last executing test programs:

1m49.847678138s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

1m36.088932335s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

1m23.969196922s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

1m12.201220495s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

59.59930232s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

49.371314654s ago: executing program 0 (id=79):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, 0x0)

2.663719636s ago: executing program 2 (id=1349):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@delneigh={0x44, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x80}, [@NDA_CACHEINFO={0x14, 0x3, {0x7}}, @NDA_DST_IPV6={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x44}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r1}, 0x8)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="09020000000000000000010000000500040002000000050002000a0000002949cce4a32ba31d831b9cc5dfaed4832d5514a60b6d1fc281a7d4abe38270d6564ee1d0db242d821b0de2031ce92174adbb9278e83c50cf56c7004715dde7b6958fbef285ba123e41bc0d1e10ceeece2b9b44fcd71fc81b67fc5bcfaa8efdf29b52df645a8403a95643900a5890c7a4ed6fd5017775eaeff28d438f222a848f923a313e44a7b4e4614b5ed1698dba1b56136d999ed793b32d655e330f458740ce8a12875c8e2bcee26fede040edb4e672c3dc716cc0c44e7b2a1b28f4c6d4620e92d345e7fb6e05f4d20c41b1a986eb7fa0e530a7104d09afb079ad8ef9cbb757e65cbb9105f1ea17f4a2a55e80c1952da589880ebdf572308fdf0deeb00c035a21b1af73bdaf2127b20f07e9c5aff7184c0f65d57fa6aa518d1322836ba85de7e84a063da430"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24000000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r6, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9000000", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$netlink(0x10, 0x3, 0xf)

2.595017628s ago: executing program 2 (id=1351):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$kcm(0x10, 0x4, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0100000007000000612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r3], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r4, &(0x7f0000000980), 0x0}, 0x20)
connect$inet6(r1, 0x0, 0x0)
sendmmsg$inet6(r1, 0x0, 0x0, 0x4000000)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, 0x0, 0x0)
connect$inet(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
sendto(r5, &(0x7f00000002c0)='%', 0x1, 0x20000000, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xb, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[], 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000640)={0xa, 0x0, 0x80, @local, 0x46}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)="80003724090000", 0x7, 0x0, &(0x7f0000000180)={0xa, 0x4e23, 0xfffffffc, @local, 0x6}, 0x1c)
openat$cgroup_ro(r8, 0x0, 0x275a, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.50575696s ago: executing program 2 (id=1353):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000800)="240000001e005f0314200000a6ff0000000000000100000000000800080008c013000000", 0x24)

2.3991324s ago: executing program 2 (id=1356):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74a", 0xc6}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63e", 0x82}, {&(0x7f0000000700)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc334fba45667941bdeaebee3915c7685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551007ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0ef8f2d4a071d516ed09b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646", 0xde}], 0x3}}, {{0x0, 0x0, &(0x7f00000006c0)}}], 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

2.023115579s ago: executing program 2 (id=1357):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000000010010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000029620400"], 0x20}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newqdisc={0x154, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x124, 0x2, [@TCA_CHOKE_MAX_P={0x8, 0x3, 0x1}, @TCA_CHOKE_STAB={0x104, 0x2, "c7cd445910f846c9dc02c7db1d9146f03f5ff3860be5cfec7bf80ca4aed779520f8f3540ac33459adf08b34c5d82ae9448631d031d41da8883db8599c9c86edb3f051b0ad0618f1e546bf0455502a241ee098368537b6ad041e7e2a091871eae951ebc81f3b2c9aeac980f14100b9af4868a19c3d996cf83653a545aa441c4eb3178b64df8b5a77c6bd3fbae69381ae1ffe9e4da00bd9e45602cacac7c6a364c2001321683184aa14eef0a0ef352a8a63fe1d52a2dbc7b9914b97d4c5b4ebdd32863835327286b5a9585cacd507097d573db11bdb76892066b09e235e60468ae3edd72d7a9bbc6771a4c56457bdc87ebe88e950465da41551d9d4b3771143147"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x1, 0x80000001, 0x9, 0x20, 0x1d, 0x19}}]}}]}, 0x154}, 0x1, 0x0, 0x0, 0x83}, 0x20000010)
pselect6(0x40, &(0x7f0000000300)={0x1, 0xbe, 0x8, 0xfffffffffffffff9, 0xffffffff, 0x8, 0x1, 0x3}, &(0x7f00000005c0)={0x6, 0x7, 0x4, 0x7fff, 0x0, 0x0, 0x6, 0x3}, &(0x7f0000000600)={0x4, 0x7ff, 0x240000000000000, 0x4, 0x5, 0xffff, 0x0, 0x5}, &(0x7f0000000640)={0x0, 0x3938700}, &(0x7f0000000700)={&(0x7f0000000680)={[0x4]}, 0x8})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x1, @private1, 0x400}}, 0x0, 0x6}, &(0x7f0000000240)=0x90)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r0, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r1, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.911652428s ago: executing program 2 (id=1359):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="03000000a0000000b10bbab1e88fcbcb0000", @ANYRES32=r3, @ANYBLOB="0800050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x4000)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="70000001", @ANYRES16=r2, @ANYBLOB="0500ffffffff080000002e00000008000300", @ANYRES32=r3, @ANYBLOB="050034008b00000005001801270000000400fa00"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x880)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000080)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB='M'], 0x8)
r6 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000004340)=[{&(0x7f0000004000)=""/104, 0x68}], 0x1}, 0x7}], 0x1, 0x10000, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
r9 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r9, &(0x7f0000000000)=[{{&(0x7f0000000080)={0xa, 0x0, 0x3e, @dev={0xfe, 0x80, '\x00', 0x21}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0xf}}, {{&(0x7f00000006c0)={0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xa4}, 0x1c, 0x0, 0x0, &(0x7f0000000d40)=[@pktinfo={{0x24, 0x29, 0x32, {@loopback={0xff00000000000000}}}}], 0x28}}], 0x2, 0x0)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r10 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0)
recvmmsg(r6, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x4841}, 0x80)

1.873052417s ago: executing program 4 (id=1361):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8044)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3000000}}, 0x1c}}, 0x0)

1.679685546s ago: executing program 4 (id=1364):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'lo\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x9, 0x7, 0x8, 0x9, 0x5, 0x8, 0x2, 0x1ff}})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'bond_slave_1\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}})
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74a", 0xc6}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63e", 0x82}, {&(0x7f0000000700)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc334fba45667941bdeaebee3915c7685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551007ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0ef8f2d4a071d516ed09b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646", 0xde}], 0x3}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000014c0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeace75a07a652ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1e078539b56973bfbbee5a1", 0x61}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r5)
accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884)

1.4173818s ago: executing program 4 (id=1367):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74a", 0xc6}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63e", 0x82}, {&(0x7f0000000700)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc334fba45667941bdeaebee3915c7685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551007ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0ef8f2d4a071d516ed09b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646", 0xde}], 0x3}}, {{0x0, 0x0, &(0x7f00000006c0)}}], 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1.29172878s ago: executing program 4 (id=1368):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x1a)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
getsockopt$inet6_mreq(r0, 0x29, 0xf, 0x0, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0)
r1 = socket$inet(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'team_slave_0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x1, 0xa88a)
getsockname$packet(r2, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000440)}}], 0x1, 0x0)

1.205769409s ago: executing program 3 (id=1369):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000000010010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000029620400"], 0x20}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newqdisc={0x154, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x124, 0x2, [@TCA_CHOKE_MAX_P={0x8, 0x3, 0x1}, @TCA_CHOKE_STAB={0x104, 0x2, "c7cd445910f846c9dc02c7db1d9146f03f5ff3860be5cfec7bf80ca4aed779520f8f3540ac33459adf08b34c5d82ae9448631d031d41da8883db8599c9c86edb3f051b0ad0618f1e546bf0455502a241ee098368537b6ad041e7e2a091871eae951ebc81f3b2c9aeac980f14100b9af4868a19c3d996cf83653a545aa441c4eb3178b64df8b5a77c6bd3fbae69381ae1ffe9e4da00bd9e45602cacac7c6a364c2001321683184aa14eef0a0ef352a8a63fe1d52a2dbc7b9914b97d4c5b4ebdd32863835327286b5a9585cacd507097d573db11bdb76892066b09e235e60468ae3edd72d7a9bbc6771a4c56457bdc87ebe88e950465da41551d9d4b3771143147"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x1, 0x80000001, 0x9, 0x20, 0x1d, 0x19}}]}}]}, 0x154}, 0x1, 0x0, 0x0, 0x83}, 0x20000010)
pselect6(0x40, &(0x7f0000000300)={0x1, 0xbe, 0x8, 0xfffffffffffffff9, 0xffffffff, 0x8, 0x1, 0x3}, &(0x7f00000005c0)={0x6, 0x7, 0x4, 0x7fff, 0x0, 0x0, 0x6, 0x3}, &(0x7f0000000600)={0x4, 0x7ff, 0x240000000000000, 0x4, 0x5, 0xffff, 0x0, 0x5}, &(0x7f0000000640)={0x0, 0x3938700}, &(0x7f0000000700)={&(0x7f0000000680)={[0x4]}, 0x8})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x1, @private1, 0x400}}, 0x0, 0x6}, &(0x7f0000000240)=0x90)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r0, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r1, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.107880225s ago: executing program 3 (id=1370):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r2, @ANYBLOB="00000a00100000801c001a80080002802d03fa0408000200f47b0c"], 0x44}, 0x1, 0x10000000}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

1.033607472s ago: executing program 3 (id=1371):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty, 0x0, 0xffffc0fe}, 0x20)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000140)={0xa, 0x0, 0xb6, @empty, 0x0, 0x2}, 0x20)
close(r1)

927.810025ms ago: executing program 3 (id=1372):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000106608000000000000180000000000000000000000000000009500000000000000360a020000001000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

813.567314ms ago: executing program 1 (id=1373):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r2, @ANYBLOB="00000a00100000801c001a80080002802d03fa0408000200f47b0c"], 0x44}, 0x1, 0x10000000}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) (fail_nth: 2)

796.314488ms ago: executing program 3 (id=1374):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
close(r0)

667.778918ms ago: executing program 1 (id=1375):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$kcm(0x10, 0x4, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0100000007000000612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r3], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r4, &(0x7f0000000980), 0x0}, 0x20)
connect$inet6(r1, 0x0, 0x0)
sendmmsg$inet6(r1, 0x0, 0x0, 0x4000000)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, 0x0, 0x0)
connect$inet(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
sendto(r5, &(0x7f00000002c0)='%', 0x1, 0x20000000, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xb, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[], 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000640)={0xa, 0x0, 0x80, @local, 0x46}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)="80003724090000ce", 0x8, 0x0, 0x0, 0x0)
openat$cgroup_ro(r8, 0x0, 0x275a, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

661.185111ms ago: executing program 3 (id=1376):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e7", 0xc5}, {&(0x7f0000000f00)}], 0x2}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000014c0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeace75a07a652ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1", 0x56}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1dd1f157fe36b0897bc2d8269989a85a326038ef0f6fcec6d5fc1d88f552e2c840489e4b2df437162a800bbf60068f2a382bb4921afeee040d23aae0b3104fe8c4ae098cc71600bb5bec7393b35b4b6066f2ef0c32f5b0a3fec9a005a55293c87437354f8bcb3d8ff36d80cd300c1dddfe331c7eb82a85daa8c2bd5c3ecddb0dec54a85638154b479644ecc2f266994eca97618113ed709734f98a9f6e09f3fb117ebd03e21553e016aa1421eb14c67cb64c4707b0958cfd08776fa1055f5bff34987891c70065b724832560c9e5678", 0x2ad}], 0x1}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000880)={'syztnl1\x00', &(0x7f0000000940)={'syztnl2\x00', 0x0, 0x80, 0x0, 0x3, 0x7ff, {{0x5, 0x4, 0x3, 0x29, 0x14, 0x64, 0x0, 0x5, 0x29, 0x0, @broadcast, @broadcast}}}})
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

572.657433ms ago: executing program 1 (id=1377):
r0 = socket$nl_route(0x10, 0x3, 0x0)
gettid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000b00000008500000087000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000b00000008500000087000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="850000002e000000350000000000ba008500000005000000950000000000000048f12aa5cbd56806f81f06a9cf64f5e0a141d524581c35d8050864d200000002010000000046dac75be31cbaec7520ea98165b61a3cf5fc6f8a442230e7953f91136aa1f7035175135230163cf29490f3d0000158a10861ad0f9dce435554bc34e6bdea4217ce48ca958078af8ad0887c697acd9a7000099c7b293de0019b27de967bf0600000054a04080bf668ce021009c820f9b80fe2338e93b70ac32b18a06000000000000000000000011000000004daac70ad892dd079b9f63c51fafce4bc61fa5b4a4f744d9b6a8f6a4607505cc2fac21641d627ece1bf413c032c558f1f664e2347e496a85367caf51a1b1adde61a9fd1937d4453cf78370c8674304bec47c5a91f3f6bebfecafbcbe36d284911afdc999ce8a0a593105ef7fff5305a4f2904fcabf43f744cb4cc69cce05f0240666db66119c205d52d78584343b0b8743a2fed44cdf3b1f84e992e22123deda315a555c9582bf93b8d66a9ab4f9b70ebee24d937a72e8a5a3d9db5ad5370af9926eba2219185aa5c2c433e2db20c67666c49f1e4cee528bc973d2e6e7b676b1f779594c2337f0cb08516c12693211b00509b283b5115fb9c79b938e4ab689ee0338d3de3da800fae50b6fbb78da69f18175876905580db3cca414bd743bdfa5a477a4db3118e71538e2905c4b0b7e6df60b6dec62ab57c015af118bf5623036585d8319de4e17e8db8b681f9814378eeb0d59a457cd00000c587800"/568], &(0x7f0000000140)='GPL\x00', 0x0, 0x27, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r6 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r6, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r7 = accept(r5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'wg0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r9=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c80)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="1f0e0000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="c29f65a145195642a9cbb21a75521e371f1a5c92932306a75282395924428ee7bf2a2a1e4820"], 0x4c}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c80)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="1f0e0000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB="c29f65a145195642a9cbb21a75521e371f1a5c92932306a75282395924428ee7bf2a2a1e4820"], 0x4c}}, 0x0)
close(0x3)
r10 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r11=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x18, 0x0, 0x333, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0) (async)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x18, 0x0, 0x333, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r7, &(0x7f0000000900)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f0000000780)={0x118, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x4}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x20004080}, 0x20008800) (async)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r7, &(0x7f0000000900)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f0000000780)={0x118, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x4}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x20004080}, 0x20008800)
sendmsg$netlink(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="10010000310001000000000000000000000100800c0001000007000000000000140000002001000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1486cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa373047eb640dc5061dc35817c8a66c29be82"], 0x110}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x22, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'ip_vti0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x8000, 0x7800, 0x9, 0x4, {{0x9, 0x4, 0x3, 0x8, 0x24, 0x65, 0x0, 0x9, 0x4, 0x0, @local, @broadcast, {[@end, @generic={0x7, 0xe, "d0caf1fa6d634bc861ff23a0"}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'ip_vti0\x00', &(0x7f00000001c0)={'syztnl1\x00', <r13=>0x0, 0x8000, 0x7800, 0x9, 0x4, {{0x9, 0x4, 0x3, 0x8, 0x24, 0x65, 0x0, 0x9, 0x4, 0x0, @local, @broadcast, {[@end, @generic={0x7, 0xe, "d0caf1fa6d634bc861ff23a0"}]}}}}})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r13}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x2}, @IFLA_BR_MCAST_MEMBERSHIP_INTVL={0xc, 0x1f, 0x3}]}}}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r13}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x2}, @IFLA_BR_MCAST_MEMBERSHIP_INTVL={0xc, 0x1f, 0x3}]}}}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0)

439.705274ms ago: executing program 4 (id=1378):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74a", 0xc6}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63e", 0x82}, {&(0x7f0000000700)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc334fba45667941bdeaebee3915c7685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551007ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0ef8f2d4a071d516ed09b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646", 0xde}], 0x3}}, {{0x0, 0x0, &(0x7f00000006c0)}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

