last executing test programs:

1m35.961121326s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

1m23.556934547s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

1m7.814811044s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

44.582037731s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

19.16603528s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

5.62006452s ago: executing program 4 (id=1168):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8efce1eb318b73bf57cfe45d6009bb03f2c2e2a967003f484fbf400090891e057fc9867f589ee", @ANYRESHEX=r1], 0x7c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1, 0x0, 0xf}, 0x12122)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRESDEC=r5, @ANYBLOB="e6c8c652247092d0511755b0f2c2ea43cd0d4d1dffd0634852bd6e8e2ca8c069f4e8003128c92443b79bc372b75e5dfa5c0468129641395f60eb06fd80cec3583d21e9d5f5414b2c7293ab130d99f58d937d2eb17b0cc646d5644824ba7e1cfb850b0af1c386db8db5aa987f3c0d3064d0339f3ee2c44cb47d72694e5299467b2940ff5a08ad94d455556d9c7c1be3ce"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='neigh_create\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r9=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYRESOCT=r1, @ANYRES32=r1, @ANYRESOCT=r5, @ANYRES8=r4, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="3721e199c3efc99ef9ed19e658816ee5ad95d223188c37306f0a80b224ec051fc35d83149f792901a9c50d29a0fbaa6fb4bcc268167aa412a4a322c14ce8b873e51b21c9cfcfed662825f1572b6a7aec692b1814e29b65592a41d8a710e904c2625dac14a0a6ba58f76e2f0010000059511cea32ef9ff2df5153cb82cc2a75ee3996c1359498cc2dd2b973fbc25bf407d646b8640809c21dc3e8deb0cc79899847665f77bc8e1807741e738cf371c8acc1e6e78d1829f1d36e8f0eea99421165090a23", @ANYRESOCT=r8, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x1c, r12, 0x400, 0x0, 0x25dfdbfe}, 0x1c}}, 0x181)
unshare(0x0)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_all\x00', 0x275a, 0x0)
writev(r13, &(0x7f0000000240)=[{&(0x7f0000000200)="e3", 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r13, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600), 0x4)

4.41107036s ago: executing program 3 (id=2062):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="88000000", @ANYRES16, @ANYBLOB="050000000000000000000f00652b77b60300", @ANYRES32, @ANYBLOB="47000e008000000008021100000108021100000108021100000000000000000000000000020000000100030100060200000503007a0271070000000000000076060000ffff0000000a000f000101000301000000080026006c09000008"], 0x88}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="540100001900110000000000000000001d01000015000400000000000000000018feb80ad21964230700000008000500000000001e0106"], 0x154}}, 0x0) (fail_nth: 4)

3.981993962s ago: executing program 0 (id=2063):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1a}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000180)=0x6, 0x4)
recvmsg(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/21, 0x15}, {&(0x7f00000000c0)=""/41, 0x29}], 0x2, &(0x7f00000009c0)=""/230, 0xe6}, 0x0)
recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)
readv(r1, &(0x7f0000000680)=[{&(0x7f0000000c00)=""/4096, 0x1000}], 0x1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000000)=0x200, 0x4)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

3.887010042s ago: executing program 3 (id=2064):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)={0x68, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x49, 0x33, @beacon={{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4}, @void, @void, @val={0x71, 0x7}, @val={0x76, 0x6}}}]}, 0x68}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

3.467092635s ago: executing program 3 (id=2065):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
listen(r2, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCX25GCALLUSERDATA(0xffffffffffffffff, 0x89e4, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r4, 0x6, 0x23, &(0x7f0000000040)=""/32, &(0x7f0000000080)=0x20)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000500)=@bloom_filter={0x1e, 0x1ff, 0x8, 0x200, 0x10, 0xffffffffffffffff, 0x9, '\x00', 0x0, r3, 0x3, 0x80000, 0x4, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000580)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES16=r2], &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001680)=ANY=[@ANYRES16], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x8, 0x0, 0x33}, 0x48)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x25, &(0x7f00000000c0)={r7, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x0, 0x0, 0x49}, &(0x7f00000001c0)=0x9c)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r9, 0x10000)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
accept(r8, 0x0, 0x0)

3.268451327s ago: executing program 1 (id=2068):
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @local}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000005340)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r4, &(0x7f0000005440)={0x0, 0x0, &(0x7f0000005400)={&(0x7f0000005380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x34}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000380)={'gre0\x00', &(0x7f00000002c0)={'syztnl0\x00', r0, 0x7, 0x8, 0x2446, 0x5, {{0x22, 0x4, 0x3, 0x6, 0x88, 0x67, 0x0, 0x4, 0x2f, 0x0, @rand_addr=0x64010101, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0xc, 0x87, 0x3, 0xe, [{@local, 0xffffffff}]}, @cipso={0x86, 0x23, 0xffffffffffffffff, [{0x5, 0xb, "d149e0f49a59d42add"}, {0x6, 0x8, "8bd0f36e0997"}, {0x5, 0xa, "4d332915619192e5"}]}, @timestamp_addr={0x44, 0x44, 0x89, 0x1, 0x1, [{@local, 0x8}, {@multicast2, 0x8}, {@local, 0x4}, {@multicast2, 0xff}, {@broadcast, 0x5}, {@loopback, 0x3}, {@loopback, 0x3}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xff}]}]}}}}})
getsockname$packet(r7, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r8, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r9 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000070402eeffffffffffffff002100", @ANYRES32=r10], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xb, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0072657461700000140002800800040002000000060002000000000008000a00885bd4530e40d3d0d17a5ab61df88b77721fd1ba0c54230ae2922fffdaef63beb51fbac218b1eca286b5c36fc9f6a653e55f28372067e7d41227746401539c3a69d788d2c966a18270c65598c1051d8f148378cdd7fb60110d92faa568377ad8b69e9f739167021e0b8180e87e8ff259515f04e0bcb681928589830ac2521f2d65b7789eb3efeaf7ba77", @ANYRES32=r8, @ANYBLOB], 0x4c}}, 0x0)

3.172619407s ago: executing program 2 (id=2069):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000bc0)={'wpan1\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000c00)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001d00000008000300", @ANYRES32=r3, @ANYBLOB="38002f802000038014000380060001000000000008000200020000000800400100000000080001008f0000f00b0002"], 0x54}}, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r4, 0x29, 0x1a, &(0x7f0000000080)=0x9, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90)
socket(0x0, 0x3, 0x0)
r5 = socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast1, @mcast2={0xff, 0x5}}})
sendto$inet6(r4, &(0x7f0000000000)="80", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{r0}, "a68d7ac65d85d7566b48f54dc0c827ef49335801ab38feefe4218f2e32f341a7e30ede331f94518fbb610ed57b582c40950a9515384e5e472738af99a4cb118cc8e87e599615baf661dc177fbf36bb7c23ad3aa19ce9c9699570b25fb9008f0526aafb975b0b496575a2f7b112817c0523ef620b2697376504389bd0868bc25185f07a0bed04cf87ab055593bb78a0745ff690c13f382244bda423d858f63fec5f25700f7b7cd02e070d77068224798529b381d0454393381223596179cd1201bfc77dd53a147a54147f9918a7ceca637684c241821a3bf81662262ee31eb93a1ecc16395551d934277a9fb4f35000c44f1efa442faf81d95e44c20dfd9ce31973a7ed068b5ca76c047befd365f085d30d7c5afa49e5cdc42899e21ad56994bb75331ce35c3b7c05798b914d8f507fbab945ae593575bf0aca56c71d38140c085fe283b096b19067b93e30a2c233272c06968a05055ec6e66f5f8b9ea4ce4c8b749e7dc290737db60812ef25da8b7775c80bb0aa459ba6ae3ee379bd67d615e7c6fd6b0f08105bcfa227a0965ad1f937a47598f3aed6dde920d9881798480227609a57bf75b01e551b6b19a8b9bb7176e8732a341e7f40d88498e9e2de6cf28e908a741aa02c3c68dccc2c60c6ee345674562d1dbf76aaf58eddc484c3ba1590ed439c8a994802eb60b3828fd0cb9e3fa3dfc31aafd55eb55fbb1e176d81f5740083e3dc76b77e49f35139dcfeb75ea83ba528beda1a2749498466ceba69902293b8c16a428d17c511016d8e1289ab0a27c763a518058356e13f6a0ee69dbe24d60eb17bfac70f5bd56c53a8f3c184779d6267c198104606bae11f72dd0e08ceba815ce88bdcb5312e64ac4b66cbbe95bfcc9f28fa8e6361d8974022191c335a84a63ecf3e962a62104cb8f5159316aaf25c13a35d6757820852c045626c5ec22022ce2e0868cc3ec63858474d53c526d59a3bf3a83e1ab4c5cdcad3a848c09720e30a853f67e5b57b7b4afc635b71157ef2969ab1d79141a1789cb3eb893fb946ee621b228ffe56fae47180fc632e75867e04dcc2bb8cc090838bdb850fb8fd6414ee3f96800366c2d6c2a13ce7061e278154281f0af0906d4cb3b2aa11b81e70b87a62d2546e3cc9e39d0d9d84cd06a755f943857e862d28383051accbc3c9d73d01b8f6f23aaad081f45d5fe6620d43d053e12b7ba16ea0987a5045d7daf81e8a69f31e3f7d4b81aab4856363e2154a157ca5cd58a1ddca117f82b5fb8733c9dbb0fc647793dced69e4d07399d7eda033007445fea0f4b9d76af009229c758d750ca955eece10c138f483788a996458ab28d38dcf4e3c9e52d6fd1699df39c5525dcc6726f422c6b5f3a45f20be89a2d08d4f21e6152399f538b2d279423812e9029faa0ca63468410ff784e5c1e32fdfe110f1ff791f2f82fb09c9ff8b8f0fde3d7a8ce111a82baa2b4496f786a0718f480cbed75887feacb9a00d2e7597a99c9bf4555c72cc5c9aad7aa0de672d749dd53ad97c4afd1a8d6861c8b214bb4a44e0938b876ae6e1aac7001d4b0a67a99b58b08e55a79966ef9861df545b629126acc999a9c495c0d9757907a37f159d4748440d4689c7d0e8786feff38675ce0b80be33e41db2df389f910b6006aefb2d80c802e7ce741c5778cb6d31bdadfc52affa3c555976610c805eb28e9939d8f437a4ba9cf588f2e1abd192815853e6b593b3b042007da14a9e3dc9d42f9e05657a585bcb87ccb907d70cc1927b432fe1a0cce64b48267051ea4e45e8243494258d6006028fae8628867264e2a7e106fd0dea79be3e3f5788ca495d8e2560294bd2e6b8a696d676f57ed48d578ea6847b158874a48dd40349a81dfb7e43f38a3f374dcce69d1345f94d9904e097ae1bd6b9f7c9d8d344e18b0d64c5f7289b3a4f21a34e1847fa696c854d10d5486f7b98daef3192bb69702990d449e57282e4e54eccd4893a32e1748b1f8ac0c2efce17aa1b987c8252aa6df615f3bcfa2dcac84e053cba1245eb0f894c5dcf2addecfce677ba3c929ef610b5d7b1cf3f017e4f33da75dec3f90fdc5dc5358d86b8c441e856e437e77632a7660e347497a268625b610b5120cb8f20cc53395008f979b561dfd0eea875369ed74aa5987f1b763056e6ca873f01fedb42f370e15eb1aaa1cee24fd41350e77aacfffcfd47008c2ed19ab9c8fadc912e86e0e33cc7eab28617390cacc95d8c699addf44be0317712cb366e8ac826c93bfb7b963eb655dd8cdfe25a731b055554f0d17fc5c4c68dfde7aaf743f702c7dd95d7645086377978c9ad855fc072a595b11b449676b9fec4a599c68a19ba1629c99e03be7d1c1f80d9a328465696cc8fee2cfdf2ee368da3528397e3799cdf12cebec808774572ab5bda8ca6a0f3f0b310a6986736d37944ad74cc61d5f98d8e72942b0d32d0272b19cc843a7383d384556569b5a323ff0c85f69c6dffb75eab165502bae965ade8218e462904ff032eb2d8b440ff0326fa7e64c69e63c4ccae69457c63467b6d252a933b24fea10e7e3af5810a1b37a6e146887f445c0631924c3e8054502db520e182ddba459b27306b4fb412dacd4f2dde72059479826563755b6f6f8e101318deb282b7b03978b3894163bb734b7b6aede5e4e921a12edbc655b326a6cac49be8606935834f8b9126f2658ab1b0824c5e81541b36376823693f73d33dfa35144d193d535e1c03be46c51c46b2075c56cda68ac65a9b8f1a29f30c95a0090d479b1c5c6b285b28ed7793b5f0a4b194934eaaf3d4a10a607601217ce0d7b26c5333de0688cb45221e63bb7a9e9016b576f7ed55be6d55f75fa3e0252ba5713ba9271e721fc0a92554c00a11fde8b42dfcee5e48586ff00f8d7b0fa7df1eeb000c7139a0593c59d581861b15bb64c4cba100a072ff1e0d7d6b44708207c3df798e382ac067bb8fad98a081b318f7b9901181edd3fd85d4bcf483a5a0bd0b5383b10cae61ad09af203dae1af4ef8b05406afea939c2b9ae14baa7fa22c26c1eec494d3db9f83a091cdadbc352fb2733f99636a2286312157d12710a2e2c7564369a866b2e1d79c2a003005e8b5305b50d014bbca305792758fe39dd04d39c8f933b382819a5cbaff080eba8b8d15c2e07f4f1935f546eef38bdc4dce43c271d2a5e41d30ab447469f129245b8f29ad67611edfa682042e16eecbc667af7baaf968f192033ac553ae5e68ba1d2136233158d2dbf02ebbca0bcf413891389425b5f89d77a05e94c5fa320331377deb39730ae813d9b7652c9e84716b228478b8befe46d85dae582f192d3d0ae26252bc2ecff84d498bf1e1a3ac4eea33c9d7da5a2b1a0c716d8fd89036fcc38e59fc1324d0116d34cc572d65e8a822a7e3a6bf92a6afd3acd3763c72d4fb029053ef9120032d2cc8216ff6c9b69195c17a328dd53db18135d6eff3945e962261c08fac592150d8b00a8a0df26155e70cd1a6419cdebb3cd73533ef2dbe23f9d98781f17fa81201d123b47f98bb7d59fcf5f9b20c9f0555ac9e2a3f9805faf2a6696ecaa6a88df96ef40ebaf6a08510519f5edd0eac32a2a4dc63d46a0b5b2d9ad2cfe16056435a4e68e47e4540ed99836731d707ab0a98a2a2a46e48d3488c979b73bd7eeae33cb4ea6f3add5a441aff44e901fea638c87c566bb75e84c039150b85e4101e7d1c344473a7a5035b4f5dacc97666c141ef6f35869446ffbcf00a02552aba2900fe82085c80c167f7f7417038ac13ebf3bb62c891f4758e4a697e5e2fe369a2b0a6f39eb45e03272bf3231c81d73a1385d93333da5ac053ceacc740e5cb8eed5c8ec10e243bc2ec88e02e3285c7d779ec46f390957c11cd4305260591fa483cc94ed8f2d0253ac82dc626004960b6147bed9164c4464d4677a289af69295b7ff927dbedbf7200cf269de56dbfa2345f0f40eb469038bb26a66dc581faafad1357fcd30c7ee9544da92b6ad4abc92523e8c4e4ab23e38653fb6926992a125656c4409de98197fa252106d05a1d5653530813d7f96ed92bf67eaf9a28f250730d85ef5a808482a61a4b37d890b68f5d01b07056f99811f60dcd787093cffacf49ad320e2aff825398284e289e280b234790b14d26de56b2d4a93f753cb9aba70c0fcd62c7f52088e6e96cfdf716eed1a08b0e555bcdcd7b40220e5585c8b0972260cf6525257e071f3df276af1b3ff698e9ddfc40d6c462cfb0174a1a45baa7f8d721134abdfb64b9efeae8dcb534a0f81066225f2f52fa25cace1a15a17963e341440f015b9dfcdeec391cbc3d3e670cf13efebbe153c0a6e1986e651a08c39527bf4b6544829a111db34f6bc3878e68403f3216fb9ca7784772a2ecc61b614725b9e8992acc9ef3bde86f105b36b15bac70dec82929ade527d7603f24c3fee15c6717e6b45579b116c04ef905f0fca5a03acbce54ee9e0137d61a987226e5906c0ee93b77ed62e3a740dfa27ac7a5d9e24fe4a28948659c14bfe99c5b96e6067455abbc51aba106efa8846e3ea851efc47c23de8f43a549100e7883db270d4eccbf42d90362d0d68f8fab1efc3f71d901c004fbb97c7dc40f3804cbc9d568f7977bd658c1a83c6ab6f19772c669969ba439f9a54f2389bf236e4918b02ee751af1404d6ad327a2628fdda9becdb8cf9bc7477e95c2be1cb8bb37a0287bc2bc39bc23d22e7b43059970fcaf43ce172bfdc2b4fe0e1564fed1643b8e1661bb447b71932124c3664d54e7d82fc5d8c3fed24b72ebcdf781306963797d849a6a6aa83886e9e4a29f8d4830d352fd15912fe3237ada81f7f8c202eec5239a8b30454a283374ab7b93c372ca2aab661a74ace6550ba1d1efe315e5cddea09c4d11e6a1a7039764a836d9692e50a06f2bef9fe2a4c5f0a958da22fa689c176beb1b5d7cf2f0ca851356df070f89f3f033838cdcf13b8dafb09709e4ef0237b19cb892f1b0ffaf47e1d04960237c62cc6ed1cf9a8d492a4af847cd5aa3c3e412e7d6596690701eed5c81a632c11556ff791df625ff46fc2a42872ac348e73a34c83fdedc92199ad67633b2fcdf25295427e550591880313f75a73e070d12a10aed4da49d0ef65fdec46102fd80f106e160703d4bdd9785165466c3f9358932465c16f712133b87a5adc46ff4fa2f3c516b0b3a7e982344fe21ad0da6ce1725f38a4ee4abd7d9cf22ab980a9d36e5825b1272b5493e4aa32d75f2183b9df9f70d1c2ee60885de9d4d9bde1ef46bbee3530763ccaeae93852aff868856e03242ecae1904655323303601f3eb8fff582d777bb6766129afd6196ef36a5c69b811155e8c894ccb84f20b85ded27df2ea2ae42cf956b7f0fb2844ce3a92945fbd421c3bcf3814f4490f450508b6c7e2e9a7ce9806d3a129ce591328b013a7194953096f4e09c21a2dd7325850f023bdfad7fd2ce6d0fbdce1d5329d5274a57c2be2c6aab75fc8167e0c4bc23c53ae20853e08a45608e83ca84a5216605338e1117d09cfd58b2e8b2b02593ef6c853d6df47ffff2bb2be5a92d14964ca7d2a2b9b57b8132744f6a16a52bf4126467ea37e5af30bb54ba65fd6e8e486a96a6fd9c5fbe41757ed27dc5f6e6694c2470013ccbfcfd01a01327a71ac94cecc47816ee8437ebe720b0434987828c98cceb92a322f587eddfc27e02da5272ec3f5da5522f2b9a8c0009f959d5a51ac32663587141f2b8a0b73de586c56e2ef9bc49f5b928677f6129bfeba8860d07aa8a4c1e5ff2c6d0cdab1ddd9e4f2671f28031f64fa5492eaf683c692f3536d6a07"})
getsockopt$bt_hci(r4, 0x84, 0x6d, &(0x7f0000002280)=""/4090, &(0x7f0000000040)=0xffa)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000040)="e03f03002a000b05d25a806cff6f94f90424fc601000128f0a000612073582c037153e370825188002ac0f000300", 0x2e}, {&(0x7f0000001480)="df26f5ab73b6bfd781fb8c28b602e7b39822def850977a51ed1141c905938f96f671049826dffebd99595b95a7d3bd92144e3810f6", 0x35}, {&(0x7f0000001140)="8a75885644e168b9113b1014103fdd0845d8f468487d16c65c4f55f07f9d63805d76d3aac867802e549045884741af535a9dbfb5ad4589a7ea61e0a65c5454a3cbbe6275c2cc58bb7d8945121be6c82d156e01165a593ec042b0aa39ae89f8f0a428799699d5d7339dd04f26b9a66288d401af4f50c039612cbfd77d052b5d093ee938cbcf44c46d032e7e223b5a7013f9bdf5b9f2c00d8f305d3fe68ddac2c14a9240b35f5603fe85f328ecda87104004010a1af35b0bb702779272cf486057ac75680dc261d56421db412298131649f57ff1b461669cdf27ca50d9d76d0c76c87d23d0f7f1947b125564fb3420d08f46362186cf0d4a5778e018", 0xfb}, {&(0x7f0000001240)="b3a0e667b26fbd57e664ab0b00418055308816b7c79595072807988f120e41f60ed9e426ad26069a02004288", 0x2c}, {&(0x7f0000001280)="36fd2c97db831f6c04bb2e4ed9cf4e2d9e49989003e811cb0d99c188fcdee97631e0832ef6c0bbb3b995ab915dd1451147998787a7404b7a24d768ecde08624dd5ceef910f7b39d8c01c55d71b2a43316ff209e8abea93d5fa2ba83bf1babb955d1885e69e589f5f918bc480cfed4ef3565ca38d6a6a8a88be088ffe18a1bda4ffe6c7f5e20a697dec25bc29b822806ab883382031a63249b750", 0xfffffffffffffdb7}, {&(0x7f0000001340)="694b1a9049ffec49cfb9b9f5c70aeb36fa6daca486f5a161d6d3a3fd2a3b3bba50c8cfea08", 0x25}, {&(0x7f0000001380)="ddf34b9f9555611282d2070ed1ae692b2888a6f71169bc7335abbd26af7932daba20dac5100895b89127ce7d6f2b87be94548510c9b1b26cb786c400ce91d4714f3dd800000000100000000000000000651f0bf350ce430a1a52dafbe9bc2f6c29480ba025158c82996ba751635baaf6dfb7bc0f4c1ad62903236457f11d2a546e5fa038cc8ffd802641c474308942e39b26b84b8c25c045ea1d22a4879d408b733a3846de8959a135a7db8029700ac7d26b0a6815dd50700856a68fd33496bb384999ff953c1d6aa5be54a07349b91468de4586d5c0da67c7804b15f3655d2babcc", 0xe2}, {&(0x7f0000001700)="fc9ab2a05371f52d2b5be2f1ec988ee5899fae0fc10cd5103c2d6af8b74d059d1c72a6e6a271e185ef4fde607c1088c990ea34b841ce8700b1562b6565b943a058ee70e61ca47285e0c24da7a86097d95ea115091b981610e900e44448131b6cb84c74320df949084dc6e20934bb8372118f81c5e4c67f4b40a8524f479df08aef6e78a33f541fc38c79dedc27cd415839d081f7f282197da405a36f76789a88e925149efe7d62cb386a5836c81cb77fb3971bc894b08d", 0xb7}, {&(0x7f00000014c0)="a1dea392ab529d72033d4a4e9e1a4989fe5c59184fd6af73451ce3b1af13e04ee505f31e7e5bee9be77d81af2932e4d7da313ae5c665aa7872f63a22eff17c02468ff4d177960ef8414655be6960e0421cb5a283a4ce205e5f7496fc541392b926a222e0cb4149a45b56e7cbee4b0cb0028d1a40c544224572fc", 0x7a}], 0x9, 0x0, 0x0, 0x8100000}, 0x0)

