last executing test programs:

1m9.100762538s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

56.43974723s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

44.624534503s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

32.800692939s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

15.622293375s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

3.075613461s ago: executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) (async)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x41100, 0x51, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90) (async)
r1 = socket(0x10, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r3=>0x0}) (async)
socket$inet6_udplite(0xa, 0x2, 0x88) (async, rerun: 64)
setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0) (async, rerun: 64)
socket$inet(0x2, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000002c0)="400000fa130722502a8b931cb6820411afa117bdbf762f5a1a8356367762646e6ea0bd7a5a7e252c3b38d255a5484038b17097f2dc2ab53e1a667bb427f729", 0x8, r4}, 0x82) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRESHEX=r3, @ANYRESOCT=r1, @ANYBLOB="006355b1772f5fb12e080000000000007b8af8ff00000000bfa200000000000007020000f8ffff5e3daa8bffb703000008000000b704000000000000850000000300000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
socket$inet6(0xa, 0x1, 0x0) (async)
r5 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@empty, 0x0, 0x1, 0x1, 0x1, 0x2, 0x4}, 0x20) (async)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23) (async, rerun: 32)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x200, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) (async, rerun: 32)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000300)={@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, &(0x7f00000004c0)=0x20) (async)
setsockopt$MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f0000000000)={{0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x6}, {0xa, 0x4e1d, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, 0x80000000}, 0x1, {[0x82, 0x8, 0x0, 0x8, 0x25, 0x2, 0x5, 0x4]}}, 0x5c) (async)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e21, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xb}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@mcast1, 0x7, 0x2, 0x1, 0x0, 0x274, 0x3ff}, 0x20)
sendto$inet6(r5, &(0x7f0000000500)="7804ca2b7bdef249166a19961bb0c3c49194a0b2ef46c3aeee3d32ae100460cc9b6f692604205b9459b6cdf23b9546369ec3721efc90a891a1a71d4f497bd109a995ff093dc78cd9aae8c2ca0d7f35210d323e95ebf1ab6f5b8697d9d5730bbad7956de87a55326a4b296001c05c23b87d35914fe461b6bf4ff4b5876d6bf0126dacdd510ab0fc023eaa3d2352edf56ded5601b77eaa8b8b9a5a99b03bf36c35b620076f8ff29093e2c34ed3e53f3100db943ba254f1aeb8c107595c2eec7324231248", 0xc3, 0xa0f15a6d21a68a81, &(0x7f00000000c0)={0xa, 0x4e23, 0x8001, @local, 0x2e67}, 0x1c) (async, rerun: 64)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e1f, @local}, 0x10) (rerun: 64)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) (async)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27) (async)
recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x100a}], 0x1, 0x0, 0x0, 0x407006}, 0x144)

2.792509364s ago: executing program 3:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000000)='syzkaller\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x90)
bind$can_j1939(r1, &(0x7f0000000240)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000200)={0x1d, r2, 0x1}, 0x18)
sendmmsg(r1, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff06, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r4, &(0x7f0000000000), 0x180000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000073012a000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r4, 0x117, 0x5, 0x0, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x50}, {0xb1, 0x0, 0x0, 0xbffff038}, {0x6}]}, 0x10)
sendmsg$inet(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)="9d", 0x1}], 0x10000192}, 0x0)
bind$bt_hci(r0, &(0x7f0000001ac0), 0x6)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000300)={'wpan1\x00', <r11=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001e00000038002f800c00020000000000000000002800038008000100000000001c00038006000300000000000600010000000000080002000200000008000300", @ANYRES32=r11], 0x54}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x17, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x6}, [@map_idx_val={0x18, 0x7, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0xbec}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x1fb5}, @alu={0x4, 0x1, 0x5, 0x9, 0x7, 0x80}, @map_val={0x18, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @generic={0x3, 0x8, 0x5, 0x9, 0x80}, @map_val={0x18, 0x9}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r12=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001d00070f000200000000000007000000", @ANYRES32=r12, @ANYBLOB='\x00\x00g\x00\b\x00\b\x00', @ANYRESHEX], 0x24}}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r13, 0x10e, 0x1, &(0x7f0000000080)=0x11000008, 0x4)

2.676984489s ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xf2}, @NFTA_HASH_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)

2.616090943s ago: executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)

2.514563995s ago: executing program 2:
r0 = socket$inet(0x2, 0x3, 0x5)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0xf0, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x188, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@remote, @multicast1, 0x0, 0x0, 'macvlan0\x00', 'syzkaller0\x00'}, 0x6, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@ip={@local, @dev, 0x0, 0x0, 'veth0_to_team\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000"], 0x1c)
write$binfmt_elf64(r0, 0x0, 0x1c)

2.230610496s ago: executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ed8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000001, 0x12, r0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0x9, &(0x7f0000000040), 0xc)

2.228291463s ago: executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000140)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0}}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000002c000000000000001800000000000000030000000000000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r1, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001380)}}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)

2.199225802s ago: executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000b74949e0d9261d0c0000000000000000000000800000000000020000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xb8}}, 0x0)

2.050696838s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000900850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="000000000000000014001a80100005800c000d"], 0x34}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000340004020e0001006e657464657673696d0000000f0002006e6574ef6c65767369000000"], 0x3c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r9}, 0x10)
unshare(0x2000400)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x0, 0x25, 0x0, 0x0}, 0x90)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x4, 0x3f, 0xc1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000001280), 0xb47, r10}, 0x38)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000100)={r10, &(0x7f00000000c0), 0x20000000}, 0x20)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

2.020715511s ago: executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xf2}, @NFTA_HASH_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)

1.988236532s ago: executing program 3:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xf0}, {&(0x7f00000007c0)=""/154, 0x7fffe393}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.908635262s ago: executing program 4:
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet(0x2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="17090000000000000000870400fa000800090000000000"], 0x1c}, 0x1, 0x620b}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffffdc)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r5=>0x0}, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000000000851000000600000018000000", @ANYRES8=r6, @ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0xa, 0xe3, &(0x7f0000000500)=""/227, 0x0, 0x8}, 0x90)
setsockopt$inet_sctp6_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f0000000080)={r5, 0x0, 0x10000, 0x295}, 0x10)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
ioctl(r2, 0x4, &(0x7f00000001c0)="9d2ecd6736d321fec33ea562c0f6de441d1d4cc9ea3e3bc6b6411c88c46d77f5569aa0e146af73dc7f0d5416c4e484bd59b5d31660854522683feba69747d1b31ca5e37f40b63559789d0d33ce9317")
syz_emit_ethernet(0x1d, &(0x7f0000000140)={@remote, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@llc_tr={0x11, {@llc={0x75, 0x7e, "98", "c11bbe5fefe92d77"}}}}}, &(0x7f0000000180)={0x1, 0x401, [0x54c, 0xf3e, 0x110, 0x5ee]})
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={0x0, 0x24}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@private}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8)
sendmsg$nl_xfrm(r6, &(0x7f00000003c0)={&(0x7f0000000340), 0xc, &(0x7f0000000380)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c0100001a0000000000000000000000fc010000000000000000000000000000ff020000000000000000000000000001000000004e2300010a00202000000000", @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="ac14140b000000000000000000000000000004d600000000ff0100000000000000000000000000018f000000000000000000000000000000573700000000000004001b0000000000021000000000000000000080000000000500000000000000ff0300000000000001000000000000000100000000000000b00000000000000001800000000000008000000003000000ffffffff26bd7000ff3400000a00020001000000000000002c001700040000002bbd70002bbd70002dbd700000000000000000000000000020000000b689000004000000"], 0x11c}}, 0x20040004)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r9}, 0x10)
socket$inet6(0xa, 0x0, 0x0)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r10, &(0x7f0000000880)={0x1f, 0x0, @none}, 0xe)
listen(r10, 0x0)
accept4$bt_l2cap(r10, 0x0, 0x0, 0x0)

1.843799039s ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xf2}, @NFTA_HASH_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x80}}, 0x0)

1.796248819s ago: executing program 1:
pipe(&(0x7f00000001c0))
unshare(0x22020400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000140)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sys_exit\x00', r0}, 0x10)
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0)

950.702385ms ago: executing program 2:
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x6d8}]}, 0x34}}, 0x0) (async)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x1, 0x2}, 0x10)
openat$cgroup_ro(r3, &(0x7f00000000c0)='cpu.stat\x00', 0x0, 0x0)

948.622955ms ago: executing program 1:
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
shutdown(r0, 0x1)

946.359503ms ago: executing program 3:
r0 = socket$inet(0x2, 0x3, 0x5)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0xf0, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x188, 0xffffffff, 0xffffffff, 0x188, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@remote, @multicast1, 0x0, 0x0, 'macvlan0\x00', 'syzkaller0\x00'}, 0x6, 0xa8, 0xf0, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@ip={@local, @dev, 0x0, 0x0, 'veth0_to_team\x00', 'veth1_virt_wifi\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000"], 0x1c)
write$binfmt_elf64(r0, 0x0, 0x1c)

915.814421ms ago: executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000b74949e0d9261d0c000000000000000000000080000000000002000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xb8}}, 0x0)

831.641423ms ago: executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000140)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0}}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000002c000000000000001800000000000000030000000000000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r1, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f0000001380)}}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)

825.19765ms ago: executing program 1:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
socketpair(0x28, 0x4, 0x10001, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0x10) (async, rerun: 64)
r2 = socket$inet_sctp(0x2, 0x1, 0x84) (rerun: 64)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x23, &(0x7f0000000080)={r3}, 0x8)

746.921613ms ago: executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ed8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000001, 0x12, r0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0x9, &(0x7f0000000040), 0xc)

