  ? do_syscall_64+0x100/0x230
[  237.858197][ T8211]  ? do_syscall_64+0xb6/0x230
[  237.862885][ T8211]  do_syscall_64+0xf3/0x230
[  237.867425][ T8211]  ? clear_bhb_loop+0x35/0x90
[  237.872135][ T8211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.878046][ T8211] RIP: 0033:0x7f832dd75f19
[  237.882470][ T8211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.902089][ T8211] RSP: 002b:00007f832eb5a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  237.910539][ T8211] RAX: ffffffffffffffda RBX: 00007f832df05f60 RCX: 00007f832dd75f19
[  237.918517][ T8211] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  237.926495][ T8211] RBP: 00007f832eb5a0a0 R08: 0000000000000000 R09: 0000000000000000
[  237.934472][ T8211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.942449][ T8211] R13: 000000000000000b R14: 00007f832df05f60 R15: 00007ffe4b5d5a38
[  237.950441][ T8211]  </TASK>
[  238.074548][ T7979] veth1_vlan: entered promiscuous mode
[  238.134713][ T8216] __nla_validate_parse: 2 callbacks suppressed
[  238.134734][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.628'.
[  238.205431][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.628'.
[  238.223672][ T5157] ldm_validate_partition_table(): Disk read failed.
[  238.252870][ T5157] Dev nbd2: unable to read RDB block 0
[  238.254826][ T7979] veth0_macvtap: entered promiscuous mode
[  238.291008][ T5157]  nbd2: unable to read partition table
[  238.325535][ T7979] veth1_macvtap: entered promiscuous mode
[  238.393852][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.450998][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.490998][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.526313][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.560864][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.590329][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.600187][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.690375][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.720518][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.742306][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.790305][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.820438][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.852296][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.895414][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.917710][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.950064][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.000553][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.050345][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.086480][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.133063][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.160400][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.171993][ T8239] netlink: 'syz.2.633': attribute type 5 has an invalid length.
[  239.190740][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.229066][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.258390][ T7979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.289685][ T7979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.323245][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.467826][ T8239] : entered promiscuous mode
[  239.490837][ T1104] bridge_slave_1: left allmulticast mode
[  239.502869][ T1104] bridge_slave_1: left promiscuous mode
[  239.523687][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.587953][ T1104] bridge_slave_0: left allmulticast mode
[  239.605764][ T1104] bridge_slave_0: left promiscuous mode
[  239.634290][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.230740][ T8284] FAULT_INJECTION: forcing a failure.
[  240.230740][ T8284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.279405][ T8284] CPU: 0 PID: 8284 Comm: syz.1.643 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  240.289122][ T8284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  240.299208][ T8284] Call Trace:
[  240.302540][ T8284]  <TASK>
[  240.305513][ T8284]  dump_stack_lvl+0x241/0x360
[  240.310239][ T8284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.315481][ T8284]  ? __pfx__printk+0x10/0x10
[  240.320131][ T8284]  ? __pfx_lock_release+0x10/0x10
[  240.325206][ T8284]  ? tomoyo_path_number_perm+0x71a/0x880
[  240.330971][ T8284]  should_fail_ex+0x3b0/0x4e0
[  240.335694][ T8284]  _copy_from_user+0x2f/0xe0
[  240.340329][ T8284]  wext_handle_ioctl+0xf2/0x270
[  240.345234][ T8284]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  240.350742][ T8284]  sock_ioctl+0x17f/0x8e0
[  240.355084][ T8284]  ? __pfx_sock_ioctl+0x10/0x10
[  240.359943][ T8284]  ? __fget_files+0x29/0x470
[  240.364549][ T8284]  ? __fget_files+0x3f6/0x470
[  240.369236][ T8284]  ? __fget_files+0x29/0x470
[  240.373841][ T8284]  ? bpf_lsm_file_ioctl+0x9/0x10
[  240.378787][ T8284]  ? security_file_ioctl+0x87/0xb0
[  240.383903][ T8284]  ? __pfx_sock_ioctl+0x10/0x10
[  240.388762][ T8284]  __se_sys_ioctl+0xfc/0x170
[  240.393371][ T8284]  do_syscall_64+0xf3/0x230
[  240.397881][ T8284]  ? clear_bhb_loop+0x35/0x90
[  240.402568][ T8284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.408474][ T8284] RIP: 0033:0x7fb536975f19
[  240.412892][ T8284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.432502][ T8284] RSP: 002b:00007fb537754048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  240.440937][ T8284] RAX: ffffffffffffffda RBX: 00007fb536b05f60 RCX: 00007fb536975f19
[  240.448911][ T8284] RDX: 0000000020000040 RSI: 0000000000008b2a RDI: 0000000000000005
[  240.456884][ T8284] RBP: 00007fb5377540a0 R08: 0000000000000000 R09: 0000000000000000
[  240.464857][ T8284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.472833][ T8284] R13: 000000000000000b R14: 00007fb536b05f60 R15: 00007ffe1e111c48
[  240.480825][ T8284]  </TASK>
[  240.907876][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.929347][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.950188][ T1104] bond0 (unregistering): Released all slaves
[  240.980502][ T8263] netlink: 'syz.0.637': attribute type 1 has an invalid length.