2.970431714s ago: executing program 0 (id=2070):
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$inet6_dccp(0xa, 0x6, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$kcm(0x29, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB="9000000010000305000d00000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0)

2.536537068s ago: executing program 3 (id=2071):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
socket$l2tp(0x2, 0x2, 0x73)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000100000008000100", @ANYRES32, @ANYBLOB="3c000200240001"], 0x58}, 0x1, 0xf000}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b000500000000000000001808"], 0x114}], 0x1}, 0x0)

1.727236606s ago: executing program 2 (id=2072):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r0 = socket(0x0, 0x3, 0x3a)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d000010000000000000000000000008001200020002000000bd0000000000120032000203000000100000000000000200000000000000000000570d45f3dd65602100"/78], 0x80}}, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x1b)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="38010000100013070000000000000000fc020008000000000000000000000000ff0200000000000000000000000000014e2200004e2000000200000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="e000000200000000000000000000000000000000320000006401010200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000a000000000000000000000048000100686d616328736861312d617678322900"/240], 0x138}, 0x1, 0x0, 0x0, 0x840}, 0x0)
socket$kcm(0x29, 0x7, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000203050000000000000000030e9abc000800010001000026"], 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r3, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r4, &(0x7f0000000000), 0x9)
write$cgroup_int(r4, &(0x7f0000000040), 0x12)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, &(0x7f0000000080), &(0x7f00000000c0)=r6}, 0x20)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r7}, 0x0, &(0x7f0000000040)}, 0x20)

1.675194718s ago: executing program 1 (id=2073):
syz_emit_ethernet(0x376, &(0x7f00000003c0)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0300", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x3, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x1, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0) (async)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) (async)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)=',\t', 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

1.674413036s ago: executing program 3 (id=2074):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x3c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1e, 0x33, @disassoc={{{}, {0x3}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @void}}]}, 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x44, r7, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_UDP_SPORT={0x6}, @L2TP_ATTR_UDP_DPORT={0x6}]}, 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={0x0, 0x43c}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r11, @ANYBLOB="0a0034000202020202020000040067000400cc00040008010600660000000000"], 0x3c}}, 0x0)
syz_emit_ethernet(0x4f, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaa9e360ca3b11378e9c04a1117789eaaaaaaaaaaaaaa0086dd60cabf0000193afffe8000000000000000000000000000bbff0200000000000000000000000000000301a78ce540065980"], 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0xfffffd9d)
r12 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000880)={'macvlan1\x00', <r13=>0x0})
sendto$packet(r12, 0x0, 0x64, 0x0, &(0x7f00000001c0)={0x11, 0x1, r13, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_DEL_PMKSA(r8, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="44000000d52f1640e032945295759fb7ecc3052670e75bda915536f9ac493f793446afa557281b5a94f0d093ab8fd4fd71f49402f923bedc3f0c592fef987179a2740b2294f22c92bbaa13718ce44160c47983194c85d6ecee48e98298a6fe522c559364c9cbb3d1a32812554c5d3d939a66fa6298ce960dea24b85d9b284f0b839719e508e2c2aef2b84dbe30a8a85247ebe249a775b431ab25bf894f2916e866f7e94d5aa13c4e9e9c2d588c9f55f0e5e87fd6446ac6a77d", @ANYRES16=r10, @ANYBLOB="000125bd7000fbdbdf253500000008000300", @ANYRES32=r11, @ANYBLOB="0c009900000400002b0000000a000600ffffffffffff00000600fd00ffff00000500200100000000"], 0x44}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000400)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000140300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c78cd3e7dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25"], &(0x7f0000000100)='GPL\x00'}, 0x48)
sendfile(r5, r8, 0x0, 0x8000002b)

1.674054296s ago: executing program 0 (id=2075):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)

1.583147388s ago: executing program 1 (id=2076):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000002c0)={0x40, 0x0, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x7, 0x13, [{0x18}, {0x0, 0x1}, {}]}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x1f9}]}, 0x40}}, 0x0)

1.431512375s ago: executing program 1 (id=2077):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0) (async, rerun: 64)
socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (rerun: 32)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000011424203"], 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x12, 0x9, 0x8, 0x2}, 0x48)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r2, &(0x7f00000000c0), &(0x7f0000000000)=@udp6=r3}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r2, &(0x7f00000000c0), &(0x7f0000000540)=""/4096}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000580)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r1, &(0x7f00000005c0)={0x1d, r4}, 0x10) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x2, &(0x7f0000000580)={0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, 0x0, 0x0) (async, rerun: 32)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@newsa={0xfc, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@empty}, {@in=@broadcast, 0x0, 0x33}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {0x0, 0x4}}, [@mark={0xc, 0x16}]}, 0xfc}}, 0x0) (rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) (async)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) (async)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="4f00030007"], 0xd) (async, rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$unix(r7, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)

1.150875243s ago: executing program 1 (id=2078):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x3c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1e, 0x33, @disassoc={{{}, {0x3}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @void}}]}, 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @multicast1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x44, r7, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_UDP_SPORT={0x6}, @L2TP_ATTR_UDP_DPORT={0x6}]}, 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002040)={0x0, 0x43c}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r11, @ANYBLOB="0a0034000202020202020000040067000400cc00040008010600660000000000"], 0x3c}}, 0x0)
syz_emit_ethernet(0x4f, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaa9e360ca3b11378e9c04a1117789eaaaaaaaaaaaaaa0086dd60cabf0000193afffe8000000000000000000000000000bbff0200000000000000000000000000000301a78ce540065980"], 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0xfffffd9d)
r12 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000880)={'macvlan1\x00', <r13=>0x0})
sendto$packet(r12, 0x0, 0x64, 0x0, &(0x7f00000001c0)={0x11, 0x1, r13, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmsg$NL80211_CMD_DEL_PMKSA(r8, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="44000000d52f1640e032945295759fb7ecc3052670e75bda915536f9ac493f793446afa557281b5a94f0d093ab8fd4fd71f49402f923bedc3f0c592fef987179a2740b2294f22c92bbaa13718ce44160c47983194c85d6ecee48e98298a6fe522c559364c9cbb3d1a32812554c5d3d939a66fa6298ce960dea24b85d9b284f0b839719e508e2c2aef2b84dbe30a8a85247ebe249a775b431ab25bf894f2916e866f7e94d5aa13c4e9e9c2d588c9f55f0e5e87fd6446ac6a77d", @ANYRES16=r10, @ANYBLOB="000125bd7000fbdbdf253500000008000300", @ANYRES32=r11, @ANYBLOB="0c009900000400002b0000000a000600ffffffffffff00000600fd00ffff00000500200100000000"], 0x44}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000400)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000140300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c78cd3e7dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25"], &(0x7f0000000100)='GPL\x00'}, 0x48)
sendfile(r5, r8, 0x0, 0x8000002b)

1.150570354s ago: executing program 0 (id=2079):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000440)={0x0, 0xf00, &(0x7f0000000140)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@chandef_params, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}]]}, 0x24}}, 0x0)

1.114653257s ago: executing program 2 (id=2080):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x0, 0x0, 0x4, @prog_fd}, 0x20)

971.774491ms ago: executing program 0 (id=2081):
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="28000000111001000000000000000000d98ad0dcdd563cfc0000000000000000000a003300efc1e5ea560bded694393d9a72f2c1f858"], 0x28}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xb, 0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c00635c368c5e8abd7e81bd98f716f1dbf0a48109"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)

787.206901ms ago: executing program 2 (id=2082):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0xfdef)