657.087599ms ago: executing program 1:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000500)=""/221, 0xdd}, {0x0}, {&(0x7f0000002140)=""/4058, 0xfda}, {&(0x7f0000001140)=""/231, 0xe7}, {&(0x7f00000007c0)=""/181, 0xb5}, {&(0x7f0000000b00)=""/192, 0xc0}, {&(0x7f0000000fc0)=""/264, 0x108}, {&(0x7f0000000940)=""/183, 0xb7}, {&(0x7f0000000880)=""/63, 0x3f}, {&(0x7f0000000240)=""/68, 0x44}, {&(0x7f0000000d00)=""/26, 0x1a}, {&(0x7f00000006c0)=""/151, 0x97}], 0xc}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

610.483838ms ago: executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000b74949e0d9261d0c0000000000000000000000800000000000020000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0xb8}}, 0x0)

512.161676ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0xff6d}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000980)={0x28, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x28}}, 0x0)
recvmmsg(r2, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/156, 0xff78}, {&(0x7f0000000300)=""/92, 0x33}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x14}, 0x14}}, 0x0)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x6, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7037d20807e0000b704000002000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r5}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x90)
connect$qrtr(r0, &(0x7f0000000000)={0x2a, 0xffffffff, 0xfffffffe}, 0xc)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r7, &(0x7f0000000140)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000e20000000000cc2020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='block_bio_remap\x00', r8}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)

0s ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xf2}, @NFTA_HASH_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x80}}, 0x0)

kernel console output (not intermixed with test programs):