304.929768ms ago: executing program 4 (id=1379):
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
writev(r0, &(0x7f0000002180)=[{&(0x7f0000000b80)="2eec711f70abb5a31ead08c7571d8dbe3513461cdae3e277bb4a0c321145a64f7d3038a91ff1feab2bfbe7d0ce8dcfa4f107ccf32e039663002f9e38a82711255bc508d495b07b09ec17922ccdcbb5f84bc3efb04a84fac3f7ad1b0f3a012ff312c13292a08fb5b5d28ffbbf060f7f9d5cc4d3", 0x73}, {&(0x7f0000000c00)="7cf2c3eb81af2d4a17e32b07f1e5774d91f558979e6b7c3f8f15cb5f0b3ca18202d1ddee09f26e2b34519623fea7b40188deace7a6b05bd2cf9e4203b034aaee2162f52c7b361902847e03f3454bcf3b107febde557e59bd9dcaa80a97e2d1c2520c289ca8e296a2c53ff0bec2930dfd0a238475c3ff115beeee9cd90ee6d2b83df025bc7d69438990ee3316174f0c6b31ae3ddcab1bb6493d8544521f2da302277f2da5c07dceafd74d5cd6c3de3e90af65d68dc58ae4c34d8ec9c6dfd8f96db8902894cb87f139ff5855d533e4010854587d", 0xd3}, {&(0x7f0000000d00)="97ad5a431ff6cb8f7fed4bb6208124df8eb6a17bcfc8bdd8963e15dc1048a99a8d0fcf99a4cd1cf0933e9068ed35259e49e4e7650643f2043d4ed51c3acc760345daed577f1c90162a38ce990b4fe824320998f8aaef4794388b78f19075d1b7bdb38dc34489e7afcf0368ddb6537f2b996a143898598847229449dd3d95c1d71b80ed82eabedd4e66ef43ee2e05444a46e3043fff156e6272b68f3bd03e3215e76828a14a52c76cc1522cc7225da5ff3dc886c93517c032bfc689f8b2003cbf893b1c9f8e6fd95ccf42506dba746233dda20e90f6dc4042afbd874f28ec0f5e2e6976bcf7ca860f1ab2c6ff8905ab88b31772faa7d6a6e122585bf01376c3a3c6a116ab7d4ff5aed490499c0b52cf681f4220883091163c3b35916a6328497cfc1b74d68e16e597bc78b5d0261c7bbbdf335f4dc9dd773be192e9bb63d505f32b1888d86dd3362108d3b1d64bd8041f2b56ff481d87f025c7a642bbb19e7cb6efe701e3bc9aa09119334e6f9fab840cb9eca69f85761c873f85b93a6db113863a190870fc6c238d1a9e870dc8bf45ef2233631889dca4549cf8e49b86cc70c08ad5f8d09f0b5210e574876c29d930a1411cbabec448f97c6d4a30d8aec90e00d20d67c9cce54b6b21e0287e242d3755c20eba1f92d4bba898dfc23c4c0ff2bcf07a6db69a8ebf110402caafecd0cea500f3a8667bba5d930d24d54a754c04bde4a1050fd4b5bc789a604881ad90e0062c578f4ac2949f0119063f8779b76e86b25cc865db4fbeb93f63b5bf1023a6172bd469d0ac52f423286bdd8c5eeca75f7e2dc22813a9b671a99a22114f2e5df72d2a70deaea0b7372a5d2b2f497f569ccc859a1f3ee8177012135c623cd57d0b6c9062d0ac7a7236cf2e105eb74946121b89854b6ca167afc6cfeda770924f5d6a227e0fb4ee7060dbf0bac1d93ec38bc90f8ae23419f3ce8d6a92f0eb6ef0a2c922cea3bfe69f8b9c5d6618e2fb91ee54cee0ff48abf8c980d628e62c2df4a86be645ff22542c6dff6abe6614e60553d5b090a5de6f232198dbcef041905a389ff5ba6dcc09f031c8933d9aee1ee5b60e2994f3b943261ee639ebf8a81a4b42856a6a3a2694e77c3e2358fa82e9506a4249f61eb99cf06e446a73f9fbdbea4b29c0edbf411b916e77c6b2ddab2082d480a290619a33610fd5ee6a66910a745a76f1286affba8bd8c9048b358813d2239943d6ed2da34f8cc873f9378119e876dfed0ecbb0542552a6a37dc08a86517a26e067f1e691112faf85ff367b320426467bd64e28e4dd4941af8a517c76867a75f3faece3eb1078338dc60699de5deee2c958a76a253eba75cf25438e6825e08acb068b3d6077b9bfebcc05c467074adafb6d65756533374f3910959840b42fc17457416b45e1460c867887255ad5288638c8198183c4bf197d7754bdb251e40e98c559781e1ad5a650ff67731fc027d3c9e8593cb3bf9469161299c1b61b1d50ec34372072ff095c67a27c28b93e1378fc6989f37545894d06a6c009ed97dbc69776874d012d967041769fad7ac683c729080c1bf7c66f33ab38e0b296c758fc7b00fc1fbb332538128638c66919fe7a298d9882cca5689207fa72eef0a09ad3a852ea1b6f0e64b55b638ee4309e7d4f90b11443dbb5399a8d125e232392835409a4eaf8df5586e364c1da80d96eb3a5e6d1a98c9b223ad55fbc1086f07a2a747ce99690819551cdd23162190c739170ec9cb305b09747e8cf4a844e0b7923d35f47da07dd14f9073ce18128e89d1e5140830c30dca6bd37c64752c5e8e59f37101bfd327451512aab6d62c2ae551b07dd3c853f18aab7330c68e262040d14f5b3c83105347d3f6a91fd3ec7b65e860496ec568b4ce0fe741bcdb6632e0c13c309a148f91796dd651bf7e851632537d1800442913e33f629aedc65be9330d4ac5c1dc24f4116ada81fa4e1fafed84dc367b6279007377149910d082117d35c4871484735733be9d30601f54dd93cc95ac0679405addd852b68380eae66051f1fdff14b47a5ea8b2705f3a468977d08747c73a3a483b81f8b6e9a4aed52fd07f77bd4ff4cdc27ebadcf963e296e665917824899ebb5d43bf54b92bce96b879a71d7dd834517df46cce805c6b75331bf9ea9ae70bfe42656a9918e5df8ae6312114c2c67f74155d94afdcde13023d7c7698fb88522712fc72050effccae88edfe60d687ae6b7d269a200122d49694ee71063193e96386ccc797b26957e7be51ffa5cd8589c6d93ec85eca2f3113856924c8c2223cbbdd6b05bdc6fb59aa24833cf96da7c61ab14d94629154f847eba039e95b559760ed680c3bab96597151c2939f79ed69a901094d9eb0e36c1602a4c59b1fa3bbc7afc88f07ac70ae2e5b40260d148b59633434ec7a107e58874e9cc4928ec0c430e141e3660e5a63a2ff079847578925fd7a9f03211a660b307517731851456ccf245baf2a841852ec9083a016a6c6309f91a8a9658d976ed87e8d62a23eb205ffa507ad3df4628e949d685c84394a74f156a09bb6b6c0e37666108f9e3f5b9021a7b2a38070e53d1ab4e4b4452264807b8c3fc9952b208093d79ffcc83c06e2b7dfeba38ed846038c38c2247573e201bab3274095afd4f7d1c9a37607e680834422bcab3cc3e68dcf6d88ea3678a55981c0e005cc93f3263f0be4f100b1c19950b6247e5af0c78549293b0b766c6ba8ef34e4011c0f9811cf69c20bf264e2a227a8f84afa7a27164ce74ee55fbf9f353535862a4e762186e081c85836414d9f3c92a6dfca306c678b949962866ea3b4e5abbbc3eda41e0a5137cb4e13b9d099a9649f2823f19c877876499e979cd49c907dc18c1f49d8f5e6a9363fa69fe7210e67f45f2ce6788dcf2a608b61c6f32c54985787fc783afc067524a023be6382a0735f57855b65960346e5983cde24295290529f9cf4537c1380566ce8dec11fedcf4b9482b0f9b7491d7ebd6a90605850ac4cba23db43cb469822bccf5c7fe044101db0597b8f5fde02fac848ce55f4a891c75c880ae6f8cb4be421d5cedadc7c7e42f504bc6091af2cfa55c798602d167740547f8dc56e2a37aa314d0a45cf3fbc0c7bb385678fc0116977d977eeb98b6661471529bb3aaba61c07a771ec4b12903b43f149cfdbbb63ceb1c5de1758507a2719712f38b4432bde72bdebf614a24da7e77f740d9f6c13cb6ab7f11379aaa2b22de9076db29a2d3bd4be3b58ac4c68fcc9288ff8074126df334421e94a6543546e6fab4f0fcc6bfef30a328b240da68bcd8656ebddeb0e1d7c07bce4510d4f867071fb56961b2aca0de9823ae35dae4f8d13b547301ca7207d03af1f50a19668a1121a2fc235c68020ec2ca6500d58598aae9669d868aef4b6e609d16136f4bbc4772a5ef5c5fe9288f7a45e779c5b4557dd6d47f1ada00039544a4f5658ac47d820354cf4794f19c281de8b180cf22adf3cc5814196fc5c1fb52f0c007256fc921b987d39496397615e5a0b22ec38019e1afba77aa8248042805cdb7e1bf2a607d7e4600ed79054df738777781e74f8821a38b471dd8e3744df1984d559864ec3f71785ccf92e2fbdcfaaa34b1292fdbc98001daa99d9028b944d708dd1d2834b4f4a06d889098f158481c125ed0c132eaedc02ca9455ce7551bde770dfb97a6971a4513d15b64c2125d8468dc59c77aa721e82df1c54b951aabe2edb511f2a5ec6ecab2de952d6d71cfad02dc895e585979a97eeec9641e1e7df590af854d05602d982705d9d5f1875598c81e4864c411fdcc0624cbb86df572bcda117feead24c20e96b82040ce908255a3d159430ca9919fc8611e7fc8452f236dbc449bc4eba7090c7e9c9a91b7c251f50209017561daae85b4c343bd02fb45ea3b4b39499a8f1f472c69c5666016b2947fc5ef7bac438861f2bd1e62c67e3a48dff6ed9680fdf96deb977bf744f24e8c491560202595ea755ee6295f935be542ea183ea02d6534ab940b5e0ba0d7098832e1d1674850f15b23c47cb44f3abea11a00425845dd78055f662c88c6157c299be87a0e9ed7f33cd50d12104124951f13077ca60a1dfc11cfc4839679d035a6b345dd852debee3ec54b8962b08f63535612d045530d69a645adb895c14730366a1841266aceeb77d8e6b1956d559aa99c16b06ce3c7672db8d16b96051920f2b5f577c0e978350f602b271009827760bd37e4552e4b8dc225c9208d8b1094244341dd45ad51448f976ee709f154d965644ec648e707c90be49eecd23748e3beafefa0b61f6e0f3a212c6c5aaa050b181f4343717f0013cff5e4594780ae2fbb1801a3e063d91212dcb058774a34b355b2b8df82d9ad697f0c985c3f44330d14056b321f50e8dcdf2edc0f87106d8fea475d414fe68f51dfd5291174ecc6b24089698963fbd02596de42da7a7a5e62d1c200d5b9801734c3ceb709ef0aeb59464842e246270bf8a6ae60ec3cdb50d813c4dc7a917ace5977cf5d3ce1aacca2c1241844ba33143a13eba2950eb0a0be3d3201bfd940b0e1bdd23ca8c3f3f2bd77026490578dcbf558f304668542e706d603a89a642fb32b14a58e9898dfb68454ea1b903eced8ca7c8c8ae73f0b80a144a991463d7346794a686c606e5e8a1cf7adc912d846b30deed69d0be144f423f43e9e9dc4782d04c85a62fafddc00a9dc726350ed021fc974ee75ad9f76a41cebffb3c68e876ce691ae774210399b29b65fb32d405c88321e434f555f3a891d495f3fb4ccaf6f2f0948f343709dc3020eb037d8ee926ef1449cf38cd8f2270f913776000961f53d102d5a391f6dc8ebabe72321fa4e6a8d92a9f8179c4af02e445e87e310ab5bb78cb10d6b8d14e4d80bf49644c2e26c297d3c4c118b1c696ebdc267708a98ac1a997a182a5b232dca5a26ac105eb034ecb7cae44deae88811d07e7e0a9b7589dcc41c779adf55778eba1ce12dc8501ef2f05f2ef04928430ada67ba61e34b387e102a441fa9863bb70b5cebb7b10b5fbd51301a02cdc3f933b90d5e35f69fade1c6bf413411fb65e6d8eab65f873dae3d65f38272047f5460661356b87e3990e1ee3d0f0239af0bc8602ddcf974e0ccfc7dff9680336412008e0425fc1547259317bc2f228da81d48cd39fff5d43abfaa5035b54eed76a8db2151f4a858eea53ee729f53a0c8722e22792da5664e374071ac186d18354201e9d64c6a5fba7b8ea992a06375bd0570433af91a734f8883ae569c1947c", 0xe80}], 0x3)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x3)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$PPPIOCATTACH(r2, 0x4004743d, &(0x7f0000000040)=0x3)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, 0x0)
close(r1)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x43}, 0x18)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'hsr0\x00'})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r8, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000100)=[{0x35, 0x0, 0x3, 0xfffffc00}, {}, {}, {}, {0x6}]})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4000000010000304000000000400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128009000100626f6e6400000000100002800400088008001f"], 0x40}, 0x1, 0x2000000000000000, 0x0, 0x4}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2000000043000900fffffffffddbdf25010000000c0003804e2d", @ANYRESOCT=r9], 0x20}}, 0x20004000)

191.6835ms ago: executing program 1 (id=1380):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000000010010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000029620400"], 0x20}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=@newqdisc={0x154, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x124, 0x2, [@TCA_CHOKE_MAX_P={0x8, 0x3, 0x1}, @TCA_CHOKE_STAB={0x104, 0x2, "c7cd445910f846c9dc02c7db1d9146f03f5ff3860be5cfec7bf80ca4aed779520f8f3540ac33459adf08b34c5d82ae9448631d031d41da8883db8599c9c86edb3f051b0ad0618f1e546bf0455502a241ee098368537b6ad041e7e2a091871eae951ebc81f3b2c9aeac980f14100b9af4868a19c3d996cf83653a545aa441c4eb3178b64df8b5a77c6bd3fbae69381ae1ffe9e4da00bd9e45602cacac7c6a364c2001321683184aa14eef0a0ef352a8a63fe1d52a2dbc7b9914b97d4c5b4ebdd32863835327286b5a9585cacd507097d573db11bdb76892066b09e235e60468ae3edd72d7a9bbc6771a4c56457bdc87ebe88e950465da41551d9d4b3771143147"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x1, 0x80000001, 0x9, 0x20, 0x1d, 0x19}}]}}]}, 0x154}, 0x1, 0x0, 0x0, 0x83}, 0x20000010)
pselect6(0x40, &(0x7f0000000300)={0x1, 0xbe, 0x8, 0xfffffffffffffff9, 0xffffffff, 0x8, 0x1, 0x3}, &(0x7f00000005c0)={0x6, 0x7, 0x4, 0x7fff, 0x0, 0x0, 0x6, 0x3}, &(0x7f0000000600)={0x4, 0x7ff, 0x240000000000000, 0x4, 0x5, 0xffff, 0x0, 0x5}, &(0x7f0000000640)={0x0, 0x3938700}, &(0x7f0000000700)={&(0x7f0000000680)={[0x4]}, 0x8})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x1, @private1, 0x400}}, 0x0, 0x6}, &(0x7f0000000240)=0x90)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r0, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r1, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

115.455599ms ago: executing program 1 (id=1381):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000180)=@newqdisc={0x3b, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x8], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x5, 0xfffe], [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe]}}]}}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0x3, 0x26, 0x1e, 0xc, 0x0, 0x5, 0x3}}, {0x0, 0x2, [0x101, 0x4, 0xfe00, 0xfffb, 0x8, 0x80]}}, {{0x0, 0x1, {0x6, 0x8, 0x5, 0x6, 0x2, 0x7, 0x401}}, {0x0, 0x2, [0x3ff, 0x8, 0x2, 0x2, 0x58, 0x1, 0x62, 0xfffb, 0x5, 0x8]}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f00000003c0), &(0x7f0000000400)=0x4)

0s ago: executing program 1 (id=1382):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="03000000a0000000b10bbab1e88fcbcb0000", @ANYRES32=r3, @ANYBLOB="0800050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x4000)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="70000001", @ANYRES16=r2, @ANYBLOB="0500ffffffff080000002e00000008000300", @ANYRES32=r3, @ANYBLOB="050034008b00000005001801270000000400fa00"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x880)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000080)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB='M'], 0x8)
r6 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
r8 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r8, &(0x7f0000000000)=[{{&(0x7f0000000080)={0xa, 0x0, 0x3e, @dev={0xfe, 0x80, '\x00', 0x21}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0xf}}, {{&(0x7f00000006c0)={0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xa4}, 0x1c, 0x0, 0x0, &(0x7f0000000d40)=[@pktinfo={{0x24, 0x29, 0x32, {@loopback={0xff00000000000000}}}}], 0x28}}], 0x2, 0x0)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r9 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0)
recvmmsg(r6, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x4841}, 0x80)

kernel console output (not intermixed with test programs):