540.286232ms ago: executing program 3 (id=2083):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmmsg$inet6(r1, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private2, 0x1e9b}, 0x1c, 0x0}}], 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, 0x0, 0x40084)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0500000000005a642f61945800000000b40d", @ANYRES32=r5, @ANYBLOB="0800050002000000"], 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)={0x70, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x39, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @default, 0x0, @void, @val={0x1, 0x6, [{0xc, 0x1}, {0xb}, {0x36, 0x1}, {0x6, 0x1}, {0x6c}, {0x6, 0x1}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0xfd, 0x20}}, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0xa4a2}]}, 0x70}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xc}]]}, 0x30}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = socket$caif_seqpacket(0x25, 0x5, 0x0)
getpid()
sendmsg$unix(r10, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@rights={{0x14, 0x1, 0x1, [r9]}}, @rights={{0x14, 0x1, 0x1, [r11]}}], 0x30}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000540)=@data_frame={@msdu=@type01={{0x0, 0x2, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7ff8}, @broadcast, @from_mac=@broadcast, @device_b, {0x5, 0x4}, "", @value={0x0, 0x1, 0x0, 0x0, 0x49}, @value=@ver_80211n={0x0, 0x3, 0x3, 0x0, 0x0, 0x1, 0x1}}, @a_msdu=[{@device_b, @device_a, 0x3d, "74045964923de18f7eea94ff55add03f6d5e3ba60774ad178fc2b8c6177e0df67ecf3f3475a38b9368c95d466544b089abe5c9640ca5316767bc0a09d5"}, {@device_b, @device_b, 0x54, "3b4edecae625e46bc1251ed7a3d952796157205d16bc4ce267372f2ea60078a15eede8383a5f200f352e6199b1ec8ecdcc59ec1e6aabfb205853550f4abd600fe975b4ce792b01888bfd4c0d32e54a1d5f5a7bd7"}, {@device_a, @broadcast, 0x65, "4ed248387f26bd77ee8f452b19b65ed06d0fb5a25ee9f3583e7c3d279d923c412da16e9c9938cd6286b391f31012a3baf9c15542d3855c194075e46ffd6d9b9d7f884fabaad4226e73418bac5874f168c403acfbec0a19c6363744cf93024ca8d37d592201"}, {@broadcast, @device_b}]}, 0x152)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x0, 0x0, @void}, 0x1e)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$tipc(0x1e, 0x5, 0x0)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {0x22ec}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x0, 0x0, @default, @val={0x1, 0x2, [{}, {}]}, @void}, 0x22)
r12 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r12, 0x89e2, &(0x7f0000000000)=@bcast)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)

473.309616ms ago: executing program 2 (id=2084):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000003c0)=@gcm_128={{}, "3b29d9648e80e905", "86a21e3e39368b237f0e3864667d0bd8", "1b598634", "6eaef0fc24de6e61"}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x38}, [@ldst={0x6, 0x0, 0x2}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair(0x1f, 0x5, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, 0x0)
splice(r1, 0x0, r4, 0x0, 0x7, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f00000000c0)={0x0, @adiantum, 0x0, @desc2})
close(r3)
ioctl$int_in(r4, 0x541b, 0x0)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000140)='Y', 0x1}, {&(0x7f00000002c0)="68f541365c6e24f4b7d5c9aa2f9b2c4c52595b25d20630fd08f13268f411acb0c11d69ec1130bed0dd819226c2af8da6dbb3f755b9069c1e0c2cb4a0b2ad06ca0b253b8a72e00ef9944bc9580d631ea0189b570ce789ad89024b28ce02b77a283928600689df24d1ba7c9416b5fa2de38be3e22f5f5fbcd16d452622373bcc9990af422c2e6de6b1feefd1013a54b25b54818eed58480eb329add61bb10f5fa995ddc6d7f6dad5a2c3cbf08bb6ef83184b333e671556508fab9215c5cdf70523505f4d8fe481c95ae9474f0b56410c8b1d119adeaee914773690addd9bdb059fa8c7075b40715349e11c7fcd0830000000", 0xf1}, {&(0x7f00000003c0)="ff94c27bc1f1b6d3354c224bba1b7d981623361e264febad94e6dd45ab3802e4cd2fa54fbd6fa9c29f441969875b5b6dff52d252d3749b3a8645929eb47f0e8b4e8427eaadd73307a786aa36c167052f7d39fd70d3a3660a05502026f48ddc6b4a5e17bb9b2a2783052fbf9347b36d4b6410dfb7a44e3665d1fc020a91ff66b757178cafcd14b8a6a1fa9ece56c6d81b3948a31ab92262270638dec275f6da9689450b588511019848665657f6140bb0cffd61cdb296460e0500000000000000b1d0b1", 0xc3}], 0x3)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
syz_emit_ethernet(0x89, &(0x7f00000004c0)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x44, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @ssrr={0x89, 0x7, 0xd7, [@private]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"39ece5d331669183d9734559fde2fb5ae5c58fe916d0d09b8974c324d7ae1bca252c458e7c525443819172fe8733f1fac3ab0a4c4e55be"}}}}}}, 0x0)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_mreqsrc(r5, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0x28)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[], 0x58}}, 0x2000c0c4)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)

106.219787ms ago: executing program 1 (id=2085):
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000440)=ANY=[@ANYBLOB="4401000010000100000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb00000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="64010102000000000000000000000000000000006c000000ac1414bb0000000000000000000000000000000000100000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000c89012d00972d91e100000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000020000010000000000000000006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00080008000800000000004086c65989a41054ced4f32276902376dc43c9b24be66bd9b475418e8bcc6d25032b6d77c674ea6a66b53440694712be4b9bcb174de25f465b630bcca8799bf1f5a0e661737895c2c87b9a3b123fb65363b2352eccd09ecc64fbe92b3c22a9feff601026ea390bf3633f0cfae709b0ee650c1e49af457ef90cba9b58d317e6733091eee75d3bfb90e4a165aca0b664712e47f6b02eb389685d54d73a3b71c41c0f0bbf81"], 0x144}}, 0x4810)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="28000000111001000000000000000000d98ad0dcdd563cfc0000000000000000000a003300efc1e5ea560bded694393d9a72f2c1f858"], 0x28}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000000)={0x1f, @fixed}, 0x8)
setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xb, 0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c00635c368c5e8abd7e81bd98f716f1dbf0a48109"], 0x1c}}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPATH(r7, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x12800040}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000129bd7000fedbdf25150000000a00060008021100000000000a001a0008021100000100000a0006000802110000000000"], 0x38}, 0x1, 0x0, 0x0, 0x24008050}, 0x10000)
ioctl(r6, 0x8b2a, &(0x7f0000000040))

851.719µs ago: executing program 2 (id=2086):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000002c0)={0x40, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x5, 0x13, [{}]}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x1f9}]}, 0x40}}, 0x0)

0s ago: executing program 0 (id=2087):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4001)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000380)={0x0, 0xc00, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000000a0601010000000000000000000000000500010007000000100008800c00070308001c40000000000900020073797a320000000008000940"], 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

