last executing test programs:

15.603262458s ago: executing program 0 (id=1808):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001200970c25bd70000200000007000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000040034"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket(0x11, 0x4, 0x7)

15.494631015s ago: executing program 0 (id=1812):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x8c}, 0x1, 0x0, 0x0, 0x20000805}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="100a06000908010014001a80100005800c00068008"], 0x34}, 0x1, 0x0, 0x0, 0xc0c0}, 0x14)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=@newae={0x40, 0x1e, 0x468bbc8229e18b43, 0x0, 0x0, {{}, @in6=@empty}}, 0x40}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)

15.422370858s ago: executing program 0 (id=1813):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001880)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="02"], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0200000004000084e51236c0cf6058008000000075d4cf573f0d4e02eb08aeb5f9b5134b71c608f79ddd766e86e8c9d5d5fe3837ae6d8e1eecbd4c490dabe106bab146c701c4d8f60a32acd30dd1db8fdc5cfe8ff2b6e7b2b9f6a3fd514e15dea676c7ab0319e4b14f929da07920f4370ea578b8eb79cc0d9b071f32e977db331ccd639ced6deae80f0c7b613f8dfd", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@ipv6_deladdrlabel={0x30, 0x49, 0xc05, 0x70bd27, 0x25dfdbfd, {0xa, 0x0, 0x1, 0x0, 0x0, 0x3b}, [@IFAL_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001300)={0x1c, 0x16, 0xa01, 0x80000000, 0x25dfdbfe, {0x2}, [@typed={0x4, 0xec}, @generic='!']}, 0x1c}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xd23, 0x0, 0x25dfdbff}, 0x18}}, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x90)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b80)={r5, 0x58, &(0x7f0000000b00)}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000100)={r11, r10}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r10, 0x0, 0x83, 0x5a, &(0x7f00000000c0)="9461cde3a3d47bb04bce1e46c8916383bbcd71b634fb316f702c57dd6a9012160f0011fde25d3590eaa5a1f07dec1f55086fe357c5cf50bb2c0683b6e92320923b5fbdb63109641de0cb056c98d038ec699868f70d5c9fa924c8887f29b2673f0c58c2883acf2d1de55a6f8989f3c304338c9d0224f7d6460fce81f5dee6b91bb67f86", &(0x7f00000002c0)=""/90, 0x48000000, 0x0, 0x15, 0x92, &(0x7f0000000000)="6da6f0a389ad1087f4ac7f2ba1983b19fc1fce08dd", &(0x7f0000000340)="c5730f24ad32c927d9014647105fcce529100329e1ca9b8e4f589ac8db57e72290f78cabb81b9d76b53591c6d91aff4b4c9b8657f01889c67db78afed955eb84411255c212465b80dd5384e16ffaf2b9f3c281435fe3064f4435349fa7db69f4cdc22a5a53b7ddb0d92671e13a25c964982eb3aeeac306a0f4dda05a15b5d5ef1a1befb7a099a7f2e961bcf7c4a3aad90806", 0x3, 0x0, 0x5dcb}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa000000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000006200000076000000bf91000000000000b6080000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff000000009408000000001700638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000008000000850000006900000095"], &(0x7f0000005d80)='syzkaller\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write(r10, &(0x7f0000000a00)="68db3ce44bdc0a4fa191b6c78b65dd47ad474f96ad8310c8850acc7b34d095ca3ede2bb95da9faeb509bb7fd39939916ba6ea317f2bfdafc02f95638b0469adbfdd47394778d9df8c5b602805d332f89d3cfa56491be67cc293ddbc2f8a64555829b7717ab9e30975575a43c894d68e69a3c6fc3a90bbc49c952877db38a5b9f13aa98f2a9bc139eace9ec92a984c403deedcef1bf5ddf34b1ab565a348a7f1a46ee52d8e91b9487106097af094d967d460e2d5d2e20ae9b8bd62214e3c38c23a095284733b7ac4fda43b5bb18cdb2a5c309dda72f53b5344404696938a56c79e0dcff8d9967681a984acd80a3115b67906d9850763da0ab", 0xf8)

15.263299539s ago: executing program 0 (id=1816):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000600)='ns/net\x00')
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000002900)={0x0, 0x0, 0x0, 0x5})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x2c, 0x0, &(0x7f0000000180))
sendto(r1, &(0x7f0000000000)="4299ecc5df0888acdef287a61598d4de8afabf04ae7b235dcbaa1e208cfdc6f2240cefbfa9547a533024aeb801fa88ab25c129cf5d06f4c4b1e509ba0af88516e6cdf2e1523ce1ddfbe3af68e8fa15ad42cc", 0x52, 0x2000c010, &(0x7f0000000080)=@ll={0x11, 0x6, 0x0, 0x1, 0x8, 0x6, @random="c76ca0ae9dbf"}, 0xffffff36)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x7}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'wg0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)

14.494110122s ago: executing program 0 (id=1823):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a64000000060a0101000000000000000002000000380004cb4f3437000b7459f83120c01aa073000000007866726d000000002400028008000240000000060500030000d3000047bd02400000000408000440000000050900010073797a30000000000900010073797a300000000014000000110001000000"], 0x8c}, 0x1, 0x0, 0x0, 0x20000805}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="100a06000908010014001a80100005800c00068008"], 0x34}, 0x1, 0x0, 0x0, 0xc0c0}, 0x14)

6.232626648s ago: executing program 0 (id=1823):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a64000000060a0101000000000000000002000000380004cb4f3437000b7459f83120c01aa073000000007866726d000000002400028008000240000000060500030000d3000047bd02400000000408000440000000050900010073797a30000000000900010073797a300000000014000000110001000000"], 0x8c}, 0x1, 0x0, 0x0, 0x20000805}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="100a06000908010014001a80100005800c00068008"], 0x34}, 0x1, 0x0, 0x0, 0xc0c0}, 0x14)

4.523644468s ago: executing program 1 (id=1933):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async, rerun: 32)
socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 32)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10) (async)
listen(r1, 0x0) (async)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) (async)
r3 = accept4(r1, 0x0, 0x0, 0x0)
recvfrom$rose(r3, 0x0, 0x0, 0x10161, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{0x1, <r4=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)='%+9llu \x00'}, 0x20)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@o_path={&(0x7f0000000000)='./file0\x00', r0, 0x4000, r4}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0200", 0x8, 0x0, 0x0, @local, @local, {[@srh={0x32}]}}}}}, 0x0)

4.228702346s ago: executing program 3 (id=1938):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r1, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180000003c00072301fcffffff00000003"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)

4.03594536s ago: executing program 3 (id=1939):
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x24000004)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = getpid()
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r2, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, 0x0, &(0x7f00000000c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
pipe(0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r6=>0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r6, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1ef153d94d95270957170e00f4407e692b72ba3315d9283dedc0b96e52da35b6f4fb72a51088984c8c9ae5f9823c0e8f221255aec4be1ec0a2331ba78b49881819fd7c160a8001f501c60962998b73c9026065fa49e0b8535d18c071e7f214e9a452b390fdf20aad46da8f252dde2aebf54f35aa9c5f833931948dcf2b19ed12512156497fb81d0205000000000000000ed0fb05ba7b829d963e73d713d5a5134269464c50461ce4b7acf1204e13fd6af83cf060971069e0f9af9e45d99a90f19d3606aef7b4052b929976439e600a67c94a236358bc17e54664e8f98bf982e468c8f5c81075443e2abe9541eedc7fa551f97ff392ac2f0436e6a96a89", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000800000000100000080"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a00)={{r7}, &(0x7f0000000940), &(0x7f0000000980)}, 0xfffffffffffffe76)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r9}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="0300000000f7ff000000000000007b8af8ff00000000b7080000070000007b8afcff00000000bfa1449eeea54ed57affffbfa400000000000007040000f0ffffffb702000008000000182300000000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x29, 0x10, &(0x7f0000000380)=ANY=[@ANYBLOB="10a09afffcffffffb7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="3224e9", @ANYBLOB="000000000000800000000000000079000000a500000018000800003aeb28633ac438c3c759a6"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0xc8, &(0x7f0000000540)=""/200, 0x40f00, 0x4f, '\x00', r6, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x3, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000640)=[r8, r8, r9, r7, r7, r8, r7, r10, r8], &(0x7f0000000680)=[{0x4, 0x5, 0xd, 0x7}, {0x4, 0x5, 0x5, 0x2}, {0x0, 0xfffffff1, 0x0, 0x2}], 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{0x1}, 0x0, 0x0}, 0x20)
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x268, 0xffffff7a, 0xffffffff, 0x268, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {0xff}, 0xf7, 0x0, 0x41}, 0x6, 0x130, 0x198, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@broadcast, [0xffffffff, 0xffffff00, 0xffffff00, 0xffffff00], @ipv6=@dev={0xfe, 0x80, '\x00', 0xe}, [0x0, 0xffffff00, 0xffffffff, 0xff000000], @ipv4=@loopback, [0xff, 0xff000000, 0xff, 0xff000000], @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xffffffff, 0xff, 0xff, 0xff000000], 0x53, 0xff, 0x6, 0x4e21, 0x4e24, 0x4e20, 0x4e24, 0x0, 0x840}, 0x100, 0x200}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)

3.556755983s ago: executing program 1 (id=1941):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000, 0xffffffff, 0x1}, 0x20) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
read(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'ipvlan1\x00', <r4=>0x0}) (async, rerun: 32)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4) (rerun: 32)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x4202, 0xffffffffffffffe6) (async, rerun: 32)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) (async, rerun: 32)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r4, 0x24}, 0x10)
r5 = socket$xdp(0x2c, 0x3, 0x0) (async)
r6 = socket$xdp(0x2c, 0x3, 0x0) (async)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
write(r7, &(0x7f0000000040)="091a71e7cd0003", 0x7)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000340), 0x200000, 0x1800, 0x0, 0x1}, 0x20) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'sit0\x00'}) (async)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f00000001c0)=0xa, 0x4) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) (async)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) (async)
bind$xdp(r3, &(0x7f0000000600)={0x2c, 0x8, r4, 0x1e, r6}, 0x10) (async)
r9 = socket$netlink(0x10, 0x3, 0x4) (async, rerun: 64)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x200000, 0x1000}, 0x20) (rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)) (async)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000280)={'sit0\x00'}) (async)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r10) (async)
sendmsg$NLBL_CIPSOV4_C_ADD(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x24040035}, 0x8004) (async, rerun: 64)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x2) (rerun: 64)

3.200670389s ago: executing program 1 (id=1946):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r4, 0x201, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4010)
close(r2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r7, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, 0x0, 0x28000000)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0xfe, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @local, @rand_addr=0x64010102}}}}}}, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r10, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
connect$inet(r10, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r8, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
connect$pppl2tp(r9, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r10, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
sendmmsg(r9, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x8}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x81}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}]}}}]}, 0x4c}}, 0x0)
r11 = openat$cgroup_type(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_type(r11, &(0x7f0000000100), 0x9)

2.871195505s ago: executing program 1 (id=1948):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x54, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x23, 0x5b, "30a32301a6740efa0ae5ac34fd7681ad81855197bffc0394b9fc647dd7ad43"}, @NL80211_ATTR_FRAME_MATCH={0x19, 0x5b, "7af7a12efbf73a8a8c1d05238303e6a1a7db616e01"}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x44041) (async)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x60, r1, 0x800, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xf}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x40}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000000690549000000000004a00000f0ffffff9500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7587, @void, @value}, 0x94)

2.77552183s ago: executing program 4 (id=1949):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x2, 0xf, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_spirange={0x2, 0x10, 0x4d4, 0x4d2}]}, 0x48}}, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, 0x0, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
connect$vsock_stream(r4, &(0x7f0000000000), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
accept4$unix(r4, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x1c, 0x2, 0x1, 0x201, 0x0, 0x0, {}, [@CTA_TUPLE_ORIG={0x4}, @CTA_FILTER={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'macvlan0\x00', <r7=>0x0})
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r9, 0x0, 0xe, 0x0, &(0x7f000000eb40))
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'gretap0\x00'})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r10, &(0x7f0000000080)=[{&(0x7f0000000200)="4647b4f310d036b398bd576db787e7b4202ee128ae26c942fc41e537802686e8", 0x20}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r10, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@getneigh={0x14, 0x1e, 0xa, 0x70bd2c, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x14}, 0xa0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x25, &(0x7f0000000080)={@local, @multicast1, @multicast1}, 0xc)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x2, 0x4, 0x408, 0x0, 0x108, 0x108, 0x320, 0x108, 0x320, 0x7fffffe, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netpci0\x00', 'pimreg0\x00'}, 0xc0, 0x108, 0x0, {0x3ed}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x2, {0x0, 'syz0\x00'}}}, {{@arp={@rand_addr, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'bridge_slave_0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @dev}}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'lo\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2, 0xfffffffb}}}}, 0x458)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, 0x0, &(0x7f0000000000))
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@private0, 0x55, r7})

2.732143272s ago: executing program 1 (id=1950):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180000003c00072301fcffffff00000003"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="540000001000010427bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="03050000000000002c00128009000100766c616e000000001c000280100004800c000100030000007e000000060001000700000008000500", @ANYRES32=r2, @ANYBLOB="333a1ba2dd7fe33b886b0ddbd5c6038e41c33bbd9f4d1b522d9b36ba29f9866f7c0da70b4bd5c7e572d54246e2db166c25a5c1f5599888cab2a3ced12f8ce6b18ae035bcfaea4b87ab37a18c748fcaf0ab550eb8b59491282b8c3666353b47b056d0b2bfc418e72373529704bd2176c31af5da5f0fe69fc1dffdbb925a283317bb61f75b403fed9c706566e5035c6253f02bec9afea387a2b05a4cbdd6689ad85463e71abb69ce6411e7c7de9a010c5820134936eb166e3366e336c9bfb81960a409fa48f3a3f9f1bca0a2a6ae7230f4e156b26713c0943c9693359fb7fbb088265b8377345262f0b31d27a0d8fba3"], 0x54}, 0x1, 0x0, 0x0, 0x404c8e0}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x23, &(0x7f00000001c0)="ee340ad606a8ba6e1e06303bac9177f9a3f6d9178ca1bae8eccc3d7ae8b07450e0a3c731907db20ecf01a9511db303e44811acbd45fe6edf94bd96e076302cf7d8b6e3fa8ffe70ad9535c25c101c0370a80d867a2973a213fd246db2454a0041bcb061928774290f65a55b06443fb6112b943a42b44409af03583799006b61bf1e12650e8f23dbe8b8d7a9b52d8b0a96e406b358114283a359b6100ffc316e2b73b5c1ecde614f4ff0758f2be939fbcf7766c891c8f6334c4c7cd8", 0xbb)
setsockopt$inet6_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000480)=@ccm_128={{0x303}, "84b6c605ff0aba13", "ea3aad5f4f0deac11ed5d9adeec153a1", 'I+%-', "c9cd5ae3f761299c"}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000100)={'IDLETIMER\x00'}, &(0x7f0000000140)=0x1e)

2.671971513s ago: executing program 2 (id=1951):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bind$ax25(r3, &(0x7f0000000080)={{0x3, @bcast, 0x1}, [@null, @bcast, @default, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r3)
r4 = socket$unix(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000005700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={&(0x7f0000005740)={0x28, r2, 0x105, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20008804)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
syz_init_net_socket$ax25(0x3, 0x5, 0x0) (async)
bind$ax25(r3, &(0x7f0000000080)={{0x3, @bcast, 0x1}, [@null, @bcast, @default, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}, 0x48) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r3) (async)
socket$unix(0x1, 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000005700)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f00000059c0)={0x0, 0x0, &(0x7f0000005980)={&(0x7f0000005740)={0x28, r2, 0x105, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20008804) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)

2.429006647s ago: executing program 1 (id=1952):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=@getchain={0x24, 0x66, 0x0, 0x0, 0x2000}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x100, {0x0, 0x0, 0x0, r2, 0x100, 0xac}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e20}, @IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x2}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e24}, @IFLA_IPTUN_FLOWINFO={0x8, 0x7, 0x100}, @IFLA_IPTUN_ENCAP_LIMIT={0x5, 0x6, 0x7}]}}}]}, 0x5c}}, 0xeb64d656001b2f26)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @broadcast, 0x4e20, 0x3, 'none\x00', 0x11, 0x3}, 0x2c)
getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000000), &(0x7f0000000180)=0x68)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x23c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x100000000, 0xca8}}, [@tmpl={0x184, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@remote, 0x0, 0x3c}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x80}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x3, 0x0, 0x0, 0x81}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffe, 0x6c}, 0x0, @in=@multicast1, 0x0, 0x0, 0x0, 0x3}, {{@in6=@mcast1, 0x0, 0x32}, 0xa, @in6=@private1, 0x0, 0x4, 0x0, 0x2}]}]}, 0x23c}}, 0x0)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r5 = socket$inet6(0xa, 0x3, 0x5)
sendmmsg(r5, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80003, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)

1.225940016s ago: executing program 4 (id=1953):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x1d, 0x2, 0x6)
setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x23, 0x66}, [@call={0x16}]}, &(0x7f0000000140)='GPL\x00', 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff4e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000140)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x200000, {0x0, 0x0, 0x0, r9, 0x9801}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040004}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r9, @ANYBLOB="002000000000000020001280080001006772650014000280080014000100"], 0x40}, 0x1, 0x0, 0x0, 0x404c894}, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000009500000000000000d2c63fee52d2670fac6d5a724a040660b845f4ab2c95a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r11 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r11, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r12 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$sock(r12, &(0x7f00000000c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x11}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x18}, 0x0)
close(r0)
bind$l2tp6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xe0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, <r13=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)=r5}, 0x20)
close(r13)

1.16825746s ago: executing program 2 (id=1954):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=@mpls_delroute={0xa0, 0x19, 0x1, 0x0, 0x1, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_NEWDST={0x84, 0x13, [{0x3ff}, {0x5}, {}, {0x2, 0x0, 0x1}, {0x6}, {0x4, 0x0, 0x1}, {0x2}, {0x1fdc}, {0xff, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {}, {0x9, 0x0, 0x1}, {0x5f5}, {0x7, 0x0, 0x1}, {0xffffc, 0x0, 0x1}, {0x101, 0x0, 0x1}, {0x4}, {0x4, 0x0, 0x1}, {0xe}, {0xe2}, {0x1, 0x0, 0x1}, {0x2}, {0x101, 0x0, 0x1}, {0x1000}, {0xf30b}, {0xe1e3, 0x0, 0x1}, {0x1}, {0xffc00, 0x0, 0x1}, {0x40, 0x0, 0x1}, {0x2}, {0xf2e}, {0x5, 0x0, 0x1}]}]}, 0xa0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000022780)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0xc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90c1, 0x5c81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}}, 0x48010)

918.601829ms ago: executing program 3 (id=1955):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c00000100000000000300000000000007000000", @ANYRES32], 0x2c}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000005e000102"], 0x1c}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r3, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0xdb, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x72, 0x8, 0x8, &(0x7f0000000480)}}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f00000000c0)=0x1, 0x12)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0x14, &(0x7f0000000080)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @exit, @cb_func={0x18, 0x8, 0x4, 0x0, 0x2}, @ldst={0x0, 0x1, 0x6, 0x4, 0x4, 0x4, 0xfffffffffffffffc}]}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x44, &(0x7f0000000140)=""/68, 0x40f00, 0x1a, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x5, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0x2, 0x100, 0x7}, 0x10, r5, 0x0, 0x6, 0x0, &(0x7f0000000600)=[{0x1, 0x5, 0x10}, {0x4, 0x1, 0x6, 0xa}, {0x1, 0x2, 0xc, 0x3}, {0x4, 0x1, 0x2, 0x9}, {0x2, 0x5, 0x3}, {0x5, 0x2, 0x5}], 0x10, 0x3, @void, @value}, 0x94)