[  241.103207][ T7979] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.160300][ T7979] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  241.198929][ T7979] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  241.265274][ T7979] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.381917][ T8317] syz_tun: entered promiscuous mode
[  241.441547][ T8317] syz_tun: left promiscuous mode
[  241.926258][ T5194] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  242.259554][ T1036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.292268][ T1036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.579389][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.627783][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.952613][ T8359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.656'.
[  242.970610][ T8359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.656'.
[  243.198857][ T1104] hsr_slave_0: left promiscuous mode
[  243.208970][ T1104] hsr_slave_1: left promiscuous mode
[  243.233852][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.255130][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.281460][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.303884][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.419685][ T1104] veth1_macvtap: left promiscuous mode
[  243.450406][ T1104] veth0_macvtap: left promiscuous mode
[  243.467883][ T1104] veth1_vlan: left promiscuous mode
[  243.480497][ T1104] veth0_vlan: left promiscuous mode
[  244.409767][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  244.454672][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  244.802277][ T8385] netlink: 44 bytes leftover after parsing attributes in process `syz.1.659'.
[  245.214305][ T8385] netlink: 20 bytes leftover after parsing attributes in process `syz.1.659'.
[  245.317732][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  245.331045][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  245.342671][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  245.366618][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  245.387613][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  245.398739][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  245.590096][ T8401] FAULT_INJECTION: forcing a failure.
[  245.590096][ T8401] name failslab, interval 1, probability 0, space 0, times 0
[  245.652677][ T8401] CPU: 0 PID: 8401 Comm: syz.0.663 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  245.662370][ T8401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  245.672456][ T8401] Call Trace:
[  245.675759][ T8401]  <TASK>
[  245.678718][ T8401]  dump_stack_lvl+0x241/0x360
[  245.683441][ T8401]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.688674][ T8401]  ? __pfx__printk+0x10/0x10
[  245.693301][ T8401]  ? netlink_insert+0x10b7/0x14b0
[  245.698382][ T8401]  should_fail_ex+0x3b0/0x4e0
[  245.703106][ T8401]  ? __alloc_skb+0x1c3/0x440
[  245.707773][ T8401]  should_failslab+0x9/0x20
[  245.712306][ T8401]  kmem_cache_alloc_node_noprof+0x71/0x320
[  245.718155][ T8401]  __alloc_skb+0x1c3/0x440
[  245.722610][ T8401]  ? __pfx___alloc_skb+0x10/0x10
[  245.727616][ T8401]  ? netlink_autobind+0xd6/0x2f0
[  245.732612][ T8401]  ? netlink_autobind+0x2b0/0x2f0
[  245.737678][ T8401]  netlink_sendmsg+0x638/0xcb0
[  245.742492][ T8401]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.747818][ T8401]  ? __import_iovec+0x536/0x820
[  245.752706][ T8401]  ? aa_sock_msg_perm+0x91/0x160
[  245.757678][ T8401]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  245.763001][ T8401]  ? security_socket_sendmsg+0x87/0xb0
[  245.768498][ T8401]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.773813][ T8401]  __sock_sendmsg+0x221/0x270
[  245.778526][ T8401]  ____sys_sendmsg+0x525/0x7d0
[  245.783338][ T8401]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.788680][ T8401]  __sys_sendmsg+0x2b0/0x3a0
[  245.793304][ T8401]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.798459][ T8401]  ? vfs_write+0x7c4/0xc90
[  245.802951][ T8401]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  245.809316][ T8401]  ? do_syscall_64+0x100/0x230
[  245.814133][ T8401]  ? do_syscall_64+0xb6/0x230
[  245.818843][ T8401]  do_syscall_64+0xf3/0x230
[  245.823377][ T8401]  ? clear_bhb_loop+0x35/0x90
[  245.828100][ T8401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.834036][ T8401] RIP: 0033:0x7fe38ad75f19
[  245.838481][ T8401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.858153][ T8401] RSP: 002b:00007fe38baf5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.866614][ T8401] RAX: ffffffffffffffda RBX: 00007fe38af05f60 RCX: 00007fe38ad75f19
[  245.874626][ T8401] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  245.882626][ T8401] RBP: 00007fe38baf50a0 R08: 0000000000000000 R09: 0000000000000000