oblems!
[  119.738080][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.748655][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.774059][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.788682][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.807989][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.834706][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.854444][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.874279][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.894259][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.904098][ T7419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.924417][ T7419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.945400][ T7419] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.955314][ T7419] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.964343][ T7419] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.973058][ T7419] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.982567][ T7419] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.087907][ T3575] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.114681][ T3575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.168245][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.176434][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.469477][ T7700] bond8 (unregistering): Released all slaves
[  120.523118][ T7695] x_tables: ip_tables: osf match: only valid for protocol 6
[  121.023562][ T3447] wlan1: Trigger new scan to find an IBSS to join
[  121.678058][ T7729] IPVS: set_ctl: invalid protocol: 33 0.0.100.0:20000
[  121.704052][ T7664] Set syz1 is full, maxelem 65536 reached
[  121.785331][ T3447] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.035498][ T1088] wlan1: Creating new IBSS network, BSSID c6:8c:e4:ca:c3:75
[  122.653405][ T3447] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.801191][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.582'.
[  122.888745][ T3447] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.034034][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  123.049445][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  123.059202][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  123.070179][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  123.079168][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  123.088038][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  123.188150][ T5868] Bluetooth: hci3: command 0x0405 tx timeout
[  124.600466][ T3447] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.847739][ T3447] bridge_slave_1: left allmulticast mode
[  124.853514][ T3447] bridge_slave_1: left promiscuous mode
[  124.859896][ T3447] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.878998][ T3447] bridge_slave_0: left allmulticast mode
[  124.889313][ T3447] bridge_slave_0: left promiscuous mode
[  124.904795][ T3447] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.149892][ T7786] netlink: 'syz.2.598': attribute type 2 has an invalid length.
[  125.185676][ T5870] Bluetooth: hci1: command tx timeout
[  125.304467][ T3447] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.315817][ T3447] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.327281][ T3447] bond0 (unregistering): Released all slaves
[  125.356881][ T7771] bond7 (unregistering): Released all slaves
[  125.412436][ T7757] chnl_net:caif_netlink_parms(): no params data found
[  125.943175][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[  125.954984][ T3447] hsr_slave_0: left promiscuous mode
[  125.970611][ T3447] hsr_slave_1: left promiscuous mode
[  125.979065][ T3447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.988054][ T3447] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.000081][ T3447] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.008853][ T3447] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.042348][ T3447] veth1_macvtap: left promiscuous mode
[  126.048413][ T3447] veth0_macvtap: left promiscuous mode
[  126.054133][ T3447] veth1_vlan: left promiscuous mode
[  126.060128][ T7812] netlink: 12 bytes leftover after parsing attributes in process `syz.1.604'.
[  126.069420][ T3447] veth0_vlan: left promiscuous mode
[  126.135168][ T7812] nbd: socks must be embedded in a SOCK_ITEM attr
[  126.197834][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.604'.
[  126.821893][ T3447] team0 (unregistering): Port device team_slave_1 removed
[  126.868307][ T3447] team0 (unregistering): Port device team_slave_0 removed
[  127.262439][ T5870] Bluetooth: hci1: command tx timeout
[  127.385543][ T7757] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.395121][ T7757] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.402336][ T7757] bridge_slave_0: entered allmulticast mode
[  127.420165][ T7757] bridge_slave_0: entered promiscuous mode
[  127.442760][ T7817] workqueue: Failed to create a rescuer kthread for wq "bond9": -EINTR
[  127.453601][ T7757] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.494786][ T7757] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.502037][ T7757] bridge_slave_1: entered allmulticast mode
[  127.509324][ T7757] bridge_slave_1: entered promiscuous mode
[  127.677931][ T7757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.696548][ T7757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.918941][ T7757] team0: Port device team_slave_0 added
[  127.927176][ T7757] team0: Port device team_slave_1 added
[  127.958382][ T7829] xt_TPROXY: Can be used only with -p tcp or -p udp
[  128.073489][ T7834] netlink: 'syz.2.611': attribute type 1 has an invalid length.
[  128.215082][ T7757] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.222072][ T7757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.248128][ T7757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.261323][ T7757] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.268374][ T7757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.294365][ T7757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.388688][ T7835] bond9 (unregistering): Released all slaves
[  128.658030][ T7757] hsr_slave_0: entered promiscuous mode
[  128.680521][ T7757] hsr_slave_1: entered promiscuous mode
[  128.697318][ T7757] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.713556][ T7757] Cannot create hsr debugfs directory
[  129.337227][ T5870] Bluetooth: hci1: command tx timeout
[  129.446355][ T7757] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.489790][ T7757] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.533660][ T7757] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.562245][ T7757] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.907694][ T7757] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.996923][ T7757] 8021q: adding VLAN 0 to HW filter on device team0
[  130.062730][ T3447] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.069916][ T3447] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.125325][ T3447] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.132508][ T3447] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.841481][ T7870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.622'.
[  130.858235][ T7870] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  130.868636][ T7870] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  130.890715][ T7757] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.023835][ T7878] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  131.033002][ T7878] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  131.041928][ T7878] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  131.051039][ T7878] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  131.062209][ T7878] vxlan0: entered promiscuous mode
[  131.067574][ T7878] vxlan0: entered allmulticast mode
[  131.089718][ T7878] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.099840][ T7878] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.109141][ T7878] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.118617][ T7878] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.207394][ T7886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.625'.
[  131.238551][ T7757] veth0_vlan: entered promiscuous mode
[  131.257418][ T7757] veth1_vlan: entered promiscuous mode
[  131.278672][ T7757] veth0_macvtap: entered promiscuous mode
[  131.287663][ T7757] veth1_macvtap: entered promiscuous mode
[  131.302624][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.313223][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.323700][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.334698][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.344707][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.355195][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.365078][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.375564][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.386566][ T7757] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.397511][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.407997][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.414715][ T5870] Bluetooth: hci1: command tx timeout
[  131.418143][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.434330][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.444194][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.455158][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.465478][ T7757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.475985][ T7757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.487117][ T7757] batman_adv: batadv0: Interface activated: batadv_slave_1
[  131.498675][ T7757] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.507506][ T7757] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.516652][ T7757] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.525408][ T7757] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.602509][ T7886] nbd: socks must be embedded in a SOCK_ITEM attr
[  131.656703][ T7886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.625'.
[  131.674551][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.682550][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.783635][ T3540] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.792060][ T3540] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.249333][ T7906] netlink: 'syz.4.630': attribute type 1 has an invalid length.
[  132.343370][ T7906] bond9 (unregistering): Released all slaves
[  133.029717][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  133.314431][ T7922] netlink: 40 bytes leftover after parsing attributes in process `syz.2.635'.
[  133.685159][ T7925] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'.
[  133.785130][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.795975][ T7925] nbd: socks must be embedded in a SOCK_ITEM attr
[  133.874849][ T7924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.636'.
[  134.772331][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  134.782127][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  134.789916][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  134.798852][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  134.842023][ T7947] trusted_key: syz.2.643 sent an empty control message without MSG_MORE.
[  134.858443][ T5868] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  134.868335][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  134.899684][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.987131][ T7949] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  135.018779][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.052668][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.1.644'.
[  135.156854][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.195143][ T7954] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  135.214389][ T7954] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  135.470482][ T7961] FAULT_INJECTION: forcing a failure.
[  135.470482][ T7961] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  135.484060][ T7961] CPU: 1 UID: 0 PID: 7961 Comm: syz.1.645 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  135.494336][ T7961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.504418][ T7961] Call Trace:
[  135.507719][ T7961]  <TASK>
[  135.510676][ T7961]  dump_stack_lvl+0x241/0x360
[  135.515378][ T7961]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.520602][ T7961]  ? __pfx__printk+0x10/0x10
[  135.525226][ T7961]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  135.531404][ T7961]  should_fail_ex+0x3b0/0x4e0
[  135.536115][ T7961]  prepare_alloc_pages+0x1da/0x5b0
[  135.541249][ T7961]  __alloc_pages_noprof+0x16f/0x710
[  135.546449][ T7961]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  135.552175][ T7961]  alloc_pages_mpol_noprof+0x3e8/0x680
[  135.557643][ T7961]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  135.563744][ T7961]  ? alloc_pages_noprof+0xef/0x170
[  135.568880][ T7961]  get_free_pages_noprof+0xc/0x30
[  135.573917][ T7961]  kasan_populate_vmalloc_pte+0x38/0xe0
[  135.579484][ T7961]  __apply_to_page_range+0x806/0xde0
[  135.584821][ T7961]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  135.591084][ T7961]  ? __pfx___apply_to_page_range+0x10/0x10
[  135.596897][ T7961]  ? do_raw_spin_unlock+0x13c/0x8b0
[  135.602103][ T7961]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  135.607489][ T7961]  alloc_vmap_area+0x1d52/0x2400
[  135.612451][ T7961]  ? __pfx_alloc_vmap_area+0x10/0x10
[  135.617739][ T7961]  ? __kasan_kmalloc+0x98/0xb0
[  135.622502][ T7961]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  135.628497][ T7961]  ? __get_vm_area_node+0x132/0x2d0
[  135.633833][ T7961]  ? array_map_alloc+0x285/0x720
[  135.638782][ T7961]  __get_vm_area_node+0x1c8/0x2d0
[  135.643841][ T7961]  __vmalloc_node_range_noprof+0x344/0x1380
[  135.649745][ T7961]  ? array_map_alloc+0x285/0x720
[  135.654778][ T7961]  ? __lock_acquire+0x1397/0x2100
[  135.659811][ T7961]  ? __pfx_aa_get_newest_label+0x10/0x10
[  135.665466][ T7961]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  135.671882][ T7961]  ? apparmor_capable+0x13b/0x1b0
[  135.676912][ T7961]  ? bpf_lsm_capable+0x9/0x10
[  135.681591][ T7961]  ? security_capable+0x7e/0x2d0
[  135.686590][ T7961]  bpf_map_area_alloc+0xfc/0x120
[  135.691537][ T7961]  ? array_map_alloc+0x285/0x720
[  135.696492][ T7961]  array_map_alloc+0x285/0x720
[  135.701263][ T7961]  map_create+0x946/0x11c0
[  135.705681][ T7961]  __sys_bpf+0x6d1/0x810
[  135.709952][ T7961]  ? __pfx___sys_bpf+0x10/0x10
[  135.714719][ T7961]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  135.720696][ T7961]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  135.727025][ T7961]  ? do_syscall_64+0x100/0x230
[  135.731789][ T7961]  __x64_sys_bpf+0x7c/0x90
[  135.736215][ T7961]  do_syscall_64+0xf3/0x230
[  135.740719][ T7961]  ? clear_bhb_loop+0x35/0x90
[  135.745401][ T7961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.751292][ T7961] RIP: 0033:0x7f415a37ff19
[  135.755715][ T7961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.775339][ T7961] RSP: 002b:00007f415b246058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  135.783771][ T7961] RAX: ffffffffffffffda RBX: 00007f415a545fa0 RCX: 00007f415a37ff19
[  135.791747][ T7961] RDX: 0000000000000048 RSI: 0000000020004080 RDI: 0b00000000000000
[  135.800238][ T7961] RBP: 00007f415b2460a0 R08: 0000000000000000 R09: 0000000000000000
[  135.808205][ T7961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.816171][ T7961] R13: 0000000000000000 R14: 00007f415a545fa0 R15: 00007fff454a6e48
[  135.824340][ T7961]  </TASK>
[  135.844829][   T12] bridge_slave_1: left allmulticast mode
[  135.850546][   T12] bridge_slave_1: left promiscuous mode
[  135.856619][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.877240][   T12] bridge_slave_0: left allmulticast mode
[  135.882922][   T12] bridge_slave_0: left promiscuous mode
[  135.899414][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.516502][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.543031][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.563363][   T12] bond0 (unregistering): Released all slaves
[  136.948272][ T7942] chnl_net:caif_netlink_parms(): no params data found
[  137.014597][ T5870] Bluetooth: hci1: command tx timeout
[  137.165685][ T7985] rdma_op ffff8880233661f0 conn xmit_rdma 0000000000000000
[  137.174438][ T7986] netlink: 'syz.4.655': attribute type 1 has an invalid length.
[  137.356990][ T5940] IPVS: starting estimator thread 0...
[  137.475488][ T7994] IPVS: using max 21 ests per chain, 50400 per kthread
[  137.586777][ T7989] bond11 (unregistering): Released all slaves
[  137.710530][ T8008] macvlan2: entered promiscuous mode
[  137.725794][ T8008] team_slave_0: entered promiscuous mode
[  137.731843][ T8008] team_slave_1: entered promiscuous mode
[  137.737643][ T8008] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  137.746766][ T8008] team0: entered promiscuous mode
[  137.752946][ T8008] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.763135][ T8008] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  137.808376][ T8015] netlink: 28 bytes leftover after parsing attributes in process `syz.4.662'.
[  137.817746][ T8015] netlink: 16 bytes leftover after parsing attributes in process `syz.4.662'.
[  137.936865][ T8019] netlink: 'syz.1.664': attribute type 1 has an invalid length.
[  138.029367][ T7942] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.042208][ T7942] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.052885][ T7942] bridge_slave_0: entered allmulticast mode
[  138.070593][ T7942] bridge_slave_0: entered promiscuous mode
[  138.085808][ T7942] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.093014][ T7942] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.113079][ T7942] bridge_slave_1: entered allmulticast mode
[  138.123354][ T7942] bridge_slave_1: entered promiscuous mode
[  138.171326][ T8019] 8021q: adding VLAN 0 to HW filter on device bond7
[  138.350753][ T8040] netlink: 28 bytes leftover after parsing attributes in process `syz.3.668'.
[  138.366660][ T8040] netlink: 28 bytes leftover after parsing attributes in process `syz.3.668'.
[  138.552154][   T12] hsr_slave_0: left promiscuous mode
[  138.565467][   T12] hsr_slave_1: left promiscuous mode
[  138.714503][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.722063][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.740606][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.748234][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.776540][   T12] veth1_macvtap: left promiscuous mode
[  138.782221][   T12] veth0_macvtap: left promiscuous mode
[  138.788168][   T12] veth1_vlan: left promiscuous mode
[  138.793734][   T12] veth0_vlan: left promiscuous mode
[  139.099872][ T5870] Bluetooth: hci1: command tx timeout
[  139.374130][   T12] team0 (unregistering): Port device team_slave_1 removed
[  139.423148][   T12] team0 (unregistering): Port device team_slave_0 removed
[  140.235344][ T7942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.328232][ T7942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.412469][ T7942] team0: Port device team_slave_0 added
[  140.429576][ T7942] team0: Port device team_slave_1 added
[  140.508250][ T8046] vlan2: entered promiscuous mode
[  140.525200][ T8046] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  140.560772][ T8046] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  140.591325][ T8051] netlink: 4 bytes leftover after parsing attributes in process `syz.4.672'.
[  140.712675][ T8054] netlink: 4 bytes leftover after parsing attributes in process `syz.4.672'.
[  140.843481][ T7942] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.852597][ T7942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.915669][ T7942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  141.038820][ T7942] batman_adv: batadv0: Adding interface: batadv_slave_1