ep mac addresses unique to avoid problems!
[  221.352586][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.363625][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.373614][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.384142][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.415236][ T8876] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.459366][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.470928][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.482797][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.493502][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.513199][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.536789][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.555979][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.567279][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.577950][ T8876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.589271][ T8876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.611018][ T8876] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.654835][ T8895] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.689262][ T8876] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.723058][ T8876] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.750858][ T8876] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.771031][ T8876] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.796485][ T9094] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1221'.
[  221.843344][ T9094] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1221'.
[  222.089149][ T7006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.097044][ T7006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.184245][ T7008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.211410][ T7008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.410112][ T9116] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1159'.
[  222.445074][ T8895] veth0_vlan: entered promiscuous mode
[  222.467149][ T8895] veth1_vlan: entered promiscuous mode
[  222.538040][ T9116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.581507][ T9123] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1229'.
[  222.604898][ T8895] veth0_macvtap: entered promiscuous mode
[  222.635882][ T9118] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.648579][ T8895] veth1_macvtap: entered promiscuous mode
[  222.702788][ T9125] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1230'.
[  222.712545][ T9116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.728181][ T9129] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1231'.
[  222.757485][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.790317][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.800543][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.818252][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.837322][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.857235][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.878484][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.899595][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.917876][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.937402][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.947609][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.958696][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.972427][ T8895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.992141][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.011525][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.028289][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.048909][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.066010][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.083181][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.093396][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.106347][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.123066][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.133892][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.145083][ T8895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.161446][ T8895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.178044][ T8895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.202381][ T9135] macvlan2: entered allmulticast mode
[  223.222023][ T8895] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.241707][ T8895] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.261258][ T8895] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.274025][ T8895] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.432211][ T9143] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  223.596124][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.626417][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.777099][ T7008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.812895][ T7008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.933493][ T9167] netlink: 'syz.3.1242': attribute type 13 has an invalid length.
[  224.081177][ T9171] bridge: RTM_NEWNEIGH with invalid state 0x0
[  224.195245][ T9177] __nla_validate_parse: 7 callbacks suppressed
[  224.195269][ T9177] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1245'.
[  224.370885][ T9186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1245'.
[  224.630420][ T9193] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1248'.
[  224.741605][ T9193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.869968][ T9193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.916023][ T9193] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.054679][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.227127][ T9207] netlink: 'syz.1.1250': attribute type 4 has an invalid length.
[  225.451415][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.451975][ T9220] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1255'.
[  225.617408][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  225.744709][ T5098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  225.744741][ T9226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1259'.
[  225.764635][ T5098] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  225.779221][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.790953][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  225.801718][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  225.811185][ T5098] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  225.825337][ T5098] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  225.865218][ T9234] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1260'.
[  225.923786][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.953904][ T9239] xt_CT: You must specify a L4 protocol and not use inversions on it
[  226.072445][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1260'.
[  226.302225][   T11] bridge_slave_1: left allmulticast mode
[  226.308069][   T11] bridge_slave_1: left promiscuous mode
[  226.314922][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.329236][   T11] bridge_slave_0: left allmulticast mode
[  226.335223][   T11] bridge_slave_0: left promiscuous mode
[  226.341624][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.349261][ T5108] Bluetooth: hci3: command 0x0405 tx timeout
[  226.564516][ T9228] syz.0.1258 (9228) used greatest stack depth: 17520 bytes left
[  226.732045][ T9254] netlink: 'syz.1.1263': attribute type 11 has an invalid length.
[  226.765463][ T9254] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1263'.
[  226.998742][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.027578][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.053401][   T11] bond0 (unregistering): Released all slaves
[  227.116905][ T9253] netlink: 'syz.3.1264': attribute type 4 has an invalid length.
[  227.130561][ T9253] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1264'.
[  227.198881][ T9263] netlink: 'syz.0.1265': attribute type 13 has an invalid length.
[  227.359524][ T9275] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1269'.
[  227.445753][ T9274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.558713][ T9274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.646187][ T9274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.869475][ T4490] Bluetooth: hci4: command tx timeout
[  227.957818][   T11] hsr_slave_0: left promiscuous mode
[  227.978133][   T11] hsr_slave_1: left promiscuous mode
[  228.005990][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.020849][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.029764][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.037343][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.060585][   T11] veth1_macvtap: left promiscuous mode
[  228.066115][   T11] veth0_macvtap: left promiscuous mode
[  228.071872][   T11] veth1_vlan: left promiscuous mode
[  228.077157][   T11] veth0_vlan: left promiscuous mode
[  228.717052][   T11] team0 (unregistering): Port device team_slave_1 removed
[  228.767250][   T11] team0 (unregistering): Port device team_slave_0 removed
[  229.170688][ T9290] team_slave_1: mtu less than device minimum
[  229.958591][ T4490] Bluetooth: hci4: command 0x041b tx timeout
[  230.642334][ T9230] chnl_net:caif_netlink_parms(): no params data found
[  230.834422][ T9317] netlink: 'syz.1.1278': attribute type 7 has an invalid length.
[  230.842767][ T9317] netlink: 'syz.1.1278': attribute type 8 has an invalid length.
[  230.854741][ T9317] __nla_validate_parse: 4 callbacks suppressed
[  230.854759][ T9317] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1278'.
[  230.888010][ T9319] netlink: 'syz.0.1277': attribute type 4 has an invalid length.
[  230.917404][ T9321] netlink: 'syz.3.1280': attribute type 13 has an invalid length.
[  231.004763][ T9327] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1281'.
[  231.019064][ T9230] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.028908][ T9230] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.037731][ T9230] bridge_slave_0: entered allmulticast mode
[  231.044620][ T9323] netlink: 'syz.2.1279': attribute type 11 has an invalid length.
[  231.060113][ T9230] bridge_slave_0: entered promiscuous mode
[  231.072227][ T9323] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1279'.
[  231.132302][ T9230] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.153364][ T9230] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.178083][ T9230] bridge_slave_1: entered allmulticast mode
[  231.200237][ T9230] bridge_slave_1: entered promiscuous mode
[  231.305073][ T9333] netlink: 'syz.0.1282': attribute type 13 has an invalid length.
[  231.345090][ T9336] veth1_macvtap: left promiscuous mode
[  231.411743][ T9230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  231.440922][ T9338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1283'.
[  231.524157][ T9230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  231.561154][ T9340] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1285'.
[  231.780240][ T9345] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  231.870129][ T9230] team0: Port device team_slave_0 added
[  231.888540][ T9340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  231.924477][ T9230] team0: Port device team_slave_1 added
[  231.935644][ T9340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.028560][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  232.079727][ T9230] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.088549][ T9230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.119300][ T9230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.139235][ T9230] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.156458][ T9230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.228291][ T9230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.235802][ T9352] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1288'.
[  232.343841][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1290'.
[  232.379726][ T9230] hsr_slave_0: entered promiscuous mode
[  232.413530][ T9230] hsr_slave_1: entered promiscuous mode
[  232.511524][ T9352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1288'.
[  232.550679][ T9353] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1289'.
[  232.617311][ T9368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1291'.
[  233.585873][ T9398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.662522][ T9410] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.670865][ T9230] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  233.692530][ T9398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.707302][ T9230] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  233.792775][ T9230] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  233.835044][ T9230] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  234.110626][ T4490] Bluetooth: hci4: command 0x041b tx timeout
[  234.215524][ T9230] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.271006][ T9230] 8021q: adding VLAN 0 to HW filter on device team0
[  234.322511][ T4837] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.329754][ T4837] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.347078][ T9429] netlink: 'syz.1.1311': attribute type 3 has an invalid length.
[  234.395386][ T9429] netlink: 'syz.1.1311': attribute type 3 has an invalid length.
[  234.404154][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.411514][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.193463][ T9230] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.430336][ T9468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.561612][ T9468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.613870][ T9468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.837155][ T9494] netlink: 'syz.3.1329': attribute type 13 has an invalid length.
[  235.993561][ T9230] veth0_vlan: entered promiscuous mode
[  236.029136][ T9230] veth1_vlan: entered promiscuous mode
[  236.154293][ T9230] veth0_macvtap: entered promiscuous mode
[  236.189820][ T4490] Bluetooth: hci4: command 0x041b tx timeout
[  236.206631][ T9230] veth1_macvtap: entered promiscuous mode
[  236.351057][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.379706][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.394891][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.419101][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.441450][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.467990][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.490663][ T9505] trusted_key: syz.1.1331 sent an empty control message without MSG_MORE.
[  236.498529][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.526002][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.557938][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.580165][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.614146][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.637783][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.666297][ T9230] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.697065][ T9510] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  236.715394][ T9510] batman_adv: batadv0: Adding interface: gretap1
[  236.736028][ T9510] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.772702][ T9510] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  236.820469][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.858530][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.878471][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.919376][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.958617][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.976548][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.988168][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.014674][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.027236][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.050424][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.060762][ T9230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.072921][ T9230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.097683][ T9230] batman_adv: batadv0: Interface activated: batadv_slave_1
[  237.145328][ T9230] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  237.155143][ T9529] xt_TCPMSS: Only works on TCP SYN packets
[  237.168896][ T9230] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  237.178041][ T9230] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.196091][ T9230] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.365516][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.388002][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.446580][ T9542] __nla_validate_parse: 15 callbacks suppressed
[  237.446605][ T9542] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1342'.
[  237.470833][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.481053][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.504983][ T9537] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.600191][ T9544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.645206][ T9537] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.673199][ T9539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1342'.
[  237.829372][ T9555] netlink: 'syz.2.1344': attribute type 13 has an invalid length.
[  238.002146][ T9561] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1346'.
[  238.129071][ T9563] C: renamed from lo
[  238.145498][ T9563] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  238.463642][ T9576] netlink: 'syz.3.1353': attribute type 4 has an invalid length.
[  238.749419][ T9588] netlink: 'syz.3.1357': attribute type 1 has an invalid length.
[  238.772533][ T9588] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1357'.
[  238.797950][ T9584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1357'.
[  238.822317][ T9584] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1357'.
[  238.867021][ T9584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1357'.
[  238.993508][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.076508][ T9594] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1359'.
[  239.095415][ T9594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.161933][ T9594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.193060][ T9594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.203619][ T9597] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1360'.
[  239.414681][ T9597] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1360'.
[  239.544645][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.642208][ T5098] Bluetooth: hci3: command 0x0405 tx timeout
[  239.668020][ T4490] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  239.693023][ T4490] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  239.704106][ T4490] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  239.721623][ T4490] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  239.724908][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.764581][ T4490] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  239.776145][ T4490] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  239.962152][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.225455][ T9635] netlink: 'syz.0.1369': attribute type 13 has an invalid length.
[  240.364673][ T9612] chnl_net:caif_netlink_parms(): no params data found
[  240.466758][   T35] bridge_slave_1: left allmulticast mode
[  240.475295][   T35] bridge_slave_1: left promiscuous mode
[  240.516393][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.549779][   T35] bridge_slave_0: left allmulticast mode
[  240.565710][   T35] bridge_slave_0: left promiscuous mode
[  240.583826][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.109845][ T9663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.172944][ T9663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.190499][ T9663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.380322][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  241.396820][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  241.420140][   T35] bond0 (unregistering): Released all slaves
[  241.464782][ T9646] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  241.472916][ T9646] macvtap1: entered allmulticast mode
[  241.479574][ T9646] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  241.852437][ T9684] netlink: 'syz.1.1381': attribute type 4 has an invalid length.
[  241.869417][ T4490] Bluetooth: hci4: command tx timeout
[  241.897343][ T9612] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.905068][ T9612] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.914433][ T9612] bridge_slave_0: entered allmulticast mode
[  241.923418][ T9612] bridge_slave_0: entered promiscuous mode
[  241.966129][ T9612] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.981294][ T9612] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.996801][ T9612] bridge_slave_1: entered allmulticast mode
[  242.018624][ T9612] bridge_slave_1: entered promiscuous mode
[  242.176834][ T9694] sctp: [Deprecated]: syz.3.1385 (pid 9694) Use of struct sctp_assoc_value in delayed_ack socket option.
[  242.176834][ T9694] Use struct sctp_sack_info instead
[  242.243740][   T35] hsr_slave_0: left promiscuous mode
[  242.276965][   T35] hsr_slave_1: left promiscuous mode
[  242.289472][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.309633][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.331439][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.343488][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.406063][   T35] veth1_macvtap: left promiscuous mode
[  242.423065][   T35] veth0_macvtap: left promiscuous mode
[  242.431498][   T35] veth1_vlan: left promiscuous mode
[  242.437942][   T35] veth0_vlan: left promiscuous mode
[  243.165700][   T35] team0 (unregistering): Port device team_slave_1 removed
[  243.249057][   T35] team0 (unregistering): Port device team_slave_0 removed
[  243.743189][ T9612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.772893][ T9707] netlink: 'syz.1.1388': attribute type 13 has an invalid length.
[  243.832706][ T9612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.886440][ T9715] __nla_validate_parse: 6 callbacks suppressed
[  243.886462][ T9715] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1390'.
[  243.951714][ T4490] Bluetooth: hci4: command 0x041b tx timeout
[  243.998045][ T9720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1390'.
[  244.031473][ T9612] team0: Port device team_slave_0 added
[  244.070130][ T9612] team0: Port device team_slave_1 added
[  244.225145][ T9733] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1394'.
[  244.249247][ T9736] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  244.337401][ T9736] vlan2: entered allmulticast mode
[  244.342707][ T9736] mac80211_hwsim hwsim31 wlan1: entered allmulticast mode
[  244.357571][ T9736] mac80211_hwsim hwsim31 wlan1: left allmulticast mode
[  244.392526][ T9744] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1395'.
[  244.433149][ T9733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1394'.