v: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.556761][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.575201][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.594761][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.605874][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.616340][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.626945][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.650962][T12033] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.681361][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.700172][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.713626][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.727088][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.741217][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.751852][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.762352][T12033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.773450][T12033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.801637][T12033] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.812018][T12242] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  281.824401][T12242] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  281.839831][T12242] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  281.849123][T12242] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  281.858103][T12242] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  281.866898][T12242] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  281.876034][T12242] vxlan0: entered promiscuous mode
[  281.894930][T12033] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.904104][T12033] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.914013][T12033] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.922921][T12033] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.106528][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.139653][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.173536][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.187702][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.428907][T12255] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  282.773304][T12279] x_tables: ip_tables: ah match: only valid for protocol 51
[  283.149602][T12297] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  283.781627][T12310] __nla_validate_parse: 5 callbacks suppressed
[  283.781649][T12310] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  284.026697][T12320] xt_TPROXY: Can be used only with -p tcp or -p udp
[  284.065308][T12320] xt_TPROXY: Can be used only with -p tcp or -p udp
[  284.089576][T12327] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  284.167541][T12330] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  284.197067][T12333] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  284.242485][T12333] netlink: 'syz-executor.1': attribute type 25 has an invalid length.
[  284.671462][T12360] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  284.736477][T12365] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  284.825578][ T1035] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.877564][T12367] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  285.395354][T12385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  285.506236][ T5126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  285.517156][ T5126] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  285.526684][ T5126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  285.535170][ T5126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  285.544745][ T5126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  285.554671][ T5126] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  285.690634][T12396] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  285.870741][T12404] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  285.882694][T12404] netlink: 'syz-executor.4': attribute type 25 has an invalid length.
[  285.901011][T12404] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  285.909955][T12404] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  285.918863][T12404] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  285.927596][T12404] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  286.009585][T12409] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.072539][T12409] xt_TPROXY: Can be used only with -p tcp or -p udp
[  286.412918][T12390] chnl_net:caif_netlink_parms(): no params data found
[  286.514784][T12390] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.524527][T12390] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.532418][T12390] bridge_slave_0: entered allmulticast mode
[  286.554355][T12390] bridge_slave_0: entered promiscuous mode
[  286.571043][T12390] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.583186][T12390] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.592248][T12390] bridge_slave_1: entered allmulticast mode
[  286.619873][T12390] bridge_slave_1: entered promiscuous mode
[  286.682331][ T1035] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.779926][T12446] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  286.828047][ T1035] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.850150][T12390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.870855][T12390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  287.028192][ T1035] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.070240][T12390] team0: Port device team_slave_0 added
[  287.089377][T12390] team0: Port device team_slave_1 added
[  287.205342][T12390] batman_adv: batadv0: Adding interface: batadv_slave_0
[  287.216939][T12390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.243952][T12390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  287.362282][T12458] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  287.399962][T12390] batman_adv: batadv0: Adding interface: batadv_slave_1
[  287.406986][T12390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.466527][T12390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  287.635929][T12390] hsr_slave_0: entered promiscuous mode
[  287.642121][ T5126] Bluetooth: hci1: command tx timeout
[  287.673371][T12390] hsr_slave_1: entered promiscuous mode
[  287.704937][T12390] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  287.712927][T12390] Cannot create hsr debugfs directory
[  287.858737][ T1035] bridge_slave_1: left allmulticast mode
[  287.864490][ T1035] bridge_slave_1: left promiscuous mode
[  287.871489][ T1035] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.881301][ T1035] bridge_slave_0: left allmulticast mode
[  287.887000][ T1035] bridge_slave_0: left promiscuous mode
[  287.893312][ T1035] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.271615][T12495] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  288.564027][ T1035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  288.598735][ T1035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.623029][ T1035] bond0 (unregistering): Released all slaves
[  288.666441][T12483] netlink: 'syz-executor.1': attribute type 25 has an invalid length.
[  288.796672][T12495] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  288.908529][T12496] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  288.929649][T12497] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  289.260605][T12519] IPVS: dh: SCTP 172.20.20.170:0 - no destination available
[  289.488950][T12535] __nla_validate_parse: 2 callbacks suppressed
[  289.488974][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  289.580396][ T1035] hsr_slave_0: left promiscuous mode
[  289.593802][ T1035] hsr_slave_1: left promiscuous mode
[  289.602236][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.621661][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.641025][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  289.665703][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  289.728435][ T5126] Bluetooth: hci1: command tx timeout
[  289.728824][ T1035] veth1_macvtap: left promiscuous mode
[  289.759315][ T1035] veth0_macvtap: left promiscuous mode
[  289.776679][ T1035] veth1_vlan: left promiscuous mode
[  289.782808][ T1035] veth0_vlan: left promiscuous mode
[  290.222731][T12552] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  290.656923][ T1035] team0 (unregistering): Port device team_slave_1 removed
[  290.725154][ T1035] team0 (unregistering): Port device team_slave_0 removed
[  291.288228][T12545] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  291.307945][T12545] netlink: 'syz-executor.2': attribute type 25 has an invalid length.
[  291.350239][T12552] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  291.591864][T12578] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  291.797989][ T5126] Bluetooth: hci1: command tx timeout
[  292.049805][T12390] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  292.085259][T12599] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  292.105840][T12390] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  292.149302][T12599] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  292.162345][T12390] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  292.176335][T12390] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  292.197151][T12602] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  292.232484][T12599] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  292.510631][T12390] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.589880][T12390] 8021q: adding VLAN 0 to HW filter on device team0
[  292.626431][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.633762][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.654076][T12626] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  292.675455][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.682790][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.853001][T12390] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  293.042515][T12643] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  293.069098][T12643] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  293.106838][T12643] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  293.274364][T12656] IPVS: dh: SCTP 172.20.20.170:0 - no destination available
[  293.292022][T12390] 8021q: adding VLAN 0 to HW filter on device batadv0
[  293.424450][T12390] veth0_vlan: entered promiscuous mode
[  293.467730][T12661] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  293.472110][T12390] veth1_vlan: entered promiscuous mode
[  293.581615][T12390] veth0_macvtap: entered promiscuous mode
[  293.604693][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  293.762180][T12390] veth1_macvtap: entered promiscuous mode
[  293.826977][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.844767][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.855426][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.871137][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.881450][ T5126] Bluetooth: hci1: command tx timeout
[  293.887017][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.898149][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.911821][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.922400][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.934561][T12390] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.948416][T12680] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  294.023562][T12684] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  294.061081][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.072919][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.085046][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.101515][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.111839][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.122821][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.136071][T12390] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.146955][T12390] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.162334][T12390] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.195333][T12390] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.220801][T12390] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.242165][T12390] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.260879][T12390] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.445958][T11646] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.462067][T11646] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.532111][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.532205][T12699] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  294.562089][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.648236][T12702] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  294.957105][T12722] dccp_invalid_packet: P.Data Offset(172) too large
[  295.081894][T12729] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  295.093193][T12731] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  295.138565][T12735] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  295.521484][T12754] validate_nla: 10 callbacks suppressed
[  295.521508][T12754] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  295.536642][T12754] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  295.546766][T12754] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  295.556757][T12754] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  295.574086][T12754] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  295.995291][T12776] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  296.035839][T12776] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  296.036711][T12781] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  296.046841][T12782] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  296.064288][T12776] nbd: must specify at least one socket
[  296.075332][T12782] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  296.098056][T12782] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  296.128815][T12782] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  296.164617][T12782] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  296.177433][T12786] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  296.208028][T12785] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  296.809403][   T29] audit: type=1804 audit(1718733643.125:10): pid=12823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3404688164/syzkaller.r4o1zv/537/cgroup.controllers" dev="sda1" ino=1954 res=1 errno=0
[  296.814852][T12823] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  297.231212][T11635] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.176482][T11635] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.285167][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  298.304948][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  298.338337][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  298.353970][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  298.363353][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  298.376586][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  298.417332][T11635] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.650424][T11635] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.943048][T11635] bridge_slave_1: left allmulticast mode
[  298.967978][T11635] bridge_slave_1: left promiscuous mode
[  298.995318][T11635] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.045794][T11635] bridge_slave_0: left allmulticast mode
[  299.058436][T11635] bridge_slave_0: left promiscuous mode
[  299.069999][T11635] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.282947][T12923] rdma_rxe: rxe_newlink: failed to add bond0
[  299.525859][T12941] rdma_rxe: rxe_newlink: failed to add bond0
[  299.822960][T11635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  299.837117][T11635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  299.849954][T11635] bond0 (unregistering): Released all slaves
[  299.883161][T12935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.901893][T12935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.926257][T12935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.942052][T12935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.952285][T12935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.963365][T12935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.973554][T12935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.984301][T12935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.994221][T12935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  300.004846][T12935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.072452][T12950] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  300.186165][T12953] __nla_validate_parse: 7 callbacks suppressed
[  300.186183][T12953] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  300.356547][T12960] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  300.438954][ T5126] Bluetooth: hci1: command tx timeout
[  300.775102][T11635] hsr_slave_0: left promiscuous mode
[  300.801785][T11635] hsr_slave_1: left promiscuous mode
[  300.812039][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  300.821366][T11635] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.850263][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.868103][T11635] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.906505][T12989] validate_nla: 15 callbacks suppressed
[  300.906532][T12989] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  300.938206][T11635] veth1_macvtap: left promiscuous mode
[  300.943907][T11635] veth0_macvtap: left promiscuous mode
[  300.953542][T11635] veth1_vlan: left promiscuous mode
[  300.963383][T11635] veth0_vlan: left promiscuous mode
[  301.606394][T11635] team0 (unregistering): Port device team_slave_1 removed
[  301.668928][T11635] team0 (unregistering): Port device team_slave_0 removed
[  302.183218][T12980] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  302.214995][T12985] pim6reg: entered allmulticast mode
[  302.221339][T12985] pim6reg: left allmulticast mode
[  302.262814][T12989] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  302.279188][T12999] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  302.403649][T12887] chnl_net:caif_netlink_parms(): no params data found
[  302.518541][ T5126] Bluetooth: hci1: command tx timeout