[  141.094251][ T7942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.186561][ T5870] Bluetooth: hci1: command tx timeout
[  141.204172][ T8061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.677'.
[  141.221877][ T7942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  141.240846][ T8062] netlink: 'syz.2.676': attribute type 1 has an invalid length.
[  141.288505][ T8061] FAULT_INJECTION: forcing a failure.
[  141.288505][ T8061] name failslab, interval 1, probability 0, space 0, times 0
[  141.314044][ T8061] CPU: 0 UID: 0 PID: 8061 Comm: syz.3.677 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  141.324339][ T8061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.334419][ T8061] Call Trace:
[  141.337715][ T8061]  <TASK>
[  141.340661][ T8061]  dump_stack_lvl+0x241/0x360
[  141.345365][ T8061]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.350647][ T8061]  ? __pfx__printk+0x10/0x10
[  141.355281][ T8061]  ? __kmalloc_cache_noprof+0x48/0x390
[  141.360769][ T8061]  ? __pfx___might_resched+0x10/0x10
[  141.366085][ T8061]  should_fail_ex+0x3b0/0x4e0
[  141.370794][ T8061]  should_failslab+0xac/0x100
[  141.375499][ T8061]  __kmalloc_cache_noprof+0x70/0x390
[  141.380803][ T8061]  ? alloc_netdev_mqs+0xbc6/0x1080
[  141.385935][ T8061]  ? __xdp_rxq_info_reg+0x142/0x290
[  141.391179][ T8061]  alloc_netdev_mqs+0xbc6/0x1080
[  141.396134][ T8061]  rtnl_create_link+0x2f9/0xc20
[  141.400982][ T8061]  rtnl_newlink_create+0x210/0xa30
[  141.406095][ T8061]  ? __pfx___mutex_lock+0x10/0x10
[  141.411106][ T8061]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  141.416752][ T8061]  ? ns_capable+0x8a/0xf0
[  141.421118][ T8061]  rtnl_newlink+0x17dd/0x24f0
[  141.425830][ T8061]  ? __pfx_rtnl_newlink+0x10/0x10
[  141.430870][ T8061]  ? __netlink_deliver_tap+0x56b/0x7f0
[  141.436353][ T8061]  ? __pfx_validate_chain+0x10/0x10
[  141.441586][ T8061]  ? __sock_sendmsg+0x221/0x270
[  141.446459][ T8061]  ? ____sys_sendmsg+0x52a/0x7e0
[  141.451405][ T8061]  ? __sys_sendmsg+0x269/0x350
[  141.456167][ T8061]  ? do_syscall_64+0xf3/0x230
[  141.460846][ T8061]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.466935][ T8061]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  141.472925][ T8061]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  141.479265][ T8061]  ? mark_lock+0x9a/0x360
[  141.483599][ T8061]  ? __lock_acquire+0x1397/0x2100
[  141.488649][ T8061]  ? __pfx_lock_release+0x10/0x10
[  141.493684][ T8061]  ? __pfx_rtnl_newlink+0x10/0x10
[  141.498713][ T8061]  rtnetlink_rcv_msg+0x791/0xcf0
[  141.503682][ T8061]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  141.508816][ T8061]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  141.514284][ T8061]  ? ref_tracker_free+0x643/0x7e0
[  141.519743][ T8061]  netlink_rcv_skb+0x1e3/0x430
[  141.524511][ T8061]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  141.529972][ T8061]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  141.535276][ T8061]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.540476][ T8061]  netlink_unicast+0x7f6/0x990
[  141.545253][ T8061]  ? __pfx_netlink_unicast+0x10/0x10
[  141.550623][ T8061]  ? __virt_addr_valid+0x183/0x530
[  141.555739][ T8061]  ? __check_object_size+0x48e/0x900
[  141.561031][ T8061]  netlink_sendmsg+0x8e4/0xcb0
[  141.565805][ T8061]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.571092][ T8061]  ? aa_sock_msg_perm+0x91/0x160
[  141.576040][ T8061]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.581336][ T8061]  __sock_sendmsg+0x221/0x270
[  141.586039][ T8061]  ____sys_sendmsg+0x52a/0x7e0
[  141.590833][ T8061]  ? __pfx_____sys_sendmsg+0x10/0x10
[  141.596132][ T8061]  ? __fget_files+0x2a/0x410
[  141.600738][ T8061]  ? __fget_files+0x2a/0x410
[  141.605353][ T8061]  __sys_sendmsg+0x269/0x350
[  141.609992][ T8061]  ? __pfx_lock_release+0x10/0x10
[  141.615039][ T8061]  ? __pfx___sys_sendmsg+0x10/0x10
[  141.620171][ T8061]  ? __pfx_vfs_write+0x10/0x10
[  141.624962][ T8061]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  141.631310][ T8061]  ? do_syscall_64+0x100/0x230
[  141.636077][ T8061]  ? do_syscall_64+0xb6/0x230
[  141.640852][ T8061]  do_syscall_64+0xf3/0x230
[  141.645375][ T8061]  ? clear_bhb_loop+0x35/0x90
[  141.650069][ T8061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.655977][ T8061] RIP: 0033:0x7f2f2917ff19
[  141.660419][ T8061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.680053][ T8061] RSP: 002b:00007f2f29f92058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.688484][ T8061] RAX: ffffffffffffffda RBX: 00007f2f29345fa0 RCX: 00007f2f2917ff19
[  141.696462][ T8061] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  141.704435][ T8061] RBP: 00007f2f29f920a0 R08: 0000000000000000 R09: 0000000000000000
[  141.712596][ T8061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.720564][ T8061] R13: 0000000000000000 R14: 00007f2f29345fa0 R15: 00007ffd6e91a528
[  141.728567][ T8061]  </TASK>
[  141.812104][ T8067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.678'.
[  141.825604][ T8059] bond11 (unregistering): Released all slaves
[  141.843914][ T8067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.678'.
[  141.874555][ T8064] vlan2: entered promiscuous mode
[  141.883497][ T8064] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  141.924322][ T8064] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  141.956035][ T8066] netem: incorrect gi model size
[  141.972728][ T8066] netem: change failed
[  142.010014][ T8077] netlink: 16 bytes leftover after parsing attributes in process `syz.2.682'.
[  142.033906][ T7942] hsr_slave_0: entered promiscuous mode
[  142.044944][ T7942] hsr_slave_1: entered promiscuous mode
[  142.069761][ T7942] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.082532][ T7942] Cannot create hsr debugfs directory
[  142.099341][ T8073] tun0: tun_chr_ioctl cmd 1074025677
[  142.111346][ T8073] tun0: linktype set to 774
[  142.140367][ T8077] veth3: entered promiscuous mode
[  142.367890][ T8087] unknown channel width for channel at 909000KHz?
[  142.403566][ T8087] unknown channel width for channel at 909000KHz?
[  142.618439][ T8103] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  142.639345][ T8103] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  142.749350][ T8113] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  142.925457][ T8121] __nla_validate_parse: 4 callbacks suppressed
[  142.925476][ T8121] netlink: 68 bytes leftover after parsing attributes in process `syz.4.696'.
[  143.078489][ T7942] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  143.116881][ T7942] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  143.137105][ T7942] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  143.160222][ T7942] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  143.255944][ T5870] Bluetooth: hci1: command tx timeout
[  143.310012][ T7942] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.361094][ T7942] 8021q: adding VLAN 0 to HW filter on device team0
[  143.414805][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.421945][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.466498][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.473668][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.562405][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[  143.853783][ T8161] netlink: 20 bytes leftover after parsing attributes in process `syz.2.710'.
[  143.870651][ T7942] 8021q: adding VLAN 0 to HW filter on device batadv0
[  143.956979][ T7942] veth0_vlan: entered promiscuous mode
[  143.981641][ T7942] veth1_vlan: entered promiscuous mode
[  144.025282][ T7942] veth0_macvtap: entered promiscuous mode
[  144.066467][ T7942] veth1_macvtap: entered promiscuous mode
[  144.100051][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.119363][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.138435][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.160094][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.187235][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.205302][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.216066][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.228003][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.242634][ T7942] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.274835][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.287173][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.324140][ T8183] syz.3.719[8183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.324314][ T8183] syz.3.719[8183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.336299][ T8183] syz.3.719[8183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.340373][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.370303][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.392222][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.405097][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.416405][ T8185] netlink: 64 bytes leftover after parsing attributes in process `syz.4.720'.
[  144.421552][ T7942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.436815][ T7942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.448220][ T7942] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.458383][ T7942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.467554][ T7942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.476677][ T7942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.485815][ T7942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.661948][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.689085][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.773532][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.801207][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.851376][ T8196] netlink: 104 bytes leftover after parsing attributes in process `syz.4.723'.
[  144.868392][ T8196] netlink: 8 bytes leftover after parsing attributes in process `syz.4.723'.
[  144.881689][ T8196] netlink: 'syz.4.723': attribute type 4 has an invalid length.
[  144.895707][ T8196] netlink: 17 bytes leftover after parsing attributes in process `syz.4.723'.
[  144.983861][ T8198] netlink: 20 bytes leftover after parsing attributes in process `syz.1.724'.
[  145.229386][ T8207] vlan2: entered promiscuous mode
[  145.238988][ T8207] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  145.279472][ T8207] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  145.321642][ T8210] netlink: 28 bytes leftover after parsing attributes in process `syz.4.731'.
[  145.333897][ T8212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.727'.
[  145.366888][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.727'.
[  145.624943][ T8224] nbd: socks must be embedded in a SOCK_ITEM attr
[  145.850207][ T8231] netlink: 'syz.4.738': attribute type 10 has an invalid length.
[  145.910823][ T8231] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.963419][ T8231] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  146.048037][ T8235] bond0: entered promiscuous mode
[  146.053218][ T8235] bond_slave_0: entered promiscuous mode
[  146.061040][ T8235] bond_slave_1: entered promiscuous mode
[  146.067484][ T8235] batadv0: entered promiscuous mode
[  146.479085][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.328941][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.356840][ T8258] netlink: 'syz.4.748': attribute type 1 has an invalid length.
[  147.415218][ T8258] bond11 (unregistering): Released all slaves
[  147.461543][ T8265] netlink: 'syz.1.749': attribute type 1 has an invalid length.
[  147.484576][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.595974][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  147.601024][ T8265] bond8 (unregistering): Released all slaves
[  147.613952][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  147.624664][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  147.632560][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  147.640889][ T5868] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  147.656717][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  147.687181][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.876789][ T8272] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.887578][ T8272] bond_slave_0: left promiscuous mode
[  147.899722][ T8272] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.909558][ T8272] bond_slave_1: left promiscuous mode
[  147.922564][ T8272] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  147.931430][ T8272] batadv0: left promiscuous mode
[  147.947244][ T8272] bond0 (unregistering): Released all slaves
[  148.179707][   T35] bridge_slave_1: left allmulticast mode
[  148.194674][   T35] bridge_slave_1: left promiscuous mode
[  148.200424][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.239055][   T35] bridge_slave_0: left allmulticast mode
[  148.250847][ T8286] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  148.256248][   T35] bridge_slave_0: left promiscuous mode
[  148.265974][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.457773][ T8296] __nla_validate_parse: 4 callbacks suppressed
[  148.457792][ T8296] netlink: 28 bytes leftover after parsing attributes in process `syz.3.757'.
[  148.504494][ T8296] netlink: 28 bytes leftover after parsing attributes in process `syz.3.757'.
[  148.808514][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.821256][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.833965][   T35] bond0 (unregistering): Released all slaves
[  149.197608][ T8269] chnl_net:caif_netlink_parms(): no params data found
[  149.475510][ T8323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.764'.
[  149.642890][   T25] hid-generic 0005:16C0:0058.0002: item fetching failed at offset 0/1
[  149.659994][   T25] hid-generic 0005:16C0:0058.0002: probe with driver hid-generic failed with error -22
[  149.673169][   T35] hsr_slave_0: left promiscuous mode
[  149.688399][   T35] hsr_slave_1: left promiscuous mode
[  149.697223][ T8338] netlink: 12 bytes leftover after parsing attributes in process `syz.2.771'.
[  149.706613][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  149.722614][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  149.731965][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  149.739972][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  149.744843][ T5870] Bluetooth: hci1: command tx timeout
[  149.782066][   T35] veth1_macvtap: left promiscuous mode
[  149.787753][   T35] veth0_macvtap: left promiscuous mode
[  149.793292][   T35] veth1_vlan: left promiscuous mode
[  149.804809][   T35] veth0_vlan: left promiscuous mode
[  149.835542][ T8338] nbd: socks must be embedded in a SOCK_ITEM attr
[  149.908076][ T8338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'.
[  149.917935][ T8344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.772'.
[  149.996696][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.4.772'.
[  150.334947][   T35] team0 (unregistering): Port device team_slave_1 removed
[  150.392309][   T35] team0 (unregistering): Port device team_slave_0 removed
[  150.840114][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.847752][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.855675][ T8269] bridge_slave_0: entered allmulticast mode
[  150.874594][ T8269] bridge_slave_0: entered promiscuous mode
[  150.889550][ T8342] vlan2: entered promiscuous mode
[  150.895548][ T8342] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  150.907890][ T8342] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  150.940447][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.958165][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.966001][ T8269] bridge_slave_1: entered allmulticast mode
[  150.973292][ T8269] bridge_slave_1: entered promiscuous mode
[  151.093491][ T8269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.123905][ T8269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.200732][ T8269] team0: Port device team_slave_0 added
[  151.212728][ T8269] team0: Port device team_slave_1 added
[  151.368764][ T8269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  151.404758][ T8269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  151.442889][ T8369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.779'.
[  151.460104][ T8269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  151.487957][ T8372] vlan2: entered promiscuous mode
[  151.488205][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.781'.
[  151.507658][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.781'.
[  151.528512][ T8269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  151.546533][ T8269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  151.574858][ T8269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  151.669836][ T8269] hsr_slave_0: entered promiscuous mode
[  151.681369][ T8269] hsr_slave_1: entered promiscuous mode
[  151.688999][ T8269] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  151.697169][ T8269] Cannot create hsr debugfs directory
[  151.814473][ T5870] Bluetooth: hci1: command tx timeout
[  152.110361][   T35] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  152.246486][ T8269] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  152.269846][ T8269] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  152.289174][ T8269] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  152.302146][ T8269] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  152.441812][ T8269] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.460362][ T8269] 8021q: adding VLAN 0 to HW filter on device team0
[  152.493752][ T3540] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.500966][ T3540] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.572245][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.579426][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.704607][ T8406] nbd: socks must be embedded in a SOCK_ITEM attr
[  153.014064][ T8269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.128896][ T8269] veth0_vlan: entered promiscuous mode
[  153.162402][ T8269] veth1_vlan: entered promiscuous mode
[  153.264102][ T8269] veth0_macvtap: entered promiscuous mode
[  153.297681][ T8269] veth1_macvtap: entered promiscuous mode
[  153.368331][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.380298][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.391275][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.402698][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.413184][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.424812][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.445518][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.463580][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.475596][ T8269] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.498034][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.539092][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.564373][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.575633][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.587909][ T8440] __nla_validate_parse: 5 callbacks suppressed
[  153.587937][ T8440] netlink: 24 bytes leftover after parsing attributes in process `syz.4.804'.
[  153.603245][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.615518][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.626256][ T8269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.637149][ T8269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.651126][ T8269] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.697823][ T8269] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.712409][ T8269] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.739369][ T8269] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.750337][ T8269] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.780356][ T8445] vlan2: entered promiscuous mode