[  244.450369][ T9612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.461996][ T9612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.507905][ T9612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.550659][ T9612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.557656][ T9612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.608633][ T9752] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.619160][ T9612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.690788][ T9744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.730709][ T9744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.744441][ T9612] hsr_slave_0: entered promiscuous mode
[  244.755971][ T9612] hsr_slave_1: entered promiscuous mode
[  244.947739][ T9761] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1398'.
[  245.220772][ T9768] netlink: 'syz.3.1401': attribute type 13 has an invalid length.
[  245.382036][ T9772] netlink: 'syz.0.1402': attribute type 13 has an invalid length.
[  245.746074][ T9612] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  245.793690][ T9612] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  245.863790][ T9612] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  245.922356][ T9612] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  246.029028][ T4490] Bluetooth: hci4: command 0x041b tx timeout
[  246.400404][ T9612] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.461610][ T9796] FAULT_INJECTION: forcing a failure.
[  246.461610][ T9796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.497850][ T9612] 8021q: adding VLAN 0 to HW filter on device team0
[  246.515079][ T9796] CPU: 1 PID: 9796 Comm: syz.2.1411 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  246.525229][ T9796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  246.535326][ T9796] Call Trace:
[  246.538640][ T9796]  <TASK>
[  246.541604][ T9796]  dump_stack_lvl+0x241/0x360
[  246.546328][ T9796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.551572][ T9796]  ? __pfx__printk+0x10/0x10
[  246.556198][ T9796]  ? __pfx_lock_release+0x10/0x10
[  246.561257][ T9796]  should_fail_ex+0x3b0/0x4e0
[  246.565972][ T9796]  _copy_from_iter+0x1f6/0x1960
[  246.570877][ T9796]  ? __virt_addr_valid+0x183/0x520
[  246.576028][ T9796]  ? __pfx_lock_release+0x10/0x10
[  246.581056][ T5102] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.581111][ T9796]  ? __alloc_skb+0x28f/0x440
[  246.588420][ T5102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.592798][ T9796]  ? __pfx__copy_from_iter+0x10/0x10
[  246.605313][ T9796]  ? __virt_addr_valid+0x183/0x520
[  246.610445][ T9796]  ? __virt_addr_valid+0x183/0x520
[  246.615573][ T9796]  ? __virt_addr_valid+0x44e/0x520
[  246.620700][ T9796]  ? __check_object_size+0x49c/0x900
[  246.626029][ T9796]  netlink_sendmsg+0x73d/0xcb0
[  246.630831][ T9796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.636137][ T9796]  ? __import_iovec+0x536/0x820
[  246.641004][ T9796]  ? aa_sock_msg_perm+0x91/0x160
[  246.645966][ T9796]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  246.651279][ T9796]  ? security_socket_sendmsg+0x87/0xb0
[  246.656892][ T9796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.662245][ T9796]  __sock_sendmsg+0x221/0x270
[  246.666975][ T9796]  ____sys_sendmsg+0x525/0x7d0
[  246.671798][ T9796]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.677147][ T9796]  __sys_sendmsg+0x2b0/0x3a0
[  246.681789][ T9796]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.686927][ T9796]  ? vfs_write+0x7c4/0xc90
[  246.691414][ T9796]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.697771][ T9796]  ? do_syscall_64+0x100/0x230
[  246.702564][ T9796]  ? do_syscall_64+0xb6/0x230
[  246.707263][ T9796]  do_syscall_64+0xf3/0x230
[  246.711791][ T9796]  ? clear_bhb_loop+0x35/0x90
[  246.716489][ T9796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.722399][ T9796] RIP: 0033:0x7f3725975bd9
[  246.726841][ T9796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.746475][ T9796] RSP: 002b:00007f3726800048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.754975][ T9796] RAX: ffffffffffffffda RBX: 00007f3725b03f60 RCX: 00007f3725975bd9
[  246.763340][ T9796] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000004
[  246.771331][ T9796] RBP: 00007f37268000a0 R08: 0000000000000000 R09: 0000000000000000
[  246.779327][ T9796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.787322][ T9796] R13: 000000000000000b R14: 00007f3725b03f60 R15: 00007ffe7b90a118
[  246.795350][ T9796]  </TASK>
[  246.835711][ T5102] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.842940][ T5102] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.872282][ T9802] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1410'.
[  247.053258][ T9807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1410'.
[  247.364711][ T9818] netlink: 'syz.1.1415': attribute type 10 has an invalid length.
[  247.409490][ T9823] warning: `syz.2.1416' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  247.444427][ T9823] openvswitch: netlink: Message has 4 unknown bytes.
[  247.575838][ T9612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.673055][ T9838] netlink: 'syz.0.1420': attribute type 13 has an invalid length.
[  247.783222][ T9842] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1422'.
[  247.939730][ T9848] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1424'.
[  248.109898][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  248.551474][ T9612] veth0_vlan: entered promiscuous mode
[  248.624809][ T9612] veth1_vlan: entered promiscuous mode
[  248.778038][ T9612] veth0_macvtap: entered promiscuous mode
[  248.822168][ T9612] veth1_macvtap: entered promiscuous mode
[  248.897677][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.948478][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.978764][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.998877][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.012397][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.023767][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.035029][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.051355][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.088295][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.109398][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.132910][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.158396][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.181703][ T9612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.226994][ T9892] __nla_validate_parse: 2 callbacks suppressed
[  249.227018][ T9892] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1436'.
[  249.271160][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.286708][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.302420][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.317662][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.328733][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.339733][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.349958][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.367056][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.384625][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.397365][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.407585][ T9612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.418372][ T9612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.430907][ T9612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.447024][ T9898] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1439'.
[  249.457103][ T9902] netlink: 576 bytes leftover after parsing attributes in process `syz.3.1439'.
[  249.506314][ T9905] netlink: 'syz.2.1440': attribute type 13 has an invalid length.
[  249.527148][ T9612] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.552822][ T9612] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.568251][ T9612] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.584693][ T9612] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.627871][ T9904] netlink: 'syz.1.1441': attribute type 13 has an invalid length.
[  249.688119][ T9909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1442'.
[  249.735281][ T9915] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1444'.
[  249.946564][ T9920] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1445'.
[  249.964896][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.981231][ T9917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1444'.
[  250.002296][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.132658][  T993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.164765][  T993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.188444][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  250.279360][ T9927] x_tables: ip6_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  251.122849][ T9957] netlink: 'syz.3.1457': attribute type 13 has an invalid length.
[  251.442896][ T7006] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.661416][ T9977] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1460'.
[  251.892183][ T7006] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.041035][ T4490] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  252.053916][ T4490] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  252.064103][ T4490] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  252.072989][ T4490] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  252.082033][ T4490] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  252.083265][ T7006] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.101173][ T4490] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  252.133299][ T9989] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1465'.
[  252.221009][ T7006] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.981439][T10004] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.126662][T10017] netlink: 'syz.3.1475': attribute type 13 has an invalid length.
[  253.168544][ T7006] bridge_slave_1: left allmulticast mode
[  253.174636][ T7006] bridge_slave_1: left promiscuous mode
[  253.226297][ T7006] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.277746][ T7006] bridge_slave_0: left allmulticast mode
[  253.294782][ T7006] bridge_slave_0: left promiscuous mode
[  253.302139][ T7006] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.137464][T10026] sctp: [Deprecated]: syz.1.1477 (pid 10026) Use of struct sctp_assoc_value in delayed_ack socket option.
[  254.137464][T10026] Use struct sctp_sack_info instead
[  254.201961][ T4490] Bluetooth: hci4: command tx timeout
[  254.227474][ T7006] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.253141][ T7006] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.271368][ T7006] bond0 (unregistering): Released all slaves
[  254.320950][T10004] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.398958][ T9986] chnl_net:caif_netlink_parms(): no params data found
[  254.557874][T10004] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.597615][T10037] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1481'.
[  254.616413][T10037] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1481'.
[  254.746561][T10004] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.040040][ T7006] hsr_slave_0: left promiscuous mode
[  255.053332][ T7006] hsr_slave_1: left promiscuous mode
[  255.071512][ T7006] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.079509][ T7006] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.094425][ T7006] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.108427][ T7006] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.183171][ T7006] veth1_macvtap: left promiscuous mode
[  255.200371][ T7006] veth0_macvtap: left promiscuous mode
[  255.206044][ T7006] veth1_vlan: left promiscuous mode
[  255.229094][ T7006] veth0_vlan: left promiscuous mode
[  255.342191][T10057] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1487'.
[  256.041850][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  256.096071][ T7006] team0 (unregistering): Port device team_slave_1 removed
[  256.168683][ T7006] team0 (unregistering): Port device team_slave_0 removed
[  256.272040][ T4490] Bluetooth: hci4: command tx timeout
[  257.337544][ T9986] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.347491][ T9986] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.362138][ T9986] bridge_slave_0: entered allmulticast mode
[  257.370114][ T9986] bridge_slave_0: entered promiscuous mode
[  257.424344][T10065] netlink: 'syz.3.1490': attribute type 13 has an invalid length.
[  257.433502][T10071] netlink: 'syz.1.1491': attribute type 13 has an invalid length.
[  257.476165][T10004] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.497578][ T9986] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.518761][ T9986] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.526724][ T9986] bridge_slave_1: entered allmulticast mode
[  257.549377][ T9986] bridge_slave_1: entered promiscuous mode
[  257.675682][T10004] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.696129][ T9986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.770499][T10004] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.822560][T10004] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.856581][ T9986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.002687][ T9986] team0: Port device team_slave_0 added
[  258.021640][ T9986] team0: Port device team_slave_1 added
[  258.167635][ T9986] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.185521][ T9986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.251495][ T9986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.321223][ T9986] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.348855][ T4490] Bluetooth: hci4: command tx timeout
[  258.358264][ T9986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.391320][ T9986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.472523][T10110] netlink: 'syz.2.1502': attribute type 13 has an invalid length.
[  258.502787][T10111] vlan2: entered promiscuous mode
[  258.509328][T10111] dummy0: entered promiscuous mode
[  258.514927][T10111] vlan2: entered allmulticast mode
[  258.522106][T10111] dummy0: entered allmulticast mode
[  258.532428][T10111] dummy0: left allmulticast mode
[  258.537450][T10111] dummy0: left promiscuous mode
[  258.584195][ T9986] hsr_slave_0: entered promiscuous mode
[  258.601850][ T9986] hsr_slave_1: entered promiscuous mode
[  258.611919][T10115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1504'.
[  259.441724][T10127] netlink: 'syz.0.1508': attribute type 11 has an invalid length.
[  259.461133][T10127] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1508'.
[  259.491533][ T9986] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  259.531200][ T9986] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  259.568849][ T9986] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  259.612506][ T9986] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  259.661833][T10145] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1513'.
[  259.711029][T10144] syzkaller0: entered allmulticast mode
[  259.819308][T10149] x_tables: duplicate underflow at hook 1
[  260.041434][T10160] netlink: 'syz.0.1520': attribute type 13 has an invalid length.
[  260.214339][ T9986] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.315856][ T9986] 8021q: adding VLAN 0 to HW filter on device team0
[  260.397726][ T9959] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.405007][ T9959] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.435981][ T9959] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.438535][ T4490] Bluetooth: hci4: command tx timeout
[  260.443491][ T9959] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.711051][T10181] FAULT_INJECTION: forcing a failure.
[  260.711051][T10181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.744981][T10181] CPU: 0 PID: 10181 Comm: syz.1.1525 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  260.755330][T10181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  260.765517][T10181] Call Trace:
[  260.768839][T10181]  <TASK>
[  260.771922][T10181]  dump_stack_lvl+0x241/0x360
[  260.776655][T10181]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.781985][T10181]  ? __pfx__printk+0x10/0x10
[  260.786716][T10181]  ? __pfx_lock_release+0x10/0x10
[  260.793177][T10181]  should_fail_ex+0x3b0/0x4e0
[  260.798497][T10181]  _copy_from_iter+0x1f6/0x1960
[  260.803541][T10181]  ? __virt_addr_valid+0x183/0x520
[  260.808987][T10181]  ? __pfx_lock_release+0x10/0x10
[  260.814169][T10181]  ? __alloc_skb+0x28f/0x440
[  260.818817][T10181]  ? __pfx__copy_from_iter+0x10/0x10
[  260.824186][T10181]  ? __virt_addr_valid+0x183/0x520
[  260.829371][T10181]  ? __virt_addr_valid+0x183/0x520
[  260.834691][T10181]  ? __virt_addr_valid+0x44e/0x520
[  260.839976][T10181]  ? __check_object_size+0x49c/0x900
[  260.846383][T10181]  netlink_sendmsg+0x73d/0xcb0
[  260.851251][T10181]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.856617][T10181]  ? aa_sock_msg_perm+0x91/0x160
[  260.861737][T10181]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  260.868256][T10181]  ? security_socket_sendmsg+0x87/0xb0
[  260.875634][T10181]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.881382][T10181]  __sock_sendmsg+0x221/0x270
[  260.886323][T10181]  sock_write_iter+0x2dd/0x400
[  260.891158][T10181]  ? __pfx_sock_write_iter+0x10/0x10
[  260.896534][T10181]  ? bpf_lsm_file_permission+0x9/0x10
[  260.902690][T10181]  ? security_file_permission+0x7f/0xa0
[  260.908321][T10181]  vfs_write+0xa72/0xc90
[  260.913175][T10181]  ? __pfx_sock_write_iter+0x10/0x10
[  260.918533][T10181]  ? __pfx_vfs_write+0x10/0x10
[  260.923395][T10181]  ksys_write+0x1a0/0x2c0
[  260.927801][T10181]  ? __pfx_ksys_write+0x10/0x10
[  260.934286][T10181]  ? do_syscall_64+0x100/0x230
[  260.939222][T10181]  ? do_syscall_64+0xb6/0x230
[  260.944142][T10181]  do_syscall_64+0xf3/0x230
[  260.948741][T10181]  ? clear_bhb_loop+0x35/0x90
[  260.953488][T10181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.961119][T10181] RIP: 0033:0x7f3d70975bd9
[  260.965590][T10181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.985257][T10181] RSP: 002b:00007f3d71699048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  260.993719][T10181] RAX: ffffffffffffffda RBX: 00007f3d70b03f60 RCX: 00007f3d70975bd9
[  261.001727][T10181] RDX: 000000000000041d RSI: 0000000020000180 RDI: 0000000000000003
[  261.009733][T10181] RBP: 00007f3d716990a0 R08: 0000000000000000 R09: 0000000000000000
[  261.017744][T10181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.025760][T10181] R13: 000000000000000b R14: 00007f3d70b03f60 R15: 00007ffde32a7728
[  261.033829][T10181]  </TASK>
[  261.196654][T10187] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1527'.
[  261.222141][T10186] syzkaller0: entered allmulticast mode
[  261.297320][ T9986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.617399][T10205] netlink: 'syz.0.1532': attribute type 1 has an invalid length.
[  261.627317][T10204] netlink: 'syz.0.1532': attribute type 1 has an invalid length.
[  261.759509][T10211] xt_CT: You must specify a L4 protocol and not use inversions on it
[  261.811627][T10214] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1536'.
[  261.945197][T10221] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1537'.
[  261.963166][T10220] netlink: 'syz.1.1538': attribute type 13 has an invalid length.
[  262.004193][T10219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1536'.
[  262.026462][ T9986] veth0_vlan: entered promiscuous mode
[  262.072331][ T9986] veth1_vlan: entered promiscuous mode
[  262.177022][ T9986] veth0_macvtap: entered promiscuous mode
[  262.209839][T10230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'.
[  262.323014][ T9986] veth1_macvtap: entered promiscuous mode
[  262.359317][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.370627][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.380958][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.394109][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.407201][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.421223][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.432310][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.442967][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.453271][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.463890][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.473835][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.495473][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.515539][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  262.551427][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.581079][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.604323][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.624538][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.634976][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.650049][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.661208][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.705388][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.740825][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.762194][T10244] xt_hashlimit: overflow, try lower: 0/0
[  262.774493][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.813147][ T9986] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.848727][ T9986] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.885823][ T9986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.928888][ T9986] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.945605][ T9986] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.955347][ T9986] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.987488][ T9986] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.868730][ T5108] Bluetooth: hci4: command 0x0405 tx timeout
[  263.899034][T10281] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1553'.
[  265.999829][T10264] tipc: Started in network mode
[  266.004766][T10264] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  266.012452][T10264] tipc: Enabled bearer <eth:ipvlan0>, priority 0
[  266.019524][T10266] tipc: Enabled bearer <ib:gre0>, priority 10
[  266.036440][T10284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1553'.
[  266.108876][ T5108] Bluetooth: hci4: command 0x0405 tx timeout
[  266.150757][T10301] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1556'.
[  266.272210][  T993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.285251][  T993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.336567][  T993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.380524][  T993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.875144][T10328] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1567'.
[  267.030116][ T5149] tipc: Node number set to 10136234
[  267.254916][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.372069][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.744805][T10342] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1568'.
[  267.760231][T10343] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1569'.