811.889666ms ago: executing program 2 (id=1956):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="6b1690bb8dc095ebae95baccdce177a97389ae7df65487e3996df64c35efa6e159bd2f2180", 0xfdef}], 0x1, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x16, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0x0, 0x2}]}}}], 0x38}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x6)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_DEL_RULE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000400}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38040000f403100025bd70000400000004000000010000003d000000030000000500000003000000060000000400000001040000050000000d0000000300000042f4000006000000ff01000004000000ea00000005000000070000000600000008000000450300000500000001800000770d000000000000090000004300000000fcffff860400000600000004000000000000002c6a000009000000050000000300000009000000010100000500000000000000020000000100000002000000090000000010000002000000080000000e000000000000001022000007000000020000000300000006000000eb00000000fcffffffffffff000800000800000000800000290000000300000000000000090000000500000018060000000000000600000009000000090000000100000008000000810000000100000008000000090000000500000004000000010000000000010000feffff020000003c000000944c0000ffffffff6c08000001800000030000000400000010000000060000008c7b00000e0000000600000001000080ffffffffc231000001000000080000007e09000096060000ff7f00000600000006000000030000000200000001040000ff000000000000000300000000f0ffff01000000800d0000b20100000b000000001000007f000000090000000180000030000000020000000500000086500000000000000700000005000000464fffff81000000050000000e00000003000000faffffff000000000200000009000000090000000c000000868e0000060000000500000000100000000000000800000000000100080000000800000001001e000010000008000000040000000a000000070000007f0000000d0000000500000006000000040000000700000001000000070000000300000001000000ff000000060000000900000003ffffffe4000000ff7f00000300000008000000030e0000020000000700000006000000ff0100000700000079060000c10d0000000000407f0000000100010005000000ae0b893902000000fbffffff0e00000004000000050000000000000005000000000000005c600000ff7f0000ffff000007000000d4120000080000000400000004000000040000000100000006000000e2000000d30f00003be800004c01000000000000faffffff090000001a000000b3bd0000090000001b0c000009000000810000008000000008000000a166000009000000ffff00000100000008000000d17c000008000000000000000900000006000000020000000200000000010000bb0000000700000008000000050000000900000007000000860b000005000000050000000800000004000000c3000000ffffffff01000000030000000c000000070000008c0f000008000000ffffff7f01800000d12a000001000000cfca6d30c3000000010000000180000006000000160000002d0000295d0000242d28007b25285d7b5c2500002e000000"], 0x438}}, 0x44004)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r3, &(0x7f0000000280)="7800000018002507b9409b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d040012000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0xff20)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000001c0)=0x1020040, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88) (async)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="6b1690bb8dc095ebae95baccdce177a97389ae7df65487e3996df64c35efa6e159bd2f2180", 0xfdef}], 0x1, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x16, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0x0, 0x2}]}}}], 0x38}, 0x0) (async)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x6) (async)
socket$nl_audit(0x10, 0x3, 0x9) (async)
sendmsg$AUDIT_DEL_RULE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000400}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38040000f403100025bd70000400000004000000010000003d000000030000000500000003000000060000000400000001040000050000000d0000000300000042f4000006000000ff01000004000000ea00000005000000070000000600000008000000450300000500000001800000770d000000000000090000004300000000fcffff860400000600000004000000000000002c6a000009000000050000000300000009000000010100000500000000000000020000000100000002000000090000000010000002000000080000000e000000000000001022000007000000020000000300000006000000eb00000000fcffffffffffff000800000800000000800000290000000300000000000000090000000500000018060000000000000600000009000000090000000100000008000000810000000100000008000000090000000500000004000000010000000000010000feffff020000003c000000944c0000ffffffff6c08000001800000030000000400000010000000060000008c7b00000e0000000600000001000080ffffffffc231000001000000080000007e09000096060000ff7f00000600000006000000030000000200000001040000ff000000000000000300000000f0ffff01000000800d0000b20100000b000000001000007f000000090000000180000030000000020000000500000086500000000000000700000005000000464fffff81000000050000000e00000003000000faffffff000000000200000009000000090000000c000000868e0000060000000500000000100000000000000800000000000100080000000800000001001e000010000008000000040000000a000000070000007f0000000d0000000500000006000000040000000700000001000000070000000300000001000000ff000000060000000900000003ffffffe4000000ff7f00000300000008000000030e0000020000000700000006000000ff0100000700000079060000c10d0000000000407f0000000100010005000000ae0b893902000000fbffffff0e00000004000000050000000000000005000000000000005c600000ff7f0000ffff000007000000d4120000080000000400000004000000040000000100000006000000e2000000d30f00003be800004c01000000000000faffffff090000001a000000b3bd0000090000001b0c000009000000810000008000000008000000a166000009000000ffff00000100000008000000d17c000008000000000000000900000006000000020000000200000000010000bb0000000700000008000000050000000900000007000000860b000005000000050000000800000004000000c3000000ffffffff01000000030000000c000000070000008c0f000008000000ffffff7f01800000d12a000001000000cfca6d30c3000000010000000180000006000000160000002d0000295d0000242d28007b25285d7b5c2500002e000000"], 0x438}}, 0x44004) (async)
socket(0x10, 0x3, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
sendto$inet6(r3, &(0x7f0000000280)="7800000018002507b9409b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d040012000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0xff20) (async)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000001c0)=0x1020040, 0x4) (async)

699.761063ms ago: executing program 4 (id=1957):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000140)="96", 0x1, 0x0, &(0x7f0000000280)={0xa, 0x1, 0x0, @private2}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000340)=@newqdisc={0x24, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x7, 0xffff}, {0x8}}}, 0x24}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r5, 0x114, 0xa, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x4001050}, 0x40408c4)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000180)=0x2, 0x4)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400030000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)

678.702521ms ago: executing program 2 (id=1958):
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="400000001000010000000000200000db95ccc508", @ANYRES32=0x0, @ANYBLOB="000000002002010018001680140001801000048000000000000000000000000008001b"], 0x40}}, 0x4004010) (async)
ioctl(r0, 0x694, &(0x7f0000000540)="de287371ab547c317e9d5f326f6891b0423110bf42ca3e7a5b09b8a4cd86db6d48647d56a6dad9b00b4a51c6d52fc76b97da23953e7a86f4e678cd80da75b2d8e2fff6851bfb670d86224462214c739b7b9b9f2bc6d03cd439f876ddf46a4217b9be27f9f17a017075e535740fcd4780df297142341212bbb4a7b363b64da7230e4ded7a46078a193ce38311d1b4a735844b718ab86fa8d00729ca215df8bc") (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f0000000080)={'sit0\x00', 0x0}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x34, r4, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}}, 0x0) (async, rerun: 32)
r5 = socket(0x2c, 0x3, 0x40) (async, rerun: 32)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000020000100000000000000000000000000000000080017004e21ffff0000000000"], 0x24}}, 0x840)
r7 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r7, &(0x7f0000004bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000c00)=""/193, 0xc1}, 0x8}], 0x1, 0x2, 0x0) (async)
setsockopt$sock_int(r7, 0x1, 0x4b, &(0x7f0000000040)=0xfd87, 0x4)
sendmsg$key(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r5, 0x89f7, &(0x7f0000000380)={'sit0\x00', &(0x7f0000000480)={@multicast1, 0x0, 0x0, 0x50, 0x0, [{@multicast2}, {@dev}, {@broadcast}, {}, {@private}]}}) (async, rerun: 32)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x20}}, 0x0) (async, rerun: 32)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f0000000080), 0x10) (async, rerun: 32)
sendmsg$can_bcm(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[], 0x48}}, 0x0) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000080)=""/248, 0x1a, 0xf8, 0x1, 0x0, 0x0, @void, @value}, 0x20) (async, rerun: 32)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (rerun: 32)
bind$bt_hci(r9, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) (async)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000004d00)={0x0, 0x0, &(0x7f0000004cc0)={&(0x7f0000002480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58010000000a010400000000000000000500000a08000240000000000c000440000000000800000508000240000000010c0004400000000000000003f70006002d24f702cdab0eb69b86ebe3d60eeeb04218761ee39e32def64a0e18d2eff651b0a5080887c58c443c278c0d0d49b32f3be127a5ab6be473e1adc3b04964a753f8f4bfc0968794edfb513cc6c587d9b67dbdeeb94d37a8b563e0e4c63d5706681b8d30aaabb4be3fad7dc8b5714df0c9e89789f2665b4324e09ecd3bfd7f71ef1305948f9fd59a10cc5b6c129c7b6e748f4dec7488b3b24982ef533f21d2dacf0504000000add402133ed41e01904073b2bde6c20916c2537f55603f708ca10d1867f604b34f70726e667f95b062d72865f3a4db564f11e415aa55534298382ba88f8b45fae0bd91e3a026779e6472988fe765000900010073797a31000000000900010073797a30000000000900010073797a31000000005c000000030a030000000000000000000500000008000a40000000020900030073797a30000000000900010073797a31000000002800048008000240000000031400030076657468310000000000000000000000080001"], 0x1dc}}, 0x0)
write$bt_hci(r9, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000003201"], 0x138) (async)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r5)

591.257833ms ago: executing program 3 (id=1959):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000180)={0x1d, r1, 0x0, {0x1, 0xf0, 0x4}, 0xff}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x4)
close(r3)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffe40, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020007000c00050006c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0x16, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="200000001000010400"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x16}}, 0x1)

475.909178ms ago: executing program 2 (id=1960):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010058a67000fedbdf250800000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20}, 0x8840)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x50, 0x0, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_NETNS_FD={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x2040400}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x221000, 0x1000}, 0x20)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x0, @multicast1}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0))
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f00000005c0)={'gretap0\x00', &(0x7f0000000580)={'ip_vti0\x00', <r4=>0x0, 0x20, 0x7800, 0x7, 0x1, {{0x8, 0x4, 0x3, 0x0, 0x20, 0x67, 0x0, 0x7, 0x2f, 0x0, @multicast2, @multicast2, {[@timestamp_addr={0x44, 0xc, 0xcf, 0x1, 0x4, [{@empty, 0x2}]}]}}}}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x40080, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x8e}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$inet_int(r3, 0x0, 0x31, &(0x7f0000000200)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r7 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000180)=0xffffffc1, 0x8)
sendmmsg(r7, &(0x7f0000002b00)=[{{&(0x7f0000000180)=@nl=@unspec, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000340)="8a226ff432407a7f5fd09590d734f795e12e57ce9fed3f0300eb6368ed559a85603b0080", 0x24}], 0x2)
r8 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r8, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x42}}}, 0x1e)
connect$pptp(r8, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r2, &(0x7f0000000100), 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x200008c0)
unshare(0x400)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0xb2, 0x1000, &(0x7f0000000400)="34e02f6522c823172c5cf517bb1f52445b84056982ad888f2e4b5e1acf4bd9e3980ff5a67efd8efd3e4fda59492fe30599ce2138d76a004c719e3ffef7c4be29add4a24e1c92efeaa72f648f00b2c193729c783a1ff3d3143fdf407185bb9b9a6a7ac0c6030328cf56fd8f6d4a4ed8db04cd7ec1913b59a1df182af75e0b6a4f1b0d7d43b2da9606591c292d2595419dde365ecfc6e464e88cd0a57a0d2ff9501b041ded0f306f09ae49186704376185c4ab", &(0x7f0000000c00)=""/4096, 0x80000001, 0x0, 0x66, 0x4e, &(0x7f0000000040)="bcbc55007d2a05a6d6ff369e0356f7e16880ef324c2a29dae256989550e4b25113086404b4381a66f599519c85ce58c8c7768ad77fc999681172129ccab32fef25ade35a168ffa033656cc327ec40117d6c3967cbdc13ae4cdc37e972995616ca5a54c972781", &(0x7f00000002c0)="e9d42a199c121fb578522d9b9ee732a3d91249dce27b4b24e1b133ac56ef58ab5e26fbcbaf97c9405ef883cb13a8731e5eeaf037413abaeed3365c0807b3ebb6c6f305198e0e743399f42c23325e", 0x5, 0x0, 0x4}, 0x50)
bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8)

460.000467ms ago: executing program 4 (id=1961):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x22eb}, @TCA_MPLS_TTL={0x5, 0x7, 0x5}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x40428d1}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRESDEC=r6, @ANYBLOB="010028bd7000ffdbdf255f"], 0x24}, 0x1, 0x0, 0x0, 0x24004015}, 0x448d0)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r8=>0x0})
r9 = socket$kcm(0x21, 0x5, 0x2)
sendmsg$kcm(r9, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000020000900000000100000001ec7f1bb110984522b1aca09877a6f3a4d0fc362b7d9be1ea39db9ef2ebf6288331c42403be576aafda179ca8fd4dd60402fd4608f05ccc9d5e647e8fe54e4840a5faaf9b6f69d4b066d1d3f33a2c24cb6d3a98aba6af7bbbccf892581b4be3286fed757942a1671d73e01d973fd418452f9b4ab9330218e7f437e48859e74508883c65ee1c332157eebfdf4c9dd1f0ab705524f32ad6e9a077b8fd8b47d9109fd1aaca05caab2a402f5bc90c4a875baea2254b69b557b2dfe579c805a947eab5899e9282c784694a27c37744f587960a921ba2a1e7a78a3897d9537ef7b67207fe9d7d190"], 0x20}, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000300)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010031bd7004ffdbdf25180000005c0030802400030022f966ca04c513cfedc686d31c4cb10dca3076ddee336d012142827183252c6e1c0003009f845ee64d94e9d14b3cd6b515a792c0e651a1fad348c48d8cc1965e6b93e3ea100001800c000500010000000000000008000300", @ANYRES32=r8], 0x78}, 0x1, 0x0, 0x0, 0x854}, 0x8014)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
accept4(r9, 0x0, &(0x7f0000000440), 0x800)
r10 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000007c0)={0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000940)={@ifindex=r5, 0x1d, 0x0, 0x800, &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0], <r11=>0x0}, 0x40)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a00)={0x0, 0xffffffffffffffff, 0x0, 0x4, &(0x7f00000009c0)='!*/\x00', <r12=>0x0}, 0x30)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000980)={@map=0x1, r10, 0x24, 0x24, 0x0, @void, @void, @void, @value=r12, r11}, 0x20)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r13, 0x0, 0x40, &(0x7f0000000340)=@nat={'nat\x00', 0x670, 0x5, 0x3f0, 0x0, 0x0, 0xfeffffff, 0x0, 0x280, 0x358, 0x358, 0xffffffff, 0x358, 0x358, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'caif0\x00', {}, {}, 0x6}, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@inet=@tcp={{0x30}}, @common=@inet=@tcp={{0x30}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @dev, @dev, @gre_key, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @icmp_id}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@ttl={{0x28}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @port=0x4e20}}}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@mcast1, @ipv6=@mcast2, @port, @gre_key}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x450)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fddbdf251700000008000300", @ANYRES32=r8, @ANYBLOB="0c003080050002000300000008000300", @ANYRES32=0x0, @ANYBLOB="b9550d29205c1ed64bc501000000a6b8e11eff640907554ee9b22da88af96e5eb30bf3ad2f86d5cd3b12368629516b197fe209c0132a866af1a36d0f049af0c879197d44b916e0184a0c05b0f863470d8ccdcfb0d1f50c"], 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x2040000)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008000300000000000500110001"], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)

442.139355ms ago: executing program 3 (id=1962):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x54, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000000c0), &(0x7f0000000180)=r1}, 0x20)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r2, 0x6, 0x10, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, r2, 0x4, 0x4, 0x3, 0x2, {0xa, 0x4e22, 0xccc1, @dev={0xfe, 0x80, '\x00', 0x34}, 0x3}}}, 0x3a)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="02"], 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)

295.682987ms ago: executing program 3 (id=1963):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000)=0xc, 0x4)
unshare(0xe040100)
ppoll(&(0x7f00000001c0)=[{r0, 0x4080}, {r0, 0x280}, {r0, 0x1008}, {r0, 0x6000}, {r0, 0x8006}, {r0, 0x800}, {r0, 0x600}], 0x7, &(0x7f0000000240)={0x77359400}, &(0x7f00000002c0)={[0x93]}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRESOCT=r0, @ANYBLOB="020000000f"], 0x1c}, 0x1, 0x0, 0x0, 0x8c0}, 0x20008004)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001", @ANYRES32=r2], 0x7c}}, 0x20000001)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket(0x2, 0x80805, 0x401)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0x6)
ioctl$SIOCAX25CTLCON(r5, 0x89e8, &(0x7f0000001900)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x1, 0xfffffffffffffffc, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r8, @ANYRES16=r7, @ANYRESDEC=r4], 0x54}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000001080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x82, &(0x7f00000001c0)={r10, 0x0, 0x3ff}, 0x8)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0904000000000000000002000000300004802c0001800b0001f76d756d67656e00001c0002800800024000000001080001400000001b08000340000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000abb7b55805b849bab3bcaf5d98bb8a748112312c017bed58975baf4cb58502b178f03be4a0906d07382512380778b2bc41844d75cd2d3740696285bc4c447597ac8d8ba86f95119283e2807840d0c4289a4279b44f7936760eb47092ae4d82409faab2a453e904ccf0723a5c7d8ab"], 0x84}, 0x1, 0x0, 0x0, 0x40}, 0x10)

170.532618ms ago: executing program 4 (id=1964):
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0x26, 0x0, 0x0, @void, @value}, 0x10)
r0 = socket(0x23, 0x4, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0)

69.080905ms ago: executing program 2 (id=1965):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=ANY=[@ANYBLOB="ac0100001000330600000f0000000000fc000000000000000000000000000000ffffffff00ffffffff00000000ffff0000004000000080010000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000080ffffff0000000000010000000032000000e000000200000000000000000000000023030000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000029bd7000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00200000004e2200000000ac1414bb0000000000000000000000001c0004"], 0x1ac}}, 0x0)

0s ago: executing program 4 (id=1966):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7) (async, rerun: 32)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x1d, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x4}, 0x2}, 0x18) (async)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async, rerun: 32)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async, rerun: 32)
connect$can_j1939(r1, &(0x7f00000010c0)={0x1d, r4, 0x1, {0x0, 0x0, 0x1}, 0xfe}, 0x18) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r5}, 0x10) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
close(r6) (async)
bpf$LINK_DETACH(0x22, &(0x7f0000001ac0)=r6, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000053000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000000c0)={r6, r7, 0x4, r5}, 0x10) (async)
recvmsg$unix(r6, &(0x7f0000000500)={&(0x7f0000000400), 0x6e, &(0x7f0000000300)=[{&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f0000000480)=""/85, 0x55}, {&(0x7f0000000740)=""/142, 0x8e}, {&(0x7f0000000800)=""/67, 0x43}], 0x4, &(0x7f0000000880)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x88}, 0x4) (async)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="90010000", @ANYRES16=r8, @ANYBLOB="00032abd7000fedbdf25130000000e0001006e657464657673796d0000000f0002006e657464650000080003000200000008000b000500000006001100020000000800010070633a31302e3000000000080003000100000008000b00b5ba0000060011e5e49800000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000100000008000b000800000006001100080000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000100000008000b00008000000600110e000800000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000200000008000b000700000006001100040000000800010070302e3000000000080003000000000008000b00feffffff06001100768d0000080001007063690011000200303030303a30303a31302e3000000000080003000100000008000b0008000000060011000900000000000000000000000000000000a06056ee7098bdc16ad7435c5737b48da879c292df9f2d88a33fd4b7170426b121869eae233fc24511e5fd5984a8472ae1981338d06316a7180ce0363b6461ef772f94869b75347883990000000000"], 0x190}, 0x1, 0x0, 0x0, 0x10040}, 0x20000000)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000005000)=@newtfilter={0x50, 0x11, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x74, r4, {0xfffd, 0x89c77fb34cc3db7f}, {0xa, 0x1}, {0xfff2, 0x7}}, [@TCA_RATE={0x6, 0x5, {0x5, 0x16}}, @TCA_CHAIN={0x8, 0xb, 0x9}, @filter_kind_options=@f_bpf={{0x8}, {0x14, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x6}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x8}]}}]}, 0x50}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

kernel console output (not intermixed with test programs):