[  153.791812][ T8445] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  153.830424][ T8445] mac80211_hwsim hwsim5 wlan0: left promiscuous mode
[  153.842128][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.2.807'.
[  153.881285][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.2.807'.
[  153.895411][ T5870] Bluetooth: hci1: command tx timeout
[  153.911431][ T8447] netlink: 16 bytes leftover after parsing attributes in process `syz.3.808'.
[  154.038690][ T8459] netlink: 11 bytes leftover after parsing attributes in process `syz.2.812'.
[  154.095626][ T3447] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.103467][ T3447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.143971][ T3447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.156707][ T3447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.372174][ T8499] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.446921][ T8499] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.506290][ T8502] lo: entered promiscuous mode
[  155.511212][ T8502] lo: entered allmulticast mode
[  155.521318][ T8502] tunl0: entered promiscuous mode
[  155.527175][ T8502] tunl0: entered allmulticast mode
[  155.532994][ T8502] gre0: entered promiscuous mode
[  155.542258][ T8502] gre0: entered allmulticast mode
[  155.549126][ T8502] gretap0: entered promiscuous mode
[  155.558516][ T8502] gretap0: entered allmulticast mode
[  155.567207][ T8502] erspan0: entered promiscuous mode
[  155.572533][ T8502] erspan0: entered allmulticast mode
[  155.582243][ T8502] ip_vti0: entered promiscuous mode
[  155.594126][ T8502] ip_vti0: entered allmulticast mode
[  155.603972][ T8502] ip6_vti0: entered promiscuous mode
[  155.609869][ T8502] ip6_vti0: entered allmulticast mode
[  155.616518][ T8502] sit0: entered promiscuous mode
[  155.621501][ T8502] sit0: entered allmulticast mode
[  155.628251][ T8502] ip6tnl0: entered promiscuous mode
[  155.633571][ T8502] ip6tnl0: entered allmulticast mode
[  155.639876][ T8502] ip6gre0: entered promiscuous mode
[  155.645570][ T8502] ip6gre0: entered allmulticast mode
[  155.651672][ T8502] syz_tun: entered promiscuous mode
[  155.657043][ T8502] syz_tun: entered allmulticast mode
[  155.664003][ T8502] ip6gretap0: entered promiscuous mode
[  155.669900][ T8502] ip6gretap0: entered allmulticast mode
[  155.678246][ T8502] bridge0: entered promiscuous mode
[  155.683475][ T8502] bridge0: entered allmulticast mode
[  155.690821][ T8502] vcan0: entered promiscuous mode
[  155.697649][ T8502] vcan0: entered allmulticast mode
[  155.703441][ T8502] team0: entered promiscuous mode
[  155.709122][ T8502] team_slave_0: entered promiscuous mode
[  155.715398][ T8502] team_slave_1: entered promiscuous mode
[  155.721909][ T8502] team0: entered allmulticast mode
[  155.728022][ T8502] team_slave_0: entered allmulticast mode
[  155.733780][ T8502] team_slave_1: entered allmulticast mode
[  155.741800][ T8502] dummy0: entered promiscuous mode
[  155.747864][ T8502] dummy0: entered allmulticast mode
[  155.755489][ T8502] nlmon0: entered promiscuous mode
[  155.760763][ T8502] nlmon0: entered allmulticast mode
[  155.768721][ T8502] caif0: entered promiscuous mode
[  155.773879][ T8502] caif0: entered allmulticast mode
[  155.780177][ T8502] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  155.880618][ T8507] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  155.926529][ T8516] netlink: 'syz.4.829': attribute type 8 has an invalid length.
[  155.930257][ T8507] syzkaller0: entered promiscuous mode
[  155.946864][ T8507] syzkaller0: entered allmulticast mode
[  156.060666][ T8522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.832'.
[  156.079713][ T8521] netlink: 'syz.4.831': attribute type 1 has an invalid length.
[  156.113461][ T8521] bond11 (unregistering): Released all slaves
[  156.312250][ T8530] netlink: 28 bytes leftover after parsing attributes in process `syz.3.835'.
[  156.340233][ T8533] netlink: 104 bytes leftover after parsing attributes in process `syz.2.837'.
[  156.367891][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.837'.
[  156.439911][   T70] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.544245][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  157.566567][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  157.584540][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  157.602997][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  157.627323][ T5868] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  157.640610][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  158.167507][   T70] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.188116][ T8537] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  158.343626][   T70] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.367144][ T8550] vlan2: entered promiscuous mode
[  158.372537][ T8550] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  158.377222][ T8552] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  158.390857][ T8554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.839'.
[  158.418268][ T8550] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  158.458978][ T8554] nbd: socks must be embedded in a SOCK_ITEM attr
[  158.572358][   T70] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.607259][ T8550] __nla_validate_parse: 2 callbacks suppressed
[  158.607284][ T8550] netlink: 4 bytes leftover after parsing attributes in process `syz.4.841'.
[  158.838790][ T8565] veth0_to_team: entered promiscuous mode
[  158.841712][ T8569] netlink: 2 bytes leftover after parsing attributes in process `syz.4.846'.
[  158.845857][ T8565] veth0_to_team: entered allmulticast mode
[  158.869112][   T70] bridge_slave_1: left allmulticast mode
[  158.899476][   T70] bridge_slave_1: left promiscuous mode
[  158.925973][   T70] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.943459][   T70] bridge_slave_0: left allmulticast mode
[  158.956167][   T70] bridge_slave_0: left promiscuous mode
[  158.968828][   T70] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.990286][ T8573] netlink: 'syz.2.847': attribute type 1 has an invalid length.
[  159.338513][   T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.353625][   T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.364834][   T70] bond0 (unregistering): Released all slaves
[  159.451207][ T8577] 8021q: adding VLAN 0 to HW filter on device bond15
[  159.460784][ T8577] bond14: (slave bond15): making interface the new active one
[  159.469561][ T8577] bond14: (slave bond15): Enslaving as an active interface with an up link
[  159.653477][ T8543] chnl_net:caif_netlink_parms(): no params data found
[  159.684737][ T8586] macsec1: entered promiscuous mode
[  159.735000][ T5870] Bluetooth: hci1: command tx timeout
[  159.785110][ T8594] netlink: 24 bytes leftover after parsing attributes in process `syz.4.853'.
[  159.841783][ T8597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.854'.
[  159.917012][ T8589] Cannot find add_set index 0 as target
[  159.963855][   T70] hsr_slave_0: left promiscuous mode
[  159.983557][   T70] hsr_slave_1: left promiscuous mode
[  159.994664][   T70] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.009617][   T70] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.032101][   T70] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.044336][   T70] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.119025][   T70] veth1_macvtap: left promiscuous mode
[  160.139117][   T70] veth0_macvtap: left promiscuous mode
[  160.153388][   T70] veth1_vlan: left promiscuous mode
[  160.159456][   T70] veth0_vlan: left promiscuous mode
[  160.666577][   T70] team0 (unregistering): Port device team_slave_1 removed
[  160.710716][   T70] team0 (unregistering): Port device team_slave_0 removed
[  161.214909][ T8543] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.242166][ T8543] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.273483][ T8543] bridge_slave_0: entered allmulticast mode
[  161.289376][ T8543] bridge_slave_0: entered promiscuous mode
[  161.309624][ T8543] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.349657][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[  161.364022][ T8543] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.383220][ T8543] bridge_slave_1: entered allmulticast mode
[  161.400372][ T8543] bridge_slave_1: entered promiscuous mode
[  161.507327][ T8543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.526595][ T8543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.579345][ T8639] FAULT_INJECTION: forcing a failure.
[  161.579345][ T8639] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  161.593272][ T8639] CPU: 0 UID: 0 PID: 8639 Comm: syz.4.864 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  161.603541][ T8639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  161.613727][ T8639] Call Trace:
[  161.617028][ T8639]  <TASK>
[  161.619989][ T8639]  dump_stack_lvl+0x241/0x360
[  161.624681][ T8639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.629892][ T8639]  ? __pfx__printk+0x10/0x10
[  161.634498][ T8639]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  161.640667][ T8639]  should_fail_ex+0x3b0/0x4e0
[  161.645354][ T8639]  prepare_alloc_pages+0x1da/0x5b0
[  161.650472][ T8639]  __alloc_pages_noprof+0x16f/0x710
[  161.655678][ T8639]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  161.661411][ T8639]  alloc_pages_mpol_noprof+0x3e8/0x680
[  161.666878][ T8639]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  161.672897][ T8639]  ? alloc_pages_noprof+0xef/0x170
[  161.678013][ T8639]  get_free_pages_noprof+0xc/0x30
[  161.683034][ T8639]  kasan_populate_vmalloc_pte+0x38/0xe0
[  161.688579][ T8639]  __apply_to_page_range+0x806/0xde0
[  161.693872][ T8639]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  161.700114][ T8639]  ? __pfx___apply_to_page_range+0x10/0x10
[  161.705922][ T8639]  ? do_raw_spin_unlock+0x13c/0x8b0
[  161.711128][ T8639]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  161.716505][ T8639]  alloc_vmap_area+0x1d52/0x2400
[  161.721456][ T8639]  ? __pfx_alloc_vmap_area+0x10/0x10
[  161.726742][ T8639]  ? __kasan_kmalloc+0x98/0xb0
[  161.731505][ T8639]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  161.737501][ T8639]  ? __get_vm_area_node+0x132/0x2d0
[  161.742742][ T8639]  ? array_map_alloc+0x285/0x720
[  161.747724][ T8639]  __get_vm_area_node+0x1c8/0x2d0
[  161.752762][ T8639]  __vmalloc_node_range_noprof+0x344/0x1380
[  161.758675][ T8639]  ? array_map_alloc+0x285/0x720
[  161.763629][ T8639]  ? __lock_acquire+0x1397/0x2100
[  161.768666][ T8639]  ? __pfx_aa_get_newest_label+0x10/0x10
[  161.774333][ T8639]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  161.780681][ T8639]  ? apparmor_capable+0x13b/0x1b0
[  161.785718][ T8639]  ? bpf_lsm_capable+0x9/0x10
[  161.790396][ T8639]  ? security_capable+0x7e/0x2d0
[  161.795346][ T8639]  bpf_map_area_alloc+0xfc/0x120
[  161.800303][ T8639]  ? array_map_alloc+0x285/0x720
[  161.805266][ T8639]  array_map_alloc+0x285/0x720
[  161.810105][ T8639]  map_create+0x946/0x11c0
[  161.814559][ T8639]  __sys_bpf+0x6d1/0x810
[  161.818831][ T8639]  ? __pfx___sys_bpf+0x10/0x10
[  161.823616][ T8639]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  161.829614][ T8639]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  161.835952][ T8639]  ? do_syscall_64+0x100/0x230
[  161.840759][ T8639]  __x64_sys_bpf+0x7c/0x90
[  161.845193][ T8639]  do_syscall_64+0xf3/0x230
[  161.849703][ T8639]  ? clear_bhb_loop+0x35/0x90
[  161.854403][ T8639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.860306][ T8639] RIP: 0033:0x7f1acb37ff19
[  161.864727][ T8639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.884352][ T8639] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  161.892776][ T8639] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  161.900753][ T8639] RDX: 0000000000000048 RSI: 0000000020004080 RDI: 0b00000000000000
[  161.908745][ T8639] RBP: 00007f1acc1f20a0 R08: 0000000000000000 R09: 0000000000000000
[  161.916724][ T8639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.924716][ T8639] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  161.932716][ T8639]  </TASK>
[  161.945625][ T5870] Bluetooth: hci1: command tx timeout
[  162.020248][ T8543] team0: Port device team_slave_0 added
[  162.027684][ T8644] netlink: 12 bytes leftover after parsing attributes in process `syz.1.865'.
[  162.158030][ T8543] team0: Port device team_slave_1 added
[  162.298458][ T8644] nbd: socks must be embedded in a SOCK_ITEM attr
[  162.357221][ T8662] macsec1: entered promiscuous mode
[  162.363847][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.865'.
[  162.442204][ T8672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.868'.
[  162.442334][ T8543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  162.514938][ T8543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.541573][ T8543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.572739][ T8543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.581526][ T8543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.608651][ T8543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.621493][ T8672] nbd: socks must be embedded in a SOCK_ITEM attr
[  162.687212][ T8543] hsr_slave_0: entered promiscuous mode
[  162.757323][ T8543] hsr_slave_1: entered promiscuous mode
[  162.804533][ T8543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  162.828007][ T8543] Cannot create hsr debugfs directory
[  162.922037][ T8690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.872'.
[  163.572760][ T8716] netlink: 16 bytes leftover after parsing attributes in process `syz.4.879'.
[  163.597418][ T8716] netlink: 'syz.4.879': attribute type 1 has an invalid length.
[  163.628276][ T8716] 8021q: adding VLAN 0 to HW filter on device bond11
[  163.659930][ T8716] bond11: (slave gretap1): making interface the new active one
[  163.690304][ T8716] bond11: (slave gretap1): Enslaving as an active interface with an up link
[  163.810637][ T8721] netlink: 104 bytes leftover after parsing attributes in process `syz.3.881'.
[  163.816753][ T8543] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  163.851640][ T8543] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  163.866471][ T8724] FAULT_INJECTION: forcing a failure.
[  163.866471][ T8724] name failslab, interval 1, probability 0, space 0, times 0
[  163.880383][ T8724] CPU: 1 UID: 0 PID: 8724 Comm: syz.4.880 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  163.882826][ T8543] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  163.890721][ T8724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  163.890742][ T8724] Call Trace:
[  163.890750][ T8724]  <TASK>
[  163.890758][ T8724]  dump_stack_lvl+0x241/0x360
[  163.890785][ T8724]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.890804][ T8724]  ? __pfx__printk+0x10/0x10
[  163.890841][ T8724]  should_fail_ex+0x3b0/0x4e0
[  163.890880][ T8724]  should_failslab+0xac/0x100
[  163.890905][ T8724]  ? skb_clone+0x20c/0x390
[  163.890924][ T8724]  kmem_cache_alloc_noprof+0x70/0x380
[  163.890952][ T8724]  skb_clone+0x20c/0x390
[  163.890974][ T8724]  __netlink_deliver_tap+0x3cc/0x7f0
[  163.891005][ T8724]  ? netlink_deliver_tap+0x2e/0x1b0
[  163.891021][ T8724]  netlink_deliver_tap+0x19d/0x1b0
[  163.891042][ T8724]  netlink_unicast+0x7c4/0x990
[  163.891074][ T8724]  ? __pfx_netlink_unicast+0x10/0x10
[  163.891097][ T8724]  ? __virt_addr_valid+0x183/0x530
[  163.891121][ T8724]  ? __check_object_size+0x48e/0x900
[  163.891150][ T8724]  netlink_sendmsg+0x8e4/0xcb0
[  163.891181][ T8724]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.891206][ T8724]  ? aa_sock_msg_perm+0x91/0x160
[  163.891238][ T8724]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.891256][ T8724]  __sock_sendmsg+0x221/0x270
[  163.891285][ T8724]  ____sys_sendmsg+0x52a/0x7e0
[  163.891315][ T8724]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.891334][ T8724]  ? __fget_files+0x2a/0x410
[  163.891362][ T8724]  ? __fget_files+0x2a/0x410
[  163.891396][ T8724]  __sys_sendmsg+0x269/0x350
[  163.891416][ T8724]  ? __pfx_lock_release+0x10/0x10
[  163.891441][ T8724]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.891474][ T8724]  ? __pfx_vfs_write+0x10/0x10
[  163.891521][ T8724]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  163.891542][ T8724]  ? do_syscall_64+0x100/0x230
[  163.891564][ T8724]  ? do_syscall_64+0xb6/0x230
[  163.891585][ T8724]  do_syscall_64+0xf3/0x230
[  163.891602][ T8724]  ? clear_bhb_loop+0x35/0x90
[  163.984876][ T5870] Bluetooth: hci1: command tx timeout
[  163.988122][ T8724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.988152][ T8724] RIP: 0033:0x7f1acb37ff19
[  163.988171][ T8724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.988189][ T8724] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.988209][ T8724] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  163.988223][ T8724] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  163.988235][ T8724] RBP: 00007f1acc1f20a0 R08: 0000000000000000 R09: 0000000000000000
[  163.988248][ T8724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.988260][ T8724] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  163.988290][ T8724]  </TASK>
[  164.047276][ T8727] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  164.089910][ T8726] vlan2: entered promiscuous mode
[  164.189398][ T8728] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  164.207175][ T8731] FAULT_INJECTION: forcing a failure.
[  164.207175][ T8731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.220856][ T8731] CPU: 0 UID: 0 PID: 8731 Comm: syz.4.883 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  164.231130][ T8731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.241291][ T8731] Call Trace:
[  164.244590][ T8731]  <TASK>
[  164.247529][ T8731]  dump_stack_lvl+0x241/0x360
[  164.252216][ T8731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.257421][ T8731]  ? __pfx__printk+0x10/0x10
[  164.262021][ T8731]  ? __pfx_lock_release+0x10/0x10
[  164.267051][ T8731]  should_fail_ex+0x3b0/0x4e0
[  164.271735][ T8731]  _copy_from_user+0x2f/0xc0
[  164.276417][ T8731]  copy_msghdr_from_user+0xae/0x680
[  164.281625][ T8731]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  164.287428][ T8731]  ? __fget_files+0x2a/0x410
[  164.292031][ T8731]  ? __fget_files+0x2a/0x410
[  164.296646][ T8731]  __sys_sendmsg+0x209/0x350
[  164.301236][ T8731]  ? __pfx_lock_release+0x10/0x10
[  164.306268][ T8731]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.311386][ T8731]  ? __pfx_vfs_write+0x10/0x10
[  164.316166][ T8731]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  164.322492][ T8731]  ? do_syscall_64+0x100/0x230
[  164.327288][ T8731]  ? do_syscall_64+0xb6/0x230
[  164.331971][ T8731]  do_syscall_64+0xf3/0x230
[  164.336474][ T8731]  ? clear_bhb_loop+0x35/0x90
[  164.341172][ T8731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.347068][ T8731] RIP: 0033:0x7f1acb37ff19
[  164.351478][ T8731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.371086][ T8731] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.379512][ T8731] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  164.387489][ T8731] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  164.395464][ T8731] RBP: 00007f1acc1f20a0 R08: 0000000000000000 R09: 0000000000000000
[  164.403437][ T8731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.411413][ T8731] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  164.419405][ T8731]  </TASK>
[  164.452945][ T8543] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.582788][ T8735] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  164.611273][ T8543] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.659977][ T8543] 8021q: adding VLAN 0 to HW filter on device team0