[  302.549165][T13014] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  302.737387][T12887] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.773522][T12887] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.798171][T12887] bridge_slave_0: entered allmulticast mode
[  302.805648][T12887] bridge_slave_0: entered promiscuous mode
[  302.827763][T12887] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.836533][T12887] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.843958][T12887] bridge_slave_1: entered allmulticast mode
[  302.852219][T12887] bridge_slave_1: entered promiscuous mode
[  302.935649][T12887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  302.980161][T12887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.093942][T12887] team0: Port device team_slave_0 added
[  303.101726][T13032] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  303.121772][T12887] team0: Port device team_slave_1 added
[  303.161329][T13036] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  303.193397][T13036] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  303.224062][T12887] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.236787][T12887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.274031][T12887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.298504][T13036] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  303.306943][T13039] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  303.361876][T12887] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.378816][T12887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.424075][T12887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.436635][T13043] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  303.446068][T13036] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  303.600837][T13058] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  303.626074][T12887] hsr_slave_0: entered promiscuous mode
[  303.641170][T12887] hsr_slave_1: entered promiscuous mode
[  304.068121][T13077] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  304.286327][T13088] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  304.300407][T13088] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  304.348442][T13088] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  304.582346][T12887] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  304.589888][T13099] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  304.599927][ T5126] Bluetooth: hci1: command tx timeout
[  304.614764][T12887] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  304.630625][T12887] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  304.669288][T12887] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  304.906814][T13112] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  304.975075][ T5126] block nbd0: Receive control failed (result -107)
[  305.029466][T12887] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.125150][T12887] 8021q: adding VLAN 0 to HW filter on device team0
[  305.209703][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.216981][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.281175][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.288446][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.585728][T13142] __nla_validate_parse: 2 callbacks suppressed
[  305.585752][T13142] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  306.004784][T13164] validate_nla: 7 callbacks suppressed
[  306.004808][T13164] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  306.053819][T13158] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  306.068660][T13164] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  306.089193][T13165] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  306.121493][T13164] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  306.148643][T13164] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  306.187008][T12887] 8021q: adding VLAN 0 to HW filter on device batadv0
[  306.303808][T13173] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.2'.
[  306.372809][T13177] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  306.381685][T12887] veth0_vlan: entered promiscuous mode
[  306.414633][T12887] veth1_vlan: entered promiscuous mode
[  306.531540][T12887] veth0_macvtap: entered promiscuous mode
[  306.567036][T12887] veth1_macvtap: entered promiscuous mode
[  306.634487][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  306.666384][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.678559][ T5126] Bluetooth: hci1: command tx timeout
[  306.695326][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  306.706443][T13187] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'.
[  306.710319][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.731327][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  306.742797][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.756292][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  306.773506][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.791678][T12887] batman_adv: batadv0: Interface activated: batadv_slave_0
[  306.831966][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  306.843336][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.854171][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  306.873839][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.884020][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  306.897346][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.909114][T12887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  306.920357][T12887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  306.932990][T12887] batman_adv: batadv0: Interface activated: batadv_slave_1
[  306.961502][T13193] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'.
[  306.999083][T12887] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.019086][T12887] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.053528][T12887] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.061841][T13200] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  307.062706][T12887] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.117639][T13200] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  307.198958][T13205] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  307.243753][T13203] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  307.269050][T13200] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  307.307720][T13206] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  307.464332][T11635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  307.477245][T11635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  307.562716][T13219] netlink: 46 bytes leftover after parsing attributes in process `syz-executor.4'.
[  307.634384][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  307.667924][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.181587][T13253] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  308.812434][T13292] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  309.707520][T13355] syzkaller0: entered promiscuous mode
[  309.716973][T13355] syzkaller0: entered allmulticast mode
[  309.756081][T13360] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  309.931372][ T1035] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.765400][T13415] __nla_validate_parse: 3 callbacks suppressed
[  310.765426][T13415] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  310.817233][T13417] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  310.961085][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  310.972260][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  310.981671][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  311.005090][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  311.014497][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  311.016773][ T1035] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.037595][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  311.201165][ T1035] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.255961][T13433] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  311.379566][ T1035] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.404706][T13432] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  311.655081][T13456] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  311.655508][T13455] validate_nla: 46 callbacks suppressed
[  311.655527][T13455] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  311.690559][ T1035] bridge_slave_1: left allmulticast mode
[  311.696486][ T1035] bridge_slave_1: left promiscuous mode
[  311.709830][ T1035] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.721542][ T1035] bridge_slave_0: left allmulticast mode
[  311.727276][ T1035] bridge_slave_0: left promiscuous mode
[  311.744662][ T1035] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.228470][ T1035] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.241968][ T1035] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.253102][ T1035] bond0 (unregistering): Released all slaves
[  312.266013][T13455] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  312.330476][T13458] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  312.482875][T13461] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  313.044388][T13493] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  313.072358][T13504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  313.078489][ T5126] Bluetooth: hci1: command tx timeout
[  313.151391][ T1035] hsr_slave_0: left promiscuous mode
[  313.170502][ T1035] hsr_slave_1: left promiscuous mode
[  313.180506][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.188488][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.196623][ T1035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.205213][ T1035] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.231494][ T1035] veth1_macvtap: left promiscuous mode
[  313.237222][ T1035] veth0_macvtap: left promiscuous mode
[  313.246751][ T1035] veth1_vlan: left promiscuous mode
[  313.252426][ T1035] veth0_vlan: left promiscuous mode
[  313.268243][T13509] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  313.696834][T13516] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  313.793116][T13523] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  314.122205][ T1035] team0 (unregistering): Port device team_slave_1 removed
[  314.174659][ T1035] team0 (unregistering): Port device team_slave_0 removed
[  314.717955][T13523] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  314.750327][T13528] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  314.842408][T13420] chnl_net:caif_netlink_parms(): no params data found
[  314.909320][T13537] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  315.115617][T13547] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  315.158494][ T5126] Bluetooth: hci1: command tx timeout
[  315.442847][T13420] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.462829][T13420] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.500084][T13420] bridge_slave_0: entered allmulticast mode
[  315.524843][T13420] bridge_slave_0: entered promiscuous mode
[  315.558797][T13420] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.565981][T13420] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.586346][T13420] bridge_slave_1: entered allmulticast mode
[  315.597314][T13420] bridge_slave_1: entered promiscuous mode
[  315.723596][T13420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  315.775436][T13420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  315.924348][T13420] team0: Port device team_slave_0 added
[  315.944519][T13420] team0: Port device team_slave_1 added
[  316.094306][T13420] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.116907][T13420] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.203463][T13420] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.234313][T13420] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.254594][T13420] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.316842][T13420] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.489520][T13420] hsr_slave_0: entered promiscuous mode
[  316.503612][T13420] hsr_slave_1: entered promiscuous mode
[  316.539533][T13601] netlink: 272 bytes leftover after parsing attributes in process `syz-executor.4'.
[  317.237976][ T5126] Bluetooth: hci1: command tx timeout
[  317.351778][T13631] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  317.371444][T13631] nbd: nbd0 already in use
[  317.592009][T13420] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  317.608883][T13420] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  317.621684][T13420] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  317.633548][T13420] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  317.676583][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  317.815967][T13420] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.860872][T13420] 8021q: adding VLAN 0 to HW filter on device team0
[  317.881061][ T1166] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.888400][ T1166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.935829][ T1166] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.943367][ T1166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.335553][T13420] 8021q: adding VLAN 0 to HW filter on device batadv0
[  318.460201][T13420] veth0_vlan: entered promiscuous mode
[  318.513998][T13420] veth1_vlan: entered promiscuous mode
[  318.638937][T13420] veth0_macvtap: entered promiscuous mode
[  318.657680][T13420] veth1_macvtap: entered promiscuous mode
[  318.689859][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.717041][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.758704][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.773911][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.796085][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.816731][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.828978][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.840490][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.854666][T13420] batman_adv: batadv0: Interface activated: batadv_slave_0
[  318.881383][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.893069][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.904667][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.916044][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.927293][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.937899][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.947892][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.959233][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.971066][T13420] batman_adv: batadv0: Interface activated: batadv_slave_1
[  318.985524][T13420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.996208][T13420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.019677][T13420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.032197][T13420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.318176][ T5126] Bluetooth: hci1: command tx timeout
[  319.351181][T11623] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.359746][T11623] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.409571][T11630] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.426668][T11630] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.220084][T13736] geneve1: entered allmulticast mode
[  320.616834][T13756] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  320.691724][T13756] bridge3: port 1(gretap2) entered blocking state
[  320.699788][T13756] bridge3: port 1(gretap2) entered disabled state
[  320.714335][T13756] gretap2: entered allmulticast mode
[  320.722417][T13756] gretap2: entered promiscuous mode
[  321.033014][T13778] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  321.103246][T13778] geneve0: entered promiscuous mode
[  321.140145][T13778] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  321.595716][T13811] tipc: Failed to remove unknown binding: 66,1,1/0:1097516089/1097516091
[  321.642768][T13811] tipc: Failed to remove unknown binding: 66,1,1/0:1097516089/1097516091
[  321.656712][T13811] tipc: Failed to remove unknown binding: 66,1,1/0:1097516089/1097516091
[  321.704835][T13819] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[  322.697126][T11630] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.301419][T13879] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'.
[  323.316497][T13879] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  323.438686][T13884] batadv0: entered promiscuous mode
[  323.470989][T13884] team0: entered promiscuous mode
[  323.476200][T13884] team_slave_0: entered promiscuous mode
[  323.490471][T13884] team_slave_1: entered promiscuous mode
[  323.497684][T13884] team0: left promiscuous mode
[  323.513057][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  323.524457][T13884] team_slave_0: left promiscuous mode
[  323.528772][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  323.541110][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  323.542340][T13884] team_slave_1: left promiscuous mode
[  323.564653][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  323.572873][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  323.580721][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  323.581103][T13884] batadv0: left promiscuous mode
[  324.196335][T11630] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.245611][T13907] wg2: entered promiscuous mode
[  324.250771][T13907] wg2: entered allmulticast mode
[  324.371095][T11630] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.576508][T11630] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.764925][T13888] chnl_net:caif_netlink_parms(): no params data found
[  325.056631][T11630] bridge_slave_1: left allmulticast mode
[  325.063609][T11630] bridge_slave_1: left promiscuous mode
[  325.069646][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.083619][T11630] bridge_slave_0: left allmulticast mode
[  325.092182][T11630] bridge_slave_0: left promiscuous mode
[  325.098371][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.643397][ T5126] Bluetooth: hci1: command tx timeout
[  325.728501][T11630] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  325.751454][T11630] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  325.766347][T11630] bond0 (unregistering): Released all slaves
[  325.882709][T13888] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.902675][T13888] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.920245][T13888] bridge_slave_0: entered allmulticast mode