(while UP)
[  136.173680][ T7196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'.
[  136.293453][ T7200] netlink: 16 bytes leftover after parsing attributes in process `syz.4.370'.
[  136.336970][ T7200] sctp: [Deprecated]: syz.4.370 (pid 7200) Use of struct sctp_assoc_value in delayed_ack socket option.
[  136.336970][ T7200] Use struct sctp_sack_info instead
[  136.465474][ T7212] netlink: 'syz.1.374': attribute type 1 has an invalid length.
[  136.670692][ T7212] 8021q: adding VLAN 0 to HW filter on device bond2
[  137.034275][ T7220] 8021q: adding VLAN 0 to HW filter on device bond2
[  137.054772][ T7220] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  137.082217][ T7220] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  137.138611][ T7223] gretap1: entered promiscuous mode
[  137.147817][ T7223] bond2: (slave gretap1): making interface the new active one
[  137.159845][ T7223] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  137.474617][ T7265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.386'.
[  137.736586][ T7272] xt_cgroup: path and classid specified
[  137.777309][ T7275] xt_cgroup: path and classid specified
[  137.866276][ T7282] netlink: 32 bytes leftover after parsing attributes in process `syz.1.392'.
[  138.182012][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.396'.
[  138.182770][ T7295] netlink: 'syz.0.397': attribute type 2 has an invalid length.
[  138.226828][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.396'.
[  138.518087][ T7308] netlink: 16 bytes leftover after parsing attributes in process `syz.3.403'.
[  138.730644][ T7316] netlink: 24 bytes leftover after parsing attributes in process `syz.0.405'.
[  138.955611][ T7330] __nla_validate_parse: 2 callbacks suppressed
[  138.955632][ T7330] netlink: 48 bytes leftover after parsing attributes in process `syz.0.411'.
[  139.003326][ T7320] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  139.016681][ T7336] netlink: 20 bytes leftover after parsing attributes in process `syz.0.411'.
[  139.069468][ T7332] Driver unsupported XDP return value 0 on prog  (id 97) dev N/A, expect packet loss!
[  139.240949][ T7345] netlink: 16 bytes leftover after parsing attributes in process `syz.2.416'.
[  139.264912][ T7345] netlink: 32 bytes leftover after parsing attributes in process `syz.2.416'.
[  139.290084][ T7345] gretap1: entered promiscuous mode
[  139.300129][ T7345] gretap1: entered allmulticast mode
[  139.550766][ T7364] netlink: 244 bytes leftover after parsing attributes in process `syz.1.419'.
[  139.700187][ T7369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.419'.
[  139.943282][ T7382] netlink: 'syz.4.425': attribute type 10 has an invalid length.
[  140.050740][ T7381] pim6reg: entered allmulticast mode
[  140.095953][ T7382] veth1_vlan: entered allmulticast mode
[  140.160703][ T7382] team0: Device veth1_vlan failed to register rx_handler
[  140.289776][ T7399] netlink: 20 bytes leftover after parsing attributes in process `syz.0.429'.
[  140.363291][ T7402] xt_l2tp: v2 doesn't support IP mode
[  140.392003][ T7402] netlink: 'syz.4.430': attribute type 29 has an invalid length.
[  140.499728][ T7402] netlink: 'syz.4.430': attribute type 29 has an invalid length.
[  142.001799][ T7410] netlink: 'syz.4.430': attribute type 29 has an invalid length.
[  142.048392][ T7415] bond1: entered promiscuous mode
[  142.059958][ T7415] bond1: entered allmulticast mode
[  142.067649][ T7415] 8021q: adding VLAN 0 to HW filter on device bond1
[  142.114866][ T7424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.438'.
[  142.152103][ T7429] netlink: 32 bytes leftover after parsing attributes in process `syz.2.440'.
[  142.161424][ T7429] netlink: 32 bytes leftover after parsing attributes in process `syz.2.440'.
[  142.417206][ T7440] sctp: [Deprecated]: syz.2.444 (pid 7440) Use of int in max_burst socket option.
[  142.417206][ T7440] Use struct sctp_assoc_value instead
[  142.640908][ T7435] team0 (unregistering): Port device team_slave_0 removed
[  142.699171][ T7435] team0 (unregistering): Port device team_slave_1 removed
[  142.919032][ T7458] netdevsim0: renamed from team0 (while UP)
[  142.950561][ T7458] netdevsim0: entered promiscuous mode
[  142.963432][ T7458] team_slave_0: entered promiscuous mode
[  142.989241][ T7458] team_slave_1: entered promiscuous mode
[  142.998155][ T7458] netdevsim0: entered allmulticast mode
[  143.003919][ T7458] team_slave_0: entered allmulticast mode
[  143.010549][ T7458] team_slave_1: entered allmulticast mode
[  143.021483][ T7458] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  146.768158][ T7478] netlink: 'syz.2.455': attribute type 1 has an invalid length.
[  146.871780][ T7478] bond2: entered promiscuous mode
[  146.878643][ T7478] 8021q: adding VLAN 0 to HW filter on device bond2
[  146.910424][ T7477] 8021q: adding VLAN 0 to HW filter on device bond3
[  146.919388][ T7477] bond2: (slave bond3): making interface the new active one
[  146.927243][ T7477] bond3: entered promiscuous mode
[  146.933172][ T7477] bond2: (slave bond3): Enslaving as an active interface with an up link
[  147.288407][ T7496] __nla_validate_parse: 1 callbacks suppressed
[  147.288429][ T7496] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.463'.
[  147.727637][ T7525] FAULT_INJECTION: forcing a failure.
[  147.727637][ T7525] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  147.739722][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.0.468'.
[  147.750222][ T7525] CPU: 0 UID: 0 PID: 7525 Comm: syz.3.470 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  147.750250][ T7525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.750261][ T7525] Call Trace:
[  147.750269][ T7525]  <TASK>
[  147.750278][ T7525]  dump_stack_lvl+0x189/0x250
[  147.750323][ T7525]  ? __pfx____ratelimit+0x10/0x10
[  147.750353][ T7525]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.750383][ T7525]  ? __pfx__printk+0x10/0x10
[  147.750405][ T7525]  ? __might_fault+0xb0/0x130
[  147.750435][ T7525]  should_fail_ex+0x414/0x560
[  147.750466][ T7525]  _copy_from_iter+0x1db/0x16f0
[  147.750507][ T7525]  ? __pfx__copy_from_iter+0x10/0x10
[  147.750546][ T7525]  ? skb_put+0x11b/0x210
[  147.750572][ T7525]  hci_sock_sendmsg+0x422/0xef0
[  147.750605][ T7525]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  147.750629][ T7525]  ? aa_sock_msg_perm+0x94/0x160
[  147.750655][ T7525]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  147.750679][ T7525]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  147.750704][ T7525]  __sock_sendmsg+0x21c/0x270
[  147.750738][ T7525]  sock_write_iter+0x258/0x330
[  147.750768][ T7525]  ? __pfx_sock_write_iter+0x10/0x10
[  147.750809][ T7525]  ? bpf_lsm_file_permission+0x9/0x20
[  147.750834][ T7525]  ? security_file_permission+0x75/0x290
[  147.750865][ T7525]  vfs_write+0x548/0xa90
[  147.750900][ T7525]  ? __pfx_sock_write_iter+0x10/0x10
[  147.750928][ T7525]  ? __pfx_vfs_write+0x10/0x10
[  147.750969][ T7525]  ? __fget_files+0x2a/0x420
[  147.751002][ T7525]  ksys_write+0x145/0x250
[  147.751024][ T7525]  ? __pfx_ksys_write+0x10/0x10
[  147.751039][ T7525]  ? rcu_is_watching+0x15/0xb0
[  147.751074][ T7525]  ? do_syscall_64+0xbe/0x3b0
[  147.751097][ T7525]  do_syscall_64+0xfa/0x3b0
[  147.751112][ T7525]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.751139][ T7525]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.751158][ T7525]  ? clear_bhb_loop+0x60/0xb0
[  147.751182][ T7525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.751200][ T7525] RIP: 0033:0x7f5128d8e929
[  147.751218][ T7525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.751234][ T7525] RSP: 002b:00007f5129b9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  147.751256][ T7525] RAX: ffffffffffffffda RBX: 00007f5128fb5fa0 RCX: 00007f5128d8e929
[  147.751269][ T7525] RDX: 0000000000000008 RSI: 00002000000005c0 RDI: 0000000000000004
[  147.751281][ T7525] RBP: 00007f5129b9d090 R08: 0000000000000000 R09: 0000000000000000
[  147.751292][ T7525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.751311][ T7525] R13: 0000000000000000 R14: 00007f5128fb5fa0 R15: 00007ffeb807f478
[  147.751343][ T7525]  </TASK>
[  148.675019][ T7544] tipc: Started in network mode
[  148.679972][ T7544] tipc: Node identity f6343d010af6, cluster identity 4711
[  148.719765][ T7544] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.803252][ T7544] netlink: 212384 bytes leftover after parsing attributes in process `syz.0.474'.
[  148.814704][ T7554] ieee802154 phy0 wpan0: encryption failed: -22
[  148.854654][ T7544] netlink: zone id is out of range
[  148.860369][ T7544] netlink: zone id is out of range
[  148.890509][ T7553] syzkaller0: entered promiscuous mode
[  148.910501][ T7544] netlink: get zone limit has 8 unknown bytes
[  148.926789][ T7553] syzkaller0: entered allmulticast mode
[  148.952179][ T7543] tipc: Resetting bearer <eth:syzkaller0>
[  148.988829][ T7543] tipc: Disabling bearer <eth:syzkaller0>
[  149.681761][ T7583] Bluetooth: MGMT ver 1.23
[  150.032095][ T7600] lo speed is unknown, defaulting to 1000
[  150.201656][ T7614] netlink: 64 bytes leftover after parsing attributes in process `syz.0.497'.
[  150.232718][ T7614] batman_adv: batadv0: Adding interface: dummy0
[  150.248392][ T7614] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.279576][ T7614] batman_adv: batadv0: Interface activated: dummy0
[  150.357350][ T7614] netlink: 8 bytes leftover after parsing attributes in process `syz.0.497'.
[  150.426747][ T7621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.499'.
[  150.797641][ T7634] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  151.391453][ T7655] netlink: 'syz.0.510': attribute type 18 has an invalid length.
[  151.402547][ T7658] netlink: 256 bytes leftover after parsing attributes in process `syz.4.512'.
[  151.663612][ T7666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.516'.
[  151.728264][ T7668] netlink: 'syz.0.517': attribute type 1 has an invalid length.
[  152.132503][ T7682] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  152.155065][ T7689] netlink: zone id is out of range
[  152.161155][ T7689] netlink: del zone limit has 4 unknown bytes
[  152.236161][ T7683] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  152.498353][ T7704] FAULT_INJECTION: forcing a failure.
[  152.498353][ T7704] name failslab, interval 1, probability 0, space 0, times 0
[  152.540324][ T7709] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[  152.541538][ T7704] CPU: 0 UID: 0 PID: 7704 Comm: syz.0.526 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  152.541564][ T7704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  152.541575][ T7704] Call Trace:
[  152.541582][ T7704]  <TASK>
[  152.541590][ T7704]  dump_stack_lvl+0x189/0x250
[  152.541623][ T7704]  ? __pfx____ratelimit+0x10/0x10
[  152.541649][ T7704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.541676][ T7704]  ? __pfx__printk+0x10/0x10
[  152.541702][ T7704]  ? __pfx___might_resched+0x10/0x10
[  152.541727][ T7704]  ? fs_reclaim_acquire+0x7d/0x100
[  152.541752][ T7704]  should_fail_ex+0x414/0x560
[  152.541780][ T7704]  should_failslab+0xa8/0x100
[  152.541802][ T7704]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  152.541820][ T7704]  ? __alloc_skb+0x112/0x2d0
[  152.541844][ T7704]  __alloc_skb+0x112/0x2d0
[  152.541868][ T7704]  mgmt_cmd_complete+0x49/0x590
[  152.541899][ T7704]  set_dev_class+0x3f3/0x590
[  152.541932][ T7704]  hci_mgmt_cmd+0x9c9/0xef0
[  152.541969][ T7704]  hci_sock_sendmsg+0x6ca/0xef0
[  152.541998][ T7704]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  152.542020][ T7704]  ? aa_sock_msg_perm+0x94/0x160
[  152.542045][ T7704]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  152.542067][ T7704]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  152.542090][ T7704]  __sock_sendmsg+0x21c/0x270
[  152.542120][ T7704]  sock_write_iter+0x258/0x330
[  152.542149][ T7704]  ? __pfx_sock_write_iter+0x10/0x10
[  152.542192][ T7704]  ? bpf_lsm_file_permission+0x9/0x20
[  152.542215][ T7704]  ? security_file_permission+0x75/0x290
[  152.542244][ T7704]  vfs_write+0x548/0xa90
[  152.542277][ T7704]  ? __pfx_sock_write_iter+0x10/0x10
[  152.542302][ T7704]  ? __pfx_vfs_write+0x10/0x10
[  152.542341][ T7704]  ? __fget_files+0x2a/0x420
[  152.542371][ T7704]  ksys_write+0x145/0x250
[  152.542390][ T7704]  ? __pfx_ksys_write+0x10/0x10
[  152.542404][ T7704]  ? rcu_is_watching+0x15/0xb0
[  152.542437][ T7704]  ? do_syscall_64+0xbe/0x3b0
[  152.542457][ T7704]  do_syscall_64+0xfa/0x3b0
[  152.542472][ T7704]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.542503][ T7704]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.542520][ T7704]  ? clear_bhb_loop+0x60/0xb0
[  152.542543][ T7704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.542560][ T7704] RIP: 0033:0x7fd148b8e929
[  152.542577][ T7704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.542591][ T7704] RSP: 002b:00007fd149aad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  152.542611][ T7704] RAX: ffffffffffffffda RBX: 00007fd148db5fa0 RCX: 00007fd148b8e929
[  152.542623][ T7704] RDX: 0000000000000008 RSI: 00002000000005c0 RDI: 0000000000000004
[  152.542634][ T7704] RBP: 00007fd149aad090 R08: 0000000000000000 R09: 0000000000000000
[  152.542645][ T7704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.542655][ T7704] R13: 0000000000000000 R14: 00007fd148db5fa0 R15: 00007ffef24af118
[  152.542685][ T7704]  </TASK>
[  152.848388][ T7707] netlink: 20 bytes leftover after parsing attributes in process `syz.3.525'.
[  152.857569][ T7706] netlink: 4 bytes leftover after parsing attributes in process `syz.4.528'.
[  153.101588][ T7725] netlink: 12 bytes leftover after parsing attributes in process `syz.3.532'.
[  153.170084][ T7730] Bluetooth: MGMT ver 1.23
[  153.386162][ T7737] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  153.768946][ T7753] netlink: 14 bytes leftover after parsing attributes in process `syz.2.543'.
[  154.220237][ T7753] bond0 (unregistering): (slave 
1!€ÿ): Releasing backup interface
[  154.243565][ T7753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.256473][ T7785] netlink: 36 bytes leftover after parsing attributes in process `syz.0.550'.
[  154.260752][ T7753] bond0 (unregistering): Released all slaves
[  154.340682][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz.0.550'.
[  154.607684][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.551'.
[  154.644819][ T7801] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  154.658056][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.551'.
[  154.701094][ T7800] FAULT_INJECTION: forcing a failure.
[  154.701094][ T7800] name failslab, interval 1, probability 0, space 0, times 0
[  154.737710][ T7800] CPU: 1 UID: 0 PID: 7800 Comm: syz.2.554 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  154.737740][ T7800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.737752][ T7800] Call Trace:
[  154.737760][ T7800]  <TASK>
[  154.737769][ T7800]  dump_stack_lvl+0x189/0x250
[  154.737805][ T7800]  ? __pfx____ratelimit+0x10/0x10
[  154.737835][ T7800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.737864][ T7800]  ? __pfx__printk+0x10/0x10
[  154.737902][ T7800]  should_fail_ex+0x414/0x560
[  154.737935][ T7800]  should_failslab+0xa8/0x100
[  154.737959][ T7800]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  154.737979][ T7800]  ? __alloc_skb+0x112/0x2d0
[  154.738007][ T7800]  __alloc_skb+0x112/0x2d0
[  154.738034][ T7800]  create_monitor_ctrl_event+0x38/0x480
[  154.738066][ T7800]  mgmt_cmd_complete+0x20f/0x590
[  154.738100][ T7800]  set_dev_class+0x3f3/0x590
[  154.738137][ T7800]  hci_mgmt_cmd+0x9c9/0xef0
[  154.738178][ T7800]  hci_sock_sendmsg+0x6ca/0xef0
[  154.738219][ T7800]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  154.738244][ T7800]  ? aa_sock_msg_perm+0x94/0x160
[  154.738269][ T7800]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  154.738293][ T7800]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  154.738318][ T7800]  __sock_sendmsg+0x21c/0x270
[  154.738351][ T7800]  sock_write_iter+0x258/0x330
[  154.738383][ T7800]  ? __pfx_sock_write_iter+0x10/0x10
[  154.738424][ T7800]  ? bpf_lsm_file_permission+0x9/0x20
[  154.738450][ T7800]  ? security_file_permission+0x75/0x290
[  154.738480][ T7800]  vfs_write+0x548/0xa90
[  154.738517][ T7800]  ? __pfx_sock_write_iter+0x10/0x10
[  154.738545][ T7800]  ? __pfx_vfs_write+0x10/0x10
[  154.738588][ T7800]  ? __fget_files+0x2a/0x420
[  154.738622][ T7800]  ksys_write+0x145/0x250
[  154.738644][ T7800]  ? __pfx_ksys_write+0x10/0x10
[  154.738660][ T7800]  ? rcu_is_watching+0x15/0xb0
[  154.738696][ T7800]  ? do_syscall_64+0xbe/0x3b0
[  154.738725][ T7800]  do_syscall_64+0xfa/0x3b0
[  154.738741][ T7800]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.738768][ T7800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.738787][ T7800]  ? clear_bhb_loop+0x60/0xb0
[  154.738812][ T7800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.738831][ T7800] RIP: 0033:0x7f6a0a18e929
[  154.738849][ T7800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.738866][ T7800] RSP: 002b:00007f6a0b013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.738888][ T7800] RAX: ffffffffffffffda RBX: 00007f6a0a3b5fa0 RCX: 00007f6a0a18e929
[  154.738902][ T7800] RDX: 0000000000000008 RSI: 00002000000005c0 RDI: 0000000000000004
[  154.738914][ T7800] RBP: 00007f6a0b013090 R08: 0000000000000000 R09: 0000000000000000
[  154.738925][ T7800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.738935][ T7800] R13: 0000000000000000 R14: 00007f6a0a3b5fa0 R15: 00007ffd3f1c8128
[  154.738969][ T7800]  </TASK>
[  155.144655][ T7809] FAULT_INJECTION: forcing a failure.
[  155.144655][ T7809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.185788][ T7809] CPU: 1 UID: 0 PID: 7809 Comm: syz.2.556 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  155.185818][ T7809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  155.185828][ T7809] Call Trace:
[  155.185836][ T7809]  <TASK>
[  155.185845][ T7809]  dump_stack_lvl+0x189/0x250
[  155.185880][ T7809]  ? __pfx____ratelimit+0x10/0x10
[  155.185909][ T7809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.185937][ T7809]  ? __pfx__printk+0x10/0x10
[  155.185957][ T7809]  ? __might_fault+0xb0/0x130
[  155.185988][ T7809]  should_fail_ex+0x414/0x560
[  155.186017][ T7809]  _copy_from_user+0x2d/0xb0
[  155.186039][ T7809]  ___sys_sendmsg+0x158/0x2a0
[  155.186067][ T7809]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.186130][ T7809]  ? __fget_files+0x2a/0x420
[  155.186149][ T7809]  ? __fget_files+0x3a0/0x420
[  155.186182][ T7809]  __x64_sys_sendmsg+0x19b/0x260
[  155.186208][ T7809]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  155.186252][ T7809]  ? __pfx_ksys_write+0x10/0x10
[  155.186268][ T7809]  ? rcu_is_watching+0x15/0xb0
[  155.186304][ T7809]  ? do_syscall_64+0xbe/0x3b0
[  155.186326][ T7809]  do_syscall_64+0xfa/0x3b0
[  155.186340][ T7809]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.186366][ T7809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.186385][ T7809]  ? clear_bhb_loop+0x60/0xb0
[  155.186407][ T7809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.186426][ T7809] RIP: 0033:0x7f6a0a18e929
[  155.186444][ T7809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.186460][ T7809] RSP: 002b:00007f6a0b013038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.186480][ T7809] RAX: ffffffffffffffda RBX: 00007f6a0a3b5fa0 RCX: 00007f6a0a18e929
[  155.186494][ T7809] RDX: 0000000000000040 RSI: 00002000000009c0 RDI: 0000000000000004
[  155.186505][ T7809] RBP: 00007f6a0b013090 R08: 0000000000000000 R09: 0000000000000000
[  155.186516][ T7809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.186527][ T7809] R13: 0000000000000000 R14: 00007f6a0a3b5fa0 R15: 00007ffd3f1c8128
[  155.186558][ T7809]  </TASK>
[  155.690387][ T7827] netlink: 104 bytes leftover after parsing attributes in process `syz.4.561'.
[  155.811876][ T7815] can: request_module (can-proto-0) failed.
[  155.955634][ T7835] netlink: 'syz.3.563': attribute type 11 has an invalid length.
[  156.231696][ T7848] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  156.432634][ T7855] FAULT_INJECTION: forcing a failure.
[  156.432634][ T7855] name failslab, interval 1, probability 0, space 0, times 0
[  156.451380][ T7855] CPU: 1 UID: 0 PID: 7855 Comm: syz.4.572 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  156.451409][ T7855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  156.451421][ T7855] Call Trace:
[  156.451430][ T7855]  <TASK>
[  156.451438][ T7855]  dump_stack_lvl+0x189/0x250
[  156.451484][ T7855]  ? __pfx____ratelimit+0x10/0x10
[  156.451513][ T7855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.451541][ T7855]  ? __pfx__printk+0x10/0x10
[  156.451569][ T7855]  ? __pfx___might_resched+0x10/0x10
[  156.451603][ T7855]  should_fail_ex+0x414/0x560
[  156.451631][ T7855]  should_failslab+0xa8/0x100
[  156.451653][ T7855]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  156.451673][ T7855]  ? __alloc_skb+0x112/0x2d0
[  156.451699][ T7855]  __alloc_skb+0x112/0x2d0
[  156.451725][ T7855]  netlink_sendmsg+0x5c6/0xb30
[  156.451759][ T7855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.451786][ T7855]  ? aa_sock_msg_perm+0x94/0x160