[  164.678755][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.685977][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.706441][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.713622][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.756908][ T8741] netlink: 'syz.4.887': attribute type 1 has an invalid length.
[  164.793453][ T8543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.901005][ T8745] bond12 (unregistering): Released all slaves
[  164.985018][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.890'.
[  164.997325][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.892'.
[  165.007521][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.892'.
[  165.029098][ T8755] bridge0: entered promiscuous mode
[  165.045157][ T8755] syz_tun: entered promiscuous mode
[  165.062845][ T8755] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  165.082475][ T8755] Cannot create hsr debugfs directory
[  165.098609][ T8755] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  165.119441][ T8751] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  165.153137][ T8543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.305298][ T8543] veth0_vlan: entered promiscuous mode
[  165.327223][ T8543] veth1_vlan: entered promiscuous mode
[  165.351453][ T8543] veth0_macvtap: entered promiscuous mode
[  165.362110][ T8543] veth1_macvtap: entered promiscuous mode
[  165.376831][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.387577][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.397688][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.409401][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.424358][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.434885][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.434961][ T8770] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  165.444739][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.444760][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.445917][ T8543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.485090][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.496036][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.506018][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.516595][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.527108][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.538117][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.550457][ T8543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.561076][ T8543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.572148][ T8543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.591992][ T8775] Bluetooth: MGMT ver 1.23
[  165.601671][ T8543] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.610849][ T8543] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.619985][ T8543] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.629510][ T8543] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.786625][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.823407][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.850938][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.894519][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.021137][ T8790] netlink: 'syz.3.906': attribute type 1 has an invalid length.
[  166.029194][ T8790] netlink: 'syz.3.906': attribute type 4 has an invalid length.
[  166.043032][ T8790] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.906'.
[  166.057393][ T5868] Bluetooth: hci1: command tx timeout
[  166.122932][ T8794] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  166.261462][ T8800] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  166.341637][ T8803] netlink: 28 bytes leftover after parsing attributes in process `syz.4.913'.
[  166.351409][ T8803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.913'.
[  166.355363][ T8806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.914'.
[  166.686616][ T8820] ebtables: ebtables: counters copy to user failed while replacing table
[  166.824515][ T8830] netlink: 'syz.1.922': attribute type 10 has an invalid length.
[  166.871515][ T8830] netlink: 'syz.1.922': attribute type 10 has an invalid length.
[  166.903017][ T8830] team0: Port device netdevsim0 removed
[  166.915600][ T8830] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  166.926464][ T8830] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  167.232225][ T8846] bond_slave_0: entered promiscuous mode
[  167.238387][ T8846] bond_slave_1: entered promiscuous mode
[  167.244177][ T8846] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  167.262023][ T8846] macsec1: entered promiscuous mode
[  167.270072][ T8846] bond0: entered promiscuous mode
[  167.298338][ T8846] bond0: left promiscuous mode
[  167.303641][ T8846] bond_slave_0: left promiscuous mode
[  167.309202][ T8846] bond_slave_1: left promiscuous mode
[  167.314887][ T8846] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  167.449324][ T8855] netlink: 'syz.2.934': attribute type 4 has an invalid length.
[  167.512685][ T8858] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  167.655215][ T8862] nbd: socks must be embedded in a SOCK_ITEM attr
[  167.861986][ T8869] syzkaller0: tun_chr_ioctl cmd 2147767521
[  167.880845][ T8869] vlan2: entered promiscuous mode
[  168.362105][ T8886] netlink: 'syz.3.946': attribute type 5 has an invalid length.
[  168.390614][ T8886] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  168.409641][ T8886] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  168.538954][ T8888] team_slave_0: left promiscuous mode
[  168.551047][ T8888] team_slave_0: left allmulticast mode
[  168.591306][ T8888] team0 (unregistering): Port device team_slave_0 removed
[  168.600497][ T8888] team_slave_1: left promiscuous mode
[  168.606574][ T8888] team_slave_1: left allmulticast mode
[  168.625836][ T8888] team0 (unregistering): Port device team_slave_1 removed
[  168.660874][ T8896] macvtap1: entered promiscuous mode
[  168.677446][ T8896] vlan0: entered promiscuous mode
[  168.694890][ T8896] vlan0: left promiscuous mode
[  168.910711][ T8907] netlink: zone id is out of range
[  168.917165][ T8907] netlink: zone id is out of range
[  168.922311][ T8907] netlink: zone id is out of range
[  168.931965][ T8907] netlink: zone id is out of range
[  168.939151][ T8907] netlink: zone id is out of range
[  168.954437][ T8907] netlink: zone id is out of range
[  168.959583][ T8907] netlink: zone id is out of range
[  168.978986][ T8907] netlink: zone id is out of range
[  168.984167][ T8907] netlink: zone id is out of range
[  168.996326][ T8914] __nla_validate_parse: 7 callbacks suppressed
[  168.996343][ T8914] netlink: 4 bytes leftover after parsing attributes in process `syz.3.954'.
[  169.249139][ T8926] netlink: 56 bytes leftover after parsing attributes in process `syz.4.958'.
[  169.268941][ T8926] netlink: 36 bytes leftover after parsing attributes in process `syz.4.958'.
[  169.530283][ T8939] netlink: 12 bytes leftover after parsing attributes in process `syz.4.964'.
[  169.594729][ T8939] nbd: socks must be embedded in a SOCK_ITEM attr
[  169.632219][ T8939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.964'.
[  169.742947][ T8945] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  170.155892][ T8963] FAULT_INJECTION: forcing a failure.
[  170.155892][ T8963] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.187722][ T8963] CPU: 1 UID: 0 PID: 8963 Comm: syz.4.974 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  170.198030][ T8963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  170.208117][ T8963] Call Trace:
[  170.211429][ T8963]  <TASK>
[  170.214385][ T8963]  dump_stack_lvl+0x241/0x360
[  170.215314][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.975'.
[  170.219075][ T8963]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.228137][ T8965] netlink: 24 bytes leftover after parsing attributes in process `syz.2.975'.
[  170.233177][ T8963]  ? __pfx__printk+0x10/0x10
[  170.233214][ T8963]  ? __pfx_lock_release+0x10/0x10
[  170.233242][ T8963]  should_fail_ex+0x3b0/0x4e0
[  170.256395][ T8963]  _copy_from_user+0x2f/0xc0
[  170.261023][ T8963]  sctp_getsockopt_peer_addr_info+0xd3/0x680
[  170.267035][ T8963]  ? __pfx_sctp_getsockopt_peer_addr_info+0x10/0x10
[  170.273664][ T8963]  ? sctp_getsockopt+0x13a/0xbb0
[  170.278622][ T8963]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  170.284376][ T8963]  sctp_getsockopt+0x956/0xbb0
[  170.289171][ T8963]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  170.295103][ T8963]  do_sock_getsockopt+0x3c4/0x7e0
[  170.300158][ T8963]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  170.305724][ T8963]  ? __pfx_do_sys_openat2+0x10/0x10
[  170.310937][ T8963]  __x64_sys_getsockopt+0x2a1/0x370
[  170.316149][ T8963]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  170.321864][ T8963]  ? do_syscall_64+0x100/0x230
[  170.326626][ T8963]  ? do_syscall_64+0xb6/0x230
[  170.331302][ T8963]  do_syscall_64+0xf3/0x230
[  170.335801][ T8963]  ? clear_bhb_loop+0x35/0x90
[  170.340481][ T8963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.346379][ T8963] RIP: 0033:0x7f1acb37ff19
[  170.350792][ T8963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.370398][ T8963] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  170.378900][ T8963] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  170.386875][ T8963] RDX: 000000000000000f RSI: 0000000000000084 RDI: 0000000000000007
[  170.394843][ T8963] RBP: 00007f1acc1f20a0 R08: 0000000020006440 R09: 0000000000000000
[  170.402813][ T8963] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  170.410794][ T8963] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  170.418775][ T8963]  </TASK>
[  170.649579][ T5940] hid-generic 0005:16C0:0058.0003: item fetching failed at offset 0/1
[  170.659261][ T5940] hid-generic 0005:16C0:0058.0003: probe with driver hid-generic failed with error -22
[  171.328002][ T9008] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  171.534052][ T9017] netlink: 'syz.1.992': attribute type 5 has an invalid length.
[  171.552706][ T9017] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  171.584879][ T9017] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  171.758279][ T9026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.995'.
[  171.834732][ T9026] nbd: socks must be embedded in a SOCK_ITEM attr
[  171.852337][ T9025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.995'.
[  171.862188][ T9031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.996'.
[  171.994501][ T9031] nbd: socks must be embedded in a SOCK_ITEM attr
[  172.186256][ T9048] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  172.857666][ T9076] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  172.912079][ T9078] netlink: 'syz.3.1014': attribute type 10 has an invalid length.
[  172.920771][ T9078] team0: left allmulticast mode
[  172.926446][ T9078] team_slave_0: left allmulticast mode
[  172.932004][ T9078] team_slave_1: left allmulticast mode
[  173.515806][ T9100] netlink: 'syz.4.1022': attribute type 1 has an invalid length.
[  173.557343][ T9100] 8021q: adding VLAN 0 to HW filter on device bond13
[  173.572702][ T9100] bond12: (slave bond13): making interface the new active one
[  173.597512][ T9100] bond12: (slave bond13): Enslaving as an active interface with an up link
[  173.757888][ T9104] nbd: socks must be embedded in a SOCK_ITEM attr
[  174.006396][ T9112] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  174.025034][ T9112] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  174.141782][ T9117] __nla_validate_parse: 6 callbacks suppressed
[  174.141803][ T9117] netlink: 316 bytes leftover after parsing attributes in process `syz.1.1026'.
[  174.175214][ T9117] netlink: 316 bytes leftover after parsing attributes in process `syz.1.1026'.
[  174.193806][ T9117] netlink: 316 bytes leftover after parsing attributes in process `syz.1.1026'.
[  174.218434][ T9117] netlink: 316 bytes leftover after parsing attributes in process `syz.1.1026'.
[  174.363227][ T9129] FAULT_INJECTION: forcing a failure.
[  174.363227][ T9129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.385149][ T9129] CPU: 0 UID: 0 PID: 9129 Comm: syz.1.1029 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  174.395537][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.405631][ T9129] Call Trace:
[  174.408932][ T9129]  <TASK>
[  174.411878][ T9129]  dump_stack_lvl+0x241/0x360
[  174.416584][ T9129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.421803][ T9129]  ? __pfx__printk+0x10/0x10
[  174.426419][ T9129]  ? __pfx_lock_release+0x10/0x10
[  174.431469][ T9129]  should_fail_ex+0x3b0/0x4e0
[  174.436174][ T9129]  _copy_from_iter+0x21f/0x1e70
[  174.441036][ T9129]  ? __virt_addr_valid+0x183/0x530
[  174.446149][ T9129]  ? __pfx_lock_release+0x10/0x10
[  174.451180][ T9129]  ? __alloc_skb+0x28f/0x440
[  174.455774][ T9129]  ? __pfx__copy_from_iter+0x10/0x10
[  174.461060][ T9129]  ? __virt_addr_valid+0x183/0x530
[  174.466167][ T9129]  ? __virt_addr_valid+0x183/0x530
[  174.471280][ T9129]  ? __virt_addr_valid+0x45f/0x530
[  174.476389][ T9129]  ? __check_object_size+0x48e/0x900
[  174.481685][ T9129]  netlink_sendmsg+0x73d/0xcb0
[  174.486462][ T9129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.491745][ T9129]  ? aa_sock_msg_perm+0x91/0x160
[  174.496693][ T9129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.501977][ T9129]  __sock_sendmsg+0x221/0x270
[  174.506665][ T9129]  ____sys_sendmsg+0x52a/0x7e0
[  174.511431][ T9129]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.516714][ T9129]  ? __fget_files+0x2a/0x410
[  174.521322][ T9129]  ? __fget_files+0x2a/0x410
[  174.525919][ T9129]  __sys_sendmsg+0x269/0x350
[  174.530506][ T9129]  ? __pfx_lock_release+0x10/0x10
[  174.535544][ T9129]  ? __pfx___sys_sendmsg+0x10/0x10
[  174.540688][ T9129]  ? __pfx_vfs_write+0x10/0x10
[  174.545473][ T9129]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.551804][ T9129]  ? do_syscall_64+0x100/0x230
[  174.556567][ T9129]  ? do_syscall_64+0xb6/0x230
[  174.561240][ T9129]  do_syscall_64+0xf3/0x230
[  174.565740][ T9129]  ? clear_bhb_loop+0x35/0x90
[  174.570423][ T9129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.576320][ T9129] RIP: 0033:0x7f415a37ff19
[  174.580730][ T9129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.600342][ T9129] RSP: 002b:00007f415b246058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.608773][ T9129] RAX: ffffffffffffffda RBX: 00007f415a545fa0 RCX: 00007f415a37ff19
[  174.616760][ T9129] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  174.624740][ T9129] RBP: 00007f415b2460a0 R08: 0000000000000000 R09: 0000000000000000
[  174.632715][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.640695][ T9129] R13: 0000000000000000 R14: 00007f415a545fa0 R15: 00007fff454a6e48
[  174.648694][ T9129]  </TASK>
[  174.983857][ T9137] netlink: 'syz.1.1033': attribute type 21 has an invalid length.
[  175.002231][ T9137] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1033'.
[  175.013083][ T9137] IPv6: NLM_F_CREATE should be specified when creating new route
[  175.032179][ T9137] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  175.039925][ T9137] IPv6: NLM_F_CREATE should be set when creating new route
[  175.047284][ T9137] IPv6: NLM_F_CREATE should be set when creating new route
[  175.054575][ T9137] IPv6: NLM_F_CREATE should be set when creating new route
[  175.319629][ T9149] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1037'.
[  175.358149][ T9149] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  175.384302][ T9149] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  175.659094][    C0] net_ratelimit: 31 callbacks suppressed
[  175.659117][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies.
[  175.692894][ T9162] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1041'.
[  175.818349][ T9162] nbd: socks must be embedded in a SOCK_ITEM attr
[  176.617043][ T9186] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1049'.
[  176.716987][ T9190] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1051'.
[  176.756709][ T9190] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  176.774150][ T9190] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  176.803072][ T9193] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1052'.
[  176.981068][ T9202] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  177.064642][ T9201] nbd: socks must be embedded in a SOCK_ITEM attr
[  177.199208][ T9214] netlink: 'syz.2.1060': attribute type 4 has an invalid length.
[  177.872876][ T9238] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  178.219555][ T9253] vlan2: entered promiscuous mode
[  178.230256][ T9253] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  178.242349][ T9253] mac80211_hwsim hwsim5 wlan0: left promiscuous mode
[  178.615610][ T9265] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  178.688494][ T9268] Bluetooth: MGMT ver 1.23
[  179.198516][ T9283] __nla_validate_parse: 10 callbacks suppressed
[  179.198534][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1087'.
[  179.685663][ T9295] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  179.693241][ T9295] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  179.706658][ T9297] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1094'.
[  179.731252][ T9297] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  179.742583][ T9297] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  179.754173][ T9297] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  179.767283][ T9297] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  179.812412][ T9297] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1094'.
[  179.904661][ T9300] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1096'.
[  179.940743][ T9300] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  179.958837][ T9300] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  180.258387][ T9319] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  180.280398][ T9319] syzkaller0: entered promiscuous mode
[  180.289141][ T9319] syzkaller0: entered allmulticast mode
[  180.309788][ T9319] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1102'.
[  180.396598][ T9329] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1104'.
[  180.495862][ T9329] nbd: socks must be embedded in a SOCK_ITEM attr
[  180.536080][ T9329] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1104'.
[  181.167626][ T9337] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1106'.
[  181.179100][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  181.185272][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  181.186549][ T5869] Bluetooth: hci4: command 0x0406 tx timeout
[  181.320849][ T9341] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  182.312974][ T9351] sctp: [Deprecated]: syz.3.1111 (pid 9351) Use of int in max_burst socket option deprecated.
[  182.312974][ T9351] Use struct sctp_assoc_value instead
[  182.364635][ T9352] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1111'.
[  182.660439][ T9367] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1117'.
[  182.954501][ T9381] nbd: socks must be embedded in a SOCK_ITEM attr
[  183.138297][ T1154] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  184.153791][ T9427] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  184.395719][ T9436] __nla_validate_parse: 5 callbacks suppressed
[  184.395738][ T9436] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1143'.
[  184.590245][ T9446] vlan2: entered promiscuous mode
[  184.596857][ T9446] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  184.608880][ T9446] mac80211_hwsim hwsim5 wlan0: left promiscuous mode
[  184.660532][ T9447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1146'.
[  184.707936][ T9447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1146'.
[  185.125396][ T9464] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  185.217507][ T9466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1152'.