[  245.890618][ T8401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.898597][ T8401] R13: 000000000000000b R14: 00007fe38af05f60 R15: 00007fff0adfee58
[  245.906591][ T8401]  </TASK>
[  245.921288][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  246.222570][ T8412] xt_CT: You must specify a L4 protocol and not use inversions on it
[  246.293049][ T8412] IPVS: Error joining to the multicast group
[  246.335074][ T8391] chnl_net:caif_netlink_parms(): no params data found
[  246.478255][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.668'.
[  246.502224][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.668'.
[  246.843407][ T8391] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.881109][ T8391] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.888497][ T8391] bridge_slave_0: entered allmulticast mode
[  246.924530][ T8391] bridge_slave_0: entered promiscuous mode
[  247.020839][ T1104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.075972][ T8391] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.093751][ T8391] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.122800][ T8391] bridge_slave_1: entered allmulticast mode
[  247.136079][ T8391] bridge_slave_1: entered promiscuous mode
[  247.184242][ T1104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.339726][ T1104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.401703][ T8391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.441094][   T54] Bluetooth: hci1: command tx timeout
[  247.487303][ T1104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.622147][ T8391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.683760][ T1087] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  247.780656][ T8437] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.673'.
[  247.802444][ T8391] team0: Port device team_slave_0 added
[  247.836068][ T8391] team0: Port device team_slave_1 added
[  247.967891][ T8391] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.984568][ T8391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.022529][ T8391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.064370][ T8443] netlink: 16 bytes leftover after parsing attributes in process `syz.2.676'.
[  248.110856][ T8391] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.148811][ T8391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.240581][ T8391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.459555][ T1104] bridge_slave_1: left allmulticast mode
[  248.480568][ T1104] bridge_slave_1: left promiscuous mode
[  248.499139][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.521985][ T8453] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'.
[  248.522704][ T1104] bridge_slave_0: left allmulticast mode
[  248.536680][ T1104] bridge_slave_0: left promiscuous mode
[  248.548046][ T8453] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'.
[  248.558726][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.334683][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.347394][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.361290][ T1104] bond0 (unregistering): Released all slaves
[  249.455705][ T8391] hsr_slave_0: entered promiscuous mode
[  249.520702][   T54] Bluetooth: hci1: command tx timeout
[  249.570582][ T8391] hsr_slave_1: entered promiscuous mode
[  249.621701][ T8391] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.629320][ T8391] Cannot create hsr debugfs directory
[  249.657450][ T8466] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.685'.
[  250.071102][    C1] eth0: bad gso: type: 1, size: 1408
[  250.155755][ T8485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.691'.
[  250.170875][ T8485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.691'.
[  250.275598][ T8486] unknown channel width for channel at 909000KHz?
[  250.388632][ T1104] hsr_slave_0: left promiscuous mode
[  250.440808][ T1104] hsr_slave_1: left promiscuous mode
[  250.455848][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.479630][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.507758][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.533390][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.603399][ T1104] veth1_macvtap: left promiscuous mode
[  250.613863][ T1104] veth0_macvtap: left promiscuous mode
[  250.626150][ T1104] veth1_vlan: left promiscuous mode
[  250.641386][ T1104] veth0_vlan: left promiscuous mode
[  251.524541][ T1097] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  251.600599][   T54] Bluetooth: hci1: command tx timeout
[  251.640085][ T1104] team0 (unregistering): Port device team_slave_1 removed
[  251.720629][ T1104] team0 (unregistering): Port device team_slave_0 removed
[  251.835052][ T8516] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.697'.