[  156.451812][ T7855]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  156.451837][ T7855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.451860][ T7855]  __sock_sendmsg+0x21c/0x270
[  156.451892][ T7855]  ____sys_sendmsg+0x505/0x830
[  156.451921][ T7855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  156.451954][ T7855]  ? import_iovec+0x74/0xa0
[  156.451984][ T7855]  ___sys_sendmsg+0x21f/0x2a0
[  156.452009][ T7855]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.452074][ T7855]  ? __fget_files+0x2a/0x420
[  156.452095][ T7855]  ? __fget_files+0x3a0/0x420
[  156.452128][ T7855]  __x64_sys_sendmsg+0x19b/0x260
[  156.452156][ T7855]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  156.452191][ T7855]  ? __pfx_ksys_write+0x10/0x10
[  156.452207][ T7855]  ? rcu_is_watching+0x15/0xb0
[  156.452242][ T7855]  ? do_syscall_64+0xbe/0x3b0
[  156.452263][ T7855]  do_syscall_64+0xfa/0x3b0
[  156.452278][ T7855]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.452305][ T7855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.452324][ T7855]  ? clear_bhb_loop+0x60/0xb0
[  156.452348][ T7855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.452368][ T7855] RIP: 0033:0x7f506e98e929
[  156.452385][ T7855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.452401][ T7855] RSP: 002b:00007f506f887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.452423][ T7855] RAX: ffffffffffffffda RBX: 00007f506ebb5fa0 RCX: 00007f506e98e929
[  156.452437][ T7855] RDX: 0000000000000040 RSI: 00002000000009c0 RDI: 0000000000000004
[  156.452458][ T7855] RBP: 00007f506f887090 R08: 0000000000000000 R09: 0000000000000000
[  156.452470][ T7855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.452482][ T7855] R13: 0000000000000000 R14: 00007f506ebb5fa0 R15: 00007ffcd5293108
[  156.452515][ T7855]  </TASK>
[  157.035072][ T7873] openvswitch: netlink: IP tunnel dst address not specified
[  157.578529][ T7886] bond0: entered promiscuous mode
[  157.583733][ T7886] bond0: entered allmulticast mode
[  157.589977][ T7886] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.727997][ T7899] __nla_validate_parse: 4 callbacks suppressed
[  157.728018][ T7899] netlink: 169684 bytes leftover after parsing attributes in process `syz.1.587'.
[  157.843443][ T7886] bond0 (unregistering): Released all slaves
[  157.847858][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.588'.
[  158.009380][ T7904] 8021q: adding VLAN 0 to HW filter on device bond4
[  158.056645][ T7909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.589'.
[  158.066218][ T7907] vlan2: entered allmulticast mode
[  158.066257][ T7907] bond4: entered allmulticast mode
[  158.127391][ T7909] netlink: 44 bytes leftover after parsing attributes in process `syz.0.589'.
[  158.449856][ T7930] FAULT_INJECTION: forcing a failure.
[  158.449856][ T7930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.481476][ T7930] CPU: 0 UID: 0 PID: 7930 Comm: syz.4.596 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  158.481507][ T7930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.481518][ T7930] Call Trace:
[  158.481525][ T7930]  <TASK>
[  158.481533][ T7930]  dump_stack_lvl+0x189/0x250
[  158.481568][ T7930]  ? __pfx____ratelimit+0x10/0x10
[  158.481597][ T7930]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.481627][ T7930]  ? __pfx__printk+0x10/0x10
[  158.481648][ T7930]  ? __might_fault+0xb0/0x130
[  158.481680][ T7930]  should_fail_ex+0x414/0x560
[  158.481710][ T7930]  _copy_from_iter+0x1db/0x16f0
[  158.481744][ T7930]  ? rcu_is_watching+0x15/0xb0
[  158.481776][ T7930]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  158.481798][ T7930]  ? __pfx__copy_from_iter+0x10/0x10
[  158.481828][ T7930]  ? __build_skb_around+0x257/0x3e0
[  158.481853][ T7930]  ? netlink_sendmsg+0x642/0xb30
[  158.481874][ T7930]  ? skb_put+0x11b/0x210
[  158.481901][ T7930]  netlink_sendmsg+0x6b2/0xb30
[  158.481934][ T7930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.481961][ T7930]  ? aa_sock_msg_perm+0x94/0x160
[  158.481995][ T7930]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  158.482019][ T7930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.482043][ T7930]  __sock_sendmsg+0x21c/0x270
[  158.482076][ T7930]  ____sys_sendmsg+0x505/0x830
[  158.482107][ T7930]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.482141][ T7930]  ? import_iovec+0x74/0xa0
[  158.482164][ T7930]  ___sys_sendmsg+0x21f/0x2a0
[  158.482191][ T7930]  ? __pfx____sys_sendmsg+0x10/0x10
[  158.482255][ T7930]  ? __fget_files+0x2a/0x420
[  158.482277][ T7930]  ? __fget_files+0x3a0/0x420
[  158.482309][ T7930]  __x64_sys_sendmsg+0x19b/0x260
[  158.482337][ T7930]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  158.482372][ T7930]  ? __pfx_ksys_write+0x10/0x10
[  158.482388][ T7930]  ? rcu_is_watching+0x15/0xb0
[  158.482430][ T7930]  ? do_syscall_64+0xbe/0x3b0
[  158.482453][ T7930]  do_syscall_64+0xfa/0x3b0
[  158.482469][ T7930]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.482495][ T7930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.482514][ T7930]  ? clear_bhb_loop+0x60/0xb0
[  158.482538][ T7930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.482556][ T7930] RIP: 0033:0x7f506e98e929
[  158.482575][ T7930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.482591][ T7930] RSP: 002b:00007f506f887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.482611][ T7930] RAX: ffffffffffffffda RBX: 00007f506ebb5fa0 RCX: 00007f506e98e929
[  158.482625][ T7930] RDX: 0000000000000040 RSI: 00002000000009c0 RDI: 0000000000000004
[  158.482638][ T7930] RBP: 00007f506f887090 R08: 0000000000000000 R09: 0000000000000000
[  158.482650][ T7930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.482661][ T7930] R13: 0000000000000000 R14: 00007f506ebb5fa0 R15: 00007ffcd5293108
[  158.482693][ T7930]  </TASK>
[  158.826850][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.2.597'.
[  158.988676][ T7942] netlink: 169684 bytes leftover after parsing attributes in process `syz.0.598'.
[  159.019447][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  159.127964][ T7944] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.243143][ T7948] netlink: 14 bytes leftover after parsing attributes in process `syz.1.602'.
[  159.267374][ T7944] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.355949][ T7948] hsr_slave_0: left promiscuous mode
[  159.385146][ T7948] hsr_slave_1: left promiscuous mode
[  159.542876][ T7944] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.568943][ T7968] FAULT_INJECTION: forcing a failure.
[  159.568943][ T7968] name failslab, interval 1, probability 0, space 0, times 0
[  159.583307][ T7968] CPU: 1 UID: 0 PID: 7968 Comm: syz.3.609 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  159.583335][ T7968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.583346][ T7968] Call Trace:
[  159.583354][ T7968]  <TASK>
[  159.583363][ T7968]  dump_stack_lvl+0x189/0x250
[  159.583397][ T7968]  ? __pfx____ratelimit+0x10/0x10
[  159.583421][ T7968]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.583438][ T7968]  ? __pfx__printk+0x10/0x10
[  159.583453][ T7968]  ? __pfx___might_resched+0x10/0x10
[  159.583470][ T7968]  ? fs_reclaim_acquire+0x7d/0x100
[  159.583487][ T7968]  should_fail_ex+0x414/0x560
[  159.583505][ T7968]  should_failslab+0xa8/0x100
[  159.583519][ T7968]  __kmalloc_noprof+0xcb/0x4f0
[  159.583529][ T7968]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  159.583550][ T7968]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  159.583572][ T7968]  genl_family_rcv_msg_doit+0xb8/0x300
[  159.583593][ T7968]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  159.583611][ T7968]  ? rcu_is_watching+0x15/0xb0
[  159.583630][ T7968]  ? apparmor_capable+0x137/0x1b0
[  159.583649][ T7968]  ? bpf_lsm_capable+0x9/0x20
[  159.583659][ T7968]  ? security_capable+0x7e/0x2e0
[  159.583678][ T7968]  genl_rcv_msg+0x60e/0x790
[  159.583698][ T7968]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.583713][ T7968]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  159.583728][ T7968]  ? __pfx_nl802154_del_llsec_devkey+0x10/0x10
[  159.583739][ T7968]  ? __pfx_nl802154_post_doit+0x10/0x10
[  159.583764][ T7968]  netlink_rcv_skb+0x208/0x470
[  159.583778][ T7968]  ? __pfx_genl_rcv_msg+0x10/0x10
[  159.583795][ T7968]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  159.583819][ T7968]  ? down_read+0x1ad/0x2e0
[  159.583833][ T7968]  genl_rcv+0x28/0x40
[  159.583847][ T7968]  netlink_unicast+0x75b/0x8d0
[  159.583867][ T7968]  netlink_sendmsg+0x805/0xb30
[  159.583887][ T7968]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.583902][ T7968]  ? aa_sock_msg_perm+0x94/0x160
[  159.583927][ T7968]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  159.583951][ T7968]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.583974][ T7968]  __sock_sendmsg+0x21c/0x270
[  159.584007][ T7968]  ____sys_sendmsg+0x505/0x830
[  159.584025][ T7968]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.584046][ T7968]  ? import_iovec+0x74/0xa0
[  159.584060][ T7968]  ___sys_sendmsg+0x21f/0x2a0
[  159.584076][ T7968]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.584114][ T7968]  ? __fget_files+0x2a/0x420
[  159.584129][ T7968]  ? __fget_files+0x3a0/0x420
[  159.584178][ T7968]  __x64_sys_sendmsg+0x19b/0x260
[  159.584206][ T7968]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  159.584242][ T7968]  ? __pfx_ksys_write+0x10/0x10
[  159.584256][ T7968]  ? rcu_is_watching+0x15/0xb0
[  159.584291][ T7968]  ? do_syscall_64+0xbe/0x3b0
[  159.584315][ T7968]  do_syscall_64+0xfa/0x3b0
[  159.584331][ T7968]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.584359][ T7968]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.584378][ T7968]  ? clear_bhb_loop+0x60/0xb0
[  159.584402][ T7968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.584419][ T7968] RIP: 0033:0x7f5128d8e929
[  159.584438][ T7968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.584454][ T7968] RSP: 002b:00007f5129b9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.584476][ T7968] RAX: ffffffffffffffda RBX: 00007f5128fb5fa0 RCX: 00007f5128d8e929
[  159.584489][ T7968] RDX: 0000000000000040 RSI: 00002000000009c0 RDI: 0000000000000004
[  159.584502][ T7968] RBP: 00007f5129b9d090 R08: 0000000000000000 R09: 0000000000000000
[  159.584513][ T7968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.584524][ T7968] R13: 0000000000000000 R14: 00007f5128fb5fa0 R15: 00007ffeb807f478
[  159.584558][ T7968]  </TASK>
[  160.160684][ T7944] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.194899][ T7976] netlink: 'syz.4.611': attribute type 32 has an invalid length.
[  160.202745][ T7976] netlink: 60 bytes leftover after parsing attributes in process `syz.4.611'.
[  160.434598][ T7989] block nbd3: Unsupported socket: shutdown callout must be supported.
[  160.635182][ T7995] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  160.663552][ T7944] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.730838][ T7944] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.792563][ T7944] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.900214][ T7944] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.925246][ T7999] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  160.925667][ T8005] Bluetooth: MGMT ver 1.23
[  160.955491][ T8001] netlink: 163952 bytes leftover after parsing attributes in process `syz.3.615'.
[  161.270474][ T8021] netlink: 169684 bytes leftover after parsing attributes in process `syz.4.620'.
[  161.283658][ T8005] bond5: entered promiscuous mode
[  161.291775][ T8005] bond5: entered allmulticast mode
[  161.316653][ T8005] 8021q: adding VLAN 0 to HW filter on device bond5
[  161.333837][ T8024] netlink: 'syz.3.621': attribute type 3 has an invalid length.
[  161.363288][ T8022] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  161.395939][ T8017] IPVS: set_ctl: invalid protocol: 46 172.20.20.53:20004
[  161.551839][ T8032] netlink: 'syz.2.624': attribute type 2 has an invalid length.
[  162.723609][ T8077] netlink: 'syz.4.637': attribute type 21 has an invalid length.
[  162.738723][ T8080] __nla_validate_parse: 6 callbacks suppressed
[  162.738744][ T8080] netlink: 56 bytes leftover after parsing attributes in process `syz.0.639'.
[  162.949332][ T8092] netlink: 12 bytes leftover after parsing attributes in process `syz.0.642'.
[  163.006835][ T8092] netlink: 16 bytes leftover after parsing attributes in process `syz.0.642'.
[  163.103450][ T8098] netlink: 12 bytes leftover after parsing attributes in process `syz.2.644'.
[  163.177561][ T8098] netlink: 696 bytes leftover after parsing attributes in process `syz.2.644'.
[  163.322173][ T8108] netlink: 104 bytes leftover after parsing attributes in process `syz.4.648'.
[  163.449411][ T8113] netlink: 'syz.3.651': attribute type 1 has an invalid length.
[  163.657531][ T8120] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  163.786878][ T8125] af_packet: tpacket_rcv: packet too big, clamped from 747 to 4294967272. macoff=96
[  163.802902][ T8128] netlink: 8 bytes leftover after parsing attributes in process `syz.4.656'.
[  163.818256][ T8126] netlink: 'syz.2.655': attribute type 1 has an invalid length.
[  163.826065][ T8126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.655'.
[  164.001114][ T8135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.660'.
[  164.155075][ T8141] netlink: 'syz.1.662': attribute type 32 has an invalid length.
[  164.162882][ T8141] netlink: 60 bytes leftover after parsing attributes in process `syz.1.662'.
[  164.503719][ T8150] netlink: 'syz.2.666': attribute type 11 has an invalid length.
[  164.855316][ T5852] Bluetooth: hci3: command 0x0405 tx timeout
[  165.310526][ T8189] netlink: 'syz.3.677': attribute type 4 has an invalid length.
[  165.421661][ T8189] netlink: 'syz.3.677': attribute type 4 has an invalid length.
[  165.778684][   T51] block nbd3: Receive control failed (result -107)
[  165.834815][ T8202] nbd3: detected capacity change from 0 to 256
[  165.838010][ T7033] block nbd3: Dead connection, failed to find a fallback
[  165.889689][ T8212] netlink: 'syz.3.685': attribute type 32 has an invalid length.
[  166.200228][ T8223] delete_channel: no stack
[  166.678360][ T8243] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  166.831707][   T51] block nbd4: Receive control failed (result -107)
[  166.884702][ T8249] nbd4: detected capacity change from 0 to 256
[  166.945046][ T6993] block nbd4: Dead connection, failed to find a fallback
[  167.572352][ T8290] netlink: 'syz.1.710': attribute type 32 has an invalid length.
[  167.664515][   T51] Bluetooth: hci3: link tx timeout
[  167.670155][   T51] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  168.144718][ T8318] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  168.627584][ T8337] __nla_validate_parse: 19 callbacks suppressed
[  168.627608][ T8337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.723'.
[  168.778589][ T8345] netlink: 256 bytes leftover after parsing attributes in process `syz.2.727'.
[  169.173732][ T8366] netlink: 'syz.1.734': attribute type 32 has an invalid length.
[  169.214301][ T8366] netlink: 60 bytes leftover after parsing attributes in process `syz.1.734'.
[  169.339412][ T8370] netlink: 'syz.2.736': attribute type 1 has an invalid length.
[  169.353929][ T8370] netlink: 'syz.2.736': attribute type 1 has an invalid length.
[  169.735463][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  169.891091][ T8394] netlink: 108 bytes leftover after parsing attributes in process `syz.2.741'.
[  170.537774][ T8419] netlink: 16 bytes leftover after parsing attributes in process `syz.3.748'.
[  170.718541][ T8424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.750'.
[  170.826587][ T8434] netlink: 'syz.3.754': attribute type 32 has an invalid length.
[  170.842168][ T8434] netlink: 60 bytes leftover after parsing attributes in process `syz.3.754'.
[  171.789517][ T8479] netlink: 256 bytes leftover after parsing attributes in process `syz.0.762'.
[  171.840068][ T8482] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.763'.
[  171.974116][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.764'.
[  172.243333][ T8496] netlink: 'syz.1.767': attribute type 1 has an invalid length.
[  172.542107][ T8510] netlink: 'syz.0.773': attribute type 32 has an invalid length.
[  172.777081][ T8515] xt_TCPMSS: Only works on TCP SYN packets
[  173.761065][ T8559] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  174.032917][ T8574] IPVS: Unknown mcast interface: bond0
[  174.342087][ T8585] netlink: 'syz.3.792': attribute type 32 has an invalid length.
[  174.387871][ T8585] __nla_validate_parse: 6 callbacks suppressed
[  174.387911][ T8585] netlink: 60 bytes leftover after parsing attributes in process `syz.3.792'.
[  174.412788][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.793'.
[  174.476118][ T8587] macvlan2: entered promiscuous mode
[  174.496370][ T8587] macvlan2: entered allmulticast mode
[  174.720710][ T8600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.796'.
[  175.009238][ T8614] netlink: 4 bytes leftover after parsing attributes in process `syz.4.798'.
[  175.416984][ T8628] netlink: 'syz.0.803': attribute type 1 has an invalid length.
[  175.446280][ T8628] netlink: 'syz.0.803': attribute type 1 has an invalid length.
[  175.477214][ T8628] netlink: 'syz.0.803': attribute type 1 has an invalid length.
[  175.529654][ T8628] netlink: 'syz.0.803': attribute type 1 has an invalid length.
[  175.947766][ T8652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.809'.
[  176.183770][ T8663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.812'.
[  176.229087][ T8666] netlink: 'syz.0.814': attribute type 32 has an invalid length.
[  176.235847][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.815'.
[  176.259351][ T8666] netlink: 60 bytes leftover after parsing attributes in process `syz.0.814'.
[  176.260277][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.815'.
[  176.280376][ T8668] netlink: 32 bytes leftover after parsing attributes in process `syz.3.815'.
[  176.338185][ T5852] block nbd5: Receive control failed (result -107)
[  176.366198][ T8668] nbd5: detected capacity change from 0 to 256
[  176.377180][ T8287] block nbd5: Dead connection, failed to find a fallback
[  177.318995][ T5852] block nbd6: Receive control failed (result -107)
[  177.385261][ T8707] nbd6: detected capacity change from 0 to 256
[  177.462034][ T6901] block nbd6: Dead connection, failed to find a fallback
[  178.356862][ T5852] block nbd7: Receive control failed (result -107)
[  178.370690][ T8760] nbd7: detected capacity change from 0 to 256
[  178.380754][ T8751] block nbd7: Dead connection, failed to find a fallback
[  178.476419][ T8774] netlink: 'syz.0.847': attribute type 1 has an invalid length.
[  178.484282][ T8774] netlink: 'syz.0.847': attribute type 10 has an invalid length.
[  178.492376][ T8774] netlink: 'syz.0.847': attribute type 4 has an invalid length.
[  178.967689][ T8796] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.109241][ T8796] bridge_slave_1 (unregistering): left allmulticast mode
[  179.119802][ T8796] bridge_slave_1 (unregistering): left promiscuous mode
[  179.132728][ T8796] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.205004][ T8805] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  179.521406][ T8819] __nla_validate_parse: 23 callbacks suppressed
[  179.521426][ T8819] netlink: 28 bytes leftover after parsing attributes in process `syz.3.861'.
[  180.036218][ T8837] netlink: 8 bytes leftover after parsing attributes in process `syz.2.866'.
[  180.143318][ T8839] Bluetooth: MGMT ver 1.23
[  180.180696][ T8839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.868'.
[  180.356182][ T8852] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'.
[  180.356762][ T8853] netlink: 169684 bytes leftover after parsing attributes in process `syz.0.872'.
[  180.865303][ T8874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.878'.
[  180.970153][ T8874] netlink: 'syz.3.878': attribute type 1 has an invalid length.
[  181.064123][ T8879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.881'.
[  181.249706][ T8887] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  181.440172][ T8896] netlink: 169684 bytes leftover after parsing attributes in process `syz.2.887'.
[  181.544547][ T8897] netlink: 'syz.1.886': attribute type 10 has an invalid length.
[  181.557520][ T8897] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  181.591636][ T8897] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  182.088474][ T8925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.895'.
[  182.250172][ T8929] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  182.268221][ T8929] macsec2: entered allmulticast mode
[  182.281821][ T8929] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  182.312815][ T8929] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  182.323982][ T8929] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  182.485497][ T8940] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.901'.
[  182.680136][ T8945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.697462][ T8945] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.761661][ T8945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.775085][ T8945] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.454771][ T8978] netlink: 'syz.2.913': attribute type 2 has an invalid length.