[  325.952800][T13888] bridge_slave_0: entered promiscuous mode
[  325.979736][T13888] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.008158][T13888] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.041969][T13888] bridge_slave_1: entered allmulticast mode
[  326.078396][T13888] bridge_slave_1: entered promiscuous mode
[  326.264537][T13888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  326.405129][T13888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  326.606055][ T5168] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.660429][T13888] team0: Port device team_slave_0 added
[  326.702291][T13888] team0: Port device team_slave_1 added
[  326.958929][T13888] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.967496][T13888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.007185][T13888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.054474][T11630] hsr_slave_0: left promiscuous mode
[  327.088058][T11630] hsr_slave_1: left promiscuous mode
[  327.104917][T11630] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  327.124670][T11630] batman_adv: batadv0: Removing interface: batadv_slave_0
[  327.175530][T11630] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  327.203188][T11630] batman_adv: batadv0: Removing interface: batadv_slave_1
[  327.262567][T11630] veth1_macvtap: left promiscuous mode
[  327.268953][T11630] veth0_macvtap: left promiscuous mode
[  327.276948][T11630] veth1_vlan: left promiscuous mode
[  327.283114][T11630] veth0_vlan: left promiscuous mode
[  327.721100][ T5126] Bluetooth: hci1: command tx timeout
[  328.040136][T11630] team0 (unregistering): Port device team_slave_1 removed
[  328.120542][T11630] team0 (unregistering): Port device team_slave_0 removed
[  328.706332][T13888] batman_adv: batadv0: Adding interface: batadv_slave_1
[  328.713719][T13888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.739828][T13888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  328.756176][T14026] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  328.814942][T14041] smc: net device syzkaller0 applied user defined pnetid SYZ0
[  329.046424][T13888] hsr_slave_0: entered promiscuous mode
[  329.077156][T13888] hsr_slave_1: entered promiscuous mode
[  329.110760][T14053] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  329.649226][T14074] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  329.663232][T14074] nbd: socks must be embedded in a SOCK_ITEM attr
[  329.694677][T14076] nbd: socks must be embedded in a SOCK_ITEM attr
[  329.801632][ T5126] Bluetooth: hci1: command tx timeout
[  329.958524][ T5126] Bluetooth: hci4: command 0x0406 tx timeout
[  330.123345][T13888] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  330.155328][T13888] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  330.179547][T13888] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  330.196741][T13888] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  330.453159][T13888] 8021q: adding VLAN 0 to HW filter on device bond0
[  330.554773][T13888] 8021q: adding VLAN 0 to HW filter on device team0
[  330.592125][ T5168] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.599488][ T5168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.656843][ T5168] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.664202][ T5168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.865655][T14122] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  331.126831][T14133] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  331.301667][T14141] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[  331.394732][T13888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  331.546919][T13888] veth0_vlan: entered promiscuous mode
[  331.584672][T13888] veth1_vlan: entered promiscuous mode
[  331.685291][T13888] veth0_macvtap: entered promiscuous mode
[  331.733245][T13888] veth1_macvtap: entered promiscuous mode
[  331.762188][T14163] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.1'.
[  331.784094][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.817291][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.837922][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.858636][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.869118][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.880114][   T53] Bluetooth: hci1: command tx timeout
[  331.890240][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.907991][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.922004][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.934302][T13888] batman_adv: batadv0: Interface activated: batadv_slave_0
[  331.956694][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.977872][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.998146][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.011771][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.022574][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.057972][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.077949][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.099433][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.112897][T13888] batman_adv: batadv0: Interface activated: batadv_slave_1
[  332.164575][T13888] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.186283][T13888] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.201763][T13888] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.230211][T13888] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.476044][T11630] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.494655][T11630] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.591001][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.638756][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.137678][T14196] team0: entered promiscuous mode
[  333.155385][T14196] team_slave_0: entered promiscuous mode
[  333.178122][T14196] team_slave_1: entered promiscuous mode
[  333.187419][T14195] team0: left promiscuous mode
[  333.200253][T14195] team_slave_0: left promiscuous mode
[  333.217284][T14195] team_slave_1: left promiscuous mode
[  333.930294][T14228] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'.
[  335.229172][T14298] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  335.232714][T11635] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.343846][T14302] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  335.424652][T14298] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  335.943517][ T5126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  335.955449][ T5126] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  335.964848][ T5126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  335.974295][ T5126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  335.998553][ T5126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  336.008519][ T5126] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  336.159269][T14320] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  336.552467][T11635] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.698634][T11635] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.876540][T11635] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.072389][T14358] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  337.106906][T14358] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  337.133472][T14315] chnl_net:caif_netlink_parms(): no params data found
[  337.159566][T14358] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  337.205012][T11635] bridge_slave_1: left allmulticast mode
[  337.249169][T11635] bridge_slave_1: left promiscuous mode
[  337.255040][T11635] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.275729][T11635] bridge_slave_0: left allmulticast mode
[  337.285415][T11635] bridge_slave_0: left promiscuous mode
[  337.297372][T11635] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.042231][   T53] Bluetooth: hci1: command tx timeout
[  338.369055][T11635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.392783][T11635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.424927][T11635] bond0 (unregistering): Released all slaves
[  338.701876][T14315] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.709751][T14315] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.720060][T14315] bridge_slave_0: entered allmulticast mode
[  338.727584][T14315] bridge_slave_0: entered promiscuous mode
[  338.738525][T14315] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.758185][T14315] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.768183][T14315] bridge_slave_1: entered allmulticast mode
[  338.775710][T14315] bridge_slave_1: entered promiscuous mode
[  338.976695][T14315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.000954][T14315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.136473][T14315] team0: Port device team_slave_0 added
[  339.192285][T14315] team0: Port device team_slave_1 added
[  339.417280][T14315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.433973][T14315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.510436][T14315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  339.548843][T11635] hsr_slave_0: left promiscuous mode
[  339.573727][T11635] hsr_slave_1: left promiscuous mode
[  339.596276][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.606457][T11635] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.620944][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.635877][T11635] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.682758][T11635] veth1_macvtap: left promiscuous mode
[  339.695299][T11635] veth0_macvtap: left promiscuous mode
[  339.706937][T11635] veth1_vlan: left promiscuous mode
[  339.716274][T11635] veth0_vlan: left promiscuous mode
[  340.127981][   T53] Bluetooth: hci1: command tx timeout
[  340.547126][T11635] team0 (unregistering): Port device team_slave_1 removed
[  340.603284][T11635] team0 (unregistering): Port device team_slave_0 removed
[  340.651338][T14444] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  341.138596][T14315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  341.145736][T14315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.193872][T14315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  341.234405][T14444] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  341.251848][T14445] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  341.276732][T14451] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  341.341156][T14446] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  341.370062][T14315] hsr_slave_0: entered promiscuous mode
[  341.408817][T14315] hsr_slave_1: entered promiscuous mode
[  341.453406][T14447] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  341.915875][T14477] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  342.008873][T14482] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  342.017726][T14482] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  342.031028][T14482] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  342.040489][T14482] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  342.050108][T14482] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  342.198142][   T53] Bluetooth: hci1: command tx timeout
[  342.456905][T14315] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  342.474153][T14315] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  342.501604][T14315] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  342.516176][T14315] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  342.558792][T14510] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  342.644070][T14512] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  342.795215][T14315] 8021q: adding VLAN 0 to HW filter on device bond0
[  342.845729][T14315] 8021q: adding VLAN 0 to HW filter on device team0
[  342.867223][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.874524][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.912746][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.920097][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  343.002629][T14315] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  343.403686][T14315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  343.527399][T14556] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  343.528559][T14315] veth0_vlan: entered promiscuous mode
[  343.587214][T14315] veth1_vlan: entered promiscuous mode
[  343.675257][T14315] veth0_macvtap: entered promiscuous mode
[  343.693506][T14315] veth1_macvtap: entered promiscuous mode
[  343.721823][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.752098][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.771319][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.802836][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.816206][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.827343][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.856970][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.874212][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.889748][T14315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  343.901676][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.915049][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.929036][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.968062][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.987998][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.007882][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.020476][T14315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.035195][T14315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.059839][T14315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  344.096457][T14315] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  344.108304][T14315] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.117270][T14315] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.130109][T14315] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.281225][   T53] Bluetooth: hci1: command tx timeout
[  344.377048][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.380177][T14597] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  344.405212][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.504644][T11646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.523345][T11646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.962213][ T5126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  345.972833][ T5126] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  345.982494][ T5126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  345.994802][ T5126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  346.002864][ T5126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  346.015848][ T5126] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  346.551235][T14701] validate_nla: 29 callbacks suppressed
[  346.551257][T14701] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  346.574348][T14698] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  346.584062][T14701] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  346.608243][T14701] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  346.617397][T14701] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  346.632951][T14701] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  346.692184][T14673] chnl_net:caif_netlink_parms(): no params data found
[  346.963854][T11646] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.069058][T14673] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.088670][T14673] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.096025][T14673] bridge_slave_0: entered allmulticast mode
[  347.119705][T14673] bridge_slave_0: entered promiscuous mode
[  347.140655][T14673] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.148226][T14673] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.155525][T14673] bridge_slave_1: entered allmulticast mode
[  347.179637][T14673] bridge_slave_1: entered promiscuous mode
[  347.280492][T14673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.295846][T14673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.305620][T14731] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  347.430187][T14673] team0: Port device team_slave_0 added
[  347.455692][T14738] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  347.479755][T14673] team0: Port device team_slave_1 added
[  347.485755][T14738] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  347.576987][T14738] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  347.615361][T14673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.624705][T14673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.656296][T14673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.696550][T14741] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  347.715343][T14673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.728691][T14673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.756214][T14673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.824065][T14738] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  347.857993][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  347.881435][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  347.891491][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  347.915267][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  347.924936][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  347.932951][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  348.023055][T14673] hsr_slave_0: entered promiscuous mode
[  348.030703][T14673] hsr_slave_1: entered promiscuous mode
[  348.039157][ T5126] Bluetooth: hci1: command tx timeout
[  348.045715][T14673] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  348.053836][T14673] Cannot create hsr debugfs directory
[  348.342011][T14673] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.370286][T14673] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.428454][T14763] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  348.529677][T14673] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.550164][T14673] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.614261][T11646] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.733270][T14673] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.751660][T14673] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.814896][T11646] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.913748][T14673] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  348.925587][T14673] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.024150][T11646] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.084381][T14789] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  349.369604][T14673] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  349.387330][T14673] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  349.400871][T11646] bridge_slave_1: left allmulticast mode