[  252.364484][ T8512] netlink: 'syz.1.696': attribute type 1 has an invalid length.
[  252.393920][ T8512] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  252.404153][ T8513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.696'.
[  252.646930][ T8539] netlink: 8 bytes leftover after parsing attributes in process `syz.1.703'.
[  252.670894][ T8539] netlink: 8 bytes leftover after parsing attributes in process `syz.1.703'.
[  252.791965][ T8532] pim6reg1: entered allmulticast mode
[  252.801539][   T30] INFO: task udevd:5465 blocked for more than 143 seconds.
[  252.808788][   T30]       Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  252.862418][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.896425][   T30] task:udevd           state:D stack:20536 pid:5465  tgid:5465  ppid:4555   flags:0x00000002
[  252.930111][   T30] Call Trace:
[  252.937374][   T30]  <TASK>
[  252.943991][   T30]  __schedule+0x1800/0x4a60
[  252.948595][   T30]  ? __pfx___schedule+0x10/0x10
[  252.969918][   T30]  ? __blk_flush_plug+0x449/0x500
[  252.981425][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.002636][   T30]  ? __asan_memset+0x23/0x50
[  253.007319][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  253.036009][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.058212][   T30]  ? schedule+0x90/0x320
[  253.067554][   T30]  schedule+0x14b/0x320
[  253.082888][   T30]  schedule_timeout+0x1be/0x310
[  253.098441][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  253.115328][   T30]  ? __pfx_process_timeout+0x10/0x10
[  253.133812][   T30]  ? prepare_to_wait_event+0x3ba/0x400
[  253.150618][   T30]  nbd_queue_rq+0x7cd/0x2f70
[  253.165647][   T30]  ? __pfx_validate_chain+0x10/0x10
[  253.184696][   T30]  ? validate_chain+0x11e/0x5900
[  253.198844][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  253.214054][   T30]  ? __lock_acquire+0x137a/0x2040
[  253.229483][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  253.244936][   T30]  blk_mq_dispatch_rq_list+0xb89/0x1b30
[  253.256617][   T30]  ? sbitmap_get+0x289/0x3f0
[  253.264587][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  253.273538][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  253.286563][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  253.296964][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  253.308874][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  253.320181][   T30]  ? __pfx___might_resched+0x10/0x10
[  253.332705][   T30]  blk_mq_sched_dispatch_requests+0xcb/0x140
[  253.345802][   T30]  ? blk_mq_run_hw_queue+0x54d/0xae0
[  253.354764][   T30]  blk_mq_run_hw_queue+0x576/0xae0
[  253.360079][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  253.377965][   T30]  blk_mq_flush_plug_list+0x1115/0x1880
[  253.383967][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  253.390127][   T30]  ? blk_mq_submit_bio+0x127e/0x22d0
[  253.405404][   T30]  __blk_flush_plug+0x420/0x500
[  253.414532][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  253.420096][   T30]  ? timekeeping_get_ns+0x5c/0x420
[  253.439252][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.450804][ T1036] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  253.462760][   T30]  __submit_bio+0x422/0x560
[  253.467411][   T30]  ? __pfx___submit_bio+0x10/0x10
[  253.473375][   T30]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  253.479769][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  253.495614][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  253.505459][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  253.519000][   T30]  ? __pfx___might_resched+0x10/0x10
[  253.529404][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  253.543727][   T30]  block_read_full_folio+0x93b/0xcd0
[  253.554735][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  253.564246][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  253.570186][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  253.582133][   T30]  ? folio_add_lru+0x357/0xd70
[  253.589629][   T30]  ? folio_add_lru+0x58f/0xd70
[  253.599874][   T30]  filemap_read_folio+0x1a0/0x790
[  253.609171][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  253.625095][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  253.634663][   T30]  ? __filemap_get_folio+0x984/0xc10
[  253.640079][   T30]  do_read_cache_folio+0x134/0x820