[  183.757814][ T8995] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  184.525768][ T9036] netlink: 'syz.2.932': attribute type 7 has an invalid length.
[  184.807922][ T9047] __nla_validate_parse: 8 callbacks suppressed
[  184.807944][ T9047] netlink: 132 bytes leftover after parsing attributes in process `syz.4.939'.
[  184.846320][ T9050] netlink: 169684 bytes leftover after parsing attributes in process `syz.2.940'.
[  184.885869][ T9053] netlink: 48 bytes leftover after parsing attributes in process `syz.0.938'.
[  184.900584][ T9047] nftables ruleset with unbound set
[  184.955937][ T9056] IPVS: set_ctl: invalid protocol: 135 127.0.0.1:20000
[  184.980222][ T9053] netlink: 48 bytes leftover after parsing attributes in process `syz.0.938'.
[  185.129993][ T9064] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.945'.
[  185.228657][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.946'.
[  185.252918][ T9068] xt_hashlimit: invalid interval
[  185.271655][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.946'.
[  185.307052][ T9066] netlink: 'syz.0.946': attribute type 3 has an invalid length.
[  185.322495][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz.4.948'.
[  185.441786][ T9075] netlink: 8 bytes leftover after parsing attributes in process `syz.3.950'.
[  185.690183][ T9089] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  185.758216][ T9092] netlink: 169684 bytes leftover after parsing attributes in process `syz.4.955'.
[  185.829644][ T5852] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  186.000867][ T9102] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  186.074614][ T9108] netlink: 'syz.0.961': attribute type 21 has an invalid length.
[  186.220947][ T9115] netlink: 'syz.3.964': attribute type 32 has an invalid length.
[  186.401118][ T9119] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  186.410160][    T9] IPVS: starting estimator thread 0...
[  186.514652][ T9124] IPVS: using max 23 ests per chain, 55200 per kthread
[  186.863539][ T9149] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  187.230518][ T9165] netlink: 'syz.0.974': attribute type 21 has an invalid length.
[  187.419601][ T9161] xt_CT: No such helper "syz0"
[  188.108926][ T9206] netlink: 'syz.0.991': attribute type 13 has an invalid length.
[  188.134925][ T9206] netlink: 'syz.0.991': attribute type 58 has an invalid length.
[  188.341808][ T9213] netlink: 'syz.4.993': attribute type 5 has an invalid length.
[  188.483551][ T9224] syzkaller1: entered promiscuous mode
[  188.492836][ T9224] syzkaller1: entered allmulticast mode
[  188.636106][ T9232] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  188.682984][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.705391][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.729611][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.770486][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.806841][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.833766][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.873968][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.898112][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.907560][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.918935][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.928081][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.960927][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  188.985211][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.004757][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.039373][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.060037][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.079624][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.097579][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.122663][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.149673][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.176313][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.201298][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.243615][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.281406][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.301111][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.338528][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.381042][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.395264][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.409179][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.454080][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.493471][ T9235] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20001
[  189.689664][ T5852] block nbd8: Receive control failed (result -107)
[  189.724494][ T9267] nbd8: detected capacity change from 0 to 256
[  189.732373][ T8921] block nbd8: Dead connection, failed to find a fallback
[  190.045807][ T9291] __nla_validate_parse: 32 callbacks suppressed
[  190.045827][ T9291] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1019'.
[  190.282484][ T9284] team_slave_0: left promiscuous mode
[  190.330746][ T9301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1021'.
[  190.334475][ T9284] team_slave_0: left allmulticast mode
[  190.412309][ T9284] netdevsim0 (unregistering): Port device team_slave_0 removed
[  190.453361][ T9284] team_slave_1: left promiscuous mode
[  190.479128][ T9284] team_slave_1: left allmulticast mode
[  190.500033][ T9284] netdevsim0 (unregistering): Port device team_slave_1 removed
[  190.531921][ T9286] netlink: 'syz.3.1019': attribute type 29 has an invalid length.
[  190.541542][ T9290] netlink: 'syz.3.1019': attribute type 29 has an invalid length.
[  191.012685][ T9317] xt_hashlimit: size too large, truncated to 1048576
[  191.227222][ T9325] netlink: 'syz.3.1029': attribute type 4 has an invalid length.
[  191.929843][ T9359] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1037'.
[  191.978160][ T9359] bond4: entered promiscuous mode
[  191.983272][ T9359] bond4: entered allmulticast mode
[  192.040561][ T9359] 8021q: adding VLAN 0 to HW filter on device bond4
[  192.062153][ T9365] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1038'.
[  192.248805][ T9367] syzkaller0: entered promiscuous mode
[  192.285886][ T9376] netlink: 'syz.2.1040': attribute type 10 has an invalid length.
[  192.292722][ T9367] syzkaller0: entered allmulticast mode
[  192.348234][ T9372] netlink: 'syz.3.1041': attribute type 1 has an invalid length.
[  192.361086][ T9373] netlink: 'syz.3.1041': attribute type 1 has an invalid length.
[  192.374525][ T9372] netlink: 14934 bytes leftover after parsing attributes in process `syz.3.1041'.
[  192.415022][ T9373] netlink: 14934 bytes leftover after parsing attributes in process `syz.3.1041'.
[  194.076995][ T9393] netlink: 'syz.4.1048': attribute type 29 has an invalid length.
[  194.220487][ T9406] netlink: 'syz.2.1050': attribute type 2 has an invalid length.
[  194.397930][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.450405][ T9406] lo speed is unknown, defaulting to 1000
[  194.477817][ T9420] netlink: 'syz.1.1053': attribute type 3 has an invalid length.
[  194.509963][ T9419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1053'.
[  194.526309][ T9419] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1053'.
[  194.545909][ T9419] netlink: 'syz.1.1053': attribute type 5 has an invalid length.
[  194.572836][ T9427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1056'.
[  194.604800][ T9425] gtp0: entered promiscuous mode
[  194.636303][ T9425] gtp0: entered allmulticast mode
[  194.799745][ T9433] netlink: 'syz.0.1056': attribute type 1 has an invalid length.
[  195.042316][ T9449] netem: incorrect ge model size
[  195.068267][ T9449] netem: change failed
[  195.200865][ T9456] netlink: 'syz.1.1064': attribute type 12 has an invalid length.
[  195.222456][ T9455] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1063'.
[  195.639853][ T9416] lo speed is unknown, defaulting to 1000
[  195.646391][ T9470] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1068'.
[  195.769367][ T9473] netlink: 'syz.0.1069': attribute type 12 has an invalid length.
[  195.793447][ T9473] xt_time: unknown flags 0x4
[  196.267036][ T9465] lo speed is unknown, defaulting to 1000
[  196.316089][ T9489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1075'.
[  196.344425][ T9489] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1075'.
[  196.353782][ T9490] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1075'.
[  196.371707][ T9490] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1075'.
[  196.541370][ T9497] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1077'.
[  196.875367][ T9510] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1080'.
[  197.208053][ T9522] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1086'.
[  197.224855][ T9522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1086'.
[  198.413375][ T9546] validate_nla: 2 callbacks suppressed
[  198.413394][ T9546] netlink: 'syz.3.1095': attribute type 10 has an invalid length.
[  198.587354][ T9546] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  199.042946][ T9569] syz_tun: entered allmulticast mode
[  199.097374][ T9567] syz_tun: left allmulticast mode
[  199.253096][ T9579] netlink: 'syz.4.1101': attribute type 5 has an invalid length.
[  199.707509][ T9596] netlink: 'syz.2.1106': attribute type 7 has an invalid length.
[  200.274923][ T9631] netlink: 'syz.1.1114': attribute type 32 has an invalid length.
[  200.303946][ T9631] __nla_validate_parse: 11 callbacks suppressed
[  200.303967][ T9631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1114'.
[  200.385811][ T9631] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  200.684815][ T9651] netlink: 'syz.1.1121': attribute type 5 has an invalid length.
[  200.741852][ T9651] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1121'.
[  200.838047][ T9655] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1122'.
[  200.941767][ T9664] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1125'.
[  201.022495][ T9663] ipt_REJECT: TCP_RESET invalid for non-tcp
[  201.023318][ T9668] netlink: 'syz.3.1125': attribute type 23 has an invalid length.
[  201.071538][ T9667] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1127'.
[  201.083082][ T9667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1127'.
[  201.113100][ T9667] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1127'.
[  201.147212][ T5852] block nbd9: Receive control failed (result -107)
[  201.206271][ T9667] nbd9: detected capacity change from 0 to 256
[  201.215489][ T8781] block nbd9: Dead connection, failed to find a fallback
[  201.228720][ T8781] block nbd9: shutting down sockets
[  201.238484][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.249129][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.259709][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.273722][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.283696][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.293925][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.313846][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.345864][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.366395][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.383598][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.397977][ T9677] openvswitch: netlink: Message has 12 unknown bytes.
[  201.411878][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.434372][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.451182][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.477152][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.497195][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.507546][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.515837][ T8781] ldm_validate_partition_table(): Disk read failed.
[  201.523103][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.532649][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.542869][ T8781] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  201.557823][ T8781] Buffer I/O error on dev nbd9, logical block 0, async page read
[  201.573646][ T8781] Dev nbd9: unable to read RDB block 0
[  201.578991][ T9659] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.583929][ T8781]  nbd9: unable to read partition table
[  201.587004][ T9659] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.625709][ T8781] ldm_validate_partition_table(): Disk read failed.
[  201.633575][ T8781] Dev nbd9: unable to read RDB block 0
[  201.640172][ T8781]  nbd9: unable to read partition table
[  201.701268][ T9659] batman_adv: batadv0: Interface deactivated: dummy0
[  202.036072][ T9659] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.073529][ T9659] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.402453][ T9659] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.412110][ T9659] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.421358][ T9659] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.431788][ T9659] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.546305][ T9664] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  202.547532][ T5913] lo speed is unknown, defaulting to 1000
[  202.605218][ T5913] syz0: Port: 1 Link DOWN
[  202.622924][ T5913] lo speed is unknown, defaulting to 1000
[  202.716231][ T9695] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1131'.
[  202.737167][ T9695] gretap0: entered promiscuous mode
[  202.768610][ T9696] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1131'.
[  202.789698][ T9696] 0ªX¹¦D: renamed from gretap0
[  202.850394][ T9696] 0ªX¹¦D: left promiscuous mode
[  202.873132][ T9696] 0ªX¹¦D: entered allmulticast mode
[  202.905585][ T9696] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  203.000557][ T9702] batadv0: entered promiscuous mode
[  203.063377][ T9702] team0: entered promiscuous mode
[  203.094471][ T9702] team_slave_0: entered promiscuous mode
[  203.104645][ T9702] team_slave_1: entered promiscuous mode
[  203.158223][ T9702] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  203.176262][ T9702] Cannot create hsr debugfs directory
[  203.194520][ T9702] hsr1: entered promiscuous mode
[  203.212854][ T9702] hsr1: entered allmulticast mode
[  203.219212][ T9702] batadv0: entered allmulticast mode
[  203.229937][ T9702] team0: entered allmulticast mode
[  203.236603][ T9702] team_slave_0: entered allmulticast mode
[  203.251978][ T9702] team_slave_1: entered allmulticast mode
[  203.347832][ T9731] batman_adv: batadv0: Adding interface: dummy0
[  203.354347][ T9731] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.382817][ T9731] batman_adv: batadv0: Interface activated: dummy0
[  203.503377][ T9734] batadv0: mtu less than device minimum
[  203.526111][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.538597][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.550846][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.563006][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.575203][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.575479][ T9740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1143'.
[  203.587190][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.606904][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.619723][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.631779][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.643245][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.655193][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.666537][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.678149][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.689593][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.701228][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.712647][ T9734] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  203.748699][ T5852] block nbd10: Receive control failed (result -107)
[  203.805558][ T9740] nbd10: detected capacity change from 0 to 256
[  203.813882][ T8781] block nbd10: Dead connection, failed to find a fallback
[  203.939527][ T9747] xt_l2tp: wrong L2TP version: 0
[  204.075825][ T9754] netlink: 'syz.3.1148': attribute type 1 has an invalid length.
[  204.102586][ T9754] netlink: 'syz.3.1148': attribute type 1 has an invalid length.
[  204.111148][ T9756] sch_fq: defrate 0 ignored.
[  204.630261][ T9783] netlink: 'syz.4.1157': attribute type 3 has an invalid length.
[  204.668887][ T5852] block nbd11: Receive control failed (result -107)
[  204.741241][ T9781] nbd11: detected capacity change from 0 to 256
[  204.816217][ T5978] block nbd11: Dead connection, failed to find a fallback
[  205.358861][ T9815] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  205.383722][ T9818] __nla_validate_parse: 7 callbacks suppressed
[  205.383758][ T9818] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1165'.
[  205.406053][ T9817] ip6t_REJECT: ECHOREPLY is not supported
[  205.667150][ T9828] sctp: [Deprecated]: syz.1.1170 (pid 9828) Use of int in maxseg socket option.
[  205.667150][ T9828] Use struct sctp_assoc_value instead
[  205.671683][ T9830] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1173'.
[  205.715745][ T9830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1173'.
[  205.770595][ T9830] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1173'.
[  205.847823][ T5852] block nbd12: Receive control failed (result -107)
[  205.874799][ T9830] nbd12: detected capacity change from 0 to 256
[  205.882793][ T8923] block nbd12: Dead connection, failed to find a fallback
[  206.161985][ T9848] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1180'.
[  206.303740][ T9858] batman_adv: batadv0: Interface deactivated: dummy0
[  206.346295][ T9858] batman_adv: batadv0: Removing interface: dummy0
[  206.412146][ T9862] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1184'.
[  206.715103][ T9878] netlink: 'syz.0.1191': attribute type 32 has an invalid length.
[  206.743519][ T9878] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1191'.
[  206.934486][ T9890] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1193'.
[  206.982688][ T9890] netlink: 'syz.2.1193': attribute type 4 has an invalid length.
[  207.001069][ T9893] tipc: Started in network mode
[  207.022993][ T9893] tipc: Node identity 4, cluster identity 4711
[  207.034696][ T9893] tipc: Node number set to 4
[  207.235723][ T9901] vlan2: entered promiscuous mode
[  207.255337][ T9901] bridge0: entered promiscuous mode
[  207.276873][ T9901] vlan2: entered allmulticast mode
[  207.292247][ T9901] bridge0: entered allmulticast mode
[  207.346044][ T9909] netlink: 'syz.1.1198': attribute type 23 has an invalid length.
[  207.805876][ T9927] macvtap1: entered promiscuous mode
[  207.823654][ T9931] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  207.826738][ T9927] vlan0: entered promiscuous mode
[  207.859129][ T9927] macvtap1: entered allmulticast mode
[  207.884729][ T9927] vlan0: entered allmulticast mode
[  207.905295][ T9927] veth0_vlan: entered allmulticast mode
[  208.299322][ T9956] netlink: 'syz.3.1212': attribute type 32 has an invalid length.
[  208.318553][ T9956] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1212'.
[  208.334042][ T9954] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1211'.
[  208.436722][ T9962] netlink: 'syz.0.1214': attribute type 29 has an invalid length.
[  208.467179][ T9964] netlink: 'syz.0.1214': attribute type 29 has an invalid length.
[  208.515580][ T9962] netlink: 'syz.0.1214': attribute type 29 has an invalid length.
[  209.909975][T10032] validate_nla: 2 callbacks suppressed
[  209.909995][T10032] netlink: 'syz.1.1232': attribute type 32 has an invalid length.
[  209.996109][T10038] x_tables: duplicate underflow at hook 2
[  210.918744][T10070] __nla_validate_parse: 6 callbacks suppressed
[  210.918775][T10070] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1243'.
[  211.122593][T10082] xt_ecn: cannot match TCP bits for non-tcp packets
[  211.151900][T10082] netlink: 'syz.0.1247': attribute type 4 has an invalid length.
[  211.631281][T10111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1257'.
[  211.641945][T10110] xt_socket: unknown flags 0x3c
[  211.647900][T10111] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1257'.
[  211.665476][T10111] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1257'.
[  211.814328][ T5157] Bluetooth: hci2: command 0x0406 tx timeout
[  211.821230][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  211.821243][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[  212.246836][ T5856] block nbd13: Receive control failed (result -107)
[  212.329304][T10111] nbd13: detected capacity change from 0 to 256
[  212.381943][T10122] sctp: [Deprecated]: syz.1.1260 (pid 10122) Use of int in max_burst socket option deprecated.
[  212.381943][T10122] Use struct sctp_assoc_value instead
[  212.583127][T10136] xt_ecn: cannot match TCP bits for non-tcp packets
[  212.748500][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1267'.
[  212.830937][T10154] netlink: 'syz.3.1269': attribute type 1 has an invalid length.
[  212.887996][T10157] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1270'.
[  212.910528][T10157] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  213.058533][T10160] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1272'.
[  213.130769][T10170] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1274'.