[  185.278226][ T9466] nbd: socks must be embedded in a SOCK_ITEM attr
[  185.353719][ T9466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'.
[  185.385132][ T9472] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1154'.
[  185.475879][ T9474] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1155'.
[  185.525751][ T9474] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  185.548757][ T9474] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  185.712486][ T9490] netlink: 'syz.4.1160': attribute type 1 has an invalid length.
[  185.726628][ T9493] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1161'.
[  185.738476][ T9493] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1161'.
[  185.768398][ T9490] bond14 (unregistering): Released all slaves
[  185.790850][ T9496] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  186.075548][ T9507] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1167'.
[  186.088245][ T9509] netlink: 'syz.3.1168': attribute type 1 has an invalid length.
[  186.166855][ T9513] FAULT_INJECTION: forcing a failure.
[  186.166855][ T9513] name failslab, interval 1, probability 0, space 0, times 0
[  186.197426][ T9513] CPU: 1 UID: 0 PID: 9513 Comm: syz.4.1170 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  186.207871][ T9513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  186.217939][ T9513] Call Trace:
[  186.221213][ T9513]  <TASK>
[  186.224233][ T9513]  dump_stack_lvl+0x241/0x360
[  186.228922][ T9513]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.234111][ T9513]  ? __pfx__printk+0x10/0x10
[  186.238700][ T9513]  ? fs_reclaim_acquire+0x93/0x130
[  186.243822][ T9513]  ? __pfx___might_resched+0x10/0x10
[  186.249121][ T9513]  should_fail_ex+0x3b0/0x4e0
[  186.253832][ T9513]  should_failslab+0xac/0x100
[  186.258536][ T9513]  __kmalloc_noprof+0xdd/0x4c0
[  186.263326][ T9513]  ? tomoyo_encode+0x26f/0x540
[  186.268112][ T9513]  tomoyo_encode+0x26f/0x540
[  186.272726][ T9513]  tomoyo_realpath_from_path+0x59e/0x5e0
[  186.278394][ T9513]  tomoyo_path_number_perm+0x236/0x860
[  186.283881][ T9513]  ? __lock_acquire+0x1397/0x2100
[  186.288932][ T9513]  ? tomoyo_path_number_perm+0x206/0x860
[  186.294594][ T9513]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  186.300638][ T9513]  ? __fget_files+0x2a/0x410
[  186.305260][ T9513]  ? __fget_files+0x2a/0x410
[  186.309879][ T9513]  security_file_ioctl+0xc6/0x2a0
[  186.314930][ T9513]  __se_sys_ioctl+0x46/0x170
[  186.319549][ T9513]  do_syscall_64+0xf3/0x230
[  186.324069][ T9513]  ? clear_bhb_loop+0x35/0x90
[  186.328768][ T9513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.334680][ T9513] RIP: 0033:0x7f1acb37ff19
[  186.339107][ T9513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.358711][ T9513] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.367121][ T9513] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  186.375090][ T9513] RDX: 000000000000000b RSI: 00000000400454d0 RDI: 0000000000000003
[  186.383055][ T9513] RBP: 00007f1acc1f20a0 R08: 0000000000000000 R09: 0000000000000000
[  186.391017][ T9513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.398981][ T9513] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  186.406962][ T9513]  </TASK>
[  186.419066][ T9513] ERROR: Out of memory at tomoyo_realpath_from_path.
[  186.520612][ T9517] IPVS: set_ctl: invalid protocol: 33 0.0.0.0:20000
[  186.709843][ T9526] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  186.727530][ T9530] netlink: 'syz.4.1176': attribute type 1 has an invalid length.
[  186.760339][ T9530] bond14 (unregistering): Released all slaves
[  187.044010][ T9544] bridge0: entered promiscuous mode
[  187.067701][ T9544] syz_tun: entered promiscuous mode
[  187.081466][ T9544] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  187.093896][ T9544] Cannot create hsr debugfs directory
[  187.101093][ T9544] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  187.121957][ T9547] vlan2: entered promiscuous mode
[  187.127173][ T9547] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  187.145057][ T9547] mac80211_hwsim hwsim5 wlan0: left promiscuous mode
[  187.446943][ T9562] netlink: 'syz.4.1189': attribute type 1 has an invalid length.
[  187.480185][ T9565] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  187.496068][ T9562] bond14 (unregistering): Released all slaves
[  187.730697][ T9575] FAULT_INJECTION: forcing a failure.
[  187.730697][ T9575] name failslab, interval 1, probability 0, space 0, times 0
[  187.743492][ T9575] CPU: 0 UID: 0 PID: 9575 Comm: syz.4.1194 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  187.753841][ T9575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  187.763898][ T9575] Call Trace:
[  187.767181][ T9575]  <TASK>
[  187.770113][ T9575]  dump_stack_lvl+0x241/0x360
[  187.774806][ T9575]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.780003][ T9575]  ? __pfx__printk+0x10/0x10
[  187.784637][ T9575]  should_fail_ex+0x3b0/0x4e0
[  187.789323][ T9575]  should_failslab+0xac/0x100
[  187.794024][ T9575]  ? skb_clone+0x20c/0x390
[  187.798452][ T9575]  kmem_cache_alloc_noprof+0x70/0x380
[  187.803860][ T9575]  skb_clone+0x20c/0x390
[  187.808139][ T9575]  bpf_clone_redirect+0xab/0x3d0
[  187.813128][ T9575]  bpf_prog_208b094576c80b22+0x5f/0x64
[  187.818612][ T9575]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  187.824634][ T9575]  ? bpf_test_run+0x370/0xa90
[  187.829362][ T9575]  ? __pfx_lockdep_softirqs_off+0x10/0x10
[  187.835117][ T9575]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  187.841480][ T9575]  ? bpf_test_run+0x370/0xa90
[  187.846188][ T9575]  ? __pfx___cant_migrate+0x10/0x10
[  187.851404][ T9575]  ? bpf_test_run+0x370/0xa90
[  187.856101][ T9575]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  187.861843][ T9575]  ? bpf_test_timer_continue+0x11a/0x350
[  187.867498][ T9575]  bpf_test_run+0x4f0/0xa90
[  187.872017][ T9575]  ? bpf_test_run+0x370/0xa90
[  187.876718][ T9575]  ? __pfx_bpf_test_run+0x10/0x10
[  187.881785][ T9575]  ? __pfx_eth_type_trans+0x10/0x10
[  187.887008][ T9575]  ? convert___skb_to_skb+0x41/0x620
[  187.892357][ T9575]  bpf_prog_test_run_skb+0xca2/0x1820
[  187.897770][ T9575]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  187.903598][ T9575]  ? __fget_files+0x2a/0x410
[  187.908292][ T9575]  ? fput+0x21b/0x290
[  187.912283][ T9575]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  187.918099][ T9575]  bpf_prog_test_run+0x2e4/0x360
[  187.923044][ T9575]  __sys_bpf+0x48d/0x810
[  187.927288][ T9575]  ? __pfx___sys_bpf+0x10/0x10
[  187.932067][ T9575]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  187.938131][ T9575]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  187.944462][ T9575]  ? do_syscall_64+0x100/0x230
[  187.949234][ T9575]  __x64_sys_bpf+0x7c/0x90
[  187.953671][ T9575]  do_syscall_64+0xf3/0x230
[  187.958186][ T9575]  ? clear_bhb_loop+0x35/0x90
[  187.962868][ T9575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.968762][ T9575] RIP: 0033:0x7f1acb37ff19
[  187.973182][ T9575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.992792][ T9575] RSP: 002b:00007f1acc1f2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  188.001293][ T9575] RAX: ffffffffffffffda RBX: 00007f1acb545fa0 RCX: 00007f1acb37ff19
[  188.009266][ T9575] RDX: 0000000000000048 RSI: 0000000020000080 RDI: 000000000000000a
[  188.017234][ T9575] RBP: 00007f1acc1f20a0 R08: 0000000000000000 R09: 0000000000000000
[  188.025207][ T9575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  188.033180][ T9575] R13: 0000000000000000 R14: 00007f1acb545fa0 R15: 00007fffb2689788
[  188.041166][ T9575]  </TASK>
[  188.352269][ T9594] IPv6: NLM_F_CREATE should be specified when creating new route
[  188.396389][ T9596] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  189.159356][ T9634] FAULT_INJECTION: forcing a failure.
[  189.159356][ T9634] name failslab, interval 1, probability 0, space 0, times 0
[  189.172568][ T9634] CPU: 0 UID: 0 PID: 9634 Comm: syz.3.1215 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  189.182927][ T9634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  189.193073][ T9634] Call Trace:
[  189.196374][ T9634]  <TASK>
[  189.199304][ T9634]  dump_stack_lvl+0x241/0x360
[  189.204014][ T9634]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.209223][ T9634]  ? __pfx__printk+0x10/0x10
[  189.213832][ T9634]  ? __kmalloc_cache_noprof+0x48/0x390
[  189.219317][ T9634]  ? __pfx___might_resched+0x10/0x10
[  189.224622][ T9634]  ? dev_prep_valid_name+0x916/0xa40
[  189.229905][ T9634]  should_fail_ex+0x3b0/0x4e0
[  189.234677][ T9634]  should_failslab+0xac/0x100
[  189.239354][ T9634]  __kmalloc_cache_noprof+0x70/0x390
[  189.244639][ T9634]  ? register_netdevice+0x59c/0x1b00
[  189.249932][ T9634]  register_netdevice+0x59c/0x1b00
[  189.255044][ T9634]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  189.260506][ T9634]  ? validate_linkmsg+0x828/0xa40
[  189.265556][ T9634]  ? __pfx_register_netdevice+0x10/0x10
[  189.271128][ T9634]  ? __pfx_validate_linkmsg+0x10/0x10
[  189.276535][ T9634]  ? alloc_netdev_mqs+0xcd0/0x1080
[  189.281689][ T9634]  br_dev_newlink+0x27/0x100
[  189.286300][ T9634]  ? __pfx_br_dev_newlink+0x10/0x10
[  189.291508][ T9634]  rtnl_newlink_create+0x2df/0xa30
[  189.296651][ T9634]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  189.302321][ T9634]  ? ns_capable+0x8a/0xf0
[  189.306668][ T9634]  rtnl_newlink+0x17dd/0x24f0
[  189.311366][ T9634]  ? __pfx_rtnl_newlink+0x10/0x10
[  189.316407][ T9634]  ? __netlink_deliver_tap+0x56b/0x7f0
[  189.321912][ T9634]  ? __pfx_validate_chain+0x10/0x10
[  189.327111][ T9634]  ? __pfx_validate_chain+0x10/0x10
[  189.332304][ T9634]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.338366][ T9634]  ? __pfx___schedule+0x10/0x10
[  189.343219][ T9634]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  189.349196][ T9634]  ? preempt_schedule+0xe1/0xf0
[  189.354035][ T9634]  ? preempt_schedule_common+0x84/0xd0
[  189.359485][ T9634]  ? mark_lock+0x9a/0x360
[  189.363808][ T9634]  ? __lock_acquire+0x1397/0x2100
[  189.368871][ T9634]  ? __pfx_lock_release+0x10/0x10
[  189.373933][ T9634]  ? __pfx_rtnl_newlink+0x10/0x10
[  189.379004][ T9634]  rtnetlink_rcv_msg+0x791/0xcf0
[  189.383950][ T9634]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  189.389075][ T9634]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  189.395653][ T9634]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  189.401111][ T9634]  netlink_rcv_skb+0x1e3/0x430
[  189.405882][ T9634]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  189.411336][ T9634]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.416654][ T9634]  ? __rcu_read_unlock+0xa1/0x110
[  189.421701][ T9634]  netlink_unicast+0x7f6/0x990
[  189.426490][ T9634]  ? __pfx_netlink_unicast+0x10/0x10
[  189.431768][ T9634]  ? __virt_addr_valid+0x183/0x530
[  189.436887][ T9634]  ? __check_object_size+0x48e/0x900
[  189.442201][ T9634]  netlink_sendmsg+0x8e4/0xcb0
[  189.446984][ T9634]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.452267][ T9634]  ? aa_sock_msg_perm+0x91/0x160
[  189.457206][ T9634]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.462477][ T9634]  __sock_sendmsg+0x221/0x270
[  189.467186][ T9634]  ____sys_sendmsg+0x52a/0x7e0
[  189.471969][ T9634]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.477247][ T9634]  ? __fget_files+0x2a/0x410
[  189.481830][ T9634]  ? __fget_files+0x2a/0x410
[  189.486425][ T9634]  __sys_sendmsg+0x269/0x350
[  189.491008][ T9634]  ? __pfx_lock_release+0x10/0x10
[  189.496024][ T9634]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.501131][ T9634]  ? __pfx_vfs_write+0x10/0x10
[  189.505905][ T9634]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  189.512225][ T9634]  ? do_syscall_64+0x100/0x230
[  189.516997][ T9634]  ? do_syscall_64+0xb6/0x230
[  189.521685][ T9634]  do_syscall_64+0xf3/0x230
[  189.526180][ T9634]  ? clear_bhb_loop+0x35/0x90
[  189.530861][ T9634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.536749][ T9634] RIP: 0033:0x7f2f2917ff19
[  189.541154][ T9634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.560751][ T9634] RSP: 002b:00007f2f29f92058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.569177][ T9634] RAX: ffffffffffffffda RBX: 00007f2f29345fa0 RCX: 00007f2f2917ff19
[  189.577172][ T9634] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  189.585144][ T9634] RBP: 00007f2f29f920a0 R08: 0000000000000000 R09: 0000000000000000
[  189.593166][ T9634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.601165][ T9634] R13: 0000000000000000 R14: 00007f2f29345fa0 R15: 00007ffd6e91a528
[  189.609177][ T9634]  </TASK>
[  189.630408][ T9637] vlan2: entered promiscuous mode
[  189.644093][ T9637] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  189.665278][ T9637] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  189.683192][ T9640] __nla_validate_parse: 7 callbacks suppressed
[  189.683211][ T9640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1216'.
[  189.724104][ T9640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1216'.
[  189.863867][ T9646] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1220'.
[  189.893739][ T9646] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  189.909316][ T9646] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  190.219917][ T9659] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1224'.
[  190.236774][ T9660] netlink: 'syz.3.1225': attribute type 27 has an invalid length.
[  190.357503][ T9667] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1227'.
[  190.503618][ T9677] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  190.643312][ T9683] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  190.777469][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1235'.
[  190.846397][ T9689] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  190.870331][ T9689] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  190.895623][ T9694] netlink: 'syz.4.1236': attribute type 7 has an invalid length.
[  191.094334][ T3540] wlan1: Trigger new scan to find an IBSS to join
[  191.999562][ T9664] syz.2.1226: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  192.024606][ T9664] CPU: 1 UID: 0 PID: 9664 Comm: syz.2.1226 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  192.034979][ T9664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  192.045056][ T9664] Call Trace:
[  192.048348][ T9664]  <TASK>
[  192.051281][ T9664]  dump_stack_lvl+0x241/0x360
[  192.055972][ T9664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.061175][ T9664]  ? __pfx__printk+0x10/0x10
[  192.065777][ T9664]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  192.072207][ T9664]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  192.078715][ T9664]  warn_alloc+0x278/0x410
[  192.083053][ T9664]  ? __pfx_warn_alloc+0x10/0x10
[  192.087911][ T9664]  ? translate_table+0x174/0x2260
[  192.092960][ T9664]  ? __get_vm_area_node+0x1c8/0x2d0
[  192.098161][ T9664]  ? __get_vm_area_node+0x25c/0x2d0
[  192.103364][ T9664]  __vmalloc_node_range_noprof+0x62f/0x1380
[  192.109254][ T9664]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  192.115081][ T9664]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  192.121406][ T9664]  ? rcu_is_watching+0x15/0xb0
[  192.126171][ T9664]  ? trace_kmalloc+0x1f/0xd0
[  192.130759][ T9664]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  192.136224][ T9664]  ? __kvmalloc_node_noprof+0x72/0x190
[  192.141686][ T9664]  __kvmalloc_node_noprof+0x142/0x190
[  192.147063][ T9664]  ? translate_table+0x174/0x2260
[  192.152092][ T9664]  translate_table+0x174/0x2260
[  192.156966][ T9664]  ? __pfx_translate_table+0x10/0x10
[  192.162251][ T9664]  ? __might_fault+0xaa/0x120
[  192.166935][ T9664]  ? __pfx_lock_release+0x10/0x10
[  192.171961][ T9664]  ? __might_fault+0xaa/0x120
[  192.176640][ T9664]  ? __might_fault+0xc6/0x120
[  192.181322][ T9664]  ? _copy_from_user+0x99/0xc0
[  192.186089][ T9664]  ? copy_from_sockptr_offset+0x6b/0xb0
[  192.191636][ T9664]  do_ipt_set_ctl+0xe3d/0x1250
[  192.196413][ T9664]  ? __pfx___mutex_trylock_common+0x10/0x10
[  192.202312][ T9664]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  192.207510][ T9664]  ? __pfx_lock_release+0x10/0x10
[  192.212535][ T9664]  ? rcu_is_watching+0x15/0xb0
[  192.217309][ T9664]  ? trace_contention_end+0x3c/0x120
[  192.222602][ T9664]  ? __mutex_unlock_slowpath+0x21e/0x790
[  192.228236][ T9664]  ? __pfx___mutex_lock+0x10/0x10
[  192.233259][ T9664]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  192.239237][ T9664]  ? aa_sk_perm+0x96d/0xab0
[  192.243754][ T9664]  ? __pfx_aa_sk_perm+0x10/0x10
[  192.248612][ T9664]  nf_setsockopt+0x295/0x2c0
[  192.253205][ T9664]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  192.259103][ T9664]  do_sock_setsockopt+0x3af/0x720
[  192.264133][ T9664]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  192.269680][ T9664]  ? __fget_files+0x395/0x410
[  192.274357][ T9664]  ? __fget_files+0x2a/0x410
[  192.278952][ T9664]  __x64_sys_setsockopt+0x1ee/0x280
[  192.284156][ T9664]  do_syscall_64+0xf3/0x230
[  192.288659][ T9664]  ? clear_bhb_loop+0x35/0x90
[  192.293336][ T9664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.299248][ T9664] RIP: 0033:0x7f0760f7ff19
[  192.303661][ T9664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.323267][ T9664] RSP: 002b:00007f0761e6e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  192.331678][ T9664] RAX: ffffffffffffffda RBX: 00007f0761145fa0 RCX: 00007f0760f7ff19
[  192.339646][ T9664] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  192.347611][ T9664] RBP: 00007f0760ff3986 R08: 00000000000003d0 R09: 0000000000000000
[  192.355580][ T9664] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000000
[  192.363556][ T9664] R13: 0000000000000000 R14: 00007f0761145fa0 R15: 00007fff77fdbe28
[  192.371538][ T9664]  </TASK>
[  192.402728][ T9664] Mem-Info:
[  192.409574][ T9719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1244'.
[  192.410779][ T9664] active_anon:3549 inactive_anon:0 isolated_anon:0
[  192.410779][ T9664]  active_file:1752 inactive_file:38261 isolated_file:0
[  192.410779][ T9664]  unevictable:768 dirty:247 writeback:0
[  192.410779][ T9664]  slab_reclaimable:10772 slab_unreclaimable:105228
[  192.410779][ T9664]  mapped:28764 shmem:1403 pagetables:674
[  192.410779][ T9664]  sec_pagetables:0 bounce:0
[  192.410779][ T9664]  kernel_misc_reclaimable:0
[  192.410779][ T9664]  free:1320117 free_pcp:445 free_cma:0
[  192.473721][ T9664] Node 0 active_anon:14296kB inactive_anon:0kB active_file:7008kB inactive_file:152976kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115056kB dirty:984kB writeback:0kB shmem:4076kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12612kB pagetables:2696kB sec_pagetables:0kB all_unreclaimable? no
[  192.509215][ T9719] nbd: socks must be embedded in a SOCK_ITEM attr
[  192.518180][ T9664] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  192.549892][ T9664] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  192.578303][ T9664] lowmem_reserve[]: 0 2463 2464 0 0
[  192.583545][ T9664] Node 0 DMA32 free:1363444kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:14360kB inactive_anon:0kB active_file:7008kB inactive_file:152400kB unevictable:1536kB writepending:984kB present:3129332kB managed:2550484kB mlocked:0kB bounce:0kB free_pcp:1036kB local_pcp:96kB free_cma:0kB
[  192.614029][ T9664] lowmem_reserve[]: 0 0 0 0 0
[  192.619069][ T9664] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:576kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  192.646298][ T9664] lowmem_reserve[]: 0 0 0 0 0
[  192.651072][ T9664] Node 1 Normal free:3901716kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:24kB free_cma:0kB
[  192.681033][ T9664] lowmem_reserve[]: 0 0 0 0 0