[  267.861114][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.030598][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.089710][T10343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1569'.
[  268.322816][ T5098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  268.337803][ T5098] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  268.346346][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  268.358412][ T4490] Bluetooth: hci0: command 0x041b tx timeout
[  268.368095][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  268.397744][ T5098] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  268.405651][ T5098] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  268.409819][   T11] bridge_slave_1: left allmulticast mode
[  268.451860][   T11] bridge_slave_1: left promiscuous mode
[  268.457732][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.483871][   T11] bridge_slave_0: left allmulticast mode
[  268.490316][   T11] bridge_slave_0: left promiscuous mode
[  268.497435][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.993804][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.006520][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.020618][   T11] bond0 (unregistering): Released all slaves
[  269.033711][T10373] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1579'.
[  269.053471][T10372] tipc: Started in network mode
[  269.058846][T10372] tipc: Node identity ffffffff, cluster identity 4711
[  269.066209][T10372] tipc: Node number set to 4294967295
[  269.081683][T10377] netlink: 'syz.2.1578': attribute type 10 has an invalid length.
[  269.145902][T10377] team0: Device ipvlan1 failed to register rx_handler
[  269.357714][T10397] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1585'.
[  269.476542][T10401] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1586'.
[  269.680905][T10413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.772530][T10416] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.787480][T10413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.864340][T10420] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1592'.
[  270.508620][ T5098] Bluetooth: hci4: command tx timeout
[  271.482281][T10432] netlink: 'syz.3.1593': attribute type 7 has an invalid length.
[  271.490360][T10432] netlink: 'syz.3.1593': attribute type 8 has an invalid length.
[  271.498153][T10432] __nla_validate_parse: 1 callbacks suppressed
[  271.498169][T10432] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1593'.
[  271.524368][T10430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1594'.
[  271.621723][   T11] hsr_slave_0: left promiscuous mode
[  271.633000][T10440] sctp: [Deprecated]: syz.2.1598 (pid 10440) Use of int in max_burst socket option deprecated.
[  271.633000][T10440] Use struct sctp_assoc_value instead
[  271.665344][   T11] hsr_slave_1: left promiscuous mode
[  271.675543][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.683416][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.693440][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.706554][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.771599][   T11] veth1_macvtap: left promiscuous mode
[  271.777296][   T11] veth0_macvtap: left promiscuous mode
[  271.791345][   T11] veth1_vlan: left promiscuous mode
[  271.798897][   T11] veth0_vlan: left promiscuous mode
[  272.355169][   T11] team0 (unregistering): Port device team_slave_1 removed
[  272.392109][   T11] team0 (unregistering): Port device team_slave_0 removed
[  272.588496][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  272.644624][T10460] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1603'.
[  272.845122][T10464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  272.862393][T10444] netlink: 'syz.0.1595': attribute type 4 has an invalid length.
[  272.871178][T10440] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1598'.
[  272.900938][T10455] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1602'.
[  272.930163][T10465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  272.973853][T10460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  273.026989][T10469] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  273.136682][T10476] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1608'.
[  273.156094][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1608'.
[  273.165234][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1608'.
[  273.187799][T10366] chnl_net:caif_netlink_parms(): no params data found
[  273.347687][T10479] netlink: 'syz.2.1609': attribute type 1 has an invalid length.
[  273.366378][T10479] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1609'.
[  274.671953][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  274.774946][T10502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1616'.
[  274.892109][T10501] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.318700][T10366] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.325862][T10366] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.346962][T10366] bridge_slave_0: entered allmulticast mode
[  275.354691][T10366] bridge_slave_0: entered promiscuous mode
[  275.363490][T10516] netlink: 'syz.2.1621': attribute type 13 has an invalid length.
[  275.374316][T10366] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.385606][T10366] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.392991][T10366] bridge_slave_1: entered allmulticast mode
[  275.401691][T10366] bridge_slave_1: entered promiscuous mode
[  275.469421][T10366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.489690][T10518] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.506580][T10366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.586132][T10518] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.637391][T10518] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.691778][T10366] team0: Port device team_slave_0 added
[  275.713916][T10366] team0: Port device team_slave_1 added
[  275.813832][T10366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.839534][T10366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.866401][T10366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.886021][T10533] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.895222][T10533] batadv_slave_0: entered allmulticast mode
[  275.913485][T10366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.931907][T10366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.965856][T10366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  276.055838][T10366] hsr_slave_0: entered promiscuous mode
[  276.067779][T10366] hsr_slave_1: entered promiscuous mode
[  276.749170][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  278.416967][T10576] __nla_validate_parse: 2 callbacks suppressed
[  278.416995][T10576] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1637'.
[  278.492798][T10576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.600926][T10576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.624668][T10576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.765786][T10366] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  278.796054][T10366] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  278.830096][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  278.843161][T10366] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  278.870199][T10366] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  279.159707][T10606] FAULT_INJECTION: forcing a failure.
[  279.159707][T10606] name failslab, interval 1, probability 0, space 0, times 0
[  279.192960][T10606] CPU: 0 PID: 10606 Comm: syz.0.1650 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  279.203179][T10606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  279.213270][T10606] Call Trace:
[  279.216573][T10606]  <TASK>
[  279.219554][T10606]  dump_stack_lvl+0x241/0x360
[  279.224286][T10606]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.229519][T10606]  ? __pfx__printk+0x10/0x10
[  279.234235][T10606]  ? ref_tracker_alloc+0x332/0x490
[  279.239408][T10606]  should_fail_ex+0x3b0/0x4e0
[  279.244135][T10606]  ? skb_clone+0x20c/0x390
[  279.248581][T10606]  should_failslab+0x9/0x20
[  279.253805][T10606]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  279.259207][T10606]  skb_clone+0x20c/0x390
[  279.263478][T10606]  __netlink_deliver_tap+0x3cc/0x7c0
[  279.268806][T10606]  ? netlink_deliver_tap+0x2e/0x1b0
[  279.274036][T10606]  netlink_deliver_tap+0x19d/0x1b0
[  279.279179][T10606]  netlink_unicast+0x7be/0x990
[  279.283981][T10606]  ? __pfx_netlink_unicast+0x10/0x10
[  279.289340][T10606]  ? __virt_addr_valid+0x183/0x520
[  279.294529][T10606]  ? __check_object_size+0x49c/0x900
[  279.300011][T10606]  ? bpf_lsm_netlink_send+0x9/0x10
[  279.305220][T10606]  netlink_sendmsg+0x8e4/0xcb0
[  279.310220][T10606]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.315585][T10606]  ? __import_iovec+0x536/0x820
[  279.320478][T10606]  ? aa_sock_msg_perm+0x91/0x160
[  279.325477][T10606]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  279.330820][T10606]  ? security_socket_sendmsg+0x87/0xb0
[  279.336352][T10606]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.341689][T10606]  __sock_sendmsg+0x221/0x270
[  279.346423][T10606]  ____sys_sendmsg+0x525/0x7d0
[  279.351261][T10606]  ? __pfx_____sys_sendmsg+0x10/0x10
[  279.356640][T10606]  __sys_sendmsg+0x2b0/0x3a0
[  279.361306][T10606]  ? __pfx___sys_sendmsg+0x10/0x10
[  279.366482][T10606]  ? vfs_write+0x7c4/0xc90
[  279.371190][T10606]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  279.377593][T10606]  ? do_syscall_64+0x100/0x230
[  279.382414][T10606]  ? do_syscall_64+0xb6/0x230
[  279.387151][T10606]  do_syscall_64+0xf3/0x230
[  279.391713][T10606]  ? clear_bhb_loop+0x35/0x90
[  279.396458][T10606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.402618][T10606] RIP: 0033:0x7fb2c0175bd9
[  279.407218][T10606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.426882][T10606] RSP: 002b:00007fb2c0f4b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.435360][T10606] RAX: ffffffffffffffda RBX: 00007fb2c0303f60 RCX: 00007fb2c0175bd9
[  279.444214][T10606] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  279.452369][T10606] RBP: 00007fb2c0f4b0a0 R08: 0000000000000000 R09: 0000000000000000
[  279.460552][T10606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.468584][T10606] R13: 000000000000000b R14: 00007fb2c0303f60 R15: 00007ffcf1610b18
[  279.476989][T10606]  </TASK>
[  279.582472][T10619] FAULT_INJECTION: forcing a failure.
[  279.582472][T10619] name failslab, interval 1, probability 0, space 0, times 0
[  279.618272][T10619] CPU: 0 PID: 10619 Comm: syz.2.1653 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  279.628486][T10619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  279.638575][T10619] Call Trace:
[  279.641886][T10619]  <TASK>
[  279.644857][T10619]  dump_stack_lvl+0x241/0x360
[  279.649612][T10619]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.654844][T10619]  ? __pfx__printk+0x10/0x10
[  279.659493][T10619]  ? ref_tracker_alloc+0x332/0x490
[  279.665525][T10619]  should_fail_ex+0x3b0/0x4e0
[  279.670350][T10619]  ? skb_clone+0x20c/0x390
[  279.674903][T10619]  should_failslab+0x9/0x20
[  279.679547][T10619]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  279.684974][T10619]  skb_clone+0x20c/0x390
[  279.689279][T10619]  __netlink_deliver_tap+0x3cc/0x7c0
[  279.694635][T10619]  ? netlink_deliver_tap+0x2e/0x1b0
[  279.699898][T10619]  netlink_deliver_tap+0x19d/0x1b0
[  279.705069][T10619]  netlink_unicast+0x7be/0x990
[  279.710118][T10619]  ? __pfx_netlink_unicast+0x10/0x10
[  279.715469][T10619]  ? __virt_addr_valid+0x183/0x520
[  279.720623][T10619]  ? __check_object_size+0x49c/0x900
[  279.725930][T10619]  ? bpf_lsm_netlink_send+0x9/0x10
[  279.731076][T10619]  netlink_sendmsg+0x8e4/0xcb0
[  279.735879][T10619]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.741374][T10619]  ? __import_iovec+0x536/0x820
[  279.746239][T10619]  ? aa_sock_msg_perm+0x91/0x160
[  279.751198][T10619]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  279.756495][T10619]  ? security_socket_sendmsg+0x87/0xb0
[  279.761964][T10619]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.767276][T10619]  __sock_sendmsg+0x221/0x270
[  279.771978][T10619]  ____sys_sendmsg+0x525/0x7d0
[  279.776808][T10619]  ? __pfx_____sys_sendmsg+0x10/0x10
[  279.782303][T10619]  __sys_sendmsg+0x2b0/0x3a0
[  279.786918][T10619]  ? __pfx___sys_sendmsg+0x10/0x10
[  279.792049][T10619]  ? vfs_write+0x7c4/0xc90
[  279.796509][T10619]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  279.802887][T10619]  do_syscall_64+0xf3/0x230
[  279.807416][T10619]  ? clear_bhb_loop+0x35/0x90
[  279.812222][T10619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.818124][T10619] RIP: 0033:0x7f3725975bd9
[  279.822638][T10619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.842258][T10619] RSP: 002b:00007f3726800048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.850688][T10619] RAX: ffffffffffffffda RBX: 00007f3725b03f60 RCX: 00007f3725975bd9
[  279.858926][T10619] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000004
[  279.866915][T10619] RBP: 00007f37268000a0 R08: 0000000000000000 R09: 0000000000000000
[  279.874892][T10619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.882893][T10619] R13: 000000000000000b R14: 00007f3725b03f60 R15: 00007ffe7b90a118
[  279.890909][T10619]  </TASK>
[  280.138444][T10625] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  280.755001][T10641] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1661'.
[  280.935116][T10644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  280.998742][T10644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  281.011850][T10644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  281.711127][T10646] netlink: 'syz.0.1662': attribute type 13 has an invalid length.
[  281.784320][T10651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1664'.
[  281.819685][T10366] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.889450][T10366] 8021q: adding VLAN 0 to HW filter on device team0
[  281.915802][ T5186] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.923118][ T5186] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.980073][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.987326][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.076815][T10656] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1665'.
[  282.175334][T10366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.862847][T10366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.129440][T10684] ɶƣ0GCTw
�: entered promiscuous mode
[  283.220712][T10684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1672'.
[  283.314275][T10696] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1676'.
[  283.331735][T10697] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1675'.
[  283.363775][T10697] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  283.373013][T10697] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  283.381656][T10697] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  283.404274][T10697] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  283.413620][T10697] geneve3: entered allmulticast mode
[  283.538502][T10705] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  283.620075][T10696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  283.651185][T10696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  285.672078][T10750] netlink: 'syz.1.1688': attribute type 10 has an invalid length.
[  285.691245][T10750] team0: Device netdevsim0 failed to register rx_handler
[  285.765266][T10755] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1693'.
[  285.782061][T10366] veth0_vlan: entered promiscuous mode
[  285.836597][T10366] veth1_vlan: entered promiscuous mode
[  285.931640][T10366] veth0_macvtap: entered promiscuous mode
[  285.966761][T10366] veth1_macvtap: entered promiscuous mode
[  286.047914][T10768] vlan2: entered promiscuous mode
[  286.078300][T10768] bridge0: entered promiscuous mode
[  286.085293][T10772] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1698'.
[  286.095601][T10768] vlan2: entered allmulticast mode
[  286.102360][T10768] bridge0: entered allmulticast mode
[  286.140918][T10768] bridge0: left allmulticast mode
[  286.147135][T10768] bridge0: left promiscuous mode
[  286.244245][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.258274][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.268459][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.280352][T10780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1698'.
[  286.289621][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.299553][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.319262][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.352384][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.391748][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.415280][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.438899][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.466677][T10366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  286.591517][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.612205][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.625865][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.636644][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.646815][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.663628][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.676131][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.691447][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.701922][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.712771][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.722947][T10366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.733573][T10366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.745699][T10366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.001809][T10804] xt_TCPMSS: Only works on TCP SYN packets
[  287.507399][T10829] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1716'.
[  287.693478][T10838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1716'.
[  288.189698][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  288.984991][T10366] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.994834][T10366] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.016835][T10366] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.058279][T10366] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.295582][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.329262][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.450059][ T7006] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.467861][ T7006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.510653][T10870] netlink: 'syz.0.1731': attribute type 4 has an invalid length.
[  289.599178][T10874] vlan2: entered promiscuous mode
[  289.610452][T10874] bridge0: entered promiscuous mode
[  289.619972][T10874] vlan2: entered allmulticast mode
[  289.625711][T10874] bridge0: entered allmulticast mode
[  289.660213][T10876] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1734'.
[  289.689393][T10874] bridge0: left allmulticast mode
[  289.707498][T10874] bridge0: left promiscuous mode
[  289.828548][T10876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  290.044523][T10897] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1738'.
[  290.268145][ T1097] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.276475][ T5098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  291.295124][ T5098] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  291.310915][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  291.331549][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  291.365888][ T5098] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  291.382640][ T5098] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  292.253417][ T1097] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.347479][  T784] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.394658][T10931] netlink: 'syz.1.1749': attribute type 4 has an invalid length.
[  292.430323][T10928] syzkaller1: entered promiscuous mode
[  292.453226][T10935] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1751'.
[  292.462431][T10928] syzkaller1: entered allmulticast mode
[  292.626440][T10944] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1751'.
[  292.734393][ T1097] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.998955][ T1097] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.470349][ T5098] Bluetooth: hci4: command tx timeout
[  295.092833][ T1097] bridge_slave_1: left allmulticast mode
[  295.098708][ T1097] bridge_slave_1: left promiscuous mode
[  295.104566][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.147133][ T1097] bridge_slave_0: left allmulticast mode
[  295.164807][ T1097] bridge_slave_0: left promiscuous mode
[  295.185122][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.190827][T11000] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1768'.
[  295.506217][T11008] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1771'.
[  295.548799][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  295.667817][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1771'.
[  295.772299][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  295.794682][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  295.810339][ T1097] bond0 (unregistering): Released all slaves
[  295.839871][T10990] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1765'.
[  296.006646][T11018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1773'.
[  296.020047][T10919] chnl_net:caif_netlink_parms(): no params data found
[  296.233266][T11027] FAULT_INJECTION: forcing a failure.
[  296.233266][T11027] name failslab, interval 1, probability 0, space 0, times 0
[  296.251841][T11027] CPU: 0 PID: 11027 Comm: syz.2.1775 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  296.262056][T11027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  296.272157][T11027] Call Trace:
[  296.275467][T11027]  <TASK>
[  296.278425][T11027]  dump_stack_lvl+0x241/0x360
[  296.283147][T11027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.288387][T11027]  ? __pfx__printk+0x10/0x10
[  296.293020][T11027]  ? ref_tracker_alloc+0x332/0x490
[  296.298173][T11027]  should_fail_ex+0x3b0/0x4e0
[  296.302893][T11027]  ? skb_clone+0x20c/0x390
[  296.307427][T11027]  should_failslab+0x9/0x20
[  296.312005][T11027]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  296.317424][T11027]  skb_clone+0x20c/0x390
[  296.321695][T11027]  __netlink_deliver_tap+0x3cc/0x7c0
[  296.327024][T11027]  ? netlink_deliver_tap+0x2e/0x1b0
[  296.333041][T11027]  netlink_deliver_tap+0x19d/0x1b0
[  296.338415][T11027]  netlink_unicast+0x7be/0x990
[  296.343484][T11027]  ? __pfx_netlink_unicast+0x10/0x10
[  296.348901][T11027]  ? __virt_addr_valid+0x183/0x520
[  296.354114][T11027]  ? __check_object_size+0x49c/0x900
[  296.359452][T11027]  ? bpf_lsm_netlink_send+0x9/0x10
[  296.364612][T11027]  netlink_sendmsg+0x8e4/0xcb0