[  213.148655][T10170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1274'.
[  213.202712][T10170] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1274'.
[  213.323448][   T51] block nbd14: Receive control failed (result -107)
[  213.384316][T10170] nbd14: detected capacity change from 0 to 256
[  213.559738][T10190] net_ratelimit: 6 callbacks suppressed
[  213.559758][T10190] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  213.917010][T10209] ieee802154 phy0 wpan0: encryption failed: -22
[  214.171679][   T51] block nbd15: Receive control failed (result -107)
[  214.194894][T10227] nbd15: detected capacity change from 0 to 256
[  214.332208][T10239] netlink: 'syz.1.1299': attribute type 6 has an invalid length.
[  214.517112][T10246] geneve3: entered promiscuous mode
[  214.524363][T10246] geneve3: entered allmulticast mode
[  214.742629][T10257] No such timeout policy "syz0"
[  215.518975][T10302] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  216.220072][T10341] __nla_validate_parse: 14 callbacks suppressed
[  216.220094][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1333'.
[  216.268948][T10341] openvswitch: netlink: Flow key attr not present in new flow.
[  216.346414][T10341] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  216.394702][T10341] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  216.403479][T10341] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  216.439280][T10350] x_tables: duplicate underflow at hook 2
[  216.576609][T10361] bridge0: port 1(vlan2) entered blocking state
[  216.617718][T10361] bridge0: port 1(vlan2) entered disabled state
[  216.641500][T10361] vlan2: entered allmulticast mode
[  216.655754][T10361] bridge0: entered allmulticast mode
[  216.671743][T10361] vlan2: left allmulticast mode
[  216.682189][T10361] bridge0: left allmulticast mode
[  216.701690][T10349] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  216.710920][T10363] +
: renamed from syzkaller0
[  216.721666][T10363] tipc: Disabling bearer <eth:syzkaller0>
[  217.095347][T10388] netlink: 'syz.4.1343': attribute type 11 has an invalid length.
[  217.103264][T10388] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1343'.
[  217.165580][T10388] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1343'.
[  217.248987][T10390] netlink: 'syz.2.1344': attribute type 1 has an invalid length.
[  217.292703][T10390] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1344'.
[  217.357532][T10407] smc: net device bond0 applied user defined pnetid SYZ0
[  217.391694][T10407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1347'.
[  217.454294][T10407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1347'.
[  217.566886][T10418] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1350'.
[  217.604956][T10418] netlink: zone id is out of range
[  217.610172][T10418] netlink: zone id is out of range
[  217.635233][T10418] netlink: zone id is out of range
[  217.640427][T10418] netlink: zone id is out of range
[  217.647008][T10418] netlink: zone id is out of range
[  217.693376][T10418] netlink: zone id is out of range
[  217.754493][T10418] netlink: zone id is out of range
[  217.877697][T10434] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1353'.
[  217.971917][T10438] xt_l2tp: missing protocol rule (udp|l2tpip)
[  218.309504][T10452] 8021q: adding VLAN 0 to HW filter on device bond1
[  218.318364][T10458] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1363'.
[  218.350555][T10458] netlink: 'syz.1.1363': attribute type 3 has an invalid length.
[  218.587240][T10469] netlink: 512 bytes leftover after parsing attributes in process `syz.0.1366'.
[  218.933292][T10484] net_ratelimit: 11 callbacks suppressed
[  218.933314][T10484] openvswitch: netlink: Flow actions attr not present in new flow.
[  219.521411][T10511] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  219.538036][T10513] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  219.945651][T10526] netlink: 'syz.3.1384': attribute type 3 has an invalid length.
[  220.308932][T10550] openvswitch: netlink: Unknown nsh attribute 0
[  220.326653][T10550] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  220.359911][T10557] netlink: 'syz.1.1394': attribute type 1 has an invalid length.
[  220.635228][T10568] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  220.928343][T10586] netlink: 'syz.3.1404': attribute type 10 has an invalid length.
[  220.952622][T10586] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.984635][T10586] bridge_slave_1: left allmulticast mode
[  221.013304][T10586] bridge_slave_1: left promiscuous mode
[  221.028955][T10586] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.042285][T10591] netlink: 'syz.0.1405': attribute type 2 has an invalid length.
[  221.047902][T10586] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  221.248644][T10587] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.267042][T10587] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.282845][T10587] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  221.297029][T10587] bond0 (unregistering): Released all slaves
[  221.310960][T10600] __nla_validate_parse: 9 callbacks suppressed
[  221.310979][T10600] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1408'.
[  221.338275][T10600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1408'.
[  221.348319][T10590] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  221.406778][  T196] bond1: (slave veth0_to_bond): link status definitely down, disabling slave
[  221.420542][  T196] bond1: now running without any active interface!
[  221.606274][T10607] xt_ecn: cannot match TCP bits for non-tcp packets
[  221.628589][T10607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'.
[  221.750095][T10616] net veth1_virt_wifi .: renamed from virt_wifi0
[  221.948725][T10628] nft_compat: unsupported protocol 0
[  222.233626][T10635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.277826][T10639] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1421'.
[  222.285577][T10635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.364022][T10635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.561620][T10661] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  222.570723][T10661] tipc: Enabled bearer <udp:syz1>, priority 10
[  222.703349][T10667] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1428'.
[  222.729255][T10667] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  222.803984][T10672] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1429'.
[  222.863476][T10674] netlink: 'syz.0.1430': attribute type 29 has an invalid length.
[  222.872369][T10674] netlink: 'syz.0.1430': attribute type 29 has an invalid length.
[  222.888180][T10674] netlink: 'syz.0.1430': attribute type 29 has an invalid length.
[  222.897651][T10674] netlink: 'syz.0.1430': attribute type 29 has an invalid length.
[  222.915944][T10674] netlink: 'syz.0.1430': attribute type 16 has an invalid length.
[  222.923830][T10674] netlink: 'syz.0.1430': attribute type 17 has an invalid length.
[  223.265014][T10691] gtp0: entered promiscuous mode
[  223.270122][T10691] gtp0: entered allmulticast mode
[  223.499009][T10706] macvlan0: entered promiscuous mode
[  223.507718][T10706] macvlan0: entered allmulticast mode
[  223.744010][T10716] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1443'.
[  223.763179][T10716] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  224.146141][T10731] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  224.505591][T10739] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1450'.
[  224.725695][T10748] unsupported nla_type 52263
[  224.783034][T10756] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1454'.
[  224.786792][T10755] netlink: 'syz.0.1456': attribute type 1 has an invalid length.
[  224.862288][T10759] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1457'.
[  225.166489][T10766] raw_sendmsg: syz.3.1460 forgot to set AF_INET. Fix it!
[  225.692537][T10787] batman_adv: batadv0: Removing interface: dummy0
[  225.725316][T10787] bridge_slave_0: left allmulticast mode
[  225.743137][T10787] bridge_slave_0: left promiscuous mode
[  225.769905][T10787] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.853245][T10787] bridge_slave_1: left allmulticast mode
[  225.868612][T10787] bridge_slave_1: left promiscuous mode
[  225.875487][T10787] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.893933][T10787] bond0: (slave bond_slave_0): Releasing backup interface
[  225.909625][T10787] bond0: (slave bond_slave_1): Releasing backup interface
[  225.941504][T10787] team0: Port device team_slave_0 removed
[  225.951219][T10787] team0: Port device team_slave_1 removed
[  225.958694][T10787] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.967115][T10787] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.982747][T10805] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  226.118198][T10810] netlink: 'syz.1.1475': attribute type 1 has an invalid length.
[  226.127500][T10810] netlink: 'syz.1.1475': attribute type 10 has an invalid length.
[  226.157893][T10812] tipc: Started in network mode
[  226.175155][T10812] tipc: Node identity e2789f63cf8c, cluster identity 4711
[  226.190118][T10812] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  226.296972][T10812] syzkaller0: entered promiscuous mode
[  226.304484][T10812] syzkaller0: entered allmulticast mode
[  226.310860][T10812] tipc: Resetting bearer <eth:syzkaller0>
[  226.351838][T10811] tipc: Resetting bearer <eth:syzkaller0>
[  226.381132][T10821] netlink: 'syz.1.1479': attribute type 1 has an invalid length.
[  226.438072][T10826] xt_CT: You must specify a L4 protocol and not use inversions on it
[  226.553318][T10828] __nla_validate_parse: 2 callbacks suppressed
[  226.553339][T10828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1479'.
[  227.207150][   T24] tipc: Node number set to 771006307
[  228.015986][T10811] tipc: Disabling bearer <eth:syzkaller0>
[  228.027119][T10821] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[  228.032058][T10826] ip6erspan0: entered promiscuous mode
[  229.122686][T10896] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1500'.
[  229.340230][T10904] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1502'.
[  229.437230][T10913] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1504'.
[  229.675914][T10918] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  229.815145][T10931] netlink: 'syz.2.1510': attribute type 39 has an invalid length.
[  230.119407][T10940] netlink: 'syz.0.1513': attribute type 5 has an invalid length.
[  230.136939][T10940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1513'.
[  230.207102][T10943] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1514'.
[  230.493204][T10956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1517'.
[  230.520855][T10956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1517'.
[  230.661774][T10960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1518'.
[  230.751300][T10966] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1520'.
[  230.869494][T10966] netlink: 'syz.1.1520': attribute type 10 has an invalid length.
[  230.914703][T10966] dummy0: entered promiscuous mode
[  230.930168][T10966] bridge0: port 1(dummy0) entered blocking state
[  230.959065][T10966] bridge0: port 1(dummy0) entered disabled state
[  231.004781][T10966] dummy0: entered allmulticast mode
[  231.012756][T10966] dummy0: left allmulticast mode
[  231.039372][T10966] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  231.830383][T10993] __nla_validate_parse: 4 callbacks suppressed
[  231.830406][T10993] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1527'.
[  231.906960][T11024] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1540'.
[  231.965244][T10993] netlink: 'syz.0.1527': attribute type 1 has an invalid length.
[  231.993574][T10993] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  232.562629][T11061] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1549'.
[  232.610713][T11067] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1552'.
[  232.652663][T11067] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1552'.
[  232.678893][T11067] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1552'.
[  233.299936][T11103] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1561'.
[  234.029956][T11135] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1569'.
[  234.042362][T11134] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1570'.
[  234.056025][T11132] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1569'.
[  234.706600][T11168] veth0: entered promiscuous mode
[  234.851625][T11162] veth0: left promiscuous mode
[  235.064446][T11187] tipc: Enabling of bearer <u˩:s> rejected, media not registered
[  235.234421][T11200] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  236.078900][T11232] netlink: 'syz.4.1599': attribute type 7 has an invalid length.
[  236.128074][T11232] netlink: 'syz.4.1599': attribute type 4 has an invalid length.
[  236.210552][T11235] tipc: New replicast peer: 255.255.255.255
[  236.265115][T11243] ieee802154 phy0 wpan0: encryption failed: -22
[  236.271565][T11235] tipc: Enabled bearer <udp:syz2>, priority 10
[  236.294729][T11239] tipc: Disabling bearer <udp:syz2>
[  236.485498][T11248] sctp: [Deprecated]: syz.4.1603 (pid 11248) Use of int in maxseg socket option.
[  236.485498][T11248] Use struct sctp_assoc_value instead
[  236.569524][T11260] netlink: 'syz.0.1604': attribute type 23 has an invalid length.
[  236.618323][T11259] ip6t_srh: unknown srh match flags  536B
[  236.666344][T11263] netlink: 'syz.3.1606': attribute type 13 has an invalid length.
[  236.734347][T11263] netlink: 'syz.3.1606': attribute type 17 has an invalid length.
[  236.893907][T11263] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  236.924662][T11271] netlink: 'syz.1.1609': attribute type 2 has an invalid length.
[  236.958463][T11273] gtp0: entered promiscuous mode
[  236.968161][T11273] gtp0: entered allmulticast mode
[  237.201391][T11289] netlink: 'syz.0.1613': attribute type 8 has an invalid length.
[  237.257167][   T51] Bluetooth: hci0: command tx timeout
[  237.543300][T11303] __nla_validate_parse: 4 callbacks suppressed
[  237.543323][T11303] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1616'.
[  237.622041][T11305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1617'.
[  237.655258][T11305] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1617'.
[  237.677555][T11305] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1617'.
[  237.744242][   T51] block nbd16: Receive control failed (result -107)
[  237.767162][T11305] nbd16: detected capacity change from 0 to 256
[  237.903030][T11319] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1618'.
[  237.928488][T11319] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1618'.
[  237.983231][T11325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1622'.
[  238.049569][T11331] FAULT_INJECTION: forcing a failure.
[  238.049569][T11331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.104231][T11331] CPU: 0 UID: 0 PID: 11331 Comm: syz.4.1624 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  238.104263][T11331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.104275][T11331] Call Trace:
[  238.104284][T11331]  <TASK>
[  238.104292][T11331]  dump_stack_lvl+0x189/0x250
[  238.104330][T11331]  ? __pfx____ratelimit+0x10/0x10
[  238.104359][T11331]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.104389][T11331]  ? __pfx__printk+0x10/0x10
[  238.104411][T11331]  ? __might_fault+0xb0/0x130
[  238.104453][T11331]  should_fail_ex+0x414/0x560
[  238.104484][T11331]  _copy_from_user+0x2d/0xb0
[  238.104505][T11331]  __sys_sendto+0x25c/0x520
[  238.104531][T11331]  ? __pfx___sys_sendto+0x10/0x10
[  238.104566][T11331]  ? count_memcg_event_mm+0x21/0x260
[  238.104609][T11331]  ? exc_page_fault+0x76/0xf0
[  238.104641][T11331]  ? do_user_addr_fault+0xc8a/0x1390
[  238.104672][T11331]  __x64_sys_sendto+0xde/0x100
[  238.104699][T11331]  do_syscall_64+0xfa/0x3b0
[  238.104715][T11331]  ? lockdep_hardirqs_on+0x9c/0x150
[  238.104742][T11331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.104761][T11331]  ? clear_bhb_loop+0x60/0xb0
[  238.104786][T11331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.104805][T11331] RIP: 0033:0x7f506e9907bc
[  238.104822][T11331] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  238.104840][T11331] RSP: 002b:00007f506f885ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  238.104862][T11331] RAX: ffffffffffffffda RBX: 00007f506f885fc0 RCX: 00007f506e9907bc
[  238.104876][T11331] RDX: 0000000000000020 RSI: 00007f506f886010 RDI: 0000000000000003
[  238.104889][T11331] RBP: 0000000000000000 R08: 00007f506f885f14 R09: 000000000000000c
[  238.104902][T11331] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  238.104914][T11331] R13: 00007f506f885f68 R14: 00007f506f886010 R15: 0000000000000000
[  238.104947][T11331]  </TASK>
[  238.409586][T11341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1625'.
[  238.450838][T11341] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1625'.
[  238.748434][T11356] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1630'.
[  238.802306][T11356] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  239.101687][T11375] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  239.122551][   T12] bond0: (slave bond_slave_0): interface is now down
[  239.143073][   T12] bond0: (slave bond_slave_1): interface is now down
[  239.186596][T11380] FAULT_INJECTION: forcing a failure.
[  239.186596][T11380] name failslab, interval 1, probability 0, space 0, times 0
[  239.200766][  T196] bond0: (slave bond_slave_0): interface is now down
[  239.200807][  T196] bond0: (slave bond_slave_1): interface is now down
[  239.224456][   T12] bond0: (slave bond_slave_0): interface is now down
[  239.231225][   T12] bond0: (slave bond_slave_1): interface is now down
[  239.274374][  T196] bond0: (slave bond_slave_0): interface is now down
[  239.292087][  T196] bond0: (slave bond_slave_1): interface is now down
[  239.292976][T11380] CPU: 0 UID: 0 PID: 11380 Comm: syz.1.1637 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  239.293002][T11380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.293013][T11380] Call Trace:
[  239.293020][T11380]  <TASK>
[  239.293028][T11380]  dump_stack_lvl+0x189/0x250
[  239.293060][T11380]  ? __pfx____ratelimit+0x10/0x10
[  239.293095][T11380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.293121][T11380]  ? __pfx__printk+0x10/0x10
[  239.293147][T11380]  ? __pfx___might_resched+0x10/0x10
[  239.293180][T11380]  should_fail_ex+0x414/0x560
[  239.293208][T11380]  should_failslab+0xa8/0x100
[  239.293230][T11380]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  239.293248][T11380]  ? __alloc_skb+0x112/0x2d0
[  239.293273][T11380]  __alloc_skb+0x112/0x2d0
[  239.293297][T11380]  netlink_sendmsg+0x5c6/0xb30
[  239.293328][T11380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.293352][T11380]  ? aa_sock_msg_perm+0x94/0x160
[  239.293378][T11380]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  239.293400][T11380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.293422][T11380]  __sock_sendmsg+0x21c/0x270
[  239.293452][T11380]  __sys_sendto+0x3bd/0x520
[  239.293474][T11380]  ? __pfx___sys_sendto+0x10/0x10
[  239.293506][T11380]  ? count_memcg_event_mm+0x21/0x260
[  239.293544][T11380]  ? exc_page_fault+0x76/0xf0
[  239.293573][T11380]  ? do_user_addr_fault+0xc8a/0x1390
[  239.293601][T11380]  __x64_sys_sendto+0xde/0x100
[  239.293625][T11380]  do_syscall_64+0xfa/0x3b0
[  239.293640][T11380]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.293664][T11380]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.293681][T11380]  ? clear_bhb_loop+0x60/0xb0
[  239.293703][T11380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.293720][T11380] RIP: 0033:0x7eff50b907bc
[  239.293737][T11380] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  239.293752][T11380] RSP: 002b:00007eff51a33ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  239.293773][T11380] RAX: ffffffffffffffda RBX: 00007eff51a33fc0 RCX: 00007eff50b907bc
[  239.293786][T11380] RDX: 0000000000000020 RSI: 00007eff51a34010 RDI: 0000000000000003
[  239.293797][T11380] RBP: 0000000000000000 R08: 00007eff51a33f14 R09: 000000000000000c
[  239.293809][T11380] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  239.293819][T11380] R13: 00007eff51a33f68 R14: 00007eff51a34010 R15: 0000000000000000
[  239.293849][T11380]  </TASK>
[  239.554258][ T3564] bond0: (slave bond_slave_0): interface is now down
[  239.561035][ T3564] bond0: (slave bond_slave_1): interface is now down
[  239.600570][ T3564] bond0: now running without any active interface!
[  239.842256][T11402] can: request_module (can-proto-0) failed.
[  240.610145][T11439] sch_tbf: burst 4 is lower than device ip6tnl0 mtu (1452) !
[  240.830684][T11453] x_tables: duplicate underflow at hook 1
[  241.135679][T11469] netlink: 'syz.0.1666': attribute type 13 has an invalid length.
[  241.155964][T11469] netlink: 'syz.0.1666': attribute type 58 has an invalid length.
[  241.207007][T11477] netlink: 'syz.2.1670': attribute type 32 has an invalid length.
[  241.450453][T11489] x_tables: unsorted entry at hook 3
[  241.521551][T11495] openvswitch: netlink: Actions may not be safe on all matching packets