[  253.654486][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  253.660196][   T30]  read_part_sector+0xb3/0x330
[  253.668869][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  253.679243][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  253.689048][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  253.690363][   T54] Bluetooth: hci1: command tx timeout
[  253.700563][   T30]  ? snprintf+0xda/0x120
[  253.707464][   T30]  ? alloc_pages_mpol_noprof+0x417/0x680
[  253.720210][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  253.740195][   T30]  ? vsnprintf+0x184/0x1da0
[  253.760668][   T30]  ? __pfx_snprintf+0x10/0x10
[  253.765440][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  253.786804][   T30]  bdev_disk_changed+0x72c/0x13d0
[  253.793622][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  253.800600][   T30]  blkdev_get_whole+0x2d2/0x450
[  253.806429][   T30]  bdev_open+0x2d4/0xc60
[  253.811547][   T30]  blkdev_open+0x3e8/0x570
[  253.816808][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  253.826922][   T30]  do_dentry_open+0x970/0x1440
[  253.834463][   T30]  vfs_open+0x3e/0x330
[  253.838676][   T30]  path_openat+0x2b3e/0x3470
[  253.856000][   T30]  ? __pfx_stack_trace_save+0x10/0x10
[  253.862971][   T30]  ? __lock_acquire+0x137a/0x2040
[  253.868088][   T30]  ? __pfx_path_openat+0x10/0x10
[  253.882827][   T30]  do_filp_open+0x235/0x490
[  253.887416][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  253.900089][   T30]  ? _raw_spin_unlock+0x28/0x50
[  253.906608][   T30]  ? alloc_fd+0x5a1/0x640
[  253.915570][   T30]  do_sys_openat2+0x13e/0x1d0
[  253.930370][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  253.935662][   T30]  __x64_sys_openat+0x247/0x2a0
[  253.950382][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  253.955930][   T30]  ? do_syscall_64+0x100/0x230
[  253.961249][   T30]  ? do_syscall_64+0xb6/0x230
[  253.966204][   T30]  do_syscall_64+0xf3/0x230
[  253.971148][   T30]  ? clear_bhb_loop+0x35/0x90
[  253.976029][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.982455][   T30] RIP: 0033:0x7f7e8a1169a4
[  253.987533][   T30] RSP: 002b:00007ffc12624b10 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  253.996526][   T30] RAX: ffffffffffffffda RBX: 00005614b380f550 RCX: 00007f7e8a1169a4
[  254.006829][   T30] RDX: 00000000000a0800 RSI: 00005614b380ec90 RDI: 00000000ffffff9c
[  254.015269][   T30] RBP: 00005614b380ec90 R08: 0000000000000001 R09: 0000000000000000
[  254.033391][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  254.046938][   T30] R13: 00005614b37fba70 R14: 0000000000000001 R15: 00005614b37ea910
[  254.059056][   T30]  </TASK>
[  254.067720][   T30] 
[  254.067720][   T30] Showing all locks held in the system:
[  254.095739][   T30] 1 lock held by pool_workqueue_/3:
[  254.101686][   T30] 3 locks held by kworker/u8:1/12:
[  254.111789][   T30]  #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  254.132013][   T30]  #1: ffffc90000117d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  254.152970][   T30]  #2: ffffffff8e33c1f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  254.169750][   T30] 1 lock held by khungtaskd/30:
[  254.178591][   T30]  #0: ffffffff8e336e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  254.189751][   T30] 2 locks held by kworker/u8:5/1036:
[  254.195806][   T30]  #0: ffff8880b953e858 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  254.206280][   T30]  #1: ffff8880b9528948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770
[  254.218236][   T30] 2 locks held by kworker/u8:6/1087:
[  254.223884][   T30] 5 locks held by kworker/u8:8/1104:
[  254.229372][   T30]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  254.242082][   T30]  #1: ffffc90004557d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  254.253137][   T30]  #2: ffffffff8f5f1b90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  254.262916][   T30]  #3: ffff88807c965428 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x110/0x2e0
[  254.273550][   T30]  #4: ffffffff8e33c0c0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  254.284089][   T30] 1 lock held by syslogd/4537:
[  254.288978][   T30]  #0: ffff8880b943e858 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  254.300155][   T30] 1 lock held by dhcpcd/4769:
[  254.305166][   T30]  #0: ffffffff8f5fe708 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0