[  296.369422][T11027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.374863][T11027]  ? __import_iovec+0x536/0x820
[  296.379755][T11027]  ? aa_sock_msg_perm+0x91/0x160
[  296.385515][T11027]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  296.390915][T11027]  ? security_socket_sendmsg+0x87/0xb0
[  296.396612][T11027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.401946][T11027]  __sock_sendmsg+0x221/0x270
[  296.406660][T11027]  ____sys_sendmsg+0x525/0x7d0
[  296.411488][T11027]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.416826][T11027]  __sys_sendmsg+0x2b0/0x3a0
[  296.421458][T11027]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.426713][T11027]  ? vfs_write+0x7c4/0xc90
[  296.431212][T11027]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  296.437580][T11027]  ? do_syscall_64+0x100/0x230
[  296.442377][T11027]  ? do_syscall_64+0xb6/0x230
[  296.447080][T11027]  do_syscall_64+0xf3/0x230
[  296.451606][T11027]  ? clear_bhb_loop+0x35/0x90
[  296.456307][T11027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.462220][T11027] RIP: 0033:0x7f3725975bd9
[  296.466651][T11027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.486477][T11027] RSP: 002b:00007f3726800048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.494927][T11027] RAX: ffffffffffffffda RBX: 00007f3725b03f60 RCX: 00007f3725975bd9
[  296.502925][T11027] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  296.511006][T11027] RBP: 00007f37268000a0 R08: 0000000000000000 R09: 0000000000000000
[  296.519011][T11027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.527009][T11027] R13: 000000000000000b R14: 00007f3725b03f60 R15: 00007ffe7b90a118
[  296.535098][T11027]  </TASK>
[  296.776907][T11034] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1778'.
[  297.642248][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  298.512012][T11060] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1786'.
[  298.574033][ T1097] hsr_slave_0: left promiscuous mode
[  298.601364][ T1097] hsr_slave_1: left promiscuous mode
[  298.626051][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.636146][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.680098][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.687575][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.716393][T11066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1786'.
[  298.815891][ T1097] veth1_macvtap: left promiscuous mode
[  298.831950][ T1097] veth0_macvtap: left promiscuous mode
[  298.844246][ T1097] veth1_vlan: left promiscuous mode
[  298.866428][ T1097] veth0_vlan: left promiscuous mode
[  299.719742][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  299.951188][ T1097] team0 (unregistering): Port device team_slave_1 removed
[  299.998031][ T1097] team0 (unregistering): Port device team_slave_0 removed
[  300.785704][T11077] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  300.801729][T11072] syzkaller1: entered promiscuous mode
[  300.858295][T11072] syzkaller1: entered allmulticast mode
[  300.878532][T11085] netlink: 'syz.1.1792': attribute type 2 has an invalid length.
[  300.926453][T11091] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1793'.
[  301.059129][T10919] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.084649][T10919] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.108523][T10919] bridge_slave_0: entered allmulticast mode
[  301.127404][T10919] bridge_slave_0: entered promiscuous mode
[  301.145949][T11098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  301.226259][T10919] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.251712][T10919] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.290770][T10919] bridge_slave_1: entered allmulticast mode
[  301.327095][T10919] bridge_slave_1: entered promiscuous mode
[  301.788386][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  301.797332][T11115] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  302.264101][T11125] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1803'.
[  302.512972][T11129] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1803'.
[  303.748580][T11135] netlink: 'syz.2.1805': attribute type 2 has an invalid length.
[  303.798449][T10919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.819667][T10919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.878588][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  303.988301][T10919] team0: Port device team_slave_0 added
[  304.001775][T10919] team0: Port device team_slave_1 added
[  304.030120][T11147] sctp: [Deprecated]: syz.3.1807 (pid 11147) Use of struct sctp_assoc_value in delayed_ack socket option.
[  304.030120][T11147] Use struct sctp_sack_info instead
[  304.095064][T10919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.119570][T10919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.213749][T10919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.214241][T11152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1811'.
[  304.251910][T10919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.274007][T10919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.304569][T10919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.425854][T10919] hsr_slave_0: entered promiscuous mode
[  304.456597][T10919] hsr_slave_1: entered promiscuous mode
[  304.523489][T11173] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1817'.
[  304.575143][T11171] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  304.622990][T11176] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge_slave_0
[  304.800576][T11180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1817'.
[  305.952418][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  307.000339][T11220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.042288][T11220] netlink: 'syz.0.1832': attribute type 1 has an invalid length.
[  307.077469][T11220] netlink: 9396 bytes leftover after parsing attributes in process `syz.0.1832'.
[  307.287998][T10919] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  307.309804][T10919] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  307.341283][T10919] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  307.368953][T10919] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  307.486801][T11227] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1835'.
[  307.611995][T10919] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.690182][T10919] 8021q: adding VLAN 0 to HW filter on device team0
[  307.722159][ T9958] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.729384][ T9958] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.804542][T11227] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1835'.
[  308.029926][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  309.752887][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.760180][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.780868][T11274] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1851'.
[  309.803763][T11274] bridge_slave_1: left allmulticast mode
[  309.814196][T11274] bridge_slave_1: left promiscuous mode
[  309.828913][T11274] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.857565][T11274] bridge_slave_0: left allmulticast mode
[  309.875292][T11274] bridge_slave_0: left promiscuous mode
[  309.894669][T11274] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.036725][T11289] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1855'.
[  310.049107][T11289] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1855'.
[  310.118360][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  310.184396][T10919] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  310.807651][T11328] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1863'.
[  311.700429][T11362] netlink: 9412 bytes leftover after parsing attributes in process `syz.1.1874'.
[  312.199233][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  312.762017][T11341] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1869'.
[  312.814250][T10919] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.476765][T10919] veth0_vlan: entered promiscuous mode
[  313.517691][T11408] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1888'.
[  313.536650][T11408] (unnamed net_device) (uninitialized): option ad_select: invalid value (36)
[  313.549774][T10919] veth1_vlan: entered promiscuous mode
[  313.639350][T11411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1887'.
[  313.656745][T10919] veth0_macvtap: entered promiscuous mode
[  313.679825][T10919] veth1_macvtap: entered promiscuous mode
[  313.743562][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.767023][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.794809][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.822566][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.844668][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.858076][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.880194][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.891168][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.903375][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.915143][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.927847][T10919] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.956907][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.967793][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.980688][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.991403][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.003673][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.014581][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.024890][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.035774][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.047675][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.063904][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.076770][T10919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  314.087604][T10919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.107215][T10919] batman_adv: batadv0: Interface activated: batadv_slave_1
[  314.128875][T10919] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  314.137722][T10919] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  314.160122][T10919] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  314.178050][T10919] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.255593][T11415] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1889'.
[  314.268600][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  314.395497][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.418380][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.491517][T11419] netlink: 'syz.2.1891': attribute type 1 has an invalid length.
[  314.523356][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.533758][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.545289][T11423] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1894'.
[  314.794921][T11437] __nla_validate_parse: 2 callbacks suppressed
[  314.794940][T11437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1896'.
[  314.899622][T11439] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1899'.
[  315.014268][T11445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1901'.
[  315.154492][T11452] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1904'.
[  315.321523][T11447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1902'.
[  315.366387][T11465] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  315.374485][T11465] IPv6: NLM_F_CREATE should be set when creating new route
[  315.717626][   T62] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.775277][T11478] netlink: 'syz.0.1912': attribute type 2 has an invalid length.
[  316.187162][   T62] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.674128][T11493] xt_CT: You must specify a L4 protocol and not use inversions on it
[  316.679580][   T62] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.700185][T11494] Cannot find set identified by id 0 to match
[  316.767728][T11496] pimreg: entered allmulticast mode
[  316.841892][ T5108] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  316.859145][ T5108] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  316.867655][ T5108] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  316.885215][   T62] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.897676][ T5108] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  316.910755][ T5108] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  316.919415][ T5108] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  316.985198][T11501] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  317.142699][T11506] netlink: 1084 bytes leftover after parsing attributes in process `syz.1.1920'.
[  317.231253][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1925'.
[  317.432975][T11528] netlink: 'syz.1.1927': attribute type 2 has an invalid length.
[  317.472713][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  317.531152][   T62] bridge_slave_1: left allmulticast mode
[  317.536986][   T62] bridge_slave_1: left promiscuous mode
[  317.560156][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.591193][   T62] bridge_slave_0: left allmulticast mode
[  317.597119][   T62] bridge_slave_0: left promiscuous mode
[  317.603123][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.252213][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.265686][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  318.277436][   T62] bond0 (unregistering): Released all slaves
[  318.403635][T11548] netlink: 'syz.1.1932': attribute type 4 has an invalid length.
[  318.536085][T11549] netlink: 'syz.1.1932': attribute type 10 has an invalid length.
[  318.882182][   T62] hsr_slave_0: left promiscuous mode
[  318.900460][   T62] hsr_slave_1: left promiscuous mode
[  318.909892][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.939830][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  318.964524][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.976667][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  318.989067][ T5108] Bluetooth: hci4: command tx timeout
[  319.038021][   T62] veth1_macvtap: left promiscuous mode
[  319.068439][   T62] veth0_macvtap: left promiscuous mode
[  319.074180][   T62] veth1_vlan: left promiscuous mode
[  319.130357][   T62] veth0_vlan: left promiscuous mode
[  319.987135][   T62] team0 (unregistering): Port device team_slave_1 removed
[  320.026106][   T62] team0 (unregistering): Port device team_slave_0 removed
[  320.783862][T11499] chnl_net:caif_netlink_parms(): no params data found
[  320.866289][T11604] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1948'.
[  320.984850][T11604] IPVS: persistence engine module ip_vs_pe_	 not found
[  321.073538][ T5108] Bluetooth: hci4: command 0x041b tx timeout
[  321.117984][T11499] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.158692][T11499] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.205808][T11499] bridge_slave_0: entered allmulticast mode
[  321.220234][T11499] bridge_slave_0: entered promiscuous mode
[  321.259911][T11499] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.267116][T11499] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.317444][T11499] bridge_slave_1: entered allmulticast mode
[  321.336025][T11499] bridge_slave_1: entered promiscuous mode
[  321.453111][T11626] netlink: 'syz.1.1954': attribute type 2 has an invalid length.
[  321.469463][T11499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.502254][T11499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.636243][T11499] team0: Port device team_slave_0 added
[  321.679673][T11499] team0: Port device team_slave_1 added
[  321.844072][T11499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.856508][T11499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.928015][T11499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.989137][T11499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.018281][T11499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.105843][T11499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.197269][T11659] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1966'.
[  322.360878][T11499] hsr_slave_0: entered promiscuous mode
[  322.395527][T11499] hsr_slave_1: entered promiscuous mode
[  322.625035][T11671] sit0: entered promiscuous mode
[  322.651082][T11676] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1975'.
[  322.673663][T11671] netlink: 'syz.0.1973': attribute type 1 has an invalid length.
[  322.704243][T11671] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1973'.
[  322.732710][T11681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1976'.
[  322.759094][T11679] netlink: 'syz.2.1972': attribute type 2 has an invalid length.
[  322.787753][T11681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1976'.
[  322.842210][T11681] cannot load conntrack support for proto=3
[  323.149920][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  323.816683][T11499] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  323.861327][T11499] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  323.896240][T11499] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  323.924299][T11499] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  324.235009][T11499] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.333263][T11499] 8021q: adding VLAN 0 to HW filter on device team0
[  324.371766][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.379019][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.463078][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.470351][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.501318][T11741] netlink: 'syz.3.1998': attribute type 2 has an invalid length.
[  324.758402][T11749] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2000'.
[  324.767433][T11749] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2000'.
[  324.943455][T11757] ip6gretap0: entered promiscuous mode
[  324.960167][T11757] macsec1: entered promiscuous mode
[  324.988817][T11757] macsec1: entered allmulticast mode
[  324.994248][T11757] ip6gretap0: entered allmulticast mode
[  325.008060][T11757] ip6gretap0: left allmulticast mode
[  325.033952][T11757] ip6gretap0: left promiscuous mode
[  325.230303][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  325.333875][T11499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  325.491797][T11788] netlink: 'syz.2.2011': attribute type 4 has an invalid length.
[  325.587975][T11791] netlink: 'syz.0.2013': attribute type 2 has an invalid length.
[  325.743227][T11800] netlink: 47 bytes leftover after parsing attributes in process `syz.2.2015'.
[  325.931011][T11808] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2018'.
[  325.978360][T11808] ��: entered promiscuous mode
[  326.106203][T11499] veth0_vlan: entered promiscuous mode
[  326.162681][T11499] veth1_vlan: entered promiscuous mode
[  326.168744][T11821] FAULT_INJECTION: forcing a failure.
[  326.168744][T11821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.227191][T11821] CPU: 1 PID: 11821 Comm: syz.0.2019 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  326.237510][T11821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  326.247672][T11821] Call Trace:
[  326.251109][T11821]  <TASK>
[  326.254182][T11821]  dump_stack_lvl+0x241/0x360
[  326.258937][T11821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.264184][T11821]  ? __pfx__printk+0x10/0x10
[  326.268856][T11821]  ? __pfx_lock_release+0x10/0x10
[  326.273936][T11821]  should_fail_ex+0x3b0/0x4e0
[  326.278667][T11821]  _copy_from_user+0x2f/0xe0
[  326.283309][T11821]  copy_msghdr_from_user+0xae/0x680
[  326.288617][T11821]  ? __pfx___might_resched+0x10/0x10
[  326.293962][T11821]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  326.299914][T11821]  ? __might_fault+0xaa/0x120
[  326.304639][T11821]  do_recvmmsg+0x40f/0xae0
[  326.309103][T11821]  ? __pfx_lock_release+0x10/0x10
[  326.314161][T11821]  ? __pfx_do_recvmmsg+0x10/0x10
[  326.319142][T11821]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  326.325163][T11821]  ? ksys_write+0x23e/0x2c0
[  326.329703][T11821]  ? __pfx_lock_release+0x10/0x10
[  326.334743][T11821]  ? vfs_write+0x7c4/0xc90
[  326.339181][T11821]  ? __mutex_unlock_slowpath+0x21d/0x750
[  326.345015][T11821]  ? __fget_files+0x3f6/0x470
[  326.349728][T11821]  __x64_sys_recvmmsg+0x199/0x250
[  326.354767][T11821]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  326.360364][T11821]  ? do_syscall_64+0x100/0x230
[  326.365142][T11821]  ? do_syscall_64+0xb6/0x230
[  326.369831][T11821]  do_syscall_64+0xf3/0x230
[  326.374340][T11821]  ? clear_bhb_loop+0x35/0x90
[  326.379028][T11821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.384951][T11821] RIP: 0033:0x7fb2c0175bd9
[  326.389381][T11821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.409611][T11821] RSP: 002b:00007fb2c0f2a048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  326.418222][T11821] RAX: ffffffffffffffda RBX: 00007fb2c0304038 RCX: 00007fb2c0175bd9
[  326.426385][T11821] RDX: 0000000000000414 RSI: 0000000020000840 RDI: 0000000000000003
[  326.434364][T11821] RBP: 00007fb2c0f2a0a0 R08: 0000000000000000 R09: 0000000000000000
[  326.442345][T11821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.450349][T11821] R13: 000000000000006e R14: 00007fb2c0304038 R15: 00007ffcf1610b18
[  326.458348][T11821]  </TASK>
[  326.516074][T11499] veth0_macvtap: entered promiscuous mode
[  326.544537][T11499] veth1_macvtap: entered promiscuous mode
[  326.620204][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.663482][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.690858][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.715943][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.734368][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.746307][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.765250][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.776130][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.786456][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.797090][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.821817][T11499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.852538][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.875834][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.914279][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.938469][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.958691][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.970856][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.981578][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.012235][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.038763][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.063947][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.077466][T11499] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.099199][T11499] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.113671][T11499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.131261][T11839] netlink: 'syz.2.2027': attribute type 2 has an invalid length.
[  327.177630][T11833] netlink: 134788 bytes leftover after parsing attributes in process `syz.3.2024'.