[  349.406808][T11646] bridge_slave_1: left promiscuous mode
[  349.415223][T11646] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.426730][T11646] bridge_slave_0: left allmulticast mode
[  349.445944][T11646] bridge_slave_0: left promiscuous mode
[  349.461737][T11646] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.895913][T11646] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  349.907670][T11646] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  349.924526][T11646] bond0 (unregistering): Released all slaves
[  349.942890][T14673] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  349.964644][T14673] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  350.038003][ T5126] Bluetooth: hci3: command tx timeout
[  350.104277][T14747] chnl_net:caif_netlink_parms(): no params data found
[  350.118906][ T5126] Bluetooth: hci1: command tx timeout
[  350.306886][T14820] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  350.661189][T14747] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.686773][T14747] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.719130][T14747] bridge_slave_0: entered allmulticast mode
[  350.726793][T14747] bridge_slave_0: entered promiscuous mode
[  350.747616][T14747] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.756232][T14747] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.763794][T14747] bridge_slave_1: entered allmulticast mode
[  350.771997][T14747] bridge_slave_1: entered promiscuous mode
[  350.783686][T11646] hsr_slave_0: left promiscuous mode
[  350.790200][T11646] hsr_slave_1: left promiscuous mode
[  350.796724][T11646] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  350.805975][T11646] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.815515][T11646] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  350.823646][T11646] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.851007][T11646] veth1_macvtap: left promiscuous mode
[  350.856716][T11646] veth0_macvtap: left promiscuous mode
[  350.863432][T11646] veth1_vlan: left promiscuous mode
[  350.868867][T11646] veth0_vlan: left promiscuous mode
[  351.448397][T11646] team0 (unregistering): Port device team_slave_1 removed
[  351.502452][T11646] team0 (unregistering): Port device team_slave_0 removed
[  352.106874][T14837] validate_nla: 12 callbacks suppressed
[  352.106898][T14837] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  352.118133][ T5126] Bluetooth: hci3: command tx timeout
[  352.147084][T14747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.162611][T14673] 8021q: adding VLAN 0 to HW filter on device bond0
[  352.172540][T14747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.198497][ T5126] Bluetooth: hci1: command tx timeout
[  352.344910][T14747] team0: Port device team_slave_0 added
[  352.358436][T14852] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  352.403935][T14673] 8021q: adding VLAN 0 to HW filter on device team0
[  352.426544][T14747] team0: Port device team_slave_1 added
[  352.458858][ T5199] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.466044][ T5199] bridge0: port 1(bridge_slave_0) entered forwarding state
[  352.552051][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.559375][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.598985][T14747] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.605985][T14747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.671008][T14747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.719113][T14747] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.726118][T14747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.753808][T14747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.906017][T14747] hsr_slave_0: entered promiscuous mode
[  352.926906][T14747] hsr_slave_1: entered promiscuous mode
[  353.011479][T14873] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  353.026494][T14673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  353.050144][T14875] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  353.060560][T14873] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  353.131755][T14876] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  353.145765][T14873] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  353.182945][T14873] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  353.398736][T14673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  353.610161][T14673] veth0_vlan: entered promiscuous mode
[  353.638920][T14673] veth1_vlan: entered promiscuous mode
[  353.729713][T14673] veth0_macvtap: entered promiscuous mode
[  353.757621][T14673] veth1_macvtap: entered promiscuous mode
[  353.776971][T14901] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  353.852417][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.866508][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.878483][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.896010][T14905] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  353.909026][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.919666][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.930598][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.941136][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.952308][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.973053][T14673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.986838][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.997476][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.019390][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.041471][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.054679][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.065406][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.075516][T14673] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.087037][T14673] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.109791][T14673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  354.146520][T14905] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  354.176629][T14673] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.198590][ T5126] Bluetooth: hci3: command tx timeout
[  354.207468][T14673] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.219203][T14673] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.230882][T14673] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.256192][T14908] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  354.274626][T14747] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  354.282349][ T5126] Bluetooth: hci1: command tx timeout
[  354.295809][T14911] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  354.305491][T14747] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  354.317022][T14747] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  354.381156][T14747] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  354.530043][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.552302][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.656035][T11630] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.684290][T11630] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.780933][T14747] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.833242][T14933] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  354.866446][T14747] 8021q: adding VLAN 0 to HW filter on device team0
[  354.901713][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.909077][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.981688][  T785] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.988937][  T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.294569][T14959] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  355.453816][T14747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.498741][T14968] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  355.566429][T14747] veth0_vlan: entered promiscuous mode
[  355.614237][T14747] veth1_vlan: entered promiscuous mode
[  355.722029][T14747] veth0_macvtap: entered promiscuous mode
[  355.761037][T14747] veth1_macvtap: entered promiscuous mode
[  355.809654][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.836738][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.847615][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.862765][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.872771][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.884333][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.904329][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.924649][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.937474][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.948946][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.967046][T14747] batman_adv: batadv0: Interface activated: batadv_slave_0
[  356.019234][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.045335][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.065663][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.076478][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.090785][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.115069][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.126211][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.139892][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.150535][T14747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.161329][T14747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.174419][T14747] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.188328][T14994] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  356.209738][T14992] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  356.250985][T14747] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.266627][T14747] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.288575][ T5126] Bluetooth: hci3: command tx timeout
[  356.297936][T14747] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.314994][T14747] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.548305][T11646] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.556301][T11646] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.617576][T11646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.634526][T11646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.838611][T15021] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  356.883236][T15018] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  357.125759][T15037] validate_nla: 31 callbacks suppressed
[  357.125781][T15037] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  357.166100][T15037] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  357.184537][T15037] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  357.207044][T15037] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  357.218498][T15037] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  357.418196][T15051] __nla_validate_parse: 2 callbacks suppressed
[  357.418220][T15051] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  357.530326][T15058] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  357.683754][T15068] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  357.688173][T15069] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  357.706749][T15069] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  357.755079][T15069] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  357.779101][T15069] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  357.793890][T15069] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  357.835196][T15075] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  358.023884][T15084] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  358.076031][T15088] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  358.187070][T15093] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  358.330722][T15100] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  358.515164][T15111] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  358.640437][T15119] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  358.794210][T11635] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.034917][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  360.047122][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  360.067595][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  360.089887][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  360.098576][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  360.110452][ T5120] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  360.123591][ T5120] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  360.136950][ T5120] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  360.155380][ T5126] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  360.166491][ T5126] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  360.178744][ T5126] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  360.188403][ T5126] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  360.295535][T11635] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.469807][T11635] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.599018][T15210] Cannot find set identified by id 0 to match
[  360.627040][T11635] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.966440][T11635] bridge_slave_1: left allmulticast mode
[  360.979897][T11635] bridge_slave_1: left promiscuous mode
[  360.985766][T11635] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.083010][T11635] bridge_slave_0: left allmulticast mode
[  361.110442][T11635] bridge_slave_0: left promiscuous mode
[  361.148953][T11635] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.212362][ T5126] Bluetooth: hci3: command tx timeout
[  362.286003][ T5126] Bluetooth: hci5: command tx timeout
[  362.336129][T11635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  362.349970][T11635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  362.362948][T11635] bond0 (unregistering): Released all slaves
[  362.389090][T15246] validate_nla: 21 callbacks suppressed
[  362.389112][T15246] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  362.790003][T15293] __nla_validate_parse: 4 callbacks suppressed
[  362.790024][T15293] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  362.907570][T15303] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  362.985548][T15303] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  362.998779][T15305] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  363.095687][T15303] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  363.113124][T15305] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  363.142177][T15187] chnl_net:caif_netlink_parms(): no params data found
[  363.249907][T15312] netlink: 16178 bytes leftover after parsing attributes in process `syz-executor.1'.
[  363.435814][T15193] chnl_net:caif_netlink_parms(): no params data found
[  363.515630][T11635] hsr_slave_0: left promiscuous mode
[  363.525494][T11635] hsr_slave_1: left promiscuous mode
[  363.546643][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  363.563774][T11635] batman_adv: batadv0: Removing interface: batadv_slave_0
[  363.600163][T11635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  363.623974][T11635] batman_adv: batadv0: Removing interface: batadv_slave_1
[  363.717030][T11635] veth1_macvtap: left promiscuous mode
[  363.749090][T11635] veth0_macvtap: left promiscuous mode
[  363.754945][T11635] veth1_vlan: left promiscuous mode
[  363.775118][T11635] veth0_vlan: left promiscuous mode
[  363.802561][T15343] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  363.847513][T15346] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  364.280539][ T5126] Bluetooth: hci3: command tx timeout
[  364.364576][ T5126] Bluetooth: hci5: command tx timeout
[  364.702359][T11635] team0 (unregistering): Port device team_slave_1 removed
[  364.774682][T11635] team0 (unregistering): Port device team_slave_0 removed
[  365.263109][T15378] netlink: 16178 bytes leftover after parsing attributes in process `syz-executor.2'.
[  365.461356][T15346] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  365.693325][T15187] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.710469][T15187] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.718677][T15187] bridge_slave_0: entered allmulticast mode
[  365.726900][T15187] bridge_slave_0: entered promiscuous mode
[  365.848574][T15187] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.868374][T15187] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.898357][T15187] bridge_slave_1: entered allmulticast mode
[  365.919565][T15187] bridge_slave_1: entered promiscuous mode
[  366.033416][T15193] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.074106][T15193] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.084439][T15193] bridge_slave_0: entered allmulticast mode
[  366.099845][T15193] bridge_slave_0: entered promiscuous mode
[  366.163793][T15193] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.172525][T15193] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.188357][T15193] bridge_slave_1: entered allmulticast mode
[  366.195867][T15193] bridge_slave_1: entered promiscuous mode
[  366.221243][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  366.292318][T15418] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  366.299823][T15187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.334457][T15419] netlink: 16178 bytes leftover after parsing attributes in process `syz-executor.3'.
[  366.346086][T15187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  366.363324][ T5126] Bluetooth: hci3: command tx timeout
[  366.395904][T15193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.408433][T15418] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  366.438047][ T5126] Bluetooth: hci5: command tx timeout
[  366.492496][T15423] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  366.503271][T15187] team0: Port device team_slave_0 added
[  366.516256][T15193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  366.563676][T15193] team0: Port device team_slave_0 added
[  366.601297][T15187] team0: Port device team_slave_1 added