[  242.155008][T11518] IPVS: Error joining to the multicast group
[  242.273757][T11525] xt_TCPMSS: Only works on TCP SYN packets
[  242.576435][T11546] __nla_validate_parse: 33 callbacks suppressed
[  242.576455][T11546] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1693'.
[  242.607290][T11548] netlink: 'syz.3.1694': attribute type 1 has an invalid length.
[  242.626933][T11551] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1693'.
[  242.769972][T11548] 8021q: adding VLAN 0 to HW filter on device bond3
[  242.785063][T11564] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1697'.
[  242.875284][T11560] ip6erspan0: entered promiscuous mode
[  242.927672][T11560] bond3: (slave ip6erspan0): making interface the new active one
[  242.968984][T11560] bond3: (slave ip6erspan0): Enslaving as an active interface with an up link
[  243.228692][T11581] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  243.393792][T11581] lo speed is unknown, defaulting to 1000
[  243.793461][T11606] netlink: 'syz.0.1710': attribute type 4 has an invalid length.
[  243.804962][T11605] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1707'.
[  243.828576][T11606] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1710'.
[  243.846086][T11606] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  244.003332][T11609] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1711'.
[  244.018332][T11609] netem: invalid attributes len -24
[  244.031744][T11609] netem: change failed
[  244.184977][T11616] xt_TCPMSS: Only works on TCP SYN packets
[  244.795301][T11646] netdevsim0: mtu less than device minimum
[  244.808337][T11646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1725'.
[  244.885669][T11647] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1724'.
[  245.004891][T11653] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1727'.
[  245.015870][T11657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1730'.
[  246.130541][T11722] FAULT_INJECTION: forcing a failure.
[  246.130541][T11722] name failslab, interval 1, probability 0, space 0, times 0
[  246.178937][T11722] CPU: 1 UID: 0 PID: 11722 Comm: syz.1.1749 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  246.178970][T11722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.178982][T11722] Call Trace:
[  246.178991][T11722]  <TASK>
[  246.179000][T11722]  dump_stack_lvl+0x189/0x250
[  246.179035][T11722]  ? __pfx____ratelimit+0x10/0x10
[  246.179065][T11722]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.179095][T11722]  ? __pfx__printk+0x10/0x10
[  246.179121][T11722]  ? __pfx___might_resched+0x10/0x10
[  246.179151][T11722]  ? fs_reclaim_acquire+0x7d/0x100
[  246.179180][T11722]  should_fail_ex+0x414/0x560
[  246.179212][T11722]  should_failslab+0xa8/0x100
[  246.179236][T11722]  __kmalloc_noprof+0xcb/0x4f0
[  246.179255][T11722]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  246.179293][T11722]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  246.179332][T11722]  genl_family_rcv_msg_doit+0xb8/0x300
[  246.179371][T11722]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  246.179405][T11722]  ? __pfx_genl_get_cmd+0x10/0x10
[  246.179453][T11722]  genl_rcv_msg+0x60e/0x790
[  246.179489][T11722]  ? __pfx_genl_rcv_msg+0x10/0x10
[  246.179514][T11722]  ? ref_tracker_free+0x63a/0x7d0
[  246.179539][T11722]  ? __pfx_ctrl_getfamily+0x10/0x10
[  246.179566][T11722]  ? __pfx_ref_tracker_free+0x10/0x10
[  246.179607][T11722]  netlink_rcv_skb+0x208/0x470
[  246.179631][T11722]  ? __pfx_genl_rcv_msg+0x10/0x10
[  246.179661][T11722]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  246.179706][T11722]  ? down_read+0x1ad/0x2e0
[  246.179730][T11722]  genl_rcv+0x28/0x40
[  246.179761][T11722]  netlink_unicast+0x75b/0x8d0
[  246.179796][T11722]  netlink_sendmsg+0x805/0xb30
[  246.179830][T11722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.179857][T11722]  ? aa_sock_msg_perm+0x94/0x160
[  246.179884][T11722]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  246.179918][T11722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.179942][T11722]  __sock_sendmsg+0x21c/0x270
[  246.179976][T11722]  __sys_sendto+0x3bd/0x520
[  246.180003][T11722]  ? __pfx___sys_sendto+0x10/0x10
[  246.180040][T11722]  ? __might_fault+0xb0/0x130
[  246.180056][T11722]  ? bpf_trace_run2+0x186/0x4b0
[  246.180103][T11722]  ? rcu_is_watching+0x15/0xb0
[  246.180136][T11722]  __x64_sys_sendto+0xde/0x100
[  246.180162][T11722]  do_syscall_64+0xfa/0x3b0
[  246.180176][T11722]  ? lockdep_hardirqs_on+0x9c/0x150
[  246.180202][T11722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.180222][T11722]  ? clear_bhb_loop+0x60/0xb0
[  246.180248][T11722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.180268][T11722] RIP: 0033:0x7eff50b907bc
[  246.180287][T11722] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  246.180305][T11722] RSP: 002b:00007eff51a33ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  246.180329][T11722] RAX: ffffffffffffffda RBX: 00007eff51a33fc0 RCX: 00007eff50b907bc
[  246.180343][T11722] RDX: 0000000000000020 RSI: 00007eff51a34010 RDI: 0000000000000003
[  246.180356][T11722] RBP: 0000000000000000 R08: 00007eff51a33f14 R09: 000000000000000c
[  246.180368][T11722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  246.180380][T11722] R13: 00007eff51a33f68 R14: 00007eff51a34010 R15: 0000000000000000
[  246.180416][T11722]  </TASK>
[  246.737692][T11733] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[  246.816241][T11733] unsupported nlmsg_type 40
[  247.277952][T11774] netlink: 'syz.0.1768': attribute type 1 has an invalid length.
[  247.289793][T11774] netlink: 'syz.0.1768': attribute type 10 has an invalid length.
[  247.298698][T11774] netlink: 'syz.0.1768': attribute type 4 has an invalid length.
[  247.482010][T11779] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  247.491248][T11779] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  247.500141][T11779] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  247.508964][T11779] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  247.537524][T11785] netlink: 'syz.2.1773': attribute type 83 has an invalid length.
[  247.552524][T11788] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  247.908219][T11800] netlink: 'syz.4.1779': attribute type 1 has an invalid length.
[  247.944738][T11800] netlink: 'syz.4.1779': attribute type 3 has an invalid length.
[  247.952544][T11800] __nla_validate_parse: 14 callbacks suppressed
[  247.952561][T11800] netlink: 216 bytes leftover after parsing attributes in process `syz.4.1779'.
[  247.989055][T11805] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  248.003263][T11800] NCSI netlink: No device for ifindex 813332851
[  248.018678][T11811] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  248.034082][T11805] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.132158][T11814] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  248.355167][T11824] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1787'.
[  248.636789][T11828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1789'.
[  249.311544][T11869] FAULT_INJECTION: forcing a failure.
[  249.311544][T11869] name failslab, interval 1, probability 0, space 0, times 0
[  249.328665][T11869] CPU: 0 UID: 0 PID: 11869 Comm: syz.1.1805 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  249.328696][T11869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  249.328708][T11869] Call Trace:
[  249.328716][T11869]  <TASK>
[  249.328725][T11869]  dump_stack_lvl+0x189/0x250
[  249.328761][T11869]  ? __pfx____ratelimit+0x10/0x10
[  249.328790][T11869]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.328820][T11869]  ? __pfx__printk+0x10/0x10
[  249.328862][T11869]  should_fail_ex+0x414/0x560
[  249.328894][T11869]  should_failslab+0xa8/0x100
[  249.328920][T11869]  kmem_cache_alloc_noprof+0x73/0x3c0
[  249.328950][T11869]  ? skb_clone+0x212/0x3a0
[  249.328990][T11869]  skb_clone+0x212/0x3a0
[  249.329022][T11869]  __netlink_deliver_tap+0x404/0x850
[  249.329062][T11869]  ? netlink_deliver_tap+0x2e/0x1b0
[  249.329088][T11869]  netlink_deliver_tap+0x19c/0x1b0
[  249.329113][T11869]  netlink_sendskb+0x68/0x140
[  249.329137][T11869]  ctrl_getfamily+0x499/0x590
[  249.329169][T11869]  ? __pfx_ctrl_getfamily+0x10/0x10
[  249.329197][T11869]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  249.329245][T11869]  genl_family_rcv_msg_doit+0x215/0x300
[  249.329284][T11869]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  249.329341][T11869]  genl_rcv_msg+0x60e/0x790
[  249.329376][T11869]  ? __pfx_genl_rcv_msg+0x10/0x10
[  249.329401][T11869]  ? ref_tracker_free+0x63a/0x7d0
[  249.329426][T11869]  ? __pfx_ctrl_getfamily+0x10/0x10
[  249.329454][T11869]  ? __pfx_ref_tracker_free+0x10/0x10
[  249.329493][T11869]  netlink_rcv_skb+0x208/0x470
[  249.329517][T11869]  ? __pfx_genl_rcv_msg+0x10/0x10
[  249.329547][T11869]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  249.329598][T11869]  ? down_read+0x1ad/0x2e0
[  249.329623][T11869]  genl_rcv+0x28/0x40
[  249.329648][T11869]  netlink_unicast+0x75b/0x8d0
[  249.329684][T11869]  netlink_sendmsg+0x805/0xb30
[  249.329720][T11869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.329748][T11869]  ? aa_sock_msg_perm+0x94/0x160
[  249.329774][T11869]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  249.329798][T11869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.329819][T11869]  __sock_sendmsg+0x21c/0x270
[  249.329851][T11869]  __sys_sendto+0x3bd/0x520
[  249.329876][T11869]  ? __pfx___sys_sendto+0x10/0x10
[  249.329913][T11869]  ? count_memcg_event_mm+0x21/0x260
[  249.329957][T11869]  ? exc_page_fault+0x76/0xf0
[  249.329989][T11869]  ? do_user_addr_fault+0xc8a/0x1390
[  249.330021][T11869]  __x64_sys_sendto+0xde/0x100
[  249.330049][T11869]  do_syscall_64+0xfa/0x3b0
[  249.330065][T11869]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.330091][T11869]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.330110][T11869]  ? clear_bhb_loop+0x60/0xb0
[  249.330134][T11869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.330151][T11869] RIP: 0033:0x7eff50b907bc
[  249.330169][T11869] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  249.330186][T11869] RSP: 002b:00007eff51a33ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  249.330208][T11869] RAX: ffffffffffffffda RBX: 00007eff51a33fc0 RCX: 00007eff50b907bc
[  249.330229][T11869] RDX: 0000000000000020 RSI: 00007eff51a34010 RDI: 0000000000000003
[  249.330241][T11869] RBP: 0000000000000000 R08: 00007eff51a33f14 R09: 000000000000000c
[  249.330253][T11869] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  249.330264][T11869] R13: 00007eff51a33f68 R14: 00007eff51a34010 R15: 0000000000000000
[  249.330296][T11869]  </TASK>
[  249.677387][   T51] Bluetooth: hci0: command tx timeout
[  249.912497][T11886] set match dimension is over the limit!
[  249.918560][T11890] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1812'.
[  249.992903][T11893] ieee802154 phy0 wpan0: encryption failed: -22
[  250.024946][T11894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1813'.
[  250.062130][T11893] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1811'.
[  250.370556][T11915] FAULT_INJECTION: forcing a failure.
[  250.370556][T11915] name failslab, interval 1, probability 0, space 0, times 0
[  250.416910][T11915] CPU: 0 UID: 0 PID: 11915 Comm: syz.1.1820 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  250.416942][T11915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.416954][T11915] Call Trace:
[  250.416962][T11915]  <TASK>
[  250.416971][T11915]  dump_stack_lvl+0x189/0x250
[  250.417014][T11915]  ? __pfx____ratelimit+0x10/0x10
[  250.417043][T11915]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.417072][T11915]  ? __pfx__printk+0x10/0x10
[  250.417100][T11915]  ? __pfx___might_resched+0x10/0x10
[  250.417127][T11915]  ? fs_reclaim_acquire+0x7d/0x100
[  250.417157][T11915]  should_fail_ex+0x414/0x560
[  250.417189][T11915]  should_failslab+0xa8/0x100
[  250.417213][T11915]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  250.417233][T11915]  ? __alloc_skb+0x112/0x2d0
[  250.417262][T11915]  __alloc_skb+0x112/0x2d0
[  250.417290][T11915]  netlink_ack+0x146/0xa50
[  250.417309][T11915]  ? __pfx_genl_rcv_msg+0x10/0x10
[  250.417334][T11915]  ? ref_tracker_free+0x63a/0x7d0
[  250.417363][T11915]  ? __pfx_ref_tracker_free+0x10/0x10
[  250.417400][T11915]  netlink_rcv_skb+0x28c/0x470
[  250.417424][T11915]  ? __pfx_genl_rcv_msg+0x10/0x10
[  250.417453][T11915]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  250.417497][T11915]  ? down_read+0x1ad/0x2e0
[  250.417521][T11915]  genl_rcv+0x28/0x40
[  250.417547][T11915]  netlink_unicast+0x75b/0x8d0
[  250.417582][T11915]  netlink_sendmsg+0x805/0xb30
[  250.417616][T11915]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.417644][T11915]  ? aa_sock_msg_perm+0x94/0x160
[  250.417672][T11915]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  250.417697][T11915]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.417722][T11915]  __sock_sendmsg+0x21c/0x270
[  250.417756][T11915]  __sys_sendto+0x3bd/0x520
[  250.417782][T11915]  ? __pfx___sys_sendto+0x10/0x10
[  250.417818][T11915]  ? count_memcg_event_mm+0x21/0x260
[  250.417872][T11915]  ? exc_page_fault+0x76/0xf0
[  250.417905][T11915]  ? do_user_addr_fault+0xc8a/0x1390
[  250.417937][T11915]  __x64_sys_sendto+0xde/0x100
[  250.417965][T11915]  do_syscall_64+0xfa/0x3b0
[  250.417982][T11915]  ? lockdep_hardirqs_on+0x9c/0x150
[  250.418010][T11915]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.418030][T11915]  ? clear_bhb_loop+0x60/0xb0
[  250.418056][T11915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.418076][T11915] RIP: 0033:0x7eff50b907bc
[  250.418095][T11915] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  250.418111][T11915] RSP: 002b:00007eff51a33ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  250.418134][T11915] RAX: ffffffffffffffda RBX: 00007eff51a33fc0 RCX: 00007eff50b907bc
[  250.418148][T11915] RDX: 0000000000000020 RSI: 00007eff51a34010 RDI: 0000000000000003
[  250.418161][T11915] RBP: 0000000000000000 R08: 00007eff51a33f14 R09: 000000000000000c
[  250.418173][T11915] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  250.418185][T11915] R13: 00007eff51a33f68 R14: 00007eff51a34010 R15: 0000000000000000
[  250.418220][T11915]  </TASK>
[  251.466719][T11951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1826'.
[  251.518629][T11951] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  251.910958][T11954] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1829'.
[  251.961142][T11971] FAULT_INJECTION: forcing a failure.
[  251.961142][T11971] name failslab, interval 1, probability 0, space 0, times 0
[  252.015044][ T5856] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  252.024085][ T5856] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  252.033887][ T5856] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  252.039290][T11971] CPU: 1 UID: 0 PID: 11971 Comm: syz.1.1833 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  252.039318][T11971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  252.039329][T11971] Call Trace:
[  252.039336][T11971]  <TASK>
[  252.039344][T11971]  dump_stack_lvl+0x189/0x250
[  252.039377][T11971]  ? __pfx____ratelimit+0x10/0x10
[  252.039405][T11971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.039432][T11971]  ? __pfx__printk+0x10/0x10
[  252.039458][T11971]  ? __pfx___might_resched+0x10/0x10
[  252.039485][T11971]  ? fs_reclaim_acquire+0x7d/0x100
[  252.039511][T11971]  should_fail_ex+0x414/0x560
[  252.039541][T11971]  should_failslab+0xa8/0x100
[  252.039562][T11971]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  252.039581][T11971]  ? __alloc_skb+0x112/0x2d0
[  252.039606][T11971]  __alloc_skb+0x112/0x2d0
[  252.039630][T11971]  netlink_ack+0x146/0xa50
[  252.039649][T11971]  ? __pfx_genl_rcv_msg+0x10/0x10
[  252.039671][T11971]  ? ref_tracker_free+0x63a/0x7d0
[  252.039698][T11971]  ? __pfx_ref_tracker_free+0x10/0x10
[  252.039734][T11971]  netlink_rcv_skb+0x28c/0x470
[  252.039755][T11971]  ? __pfx_genl_rcv_msg+0x10/0x10
[  252.039782][T11971]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  252.039822][T11971]  ? down_read+0x1ad/0x2e0
[  252.039844][T11971]  genl_rcv+0x28/0x40
[  252.039867][T11971]  netlink_unicast+0x75b/0x8d0
[  252.039898][T11971]  netlink_sendmsg+0x805/0xb30
[  252.039937][T11971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.039963][T11971]  ? aa_sock_msg_perm+0x94/0x160
[  252.039987][T11971]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  252.040010][T11971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  252.040032][T11971]  __sock_sendmsg+0x21c/0x270
[  252.040062][T11971]  __sys_sendto+0x3bd/0x520
[  252.040086][T11971]  ? __pfx___sys_sendto+0x10/0x10
[  252.040119][T11971]  ? count_memcg_event_mm+0x21/0x260
[  252.040159][T11971]  ? exc_page_fault+0x76/0xf0
[  252.040189][T11971]  ? do_user_addr_fault+0xc8a/0x1390
[  252.040217][T11971]  __x64_sys_sendto+0xde/0x100
[  252.040241][T11971]  do_syscall_64+0xfa/0x3b0
[  252.040257][T11971]  ? lockdep_hardirqs_on+0x9c/0x150
[  252.040281][T11971]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.040299][T11971]  ? clear_bhb_loop+0x60/0xb0
[  252.040327][T11971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.040344][T11971] RIP: 0033:0x7eff50b907bc
[  252.040361][T11971] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  252.040377][T11971] RSP: 002b:00007eff51a33ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  252.040399][T11971] RAX: ffffffffffffffda RBX: 00007eff51a33fc0 RCX: 00007eff50b907bc
[  252.040412][T11971] RDX: 0000000000000020 RSI: 00007eff51a34010 RDI: 0000000000000003
[  252.040424][T11971] RBP: 0000000000000000 R08: 00007eff51a33f14 R09: 000000000000000c
[  252.040435][T11971] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  252.040445][T11971] R13: 00007eff51a33f68 R14: 00007eff51a34010 R15: 0000000000000000
[  252.040476][T11971]  </TASK>
[  252.359839][ T5856] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  252.369715][ T5856] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  252.471264][T11972] lo speed is unknown, defaulting to 1000
[  252.926136][T12001] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  253.055065][T12007] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  253.078270][T12006] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1845'.
[  253.166921][T11972] chnl_net:caif_netlink_parms(): no params data found
[  253.175787][T12010] FAULT_INJECTION: forcing a failure.
[  253.175787][T12010] name failslab, interval 1, probability 0, space 0, times 0
[  253.214390][T12010] CPU: 0 UID: 0 PID: 12010 Comm: syz.4.1847 Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  253.214425][T12010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.214438][T12010] Call Trace:
[  253.214447][T12010]  <TASK>
[  253.214457][T12010]  dump_stack_lvl+0x189/0x250
[  253.214493][T12010]  ? __pfx____ratelimit+0x10/0x10
[  253.214525][T12010]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.214557][T12010]  ? __pfx__printk+0x10/0x10
[  253.214597][T12010]  should_fail_ex+0x414/0x560
[  253.214630][T12010]  should_failslab+0xa8/0x100
[  253.214655][T12010]  kmem_cache_alloc_noprof+0x73/0x3c0
[  253.214686][T12010]  ? skb_clone+0x212/0x3a0
[  253.214719][T12010]  skb_clone+0x212/0x3a0
[  253.214750][T12010]  __netlink_deliver_tap+0x404/0x850
[  253.214791][T12010]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.214817][T12010]  netlink_deliver_tap+0x19c/0x1b0
[  253.214843][T12010]  netlink_sendskb+0x68/0x140
[  253.214868][T12010]  netlink_rcv_skb+0x28c/0x470
[  253.214893][T12010]  ? __pfx_genl_rcv_msg+0x10/0x10
[  253.214941][T12010]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.214988][T12010]  ? down_read+0x1ad/0x2e0
[  253.215013][T12010]  genl_rcv+0x28/0x40
[  253.215039][T12010]  netlink_unicast+0x75b/0x8d0
[  253.215075][T12010]  netlink_sendmsg+0x805/0xb30
[  253.215112][T12010]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.215142][T12010]  ? aa_sock_msg_perm+0x94/0x160
[  253.215172][T12010]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  253.215197][T12010]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.215224][T12010]  __sock_sendmsg+0x21c/0x270
[  253.215259][T12010]  __sys_sendto+0x3bd/0x520
[  253.215287][T12010]  ? __pfx___sys_sendto+0x10/0x10
[  253.215325][T12010]  ? count_memcg_event_mm+0x21/0x260
[  253.215372][T12010]  ? exc_page_fault+0x76/0xf0
[  253.215406][T12010]  ? do_user_addr_fault+0xc8a/0x1390
[  253.215439][T12010]  __x64_sys_sendto+0xde/0x100
[  253.215468][T12010]  do_syscall_64+0xfa/0x3b0
[  253.215486][T12010]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.215515][T12010]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.215536][T12010]  ? clear_bhb_loop+0x60/0xb0
[  253.215563][T12010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.215583][T12010] RIP: 0033:0x7f506e9907bc
[  253.215604][T12010] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  253.215622][T12010] RSP: 002b:00007f506f885ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  253.215645][T12010] RAX: ffffffffffffffda RBX: 00007f506f885fc0 RCX: 00007f506e9907bc
[  253.215660][T12010] RDX: 0000000000000020 RSI: 00007f506f886010 RDI: 0000000000000003