[  192.686084][ T9664] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  192.693553][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1244'.
[  192.699299][ T9664] Node 0 DMA32: 195*4kB (UME) 150*8kB (UME) 178*16kB (UME) 107*32kB (UME) 431*64kB (UME) 637*128kB (UME) 198*256kB (UM) 70*512kB (UM) 25*1024kB (UME) 10*2048kB (UM) 272*4096kB (UM) = 1364092kB
[  192.745085][ T9664] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  192.761134][ T9664] Node 1 Normal: 225*4kB (UME) 48*8kB (UME) 47*16kB (UME) 213*32kB (UME) 88*64kB (UME) 31*128kB (UME) 13*256kB (UME) 12*512kB (UME) 3*1024kB (UM) 4*2048kB (UE) 943*4096kB (M) = 3901716kB
[  192.807567][ T9664] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  192.812463][ T9728] netlink: 'syz.4.1247': attribute type 1 has an invalid length.
[  192.820578][ T9729] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1246'.
[  192.834975][ T9664] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  192.846654][ T9664] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  192.863719][ T9664] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  192.874611][ T9664] 41416 total pagecache pages
[  192.879353][ T9664] 0 pages in swap cache
[  192.885902][ T9728] bond15 (unregistering): Released all slaves
[  192.895820][ T9664] Free swap  = 124996kB
[  192.900004][ T9664] Total swap = 124996kB
[  192.911870][ T9664] 2097051 pages RAM
[  192.917623][ T9664] 0 pages HighMem/MovableOnly
[  192.922743][ T9664] 427644 pages reserved
[  192.939154][ T9664] 0 pages cma reserved
[  192.980243][ T9732] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1248'.
[  193.431830][ T9746] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  194.470746][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  194.645325][ T9779] nbd: socks must be embedded in a SOCK_ITEM attr
[  194.722309][ T9784] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  194.759120][ T9786] __nla_validate_parse: 2 callbacks suppressed
[  194.759139][ T9786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1263'.
[  194.818927][ T9788] vlan2: entered promiscuous mode
[  194.824204][ T9788] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  194.861029][ T9788] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[  195.014685][   T70] wlan1: Trigger new scan to find an IBSS to join
[  195.072359][ T9788] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1266'.
[  195.170463][ T9794] netlink: 'syz.1.1268': attribute type 1 has an invalid length.
[  195.180741][ T9788] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1266'.
[  195.315882][ T9794] bond11 (unregistering): Released all slaves
[  195.961761][ T9815] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  197.094605][ T3540] wlan1: Creating new IBSS network, BSSID 26:2f:30:b7:56:1f
[  197.257949][ T9851] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  197.287300][ T9851] FAULT_INJECTION: forcing a failure.
[  197.287300][ T9851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.319339][ T9851] CPU: 1 UID: 0 PID: 9851 Comm: syz.2.1290 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  197.329722][ T9851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  197.339805][ T9851] Call Trace:
[  197.343115][ T9851]  <TASK>
[  197.346067][ T9851]  dump_stack_lvl+0x241/0x360
[  197.350764][ T9851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.355988][ T9851]  ? __pfx__printk+0x10/0x10
[  197.360611][ T9851]  should_fail_ex+0x3b0/0x4e0
[  197.365316][ T9851]  _copy_from_user+0x2f/0xc0
[  197.369934][ T9851]  bpf_test_init+0x11f/0x180
[  197.374556][ T9851]  bpf_prog_test_run_xdp+0x48e/0x11e0
[  197.379958][ T9851]  ? __pfx_lock_release+0x10/0x10
[  197.385011][ T9851]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  197.390852][ T9851]  ? __fget_files+0x2a/0x410
[  197.395488][ T9851]  ? __fget_files+0x2a/0x410
[  197.400112][ T9851]  ? fput+0x21b/0x290
[  197.404117][ T9851]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  197.409948][ T9851]  bpf_prog_test_run+0x2e4/0x360
[  197.414920][ T9851]  __sys_bpf+0x48d/0x810
[  197.419180][ T9851]  ? __pfx___sys_bpf+0x10/0x10
[  197.423977][ T9851]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  197.429983][ T9851]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  197.436337][ T9851]  ? do_syscall_64+0x100/0x230
[  197.441128][ T9851]  __x64_sys_bpf+0x7c/0x90
[  197.445571][ T9851]  do_syscall_64+0xf3/0x230
[  197.450094][ T9851]  ? clear_bhb_loop+0x35/0x90
[  197.454794][ T9851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.460703][ T9851] RIP: 0033:0x7f0760f7ff19
[  197.465134][ T9851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.484934][ T9851] RSP: 002b:00007f0761e6e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  197.493369][ T9851] RAX: ffffffffffffffda RBX: 00007f0761145fa0 RCX: 00007f0760f7ff19
[  197.501361][ T9851] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a
[  197.509444][ T9851] RBP: 00007f0761e6e0a0 R08: 0000000000000000 R09: 0000000000000000
[  197.517445][ T9851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.525435][ T9851] R13: 0000000000000000 R14: 00007f0761145fa0 R15: 00007fff77fdbe28
[  197.533438][ T9851]  </TASK>
[  197.578165][ T9855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1292'.
[  197.779061][ T9857] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1293'.
[  197.869189][ T9859] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  198.151743][ T9866] vlan2: entered promiscuous mode
[  198.187672][ T9866] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  198.215476][ T9867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1297'.
[  198.285647][ T9866] mac80211_hwsim hwsim5 wlan0: left promiscuous mode
[  198.302287][ T9868] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1297'.
[  198.396303][ T9871] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1298'.
[  198.515788][ T9871] nbd: socks must be embedded in a SOCK_ITEM attr
[  198.546176][ T9879] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1301'.
[  198.741774][ T9871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1298'.
[  198.755754][ T9881] macsec2: entered promiscuous mode
[  198.963882][ T9884] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  199.246507][ T9887] netlink: 'syz.2.1305': attribute type 1 has an invalid length.
[  200.657731][ T9910] dvmrp5: entered allmulticast mode
[  200.694294][ T9910] dvmrp5: left allmulticast mode
[  200.729081][ T9914] __nla_validate_parse: 1 callbacks suppressed
[  200.729100][ T9914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1313'.
[  200.921569][ T9922] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1316'.
[  200.965481][ T9920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1315'.
[  200.984811][ T9922] nbd: socks must be embedded in a SOCK_ITEM attr
[  201.086659][ T9930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1316'.
[  201.212280][ T9933] netlink: 'syz.3.1318': attribute type 10 has an invalid length.
[  201.224014][ T9933] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  201.242019][ T9933] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  201.253924][ T9933] team0: Port device netdevsim0 added
[  201.462364][ T9946] netlink: 'syz.3.1323': attribute type 21 has an invalid length.
[  201.471724][ T9946] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1323'.
[  202.012945][ T9963] netlink: 'syz.1.1331': attribute type 1 has an invalid length.
[  202.035410][ T9963] bond11 (unregistering): Released all slaves
[  202.231423][ T9970] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1334'.
[  202.243452][ T9970] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744071562067969)
[  202.254154][ T9970] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  202.360527][ T9977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1336'.
[  202.422254][ T9980] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1337'.
[  202.455318][ T9977] nbd: socks must be embedded in a SOCK_ITEM attr
[  202.530590][ T9984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1336'.
[  202.800703][T10002] netlink: 'syz.3.1345': attribute type 1 has an invalid length.
[  202.837814][T10002] bond8 (unregistering): Released all slaves
[  203.056951][T10015] netlink: 'syz.2.1349': attribute type 3 has an invalid length.
[  203.278907][T10025] FAULT_INJECTION: forcing a failure.
[  203.278907][T10025] name failslab, interval 1, probability 0, space 0, times 0
[  203.321296][T10025] CPU: 0 UID: 0 PID: 10025 Comm: syz.1.1354 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  203.331767][T10025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  203.341847][T10025] Call Trace:
[  203.345142][T10025]  <TASK>
[  203.348079][T10025]  dump_stack_lvl+0x241/0x360
[  203.352779][T10025]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.357980][T10025]  ? __pfx__printk+0x10/0x10
[  203.362589][T10025]  ? __kmalloc_noprof+0xb5/0x4c0
[  203.367536][T10025]  ? __pfx___might_resched+0x10/0x10
[  203.372829][T10025]  ? rcu_is_watching+0x15/0xb0
[  203.377608][T10025]  should_fail_ex+0x3b0/0x4e0
[  203.382297][T10025]  should_failslab+0xac/0x100
[  203.386975][T10025]  __kmalloc_noprof+0xdd/0x4c0
[  203.391739][T10025]  ? __netlink_dump_start+0x119/0x790
[  203.397108][T10025]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  203.403352][T10025]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  203.409445][T10025]  genl_start+0x182/0x6d0
[  203.413793][T10025]  __netlink_dump_start+0x45c/0x790
[  203.418999][T10025]  genl_rcv_msg+0x88c/0xec0
[  203.423947][T10025]  ? __pfx_genl_rcv_msg+0x10/0x10
[  203.428978][T10025]  ? __pfx_genl_start+0x10/0x10
[  203.433829][T10025]  ? __pfx_genl_dumpit+0x10/0x10
[  203.438764][T10025]  ? __pfx_genl_done+0x10/0x10
[  203.443624][T10025]  ? __pfx_lock_acquire+0x10/0x10
[  203.448649][T10025]  ? __pfx_mptcp_pm_nl_get_addr_dumpit+0x10/0x10
[  203.454979][T10025]  ? __pfx___might_resched+0x10/0x10
[  203.460271][T10025]  netlink_rcv_skb+0x1e3/0x430
[  203.465035][T10025]  ? __pfx_genl_rcv_msg+0x10/0x10
[  203.470059][T10025]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  203.475351][T10025]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  203.480819][T10025]  genl_rcv+0x28/0x40
[  203.484798][T10025]  netlink_unicast+0x7f6/0x990
[  203.489571][T10025]  ? __pfx_netlink_unicast+0x10/0x10
[  203.494859][T10025]  ? __virt_addr_valid+0x183/0x530
[  203.499968][T10025]  ? __check_object_size+0x48e/0x900
[  203.505257][T10025]  netlink_sendmsg+0x8e4/0xcb0
[  203.510025][T10025]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.515313][T10025]  ? aa_sock_msg_perm+0x91/0x160
[  203.520259][T10025]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.525548][T10025]  __sock_sendmsg+0x221/0x270
[  203.530233][T10025]  ____sys_sendmsg+0x52a/0x7e0
[  203.535004][T10025]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.540283][T10025]  ? __fget_files+0x2a/0x410
[  203.544878][T10025]  ? __fget_files+0x2a/0x410
[  203.549477][T10025]  __sys_sendmsg+0x269/0x350
[  203.554065][T10025]  ? __pfx_lock_release+0x10/0x10
[  203.559089][T10025]  ? __pfx___sys_sendmsg+0x10/0x10
[  203.564210][T10025]  ? __pfx_vfs_write+0x10/0x10
[  203.568998][T10025]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  203.575328][T10025]  ? do_syscall_64+0x100/0x230
[  203.580092][T10025]  ? do_syscall_64+0xb6/0x230
[  203.584769][T10025]  do_syscall_64+0xf3/0x230
[  203.589267][T10025]  ? clear_bhb_loop+0x35/0x90
[  203.593973][T10025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.599891][T10025] RIP: 0033:0x7f415a37ff19
[  203.604315][T10025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.623927][T10025] RSP: 002b:00007f415b246058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.632363][T10025] RAX: ffffffffffffffda RBX: 00007f415a545fa0 RCX: 00007f415a37ff19
[  203.640339][T10025] RDX: 0000000020000000 RSI: 0000000020000000 RDI: 0000000000000003
[  203.648309][T10025] RBP: 00007f415b2460a0 R08: 0000000000000000 R09: 0000000000000000
[  203.656276][T10025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.664245][T10025] R13: 0000000000000000 R14: 00007f415a545fa0 R15: 00007fff454a6e48
[  203.672311][T10025]  </TASK>
[  203.714586][ T5872] Bluetooth: hci0: command 0x0406 tx timeout
[  204.056761][T10048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1364'.
[  204.174790][T10048] nbd: socks must be embedded in a SOCK_ITEM attr
[  205.170568][T10086] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  205.180881][T10086] macvlan3: entered allmulticast mode
[  205.187148][T10086] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  205.199539][T10086] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  205.282269][T10084] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  205.315956][T10084] macvlan3: entered allmulticast mode
[  205.333192][T10084] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  205.978994][ T5906] ------------[ cut here ]------------
[  205.984799][ T5906] WARNING: CPU: 1 PID: 5906 at kernel/workqueue.c:2257 __queue_work+0xcd3/0xf50
[  205.993857][ T5906] Modules linked in:
[  205.997779][ T5906] CPU: 1 UID: 0 PID: 5906 Comm: kworker/1:3 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  206.008214][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  206.018282][ T5906] Workqueue: events l2cap_chan_timeout
[  206.023753][ T5906] RIP: 0010:__queue_work+0xcd3/0xf50
[  206.029032][ T5906] Code: ff e8 d1 ed 37 00 90 0f 0b 90 e9 1e fd ff ff e8 c3 ed 37 00 eb 13 e8 bc ed 37 00 eb 0c e8 b5 ed 37 00 eb 05 e8 ae ed 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[  206.048647][ T5906] RSP: 0018:ffffc9000433f8e8 EFLAGS: 00010093
[  206.054750][ T5906] RAX: ffffffff815df6d2 RBX: ffff88801ac94408 RCX: ffff88802f580000
[  206.062742][ T5906] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  206.070905][ T5906] RBP: 0000000000000020 R08: ffffffff8160e409 R09: 0000000000000000
[  206.078869][ T5906] R10: ffffc9000433f9c0 R11: fffff52000867f39 R12: ffff88805acdd000
[  206.086847][ T5906] R13: ffff88805acdd1c0 R14: dffffc0000000000 R15: 0000000000000008
[  206.094839][ T5906] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  206.103787][ T5906] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  206.110389][ T5906] CR2: 000000002003c030 CR3: 0000000034466000 CR4: 00000000003526f0
[  206.118383][ T5906] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  206.126374][ T5906] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  206.134452][ T5906] Call Trace:
[  206.137744][ T5906]  <TASK>
[  206.140690][ T5906]  ? __warn+0x168/0x4e0
[  206.144869][ T5906]  ? __queue_work+0xcd3/0xf50
[  206.149574][ T5906]  ? report_bug+0x2b3/0x500
[  206.154105][ T5906]  ? __queue_work+0xcd3/0xf50
[  206.158811][ T5906]  ? handle_bug+0x60/0x90
[  206.163162][ T5906]  ? exc_invalid_op+0x1a/0x50
[  206.167858][ T5906]  ? asm_exc_invalid_op+0x1a/0x20
[  206.172914][ T5906]  ? kthread_data+0x49/0xd0
[  206.177433][ T5906]  ? __queue_work+0xcd2/0xf50
[  206.182140][ T5906]  ? __queue_work+0xcd3/0xf50
[  206.186841][ T5906]  ? __queue_work+0xcd2/0xf50
[  206.191545][ T5906]  ? __queue_delayed_work+0x17e/0x250
[  206.196938][ T5906]  queue_delayed_work_on+0x1ca/0x390
[  206.202247][ T5906]  ? __pfx_queue_delayed_work_on+0x10/0x10
[  206.208076][ T5906]  ? do_raw_spin_unlock+0x13c/0x8b0
[  206.213315][ T5906]  ? hci_conn_drop+0x152/0x280
[  206.218118][ T5906]  l2cap_chan_del+0x291/0x5d0
[  206.222824][ T5906]  l2cap_chan_close+0x38b/0x9f0
[  206.227704][ T5906]  ? __pfx_l2cap_chan_close+0x10/0x10
[  206.233109][ T5906]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  206.239469][ T5906]  l2cap_chan_timeout+0x142/0x360
[  206.244521][ T5906]  ? process_scheduled_works+0x976/0x1850
[  206.250270][ T5906]  process_scheduled_works+0xa63/0x1850
[  206.255876][ T5906]  ? __pfx_process_scheduled_works+0x10/0x10
[  206.261894][ T5906]  ? assign_work+0x364/0x3d0
[  206.266519][ T5906]  worker_thread+0x870/0xd30
[  206.271141][ T5906]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  206.277066][ T5906]  ? __kthread_parkme+0x169/0x1d0
[  206.282133][ T5906]  ? __pfx_worker_thread+0x10/0x10
[  206.287275][ T5906]  kthread+0x2f0/0x390
[  206.291361][ T5906]  ? __pfx_worker_thread+0x10/0x10
[  206.296488][ T5906]  ? __pfx_kthread+0x10/0x10
[  206.301101][ T5906]  ret_from_fork+0x4b/0x80
[  206.305533][ T5906]  ? __pfx_kthread+0x10/0x10
[  206.310139][ T5906]  ret_from_fork_asm+0x1a/0x30
[  206.314944][ T5906]  </TASK>
[  206.317974][ T5906] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  206.325266][ T5906] CPU: 1 UID: 0 PID: 5906 Comm: kworker/1:3 Not tainted 6.12.0-syzkaller-10682-gb32913a5609a #0
[  206.335688][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  206.345761][ T5906] Workqueue: events l2cap_chan_timeout
[  206.351247][ T5906] Call Trace:
[  206.354536][ T5906]  <TASK>
[  206.357482][ T5906]  dump_stack_lvl+0x241/0x360
[  206.362180][ T5906]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.367396][ T5906]  ? __pfx__printk+0x10/0x10
[  206.372018][ T5906]  ? vscnprintf+0x5d/0x90
[  206.376385][ T5906]  panic+0x349/0x880
[  206.380304][ T5906]  ? __warn+0x177/0x4e0
[  206.384479][ T5906]  ? __pfx_panic+0x10/0x10
[  206.388928][ T5906]  ? ret_from_fork_asm+0x1a/0x30
[  206.393892][ T5906]  __warn+0x34b/0x4e0
[  206.397891][ T5906]  ? __queue_work+0xcd3/0xf50
[  206.402584][ T5906]  report_bug+0x2b3/0x500
[  206.406933][ T5906]  ? __queue_work+0xcd3/0xf50
[  206.411631][ T5906]  handle_bug+0x60/0x90
[  206.415802][ T5906]  exc_invalid_op+0x1a/0x50
[  206.420323][ T5906]  asm_exc_invalid_op+0x1a/0x20
[  206.425190][ T5906] RIP: 0010:__queue_work+0xcd3/0xf50
[  206.430492][ T5906] Code: ff e8 d1 ed 37 00 90 0f 0b 90 e9 1e fd ff ff e8 c3 ed 37 00 eb 13 e8 bc ed 37 00 eb 0c e8 b5 ed 37 00 eb 05 e8 ae ed 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
[  206.450123][ T5906] RSP: 0018:ffffc9000433f8e8 EFLAGS: 00010093
[  206.456217][ T5906] RAX: ffffffff815df6d2 RBX: ffff88801ac94408 RCX: ffff88802f580000
[  206.464201][ T5906] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[  206.472185][ T5906] RBP: 0000000000000020 R08: ffffffff8160e409 R09: 0000000000000000
[  206.480172][ T5906] R10: ffffc9000433f9c0 R11: fffff52000867f39 R12: ffff88805acdd000
[  206.488160][ T5906] R13: ffff88805acdd1c0 R14: dffffc0000000000 R15: 0000000000000008
[  206.496157][ T5906]  ? kthread_data+0x49/0xd0
[  206.500681][ T5906]  ? __queue_work+0xcd2/0xf50
[  206.505389][ T5906]  ? __queue_work+0xcd2/0xf50
[  206.510118][ T5906]  ? __queue_delayed_work+0x17e/0x250
[  206.515512][ T5906]  queue_delayed_work_on+0x1ca/0x390
[  206.520821][ T5906]  ? __pfx_queue_delayed_work_on+0x10/0x10
[  206.526646][ T5906]  ? do_raw_spin_unlock+0x13c/0x8b0
[  206.531883][ T5906]  ? hci_conn_drop+0x152/0x280
[  206.536671][ T5906]  l2cap_chan_del+0x291/0x5d0
[  206.541373][ T5906]  l2cap_chan_close+0x38b/0x9f0
[  206.546332][ T5906]  ? __pfx_l2cap_chan_close+0x10/0x10
[  206.551722][ T5906]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  206.558089][ T5906]  l2cap_chan_timeout+0x142/0x360
[  206.563136][ T5906]  ? process_scheduled_works+0x976/0x1850
[  206.568878][ T5906]  process_scheduled_works+0xa63/0x1850
[  206.574475][ T5906]  ? __pfx_process_scheduled_works+0x10/0x10
[  206.580491][ T5906]  ? assign_work+0x364/0x3d0
[  206.585113][ T5906]  worker_thread+0x870/0xd30
[  206.589731][ T5906]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  206.595653][ T5906]  ? __kthread_parkme+0x169/0x1d0
[  206.600706][ T5906]  ? __pfx_worker_thread+0x10/0x10
[  206.605846][ T5906]  kthread+0x2f0/0x390
[  206.609934][ T5906]  ? __pfx_worker_thread+0x10/0x10
[  206.615098][ T5906]  ? __pfx_kthread+0x10/0x10
[  206.619711][ T5906]  ret_from_fork+0x4b/0x80
[  206.624148][ T5906]  ? __pfx_kthread+0x10/0x10
[  206.628784][ T5906]  ret_from_fork_asm+0x1a/0x30
[  206.633703][ T5906]  </TASK>
[  206.636984][ T5906] Kernel Offset: disabled
[  206.641399][ T5906] Rebooting in 86400 seconds..