[  366.707272][T15193] team0: Port device team_slave_1 added
[  366.853291][T15193] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.896345][T15193] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.947704][T15193] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  366.970678][T15187] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.979261][T15187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.014304][T15187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.028533][T15193] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.036170][T15193] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.063250][T15193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.079293][T15187] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.087395][T15187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.123976][T15187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.172910][T15453] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  367.316225][T15187] hsr_slave_0: entered promiscuous mode
[  367.334697][T15187] hsr_slave_1: entered promiscuous mode
[  367.415276][T15193] hsr_slave_0: entered promiscuous mode
[  367.440966][T15193] hsr_slave_1: entered promiscuous mode
[  367.468837][T15193] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.476474][T15193] Cannot create hsr debugfs directory
[  367.995653][T15469] validate_nla: 3 callbacks suppressed
[  367.995677][T15469] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  368.062067][T15469] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  368.078425][T15470] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  368.203705][T15187] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.231831][T15187] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.259270][T15469] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  368.278917][T15470] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  368.438167][ T5126] Bluetooth: hci3: command tx timeout
[  368.439445][T15187] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.478002][T15187] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.518435][ T5126] Bluetooth: hci5: command tx timeout
[  368.568129][T15482] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  368.711710][T15187] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.724825][T15187] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.877129][T15187] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.888742][T15187] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.177448][T15511] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  369.196440][T15187] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  369.212245][T15511] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  369.221871][T15187] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  369.239187][T15187] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  369.262504][T15512] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  369.290597][T15187] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  369.313751][T15511] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  369.332765][T15512] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  369.457221][T15516] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  369.622157][T15187] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.849608][T15187] 8021q: adding VLAN 0 to HW filter on device team0
[  369.917473][ T5165] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.924885][ T5165] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.964557][T15193] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  369.988979][T15193] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  370.055197][T15193] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  370.068463][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.075724][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.095432][T15193] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  370.234312][T15543] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  370.234931][T15187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  370.386362][T15554] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  370.537689][T15193] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.620216][T15193] 8021q: adding VLAN 0 to HW filter on device team0
[  370.647113][ T5167] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.654428][ T5167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.720148][ T5168] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.727346][ T5168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.808776][T15187] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.279778][T15193] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.427501][T15562] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.446089][T15187] veth0_vlan: entered promiscuous mode
[  371.517292][T15187] veth1_vlan: entered promiscuous mode
[  371.584147][T15193] veth0_vlan: entered promiscuous mode
[  371.616459][T15605] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  371.665681][T15193] veth1_vlan: entered promiscuous mode
[  371.755210][T15187] veth0_macvtap: entered promiscuous mode
[  371.782270][T15187] veth1_macvtap: entered promiscuous mode
[  371.867920][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.890836][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.903679][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.915004][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.926280][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.937089][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.947611][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.959328][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.970033][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.981065][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.005028][T15187] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.060807][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.093091][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.110904][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.138934][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.159456][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.187972][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.220305][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.258000][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.279333][T15187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.293971][T15187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.310704][T15187] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.332507][T15193] veth0_macvtap: entered promiscuous mode
[  372.363781][T15187] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.373373][T15187] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.383007][T15187] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.403552][T15187] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.435281][T15193] veth1_macvtap: entered promiscuous mode
[  372.547460][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.576414][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.596942][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.619169][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.639757][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.665879][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.686307][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.710460][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.723201][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.735109][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.745894][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.757182][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.774279][T15193] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.900335][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.925755][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.937558][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.949293][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.959694][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.971281][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.983398][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.004514][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.017488][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.031587][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.041774][T15193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.052423][T15193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.079703][T15193] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.120431][T15193] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.152755][T15193] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.181303][T15193] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.203049][T15193] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.233362][T15644] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  373.261571][T15647] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'.
[  373.285029][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.317036][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.340101][T15647] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  373.367126][T15650] validate_nla: 15 callbacks suppressed
[  373.367148][T15650] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  373.421192][T15647] bridge_slave_1: left allmulticast mode
[  373.430818][T15647] bridge_slave_1: left promiscuous mode
[  373.445617][T15647] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.465201][T15650] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  373.476141][T15653] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  373.508796][T11639] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.526538][T15650] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  373.538574][T11639] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.573724][T15653] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  373.619248][T11635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.650897][T11635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.826335][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.861024][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.235013][T15684] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  374.331480][T15692] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  374.342954][T15692] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  374.370803][T15692] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  374.394890][T15692] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  374.424384][T15692] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  374.565425][   T29] audit: type=1804 audit(1718733720.875:11): pid=15702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2061906427/syzkaller.LOfDfL/95/cgroup.controllers" dev="sda1" ino=1938 res=1 errno=0
[  375.003582][T15724] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  375.593828][T15753] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  375.942771][T15778] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.4'.
[  376.014553][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.049671][   T29] audit: type=1804 audit(1718733722.355:12): pid=15780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2017736096/syzkaller.Elg5rb/744/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0
[  376.448301][T15796] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  376.624408][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.813737][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.046897][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.180605][ T5129] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  377.195837][ T5129] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  377.204921][ T5129] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  377.213450][ T5129] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  377.222917][ T5129] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  377.230496][ T5129] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  377.479848][T15837] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  377.668375][   T35] bridge_slave_1: left allmulticast mode
[  377.674102][   T35] bridge_slave_1: left promiscuous mode
[  377.694058][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.708639][   T29] audit: type=1804 audit(1718733724.015:13): pid=15846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2017736096/syzkaller.Elg5rb/748/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0
[  377.779159][   T35] bridge_slave_0: left allmulticast mode
[  377.784905][   T35] bridge_slave_0: left promiscuous mode
[  377.791271][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.518787][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.533475][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.548597][   T35] bond0 (unregistering): Released all slaves
[  378.564371][T15845] validate_nla: 17 callbacks suppressed
[  378.564392][T15845] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  378.602452][T15859] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  378.960719][T15881] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  379.201141][T15893] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.212020][T15892] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.224839][T15893] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.245374][T15894] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  379.318244][ T5126] Bluetooth: hci5: command tx timeout
[  379.335599][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.365870][T15894] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  379.435296][   T29] audit: type=1804 audit(1718733725.745:14): pid=15901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2017736096/syzkaller.Elg5rb/752/cgroup.controllers" dev="sda1" ino=1962 res=1 errno=0
[  379.503206][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.520608][T15902] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  379.529697][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  379.561333][   T35] hsr_slave_0: left promiscuous mode
[  379.579266][   T35] hsr_slave_1: left promiscuous mode
[  379.595651][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.604227][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.615367][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.626637][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.675317][   T35] veth1_macvtap: left promiscuous mode
[  379.692212][   T35] veth0_macvtap: left promiscuous mode
[  379.703295][   T35] veth1_vlan: left promiscuous mode
[  379.713025][   T35] veth0_vlan: left promiscuous mode
[  380.250549][T15916] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  380.261958][T15916] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  380.472098][   T35] team0 (unregistering): Port device team_slave_1 removed
[  380.560822][   T35] team0 (unregistering): Port device team_slave_0 removed
[  380.859388][T15933] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  381.223953][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  381.235628][T15904] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  381.262559][T15911] team0: Device macsec1 is already an upper device of the team interface
[  381.334446][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  381.350944][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  381.400318][ T5126] Bluetooth: hci5: command tx timeout
[  381.417880][T15891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  381.539274][T15819] chnl_net:caif_netlink_parms(): no params data found
[  381.820650][T15819] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.836699][T15819] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.866824][T15819] bridge_slave_0: entered allmulticast mode
[  381.886623][T15819] bridge_slave_0: entered promiscuous mode
[  381.886827][T15965] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  381.909458][T15965] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  381.919832][T15819] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.928424][T15819] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.937540][T15819] bridge_slave_1: entered allmulticast mode
[  381.946573][T15819] bridge_slave_1: entered promiscuous mode
[  382.019753][T15965] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  382.037747][T15819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  382.072143][T15819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  382.114258][T15969] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  382.151532][T15970] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  382.181372][T15819] team0: Port device team_slave_0 added
[  382.203042][T15819] team0: Port device team_slave_1 added
[  382.316841][T15819] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.328164][T15819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.362265][T15819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.456328][T15819] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.476974][T15819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.522398][T15819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.699518][T15819] hsr_slave_0: entered promiscuous mode
[  382.714651][T15819] hsr_slave_1: entered promiscuous mode
[  382.722555][T15819] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  382.751497][T15819] Cannot create hsr debugfs directory
[  383.125651][T16013] sock: sock_timestamping_bind_phc: sock not bind to device
[  383.478032][ T5126] Bluetooth: hci5: command tx timeout
[  383.575064][T16035] validate_nla: 5 callbacks suppressed
[  383.575090][T16035] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  383.684799][T16035] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  383.731651][T16040] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  383.747929][T15819] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  383.803914][T15819] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  383.831704][T16035] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  383.859042][T16045] IPVS: dh: SCTP 172.20.20.170:0 - no destination available
[  383.867279][T16040] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  383.896334][T15819] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  383.925707][T15819] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  384.103163][T16058] sock: sock_timestamping_bind_phc: sock not bind to device