[  327.214947][T11499] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.225433][T11499] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.254901][T11499] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.264019][T11499] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.308561][ T5098] Bluetooth: hci4: command 0x041b tx timeout
[  327.317380][T11847] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2028'.
[  327.499840][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.507711][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.570815][  T993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.608274][  T993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  327.622465][T11865] netlink: 'syz.1.2034': attribute type 1 has an invalid length.
[  327.647043][T11864] Cannot find add_set index 0 as target
[  327.693375][T11865] 8021q: adding VLAN 0 to HW filter on device bond1
[  327.718523][T11867] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2034'.
[  327.752800][T11871] netlink: 'syz.2.2037': attribute type 10 has an invalid length.
[  327.761676][T11871] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2037'.
[  327.893134][T11874] netlink: 'syz.2.2038': attribute type 7 has an invalid length.
[  327.937169][T11874] netlink: 'syz.2.2038': attribute type 39 has an invalid length.
[  328.040231][T11877] netlink: 'syz.3.2040': attribute type 2 has an invalid length.
[  328.692947][T11916] FAULT_INJECTION: forcing a failure.
[  328.692947][T11916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.734520][T11916] CPU: 1 PID: 11916 Comm: syz.1.2051 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  328.744741][T11916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  328.754826][T11916] Call Trace:
[  328.758139][T11916]  <TASK>
[  328.761179][T11916]  dump_stack_lvl+0x241/0x360
[  328.765901][T11916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.771133][T11916]  ? __pfx__printk+0x10/0x10
[  328.775755][T11916]  ? __pfx_lock_release+0x10/0x10
[  328.780817][T11916]  should_fail_ex+0x3b0/0x4e0
[  328.785543][T11916]  _copy_from_user+0x2f/0xe0
[  328.790170][T11916]  copy_msghdr_from_user+0xae/0x680
[  328.795400][T11916]  ? __pfx___might_resched+0x10/0x10
[  328.800720][T11916]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  328.806656][T11916]  ? __might_fault+0xaa/0x120
[  328.811463][T11916]  do_recvmmsg+0x40f/0xae0
[  328.815925][T11916]  ? __pfx_lock_release+0x10/0x10
[  328.820988][T11916]  ? __pfx_do_recvmmsg+0x10/0x10
[  328.825985][T11916]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  328.831908][T11916]  ? ksys_write+0x23e/0x2c0
[  328.836437][T11916]  ? __pfx_lock_release+0x10/0x10
[  328.841501][T11916]  ? vfs_write+0x7c4/0xc90
[  328.845954][T11916]  ? __mutex_unlock_slowpath+0x21d/0x750
[  328.851736][T11916]  ? __fget_files+0x3f6/0x470
[  328.856576][T11916]  __x64_sys_recvmmsg+0x199/0x250
[  328.861639][T11916]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  328.867215][T11916]  ? do_syscall_64+0x100/0x230
[  328.872011][T11916]  ? do_syscall_64+0xb6/0x230
[  328.876821][T11916]  do_syscall_64+0xf3/0x230
[  328.881445][T11916]  ? clear_bhb_loop+0x35/0x90
[  328.886148][T11916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.892063][T11916] RIP: 0033:0x7f3d70975bd9
[  328.896506][T11916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.916140][T11916] RSP: 002b:00007f3d71699048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  328.924672][T11916] RAX: ffffffffffffffda RBX: 00007f3d70b03f60 RCX: 00007f3d70975bd9
[  328.932678][T11916] RDX: 03ffffffffffff62 RSI: 00000000200005c0 RDI: 0000000000000006
[  328.940665][T11916] RBP: 00007f3d716990a0 R08: 0000000000000000 R09: 0000000000000000
[  328.948655][T11916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.956634][T11916] R13: 000000000000000b R14: 00007f3d70b03f60 R15: 00007ffde32a7728
[  328.964663][T11916]  </TASK>
[  329.029361][T11921] netlink: 'syz.2.2054': attribute type 2 has an invalid length.
[  329.244601][  T993] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.788427][ T4490] Bluetooth: hci1: command 0x0406 tx timeout
[  329.788907][ T5109] Bluetooth: hci2: command 0x0406 tx timeout
[  329.847950][  T993] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.917520][  T993] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.006717][  T993] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.162352][T11935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2057'.
[  330.202744][T11935] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2057'.
[  330.241058][  T993] bridge_slave_1: left allmulticast mode
[  330.246755][  T993] bridge_slave_1: left promiscuous mode
[  330.289079][  T993] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.318424][  T993] bridge_slave_0: left allmulticast mode
[  330.324138][  T993] bridge_slave_0: left promiscuous mode
[  330.365055][  T993] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.381852][T11946] FAULT_INJECTION: forcing a failure.
[  330.381852][T11946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.407874][T11946] CPU: 0 PID: 11946 Comm: syz.3.2062 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  330.418078][T11946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  330.428157][T11946] Call Trace:
[  330.431461][T11946]  <TASK>
[  330.434407][T11946]  dump_stack_lvl+0x241/0x360
[  330.439149][T11946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.444370][T11946]  ? __pfx__printk+0x10/0x10
[  330.449014][T11946]  ? __pfx_lock_release+0x10/0x10
[  330.454082][T11946]  should_fail_ex+0x3b0/0x4e0
[  330.458827][T11946]  _copy_from_iter+0x1f6/0x1960
[  330.463714][T11946]  ? __virt_addr_valid+0x183/0x520
[  330.468866][T11946]  ? __pfx_lock_release+0x10/0x10
[  330.474021][T11946]  ? __alloc_skb+0x28f/0x440
[  330.478749][T11946]  ? __pfx__copy_from_iter+0x10/0x10
[  330.484072][T11946]  ? __virt_addr_valid+0x183/0x520
[  330.489221][T11946]  ? __virt_addr_valid+0x183/0x520
[  330.494365][T11946]  ? __virt_addr_valid+0x44e/0x520
[  330.499521][T11946]  ? __check_object_size+0x49c/0x900
[  330.504848][T11946]  netlink_sendmsg+0x73d/0xcb0
[  330.509657][T11946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.514970][T11946]  ? __pfx_bpf_lsm_socket_sendmsg+0x10/0x10
[  330.520899][T11946]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[  330.527676][T11946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.533003][T11946]  __sock_sendmsg+0x221/0x270
[  330.537695][T11946]  ____sys_sendmsg+0x525/0x7d0
[  330.542483][T11946]  ? __pfx_____sys_sendmsg+0x10/0x10
[  330.547799][T11946]  __sys_sendmsg+0x2b0/0x3a0
[  330.552425][T11946]  ? __pfx___sys_sendmsg+0x10/0x10
[  330.557559][T11946]  ? vfs_write+0x7c4/0xc90
[  330.562024][T11946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  330.568368][T11946]  ? do_syscall_64+0x100/0x230
[  330.573147][T11946]  ? do_syscall_64+0xb6/0x230
[  330.577839][T11946]  do_syscall_64+0xf3/0x230
[  330.582357][T11946]  ? clear_bhb_loop+0x35/0x90
[  330.587047][T11946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.592945][T11946] RIP: 0033:0x7f3723975bd9
[  330.597362][T11946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.616973][T11946] RSP: 002b:00007f3724691048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.625393][T11946] RAX: ffffffffffffffda RBX: 00007f3723b03f60 RCX: 00007f3723975bd9
[  330.633371][T11946] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  330.641351][T11946] RBP: 00007f37246910a0 R08: 0000000000000000 R09: 0000000000000000
[  330.649419][T11946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.657393][T11946] R13: 000000000000000b R14: 00007f3723b03f60 R15: 00007ffd687d8e78
[  330.665388][T11946]  </TASK>
[  330.673251][ T5098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  330.690425][ T5098] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  330.701074][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  330.709646][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  330.717433][ T5098] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  330.724952][ T5098] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  331.129718][  T993] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  331.143467][  T993] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.158848][  T993] bond0 (unregistering): Released all slaves
[  331.172797][T11935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2057'.
[  331.186692][T11943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2057'.
[  331.566426][T11970] netlink: 'syz.1.2068': attribute type 1 has an invalid length.
[  331.628468][  T993] hsr_slave_0: left promiscuous mode
[  331.634874][  T993] hsr_slave_1: left promiscuous mode
[  331.643412][  T993] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  331.651439][  T993] batman_adv: batadv0: Removing interface: batadv_slave_0
[  331.660951][  T993] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  331.668616][  T993] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.704223][  T993] veth1_macvtap: left promiscuous mode
[  331.711339][  T993] veth0_macvtap: left promiscuous mode
[  331.720071][  T993] veth1_vlan: left promiscuous mode
[  331.725646][  T993] veth0_vlan: left promiscuous mode
[  332.367740][  T993] team0 (unregistering): Port device team_slave_1 removed
[  332.410660][  T993] team0 (unregistering): Port device team_slave_0 removed
[  332.749699][ T5098] Bluetooth: hci4: command tx timeout
[  332.867664][T11970] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2068'.
[  332.882176][T11970] 8021q: adding VLAN 0 to HW filter on device bond2
[  332.891805][T11976] netlink: 'syz.2.2069': attribute type 2 has an invalid length.
[  332.900928][T11972] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2068'.
[  332.901894][T11987] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2071'.
[  332.919270][T11987] netlink: 'syz.3.2071': attribute type 1 has an invalid length.
[  332.927027][T11987] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2071'.
[  332.936318][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2070'.
[  332.958674][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2070'.
[  333.200832][T11950] chnl_net:caif_netlink_parms(): no params data found
[  333.255550][T11997] syzkaller1: entered promiscuous mode
[  333.268506][T11997] syzkaller1: entered allmulticast mode
[  333.352512][T12000] sit0: entered promiscuous mode
[  333.381240][T12000] netlink: 'syz.2.2072': attribute type 1 has an invalid length.
[  333.404654][T12000] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2072'.
[  333.811280][T11950] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.848790][T11950] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.868436][T11950] bridge_slave_0: entered allmulticast mode
[  333.888500][T11950] bridge_slave_0: entered promiscuous mode
[  333.945850][T11950] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.966207][T11950] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.998531][T11950] bridge_slave_1: entered allmulticast mode
[  334.023574][T11950] bridge_slave_1: entered promiscuous mode
[  334.052547][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2081'.
[  334.156979][T11950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.212301][T11950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.344270][T11950] team0: Port device team_slave_0 added
[  334.371329][T11950] team0: Port device team_slave_1 added
[  334.520262][T11950] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.527266][T11950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.596384][T11950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.619285][T11950] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.626292][T11950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.633403][T12039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  334.687799][T11950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.759462][T12039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  334.780421][T12043] ------------[ cut here ]------------
[  334.786569][T12043] WARNING: CPU: 0 PID: 12043 at include/net/mac80211.h:7001 minstrel_ht_update_caps+0x44a/0x17e0
[  334.797251][T12043] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  334.801238][T12043] CPU: 0 PID: 12043 Comm: syz.2.2086 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  334.811523][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  334.821763][T12043] RIP: 0010:minstrel_ht_update_caps+0x44a/0x17e0
[  334.828202][T12043] Code: da e8 1a 62 cd f9 e9 24 ff ff ff e8 d0 87 7a f6 eb 17 e8 c9 87 7a f6 eb 14 e8 c2 87 7a f6 49 c1 fd 38 eb 0c e8 b7 87 7a f6 90 <0f> 0b 90 45 31 ed 49 bf 00 00 00 00 00 fc ff df 48 8b 3c 24 4c 8b
[  334.846159][ T5108] Bluetooth: hci4: command tx timeout
[  334.847913][T12043] RSP: 0018:ffffc90002f16f80 EFLAGS: 00010283
[  334.859502][T12043] RAX: ffffffff8b1b9ed9 RBX: 000000000000000c RCX: 0000000000040000
[  334.867530][T12043] RDX: ffffc9001126d000 RSI: 0000000000000ddf RDI: 0000000000000de0
[  334.875611][T12043] RBP: 0000000000000000 R08: ffffffff8b1b9df5 R09: 0000000000000000
[  334.883690][T12043] R10: ffff88806712c008 R11: ffffed100ce25d49 R12: 1ffff110055b2618
[  334.891881][T12043] R13: 0b00000000000000 R14: ffff88802ad930c0 R15: 0100000000000000
[  334.899960][T12043] FS:  00007f37268006c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  334.908984][T12043] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  334.915611][T12043] CR2: 0000000020001080 CR3: 000000001ec1e000 CR4: 00000000003506f0
[  334.923677][T12043] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  334.931713][T12043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  334.939749][T12043] Call Trace:
[  334.943057][T12043]  <TASK>
[  334.946016][T12043]  ? __warn+0x163/0x4e0
[  334.950268][T12043]  ? minstrel_ht_update_caps+0x44a/0x17e0
[  334.956050][T12043]  ? report_bug+0x2b3/0x500
[  334.960649][T12043]  ? minstrel_ht_update_caps+0x44a/0x17e0
[  334.966440][T12043]  ? handle_bug+0x3e/0x70
[  334.970879][T12043]  ? exc_invalid_op+0x1a/0x50
[  334.975606][T12043]  ? asm_exc_invalid_op+0x1a/0x20
[  334.980775][T12043]  ? minstrel_ht_update_caps+0x365/0x17e0
[  334.986567][T12043]  ? minstrel_ht_update_caps+0x449/0x17e0
[  334.992433][T12043]  ? minstrel_ht_update_caps+0x44a/0x17e0
[  334.998338][T12043]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  335.003798][T12043]  ? __pfx_minstrel_ht_rate_init+0x10/0x10
[  335.009712][T12043]  rate_control_rate_init+0x3cf/0x5f0
[  335.015153][T12043]  ? rate_control_rate_init+0xe3/0x5f0
[  335.020740][T12043]  sta_apply_auth_flags+0x1b6/0x410
[  335.026018][T12043]  sta_apply_parameters+0xe23/0x1550
[  335.031468][T12043]  ieee80211_add_station+0x3da/0x630
[  335.036819][T12043]  rdev_add_station+0x11b/0x2b0
[  335.041806][T12043]  nl80211_new_station+0x1d53/0x2550
[  335.047185][T12043]  ? __pfx_nl80211_new_station+0x10/0x10
[  335.052958][T12043]  ? netdev_run_todo+0xf88/0x1000
[  335.058111][T12043]  genl_rcv_msg+0xb14/0xec0
[  335.062759][T12043]  ? mark_lock+0x9a/0x350
[  335.067153][T12043]  ? __pfx_genl_rcv_msg+0x10/0x10
[  335.072341][T12043]  ? __pfx_lock_acquire+0x10/0x10
[  335.077456][T12043]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  335.082961][T12043]  ? __pfx_nl80211_new_station+0x10/0x10
[  335.088724][T12043]  ? __pfx_nl80211_post_doit+0x10/0x10
[  335.094452][T12043]  ? __pfx___might_resched+0x10/0x10
[  335.099909][T12043]  netlink_rcv_skb+0x1e3/0x430
[  335.104757][T12043]  ? __pfx_genl_rcv_msg+0x10/0x10
[  335.109926][T12043]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  335.115306][T12043]  ? __netlink_deliver_tap+0x77e/0x7c0
[  335.120924][T12043]  genl_rcv+0x28/0x40
[  335.124968][T12043]  netlink_unicast+0x7f0/0x990
[  335.129887][T12043]  ? __pfx_netlink_unicast+0x10/0x10
[  335.135254][T12043]  ? __virt_addr_valid+0x183/0x520
[  335.140496][T12043]  ? __check_object_size+0x49c/0x900
[  335.145838][T12043]  ? bpf_lsm_netlink_send+0x9/0x10
[  335.151081][T12043]  netlink_sendmsg+0x8e4/0xcb0
[  335.155930][T12043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.161342][T12043]  ? __import_iovec+0x536/0x820
[  335.166249][T12043]  ? aa_sock_msg_perm+0x91/0x160
[  335.171320][T12043]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  335.176658][T12043]  ? security_socket_sendmsg+0x87/0xb0
[  335.182350][T12043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.187873][T12043]  __sock_sendmsg+0x221/0x270
[  335.192633][T12043]  ____sys_sendmsg+0x525/0x7d0
[  335.197467][T12043]  ? __pfx_____sys_sendmsg+0x10/0x10
[  335.202847][T12043]  __sys_sendmsg+0x2b0/0x3a0
[  335.207469][T12043]  ? __pfx___sys_sendmsg+0x10/0x10
[  335.212709][T12043]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  335.219088][T12043]  ? do_syscall_64+0x100/0x230
[  335.223878][T12043]  ? do_syscall_64+0xb6/0x230
[  335.228634][T12043]  do_syscall_64+0xf3/0x230
[  335.233174][T12043]  ? clear_bhb_loop+0x35/0x90
[  335.237906][T12043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.243882][T12043] RIP: 0033:0x7f3725975bd9
[  335.248357][T12043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.268020][T12043] RSP: 002b:00007f3726800048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.276658][T12043] RAX: ffffffffffffffda RBX: 00007f3725b03f60 RCX: 00007f3725975bd9
[  335.284825][T12043] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000004
[  335.292946][T12043] RBP: 00007f37259e4e60 R08: 0000000000000000 R09: 0000000000000000
[  335.301009][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.309144][T12043] R13: 000000000000000b R14: 00007f3725b03f60 R15: 00007ffe7b90a118
[  335.317166][T12043]  </TASK>
[  335.320257][T12043] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  335.327804][T12043] CPU: 0 PID: 12043 Comm: syz.2.2086 Not tainted 6.10.0-rc6-syzkaller-01414-g58f9416d413a #0
[  335.337975][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  335.348311][T12043] Call Trace:
[  335.351600][T12043]  <TASK>
[  335.354533][T12043]  dump_stack_lvl+0x241/0x360
[  335.359228][T12043]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.364458][T12043]  ? __pfx__printk+0x10/0x10
[  335.369076][T12043]  ? vscnprintf+0x5d/0x90
[  335.373423][T12043]  panic+0x349/0x860
[  335.377333][T12043]  ? __warn+0x172/0x4e0
[  335.381515][T12043]  ? __pfx_panic+0x10/0x10
[  335.385964][T12043]  __warn+0x346/0x4e0
[  335.389963][T12043]  ? minstrel_ht_update_caps+0x44a/0x17e0
[  335.395719][T12043]  report_bug+0x2b3/0x500
[  335.400058][T12043]  ? minstrel_ht_update_caps+0x44a/0x17e0
[  335.405799][T12043]  handle_bug+0x3e/0x70
[  335.410080][T12043]  exc_invalid_op+0x1a/0x50
[  335.414701][T12043]  asm_exc_invalid_op+0x1a/0x20
[  335.419664][T12043] RIP: 0010:minstrel_ht_update_caps+0x44a/0x17e0
[  335.426004][T12043] Code: da e8 1a 62 cd f9 e9 24 ff ff ff e8 d0 87 7a f6 eb 17 e8 c9 87 7a f6 eb 14 e8 c2 87 7a f6 49 c1 fd 38 eb 0c e8 b7 87 7a f6 90 <0f> 0b 90 45 31 ed 49 bf 00 00 00 00 00 fc ff df 48 8b 3c 24 4c 8b
[  335.445659][T12043] RSP: 0018:ffffc90002f16f80 EFLAGS: 00010283
[  335.451770][T12043] RAX: ffffffff8b1b9ed9 RBX: 000000000000000c RCX: 0000000000040000
[  335.459754][T12043] RDX: ffffc9001126d000 RSI: 0000000000000ddf RDI: 0000000000000de0
[  335.468282][T12043] RBP: 0000000000000000 R08: ffffffff8b1b9df5 R09: 0000000000000000
[  335.476272][T12043] R10: ffff88806712c008 R11: ffffed100ce25d49 R12: 1ffff110055b2618
[  335.484266][T12043] R13: 0b00000000000000 R14: ffff88802ad930c0 R15: 0100000000000000
[  335.492263][T12043]  ? minstrel_ht_update_caps+0x365/0x17e0
[  335.498062][T12043]  ? minstrel_ht_update_caps+0x449/0x17e0
[  335.503843][T12043]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  335.509259][T12043]  ? __pfx_minstrel_ht_rate_init+0x10/0x10
[  335.515171][T12043]  rate_control_rate_init+0x3cf/0x5f0
[  335.521171][T12043]  ? rate_control_rate_init+0xe3/0x5f0
[  335.526652][T12043]  sta_apply_auth_flags+0x1b6/0x410
[  335.531877][T12043]  sta_apply_parameters+0xe23/0x1550
[  335.537224][T12043]  ieee80211_add_station+0x3da/0x630
[  335.542628][T12043]  rdev_add_station+0x11b/0x2b0
[  335.547504][T12043]  nl80211_new_station+0x1d53/0x2550
[  335.552842][T12043]  ? __pfx_nl80211_new_station+0x10/0x10
[  335.558502][T12043]  ? netdev_run_todo+0xf88/0x1000
[  335.563584][T12043]  genl_rcv_msg+0xb14/0xec0
[  335.568109][T12043]  ? mark_lock+0x9a/0x350
[  335.572473][T12043]  ? __pfx_genl_rcv_msg+0x10/0x10
[  335.577560][T12043]  ? __pfx_lock_acquire+0x10/0x10
[  335.582616][T12043]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  335.588037][T12043]  ? __pfx_nl80211_new_station+0x10/0x10
[  335.593707][T12043]  ? __pfx_nl80211_post_doit+0x10/0x10
[  335.599189][T12043]  ? __pfx___might_resched+0x10/0x10
[  335.604511][T12043]  netlink_rcv_skb+0x1e3/0x430
[  335.609397][T12043]  ? __pfx_genl_rcv_msg+0x10/0x10
[  335.614556][T12043]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  335.619865][T12043]  ? __netlink_deliver_tap+0x77e/0x7c0
[  335.625344][T12043]  genl_rcv+0x28/0x40
[  335.629447][T12043]  netlink_unicast+0x7f0/0x990
[  335.634282][T12043]  ? __pfx_netlink_unicast+0x10/0x10
[  335.639577][T12043]  ? __virt_addr_valid+0x183/0x520
[  335.644707][T12043]  ? __check_object_size+0x49c/0x900
[  335.649999][T12043]  ? bpf_lsm_netlink_send+0x9/0x10
[  335.655133][T12043]  netlink_sendmsg+0x8e4/0xcb0
[  335.659922][T12043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.665221][T12043]  ? __import_iovec+0x536/0x820
[  335.670090][T12043]  ? aa_sock_msg_perm+0x91/0x160
[  335.675067][T12043]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  335.680358][T12043]  ? security_socket_sendmsg+0x87/0xb0
[  335.685827][T12043]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.691125][T12043]  __sock_sendmsg+0x221/0x270
[  335.695820][T12043]  ____sys_sendmsg+0x525/0x7d0
[  335.700607][T12043]  ? __pfx_____sys_sendmsg+0x10/0x10
[  335.705924][T12043]  __sys_sendmsg+0x2b0/0x3a0
[  335.710556][T12043]  ? __pfx___sys_sendmsg+0x10/0x10
[  335.715780][T12043]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  335.722146][T12043]  ? do_syscall_64+0x100/0x230
[  335.726946][T12043]  ? do_syscall_64+0xb6/0x230
[  335.731727][T12043]  do_syscall_64+0xf3/0x230
[  335.736267][T12043]  ? clear_bhb_loop+0x35/0x90
[  335.740990][T12043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.746900][T12043] RIP: 0033:0x7f3725975bd9
[  335.751422][T12043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.771046][T12043] RSP: 002b:00007f3726800048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.779469][T12043] RAX: ffffffffffffffda RBX: 00007f3725b03f60 RCX: 00007f3725975bd9
[  335.787441][T12043] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000004
[  335.795435][T12043] RBP: 00007f37259e4e60 R08: 0000000000000000 R09: 0000000000000000
[  335.803495][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.811466][T12043] R13: 000000000000000b R14: 00007f3725b03f60 R15: 00007ffe7b90a118
[  335.819631][T12043]  </TASK>
[  335.822982][T12043] Kernel Offset: disabled
[  335.827400][T12043] Rebooting in 86400 seconds..