[  254.314579][   T30] 2 locks held by getty/4862:
[  254.319300][   T30]  #0: ffff88802f7f80a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  254.330093][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  254.343019][   T30] 3 locks held by udevd/5310:
[  254.347740][   T30]  #0: ffff888020c0a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  254.357125][   T30]  #1: ffff88801f06bc10 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  254.367150][   T30]  #2: ffff888020de8180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  254.376297][   T30] 3 locks held by udevd/5465:
[  254.382493][   T30]  #0: ffff8880203c64c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  254.393144][   T30]  #1: ffff88801f06b590 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  254.410336][   T30]  #2: ffff888020c98180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  254.419403][   T30] 8 locks held by syz-executor/8391:
[  254.433909][   T30]  #0: ffff88802adac420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  254.443887][   T30]  #1: ffff88802a1a1088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  254.454333][   T30]  #2: ffff88801c360788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  254.465821][   T30]  #3: ffffffff8ef09528 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  254.476551][   T30]  #4: ffff88806554a0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  254.487649][   T30]  #5: ffff888065549250 (&devlink->lock_key#19){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  254.498647][   T30]  #6: ffffffff8f5fe708 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[  254.507934][   T30]  #7: ffffffff8e33c1f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  254.519341][   T30] 1 lock held by syz.4.702/8530:
[  254.524683][   T30]  #0: ffffffff8e33c0c0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530
[  254.535088][   T30] 1 lock held by syz.2.704/8537:
[  254.551172][   T30] 
[  254.555271][   T30] =============================================
[  254.555271][   T30] 
[  254.599375][   T30] NMI backtrace for cpu 1
[  254.603776][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  254.613355][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  254.623436][   T30] Call Trace:
[  254.626732][   T30]  <TASK>
[  254.629683][   T30]  dump_stack_lvl+0x241/0x360
[  254.634406][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.639639][   T30]  ? __pfx__printk+0x10/0x10
[  254.644255][   T30]  ? vprintk_emit+0x631/0x770
[  254.648971][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  254.654046][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  254.659042][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.664553][   T30]  ? _printk+0xd5/0x120
[  254.668742][   T30]  ? __pfx__printk+0x10/0x10
[  254.673371][   T30]  ? __wake_up_klogd+0xcc/0x110
[  254.678257][   T30]  ? __pfx__printk+0x10/0x10
[  254.682883][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  254.687960][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  254.693991][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  254.700035][   T30]  watchdog+0xfde/0x1020
[  254.704335][   T30]  ? watchdog+0x1ea/0x1020
[  254.708797][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.713527][   T30]  kthread+0x2f0/0x390
[  254.717644][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.722357][   T30]  ? __pfx_kthread+0x10/0x10
[  254.726989][   T30]  ret_from_fork+0x4b/0x80
[  254.731437][   T30]  ? __pfx_kthread+0x10/0x10
[  254.736056][   T30]  ret_from_fork_asm+0x1a/0x30
[  254.740869][   T30]  </TASK>
[  254.745689][   T30] Sending NMI from CPU 1 to CPUs 0:
[  254.751175][    C0] NMI backtrace for cpu 0
[  254.751189][    C0] CPU: 0 PID: 19 Comm: rcu_exp_gp_kthr Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  254.751207][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  254.751218][    C0] RIP: 0010:__lock_acquire+0x452/0x2040
[  254.751245][    C0] Code: 95 c0 31 c9 83 3f 00 0f 95 c1 09 cb c1 e3 0d 44 09 c3 8b 4c 24 54 c1 e1 0f 0f b7 c9 09 d9 8b 7c 24 68 83 e7 03 c1 e7 10 09 cf <8b> 4c 24 60 83 e1 01 c1 e1 12 c1 e0 14 31 d2 83 7c 24 40 00 0f 95
[  254.751260][    C0] RSP: 0018:ffffc900001879b0 EFLAGS: 00000006
[  254.751276][    C0] RAX: 0000000000000000 RBX: 0000000000000044 RCX: 0000000000000044
[  254.751287][    C0] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000000044