[  384.212384][T15819] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.295126][T15819] 8021q: adding VLAN 0 to HW filter on device team0
[  384.333543][ T5196] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.340840][ T5196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  384.377074][ T5196] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.384389][ T5196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  384.704602][T16077] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  384.732884][T16077] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  384.742763][T16079] __nla_validate_parse: 15 callbacks suppressed
[  384.742784][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  384.798155][T16080] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  384.808761][T16077] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  384.860857][T16077] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  385.039699][T16093] sock: sock_timestamping_bind_phc: sock not bind to device
[  385.139428][T15819] 8021q: adding VLAN 0 to HW filter on device batadv0
[  385.304581][T15819] veth0_vlan: entered promiscuous mode
[  385.361333][T15819] veth1_vlan: entered promiscuous mode
[  385.405143][T16111] IPVS: dh: SCTP 172.20.20.170:0 - no destination available
[  385.492702][T15819] veth0_macvtap: entered promiscuous mode
[  385.527821][T15819] veth1_macvtap: entered promiscuous mode
[  385.568304][ T5126] Bluetooth: hci5: command tx timeout
[  385.616437][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.657464][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.678968][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.696950][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.713308][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.725760][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.744669][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.756513][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.773156][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.784726][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.795458][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.806884][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.828329][T15819] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.876423][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.897923][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.914577][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.943327][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.958076][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.979392][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.994247][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.008063][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.023613][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.035362][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.046876][T15819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.057814][T15819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.069607][T16133] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  386.090058][T15819] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.104366][T15819] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.115297][T15819] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.137181][T15819] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.146673][T15819] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.347660][T16140] sock: sock_timestamping_bind_phc: sock not bind to device
[  386.355373][T11639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.404543][T11639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.498213][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.524154][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.939711][T16168] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  387.240560][T16180] sock: sock_timestamping_bind_phc: sock not bind to device
[  387.627182][T16204] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  388.128676][T16231] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  388.474058][T16251] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  389.192033][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.362396][T16293] validate_nla: 20 callbacks suppressed
[  389.362420][T16293] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  389.391764][T16293] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  389.419349][T16293] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  389.458640][T16293] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  389.492629][T16293] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  389.576276][T16300] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  389.862152][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.093672][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.273297][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.397405][ T5129] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  390.410100][ T5129] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  390.434440][ T5129] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  390.444129][ T5129] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  390.455836][ T5129] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  390.464259][ T5129] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  390.528217][   T35] bridge_slave_1: left allmulticast mode
[  390.535526][   T35] bridge_slave_1: left promiscuous mode
[  390.558936][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.622463][   T35] bridge_slave_0: left allmulticast mode
[  390.645002][   T35] bridge_slave_0: left promiscuous mode
[  390.668331][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.929854][T16340] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  391.406895][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  391.426406][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  391.443002][   T35] bond0 (unregistering): Released all slaves
[  391.479179][T16340] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  391.497645][T16343] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  391.523668][T16345] ==================================================================
[  391.531802][T16345] BUG: KASAN: slab-out-of-bounds in cfg80211_wext_freq+0x1f9/0x240
[  391.539765][T16345] Read of size 2 at addr ffff888025919d40 by task syz-executor.4/16345
[  391.548040][T16345] 
[  391.550397][T16345] CPU: 0 PID: 16345 Comm: syz-executor.4 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0
[  391.560936][T16345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  391.571035][T16345] Call Trace:
[  391.574345][T16345]  <TASK>
[  391.577305][T16345]  dump_stack_lvl+0x241/0x360
[  391.582036][T16345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.587291][T16345]  ? __pfx__printk+0x10/0x10
[  391.591933][T16345]  ? _printk+0xd5/0x120
[  391.596138][T16345]  ? __virt_addr_valid+0x183/0x520
[  391.601300][T16345]  ? __virt_addr_valid+0x183/0x520
[  391.606463][T16345]  print_report+0x169/0x550
[  391.611011][T16345]  ? __virt_addr_valid+0x183/0x520
[  391.616169][T16345]  ? __virt_addr_valid+0x183/0x520
[  391.621321][T16345]  ? __virt_addr_valid+0x44e/0x520
[  391.626477][T16345]  ? __phys_addr+0xba/0x170
[  391.631050][T16345]  ? cfg80211_wext_freq+0x1f9/0x240
[  391.636303][T16345]  kasan_report+0x143/0x180
[  391.640862][T16345]  ? cfg80211_wext_freq+0x1f9/0x240
[  391.646125][T16345]  cfg80211_wext_freq+0x1f9/0x240
[  391.651196][T16345]  cfg80211_wext_siwscan+0x4fd/0x10d0
[  391.656634][T16345]  ioctl_standard_iw_point+0x788/0xcb0
[  391.662150][T16345]  ? do_raw_spin_unlock+0x13c/0x8b0
[  391.667403][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  391.673270][T16345]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  391.679292][T16345]  ? __mutex_lock+0x527/0xd70
[  391.684019][T16345]  ? wext_ioctl_dispatch+0x106/0x640
[  391.689347][T16345]  ? __pfx___mutex_lock+0x10/0x10
[  391.694402][T16345]  ? full_name_hash+0x93/0xe0
[  391.699114][T16345]  ioctl_standard_call+0xc7/0x290
[  391.704183][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  391.710015][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  391.715842][T16345]  wext_ioctl_dispatch+0x58e/0x640
[  391.720983][T16345]  ? __pfx_ioctl_standard_call+0x10/0x10
[  391.726675][T16345]  ? __pfx_ioctl_private_call+0x10/0x10
[  391.732241][T16345]  ? __pfx_wext_ioctl_dispatch+0x10/0x10
[  391.737908][T16345]  ? __might_fault+0xc6/0x120
[  391.742623][T16345]  wext_handle_ioctl+0x15f/0x270
[  391.747585][T16345]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  391.753066][T16345]  sock_ioctl+0x17f/0x8e0
[  391.757402][T16345]  ? __pfx_sock_ioctl+0x10/0x10
[  391.762261][T16345]  ? __fget_files+0x29/0x470
[  391.766859][T16345]  ? __fget_files+0x3f6/0x470
[  391.771559][T16345]  ? __fget_files+0x29/0x470
[  391.776169][T16345]  ? bpf_lsm_file_ioctl+0x9/0x10
[  391.781113][T16345]  ? security_file_ioctl+0x87/0xb0
[  391.786234][T16345]  ? __pfx_sock_ioctl+0x10/0x10
[  391.791092][T16345]  __se_sys_ioctl+0xfc/0x170
[  391.795690][T16345]  do_syscall_64+0xf3/0x230
[  391.800199][T16345]  ? clear_bhb_loop+0x35/0x90
[  391.804882][T16345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.810808][T16345] RIP: 0033:0x7fb58e27cf29
[  391.815232][T16345] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  391.834843][T16345] RSP: 002b:00007fb58f0170c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  391.843271][T16345] RAX: ffffffffffffffda RBX: 00007fb58e3b3f80 RCX: 00007fb58e27cf29
[  391.851258][T16345] RDX: 0000000020000000 RSI: 0000000000008b18 RDI: 0000000000000007
[  391.859229][T16345] RBP: 00007fb58e2ec074 R08: 0000000000000000 R09: 0000000000000000
[  391.867203][T16345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  391.875199][T16345] R13: 000000000000000b R14: 00007fb58e3b3f80 R15: 00007fff52da92c8
[  391.883188][T16345]  </TASK>
[  391.886207][T16345] 
[  391.888531][T16345] Allocated by task 16345:
[  391.892938][T16345]  kasan_save_track+0x3f/0x80
[  391.897622][T16345]  __kasan_kmalloc+0x98/0xb0
[  391.902219][T16345]  __kmalloc_noprof+0x1f9/0x400
[  391.907076][T16345]  ioctl_standard_iw_point+0x4ae/0xcb0
[  391.912549][T16345]  ioctl_standard_call+0xc7/0x290
[  391.917584][T16345]  wext_ioctl_dispatch+0x58e/0x640
[  391.922704][T16345]  wext_handle_ioctl+0x15f/0x270
[  391.927644][T16345]  sock_ioctl+0x17f/0x8e0
[  391.931985][T16345]  __se_sys_ioctl+0xfc/0x170
[  391.936579][T16345]  do_syscall_64+0xf3/0x230
[  391.941083][T16345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.946976][T16345] 
[  391.949296][T16345] The buggy address belongs to the object at ffff888025919c00
[  391.949296][T16345]  which belongs to the cache kmalloc-512 of size 512
[  391.963350][T16345] The buggy address is located 4 bytes to the right of
[  391.963350][T16345]  allocated 316-byte region [ffff888025919c00, ffff888025919d3c)
[  391.977854][T16345] 
[  391.980200][T16345] The buggy address belongs to the physical page:
[  391.986622][T16345] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25918
[  391.995384][T16345] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  392.003893][T16345] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  392.011467][T16345] page_type: 0xffffefff(slab)
[  392.016145][T16345] raw: 00fff00000000040 ffff888015041c80 dead000000000100 dead000000000122
[  392.024748][T16345] raw: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  392.033363][T16345] head: 00fff00000000040 ffff888015041c80 dead000000000100 dead000000000122
[  392.042039][T16345] head: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  392.050735][T16345] head: 00fff00000000002 ffffea0000964601 ffffffffffffffff 0000000000000000
[  392.059414][T16345] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  392.068080][T16345] page dumped because: kasan: bad access detected
[  392.074502][T16345] page_owner tracks the page as allocated
[  392.080232][T16345] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4559, tgid 4559 (udevadm), ts 34536992052, free_ts 34535933921
[  392.101185][T16345]  post_alloc_hook+0x1f3/0x230
[  392.105985][T16345]  get_page_from_freelist+0x2e2d/0x2ee0
[  392.111538][T16345]  __alloc_pages_noprof+0x256/0x6c0
[  392.116755][T16345]  alloc_slab_page+0x5f/0x120
[  392.121434][T16345]  allocate_slab+0x5a/0x2e0
[  392.125935][T16345]  ___slab_alloc+0xcd1/0x14b0
[  392.130610][T16345]  __slab_alloc+0x58/0xa0
[  392.134936][T16345]  kmalloc_trace_noprof+0x1d5/0x2c0
[  392.140131][T16345]  kernfs_fop_open+0x3e0/0xd10
[  392.144898][T16345]  do_dentry_open+0x95a/0x1720
[  392.149687][T16345]  path_openat+0x289f/0x3280
[  392.154298][T16345]  do_filp_open+0x235/0x490
[  392.158806][T16345]  do_sys_openat2+0x13e/0x1d0
[  392.163483][T16345]  __x64_sys_openat+0x247/0x2a0
[  392.168331][T16345]  do_syscall_64+0xf3/0x230
[  392.172844][T16345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.178840][T16345] page last free pid 4555 tgid 4555 stack trace:
[  392.185166][T16345]  free_unref_page+0xd22/0xea0
[  392.189947][T16345]  __slab_free+0x31b/0x3d0
[  392.194368][T16345]  qlist_free_all+0x9e/0x140
[  392.198964][T16345]  kasan_quarantine_reduce+0x14f/0x170
[  392.204428][T16345]  __kasan_slab_alloc+0x23/0x80
[  392.209296][T16345]  kmem_cache_alloc_lru_noprof+0x139/0x2b0
[  392.215113][T16345]  shmem_alloc_inode+0x28/0x40
[  392.219906][T16345]  new_inode_pseudo+0x69/0x1e0
[  392.224684][T16345]  new_inode+0x22/0x1d0
[  392.228852][T16345]  shmem_get_inode+0x34a/0xd40
[  392.233628][T16345]  shmem_mknod+0x5f/0x1d0
[  392.237967][T16345]  path_openat+0x1425/0x3280
[  392.242560][T16345]  do_filp_open+0x235/0x490
[  392.247059][T16345]  do_sys_openat2+0x13e/0x1d0
[  392.251738][T16345]  __x64_sys_openat+0x247/0x2a0
[  392.256585][T16345]  do_syscall_64+0xf3/0x230
[  392.261091][T16345] 
[  392.263420][T16345] Memory state around the buggy address:
[  392.269044][T16345]  ffff888025919c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  392.277169][T16345]  ffff888025919c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  392.285258][T16345] >ffff888025919d00: 00 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc
[  392.293348][T16345]                                            ^
[  392.299504][T16345]  ffff888025919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  392.307566][T16345]  ffff888025919e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  392.315627][T16345] ==================================================================
2024/06/18 18:02:18 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  392.380412][T16345] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  392.387676][T16345] CPU: 1 PID: 16345 Comm: syz-executor.4 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0
[  392.398218][T16345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  392.408328][T16345] Call Trace:
[  392.411656][T16345]  <TASK>
[  392.414615][T16345]  dump_stack_lvl+0x241/0x360
[  392.419330][T16345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.424575][T16345]  ? __pfx__printk+0x10/0x10
[  392.429206][T16345]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  392.435241][T16345]  ? vscnprintf+0x5d/0x90
[  392.439627][T16345]  panic+0x349/0x860
[  392.443571][T16345]  ? check_panic_on_warn+0x21/0xb0
[  392.448781][T16345]  ? __pfx_panic+0x10/0x10
[  392.453240][T16345]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  392.459263][T16345]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.465646][T16345]  check_panic_on_warn+0x86/0xb0
[  392.470606][T16345]  ? cfg80211_wext_freq+0x1f9/0x240
[  392.475838][T16345]  end_report+0x77/0x160
[  392.480102][T16345]  kasan_report+0x154/0x180
[  392.484633][T16345]  ? cfg80211_wext_freq+0x1f9/0x240
[  392.489852][T16345]  cfg80211_wext_freq+0x1f9/0x240
[  392.494904][T16345]  cfg80211_wext_siwscan+0x4fd/0x10d0
[  392.500307][T16345]  ioctl_standard_iw_point+0x788/0xcb0
[  392.505782][T16345]  ? do_raw_spin_unlock+0x13c/0x8b0
[  392.511002][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  392.516824][T16345]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  392.522824][T16345]  ? __mutex_lock+0x527/0xd70
[  392.527515][T16345]  ? wext_ioctl_dispatch+0x106/0x640
[  392.532823][T16345]  ? __pfx___mutex_lock+0x10/0x10
[  392.537859][T16345]  ? full_name_hash+0x93/0xe0
[  392.542543][T16345]  ioctl_standard_call+0xc7/0x290
[  392.547596][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  392.553417][T16345]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  392.559241][T16345]  wext_ioctl_dispatch+0x58e/0x640
[  392.564376][T16345]  ? __pfx_ioctl_standard_call+0x10/0x10
[  392.570019][T16345]  ? __pfx_ioctl_private_call+0x10/0x10
[  392.575566][T16345]  ? __pfx_wext_ioctl_dispatch+0x10/0x10
[  392.581217][T16345]  ? __might_fault+0xc6/0x120
[  392.586025][T16345]  wext_handle_ioctl+0x15f/0x270
[  392.590984][T16345]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  392.596566][T16345]  sock_ioctl+0x17f/0x8e0
[  392.600915][T16345]  ? __pfx_sock_ioctl+0x10/0x10
[  392.605767][T16345]  ? __fget_files+0x29/0x470
[  392.610363][T16345]  ? __fget_files+0x3f6/0x470
[  392.615048][T16345]  ? __fget_files+0x29/0x470
[  392.619650][T16345]  ? bpf_lsm_file_ioctl+0x9/0x10
[  392.624599][T16345]  ? security_file_ioctl+0x87/0xb0
[  392.629712][T16345]  ? __pfx_sock_ioctl+0x10/0x10
[  392.634573][T16345]  __se_sys_ioctl+0xfc/0x170
[  392.639180][T16345]  do_syscall_64+0xf3/0x230
[  392.643694][T16345]  ? clear_bhb_loop+0x35/0x90
[  392.648382][T16345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.654295][T16345] RIP: 0033:0x7fb58e27cf29
[  392.658710][T16345] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  392.678413][T16345] RSP: 002b:00007fb58f0170c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  392.686841][T16345] RAX: ffffffffffffffda RBX: 00007fb58e3b3f80 RCX: 00007fb58e27cf29
[  392.694823][T16345] RDX: 0000000020000000 RSI: 0000000000008b18 RDI: 0000000000000007
[  392.702801][T16345] RBP: 00007fb58e2ec074 R08: 0000000000000000 R09: 0000000000000000
[  392.710774][T16345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.718846][T16345] R13: 000000000000000b R14: 00007fb58e3b3f80 R15: 00007fff52da92c8
[  392.726852][T16345]  </TASK>
[  392.730168][T16345] Kernel Offset: disabled
[  392.734495][T16345] Rebooting in 86400 seconds..