[  254.751298][    C0] RBP: 0000000000000000 R08: 0000000000000044 R09: ffff8880176dc6e0
[  254.751310][    C0] R10: dffffc0000000000 R11: fffffbfff1f5e15e R12: ffff8880176dbc00
[  254.751323][    C0] R13: 0000000000000044 R14: 0000000000000000 R15: ffffffff8e33ba98
[  254.751334][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  254.751349][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  254.751361][    C0] CR2: 0000000020548030 CR3: 0000000069b3c000 CR4: 00000000003506f0
[  254.751375][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  254.751386][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  254.751397][    C0] Call Trace:
[  254.751403][    C0]  <NMI>
[  254.751409][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  254.751436][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  254.751458][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.751493][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  254.751514][    C0]  ? nmi_handle+0x14f/0x5a0
[  254.751530][    C0]  ? nmi_handle+0x2a/0x5a0
[  254.751546][    C0]  ? __lock_acquire+0x452/0x2040
[  254.751573][    C0]  ? default_do_nmi+0x63/0x160
[  254.751598][    C0]  ? exc_nmi+0x123/0x1f0
[  254.751622][    C0]  ? end_repeat_nmi+0xf/0x53
[  254.751654][    C0]  ? __lock_acquire+0x452/0x2040
[  254.751676][    C0]  ? __lock_acquire+0x452/0x2040
[  254.751699][    C0]  ? __lock_acquire+0x452/0x2040
[  254.751721][    C0]  </NMI>
[  254.751726][    C0]  <TASK>
[  254.751745][    C0]  lock_acquire+0x1ed/0x550
[  254.751765][    C0]  ? rcu_exp_sel_wait_wake+0x109/0x1db0
[  254.751788][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  254.751829][    C0]  ? __lock_acquire+0x137a/0x2040
[  254.751860][    C0]  _raw_spin_lock_irqsave+0xd5/0x120
[  254.751886][    C0]  ? rcu_exp_sel_wait_wake+0x109/0x1db0
[  254.751904][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  254.751935][    C0]  rcu_exp_sel_wait_wake+0x109/0x1db0
[  254.751962][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.751985][    C0]  ? __pfx_rcu_exp_sel_wait_wake+0x10/0x10
[  254.752003][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  254.752035][    C0]  kthread_worker_fn+0x500/0xaf0
[  254.752062][    C0]  ? kthread_worker_fn+0xdc/0xaf0
[  254.752087][    C0]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  254.752111][    C0]  ? __pfx_kthread_worker_fn+0x10/0x10
[  254.752135][    C0]  kthread+0x2f0/0x390
[  254.752159][    C0]  ? __pfx_kthread_worker_fn+0x10/0x10
[  254.752182][    C0]  ? __pfx_kthread+0x10/0x10
[  254.752206][    C0]  ret_from_fork+0x4b/0x80
[  254.752231][    C0]  ? __pfx_kthread+0x10/0x10
[  254.752255][    C0]  ret_from_fork_asm+0x1a/0x30
[  254.752301][    C0]  </TASK>
[  254.790339][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  254.790360][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  254.790388][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  254.790402][   T30] Call Trace:
[  254.790413][   T30]  <TASK>
[  254.790423][   T30]  dump_stack_lvl+0x241/0x360
[  254.790464][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.790494][   T30]  ? __pfx__printk+0x10/0x10
[  255.128414][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  255.134418][   T30]  ? vscnprintf+0x5d/0x90
[  255.138762][   T30]  panic+0x349/0x860
[  255.142667][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  255.148832][   T30]  ? __pfx_panic+0x10/0x10
[  255.153246][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  255.158636][   T30]  ? __irq_work_queue_local+0x137/0x410
[  255.164189][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  255.169563][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  255.175728][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  255.181892][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  255.188055][   T30]  watchdog+0x101d/0x1020
[  255.192416][   T30]  ? watchdog+0x1ea/0x1020
[  255.196849][   T30]  ? __pfx_watchdog+0x10/0x10
[  255.201537][   T30]  kthread+0x2f0/0x390
[  255.205616][   T30]  ? __pfx_watchdog+0x10/0x10
[  255.210325][   T30]  ? __pfx_kthread+0x10/0x10
[  255.214930][   T30]  ret_from_fork+0x4b/0x80
[  255.219352][   T30]  ? __pfx_kthread+0x10/0x10
[  255.223953][   T30]  ret_from_fork_asm+0x1a/0x30
[  255.228735][   T30]  </TASK>
[  255.232078][   T30] Kernel Offset: disabled
[  255.236405][   T30] Rebooting in 86400 seconds..