[  253.215674][T12010] RBP: 0000000000000000 R08: 00007f506f885f14 R09: 000000000000000c
[  253.215688][T12010] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  253.215701][T12010] R13: 00007f506f885f68 R14: 00007f506f886010 R15: 0000000000000000
[  253.215739][T12010]  </TASK>
[  253.527985][T12012] sch_fq: defrate 0 ignored.
[  253.730063][T12020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1851'.
[  253.802081][T11972] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.853807][T11972] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.918394][T11972] bridge_slave_0: entered allmulticast mode
[  253.972833][T11972] bridge_slave_0: entered promiscuous mode
[  254.031667][T11972] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.093064][T11972] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.101656][T11972] bridge_slave_1: entered allmulticast mode
[  254.132600][T11972] bridge_slave_1: entered promiscuous mode
[  254.344071][T11972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  254.370956][T12057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1858'.
[  254.371459][T11972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.457297][ T5856] Bluetooth: hci1: command tx timeout
[  254.542187][T12060] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1860'.
[  254.553566][T11972] team0: Port device team_slave_0 added
[  254.583768][T11972] team0: Port device team_slave_1 added
[  254.651862][T12063] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.678256][T12068] openvswitch: netlink: Message has 4 unknown bytes.
[  254.704004][T11972] batman_adv: batadv0: Adding interface: batadv_slave_0
[  254.716152][T11972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.794268][T11972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  254.865965][T11972] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.883907][T11972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.956494][T11972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.978740][T12066] tipc: Disabling bearer <eth:syzkaller0>
[  255.160731][T12090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1869'.
[  255.170805][T11972] hsr_slave_0: entered promiscuous mode
[  255.180660][T11972] hsr_slave_1: entered promiscuous mode
[  255.667469][T12109] netlink: 'syz.1.1877': attribute type 21 has an invalid length.
[  255.681089][T12109] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1877'.
[  255.691979][T12109] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1877'.
[  255.787989][T12111] netlink: 'syz.2.1878': attribute type 1 has an invalid length.
[  255.813558][T12111] netlink: 'syz.2.1878': attribute type 2 has an invalid length.
[  255.834782][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.851879][T12111] netlink: 1172 bytes leftover after parsing attributes in process `syz.2.1878'.
[  256.276228][T11972] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  256.291429][T11972] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  256.319741][T11972] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  256.340825][T11972] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  256.536733][ T5856] Bluetooth: hci1: command tx timeout
[  256.557308][T11972] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.646819][T11972] 8021q: adding VLAN 0 to HW filter on device team0
[  256.686635][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.694059][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.738077][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.746321][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.949308][T12169] netlink: 'syz.2.1892': attribute type 32 has an invalid length.
[  256.975135][T12169] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1892'.
[  257.170306][T11972] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.306605][T11972] veth0_vlan: entered promiscuous mode
[  257.346393][T11972] veth1_vlan: entered promiscuous mode
[  257.461269][T11972] veth0_macvtap: entered promiscuous mode
[  257.487350][T11972] veth1_macvtap: entered promiscuous mode
[  257.541618][T11972] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.614444][T11972] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.676926][T11972] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.707986][T11972] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.727745][T11972] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.741692][T11972] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.073785][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.101376][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.181427][  T196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.199935][  T196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.410506][T12220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1907'.
[  258.421088][T12220] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  258.440777][T12220] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  258.574396][T12227] netlink: 'syz.4.1909': attribute type 32 has an invalid length.
[  258.599107][T12227] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1909'.
[  258.708931][T12235] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1910'.
[  258.733019][T12235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1910'.
[  259.247276][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.267399][T12256] netlink: 'syz.2.1916': attribute type 1 has an invalid length.
[  259.320614][T12257] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1916'.
[  259.416544][T12256] 8021q: adding VLAN 0 to HW filter on device bond5
[  259.677556][T12272] netlink: 'syz.4.1920': attribute type 25 has an invalid length.
[  259.712552][T12266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1917'.
[  259.924649][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.969787][T12279] veth0_to_bond: entered allmulticast mode
[  260.014332][T12281] netlink: 'syz.2.1924': attribute type 1 has an invalid length.
[  260.175435][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.277463][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  260.289767][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  260.300900][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  260.311904][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  260.326301][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  260.347856][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.447556][T12297] lo speed is unknown, defaulting to 1000
[  260.675761][T12303] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  260.874631][   T13] bridge_slave_1: left allmulticast mode
[  260.905192][   T13] bridge_slave_1: left promiscuous mode
[  260.917145][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.985837][   T13] bridge_slave_0: left allmulticast mode
[  260.991562][   T13] bridge_slave_0: left promiscuous mode
[  261.028705][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.610151][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.623579][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.634784][   T13] bond0 (unregistering): Released all slaves
[  261.663751][T12331] (unnamed net_device) (uninitialized): down delay (33554432) is not a multiple of miimon (640), value rounded to 33553920 ms
[  261.782162][T12332] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.919509][T12343] IPVS: set_ctl: invalid protocol: 41 127.0.0.1:20003
[  262.047626][T12332] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.093641][T12349] x_tables: duplicate underflow at hook 3
[  262.103069][T12349] x_tables: duplicate underflow at hook 2
[  262.276527][T12332] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.376738][ T5856] Bluetooth: hci1: command tx timeout
[  262.816445][T12371] vlan2: entered promiscuous mode
[  262.821538][T12371] bridge0: entered promiscuous mode
[  262.867675][T12332] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.901403][T12332] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.923460][   T13] hsr_slave_0: left promiscuous mode
[  262.930216][   T13] hsr_slave_1: left promiscuous mode
[  262.938532][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.946283][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.956073][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.963730][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.993650][   T13] veth1_macvtap: left promiscuous mode
[  262.999753][   T13] veth0_macvtap: left promiscuous mode
[  263.007541][   T13] veth1_vlan: left promiscuous mode
[  263.013003][   T13] veth0_vlan: left promiscuous mode
[  263.129772][ T9683] IPVS: starting estimator thread 0...
[  263.229054][T12385] IPVS: using max 24 ests per chain, 57600 per kthread
[  263.580714][   T13] team0 (unregistering): Port device team_slave_1 removed
[  263.628595][   T13] team0 (unregistering): Port device team_slave_0 removed
[  264.185689][T12332] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.282353][T12383] lo speed is unknown, defaulting to 1000
[  264.321896][T12332] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.345557][T12389] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1953'.
[  264.407392][T12297] chnl_net:caif_netlink_parms(): no params data found
[  264.456131][ T5856] Bluetooth: hci1: command tx timeout
[  264.746096][T12409] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  264.816923][T12406] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  265.058716][T12297] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.073654][T12297] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.083128][T12297] bridge_slave_0: entered allmulticast mode
[  265.092633][T12297] bridge_slave_0: entered promiscuous mode
[  265.161262][ T5841] syz_tun (unregistering): left promiscuous mode
[  265.183869][T12297] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.193304][T12297] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.201362][T12297] bridge_slave_1: entered allmulticast mode
[  265.210992][T12426] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  265.211234][T12297] bridge_slave_1: entered promiscuous mode
[  265.302607][T12297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.329209][T12297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  265.377717][T12430] netlink: 'syz.2.1965': attribute type 32 has an invalid length.
[  265.390587][T12430] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1965'.
[  265.421212][   T31] INFO: task udevd:5891 blocked for more than 143 seconds.
[  265.434643][   T31]       Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0
[  265.449289][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  265.459365][   T31] task:udevd           state:D stack:22408 pid:5891  tgid:5891  ppid:1      task_flags:0x400140 flags:0x00004002
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  265.471726][   T31] Call Trace:
[  265.509450][   T31]  <TASK>
[  265.531810][   T31]  __schedule+0x16f5/0x4d00
[  265.560248][   T31]  ? blk_mq_flush_plug_list+0x41f/0x550
[  265.593927][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  265.624471][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  265.638765][   T31]  ? schedule+0x165/0x360
[  265.676057][   T31]  ? __lock_acquire+0xab9/0xd20
[  265.718117][   T31]  ? __pfx___schedule+0x10/0x10
[  265.723193][   T31]  ? schedule+0x91/0x360
[  265.746993][   T31]  schedule+0x165/0x360
[  265.751259][   T31]  schedule_timeout+0x12b/0x270
[  265.764325][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  265.769878][   T31]  ? __pfx_process_timeout+0x10/0x10
[  265.784325][   T31]  ? prepare_to_wait_event+0x437/0x480
[  265.789878][   T31]  nbd_queue_rq+0x662/0xf10
[  265.797794][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  265.802910][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  265.809599][   T31]  blk_mq_dispatch_rq_list+0x4bd/0x1900
[  265.816682][   T31]  ? sbitmap_find_bit+0x3ff/0x490
[  265.821816][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  265.828244][   T31]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  265.834324][   T31]  __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  265.840730][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  265.849079][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  265.854794][   T31]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  265.860832][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  265.866559][   T31]  blk_mq_run_hw_queue+0x348/0x4f0
[  265.871752][   T31]  blk_mq_dispatch_list+0xd0c/0xe00
[  265.877271][   T31]  ? blk_mq_dispatch_list+0x220/0xe00
[  265.882713][   T31]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  265.888872][   T31]  ? __pfx_update_io_ticks+0x10/0x10
[  265.894400][   T31]  blk_mq_flush_plug_list+0x469/0x550
[  265.899848][   T31]  ? trace_block_plug+0x7a/0x1f0
[  265.905346][   T31]  ? blk_add_rq_to_plug+0x300/0x450
[  265.910601][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  265.916866][   T31]  ? blk_mq_submit_bio+0xbd3/0x22d0
[  265.922138][   T31]  __blk_flush_plug+0x3d3/0x4b0
[  265.927413][   T31]  ? __pfx___blk_flush_plug+0x10/0x10
[  265.932959][   T31]  __submit_bio+0x2d3/0x5a0
[  265.941062][   T31]  ? ktime_get+0x3e/0x1f0
[  265.946670][   T31]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  265.954420][   T31]  ? __pfx___submit_bio+0x10/0x10
[  265.959499][   T31]  ? blk_cgroup_bio_start+0x59d/0x640
[  265.969568][   T31]  ? bio_associate_blkg+0x6d/0x230
[  265.975583][   T31]  submit_bio_noacct_nocheck+0x4ab/0xb50
[  265.981279][   T31]  ? bio_associate_blkg+0x6d/0x230
[  265.991147][   T31]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  265.999294][   T31]  ? submit_bio_noacct+0xd65/0x1a70
[  266.006994][   T31]  block_read_full_folio+0x7b7/0x830
[  266.012330][   T31]  ? __pfx_blkdev_get_block+0x10/0x10
[  266.017921][   T31]  filemap_read_folio+0x114/0x380
[  266.022987][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  266.028807][   T31]  ? __pfx_filemap_read_folio+0x10/0x10
[  266.034457][   T31]  do_read_cache_folio+0x350/0x590
[  266.039810][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  266.045648][   T31]  read_part_sector+0xb6/0x2b0
[  266.050474][   T31]  adfspart_check_ICS+0xa4/0xa50
[  266.056603][   T31]  ? snprintf+0xda/0x120
[  266.060905][   T31]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  266.066859][   T31]  bdev_disk_changed+0x75f/0x14b0
[  266.071948][   T31]  ? __pfx_bdev_disk_changed+0x10/0x10
[  266.077453][   T31]  ? wait_on_inode+0xc0/0x230
[  266.082163][   T31]  blkdev_get_whole+0x380/0x510
[  266.087247][   T31]  bdev_open+0x31e/0xd30
[  266.091531][   T31]  blkdev_open+0x3a8/0x510
[  266.096006][   T31]  ? __pfx_blkdev_open+0x10/0x10
[  266.100960][   T31]  do_dentry_open+0xdf0/0x1970
[  266.107024][   T31]  vfs_open+0x3b/0x340
[  266.111152][   T31]  ? path_openat+0x2ecd/0x3830
[  266.115984][   T31]  path_openat+0x2ee5/0x3830
[  266.120605][   T31]  ? arch_stack_walk+0xfc/0x150
[  266.125800][   T31]  ? __pfx_path_openat+0x10/0x10
[  266.130771][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.136960][   T31]  do_filp_open+0x1fa/0x410
[  266.141588][   T31]  ? __lock_acquire+0xab9/0xd20
[  266.146761][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  266.151859][   T31]  ? _raw_spin_unlock+0x28/0x50
[  266.157477][   T31]  ? alloc_fd+0x64c/0x6c0
[  266.161862][   T31]  do_sys_openat2+0x121/0x1c0
[  266.166798][   T31]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  266.172312][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  266.177609][   T31]  ? rcu_is_watching+0x15/0xb0
[  266.182431][   T31]  __x64_sys_openat+0x138/0x170
[  266.187517][   T31]  do_syscall_64+0xfa/0x3b0
[  266.192050][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.198180][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  266.204536][   T31]  ? clear_bhb_loop+0x60/0xb0
[  266.209255][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.215581][   T31] RIP: 0033:0x7f5c5aaa7407
[  266.220030][   T31] RSP: 002b:00007ffced03dd00 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  266.228926][   T31] RAX: ffffffffffffffda RBX: 00007f5c5b173880 RCX: 00007f5c5aaa7407
[  266.237175][   T31] RDX: 00000000000a0800 RSI: 000055a6d6843390 RDI: ffffffffffffff9c
[  266.245220][   T31] RBP: 000055a6d6842910 R08: 0000000000000000 R09: 0000000000000000
[  266.253219][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 000055a6d6856b70
[  266.261950][   T31] R13: 000055a6d685a3e0 R14: 0000000000000000 R15: 000055a6d6856b70
[  266.270057][   T31]  </TASK>
[  266.273122][   T31] INFO: task udevd:5892 blocked for more than 144 seconds.
[  266.280448][   T31]       Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0
[  266.288425][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  266.297618][   T31] task:udevd           state:D stack:22952 pid:5892  tgid:5892  ppid:1      task_flags:0x400140 flags:0x00004002
[  266.309674][   T31] Call Trace:
[  266.312984][   T31]  <TASK>
[  266.316043][   T31]  __schedule+0x16f5/0x4d00
[  266.320601][   T31]  ? blk_mq_flush_plug_list+0x41f/0x550
[  266.326280][   T31]  ? do_raw_spin_unlock+0x122/0x240
[  266.331543][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  266.337656][   T31]  ? schedule+0x165/0x360
[  266.342148][   T31]  ? __lock_acquire+0xab9/0xd20
[  266.347136][   T31]  ? __pfx___schedule+0x10/0x10
[  266.352015][   T31]  ? schedule+0x91/0x360
[  266.356400][   T31]  schedule+0x165/0x360
[  266.361140][   T31]  schedule_timeout+0x12b/0x270
[  266.366097][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  266.371500][   T31]  ? __pfx_process_timeout+0x10/0x10
[  266.377269][   T31]  ? prepare_to_wait_event+0x437/0x480
[  266.382791][   T31]  nbd_queue_rq+0x662/0xf10
[  266.387398][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  266.392462][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  266.398761][   T31]  blk_mq_dispatch_rq_list+0x4bd/0x1900
[  266.404560][   T31]  ? sbitmap_find_bit+0x3ff/0x490
[  266.409669][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  266.415998][   T31]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  266.421869][   T31]  __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  266.428289][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  266.435199][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  266.442293][   T31]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  266.448485][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  266.454015][   T31]  blk_mq_run_hw_queue+0x348/0x4f0
[  266.460256][   T31]  blk_mq_dispatch_list+0xd0c/0xe00
[  266.466700][   T31]  ? blk_mq_dispatch_list+0x220/0xe00
[  266.472135][   T31]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  266.478233][   T31]  ? __pfx_update_io_ticks+0x10/0x10
[  266.483579][   T31]  blk_mq_flush_plug_list+0x469/0x550
[  266.489134][   T31]  ? trace_block_plug+0x7a/0x1f0
[  266.494136][   T31]  ? blk_add_rq_to_plug+0x300/0x450
[  266.499364][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  266.505621][   T31]  ? blk_mq_submit_bio+0xbd3/0x22d0
[  266.511047][   T31]  __blk_flush_plug+0x3d3/0x4b0
[  266.516199][   T31]  ? __pfx___blk_flush_plug+0x10/0x10
[  266.521741][   T31]  __submit_bio+0x2d3/0x5a0
[  266.526397][   T31]  ? ktime_get+0x3e/0x1f0
[  266.530808][   T31]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  266.537404][   T31]  ? __pfx___submit_bio+0x10/0x10
[  266.537494][ T5856] Bluetooth: hci1: command tx timeout
[  266.542571][   T31]  ? blk_cgroup_bio_start+0x59d/0x640
[  266.553602][   T31]  ? bio_associate_blkg+0x6d/0x230
[  266.559054][   T31]  submit_bio_noacct_nocheck+0x4ab/0xb50
[  266.564933][   T31]  ? bio_associate_blkg+0x6d/0x230
[  266.570152][   T31]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  266.577716][   T31]  ? submit_bio_noacct+0xd65/0x1a70
[  266.582985][   T31]  block_read_full_folio+0x7b7/0x830
[  266.588509][   T31]  ? __pfx_blkdev_get_block+0x10/0x10
[  266.594172][   T31]  filemap_read_folio+0x114/0x380
[  266.599279][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  266.604995][   T31]  ? __pfx_filemap_read_folio+0x10/0x10
[  266.610610][   T31]  do_read_cache_folio+0x350/0x590
[  266.616250][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  266.621759][   T31]  read_part_sector+0xb6/0x2b0
[  266.626662][   T31]  adfspart_check_ICS+0xa4/0xa50
[  266.631641][   T31]  ? snprintf+0xda/0x120
[  266.636000][   T31]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  266.641861][   T31]  bdev_disk_changed+0x75f/0x14b0
[  266.647136][   T31]  ? __pfx_bdev_disk_changed+0x10/0x10
[  266.652674][   T31]  ? wait_on_inode+0xc0/0x230
[  266.657645][   T31]  blkdev_get_whole+0x380/0x510
[  266.662586][   T31]  bdev_open+0x31e/0xd30
[  266.667085][   T31]  blkdev_open+0x3a8/0x510
[  266.672102][   T31]  ? __pfx_blkdev_open+0x10/0x10
[  266.677145][   T31]  do_dentry_open+0xdf0/0x1970
[  266.681951][   T31]  vfs_open+0x3b/0x340
[  266.686257][   T31]  ? path_openat+0x2ecd/0x3830
[  266.691071][   T31]  path_openat+0x2ee5/0x3830
[  266.696075][   T31]  ? arch_stack_walk+0xfc/0x150
[  266.701023][   T31]  ? __pfx_path_openat+0x10/0x10
[  266.706154][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.712289][   T31]  do_filp_open+0x1fa/0x410
[  266.717020][   T31]  ? __lock_acquire+0xab9/0xd20
[  266.721920][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  266.727099][   T31]  ? _raw_spin_unlock+0x28/0x50
[  266.731992][   T31]  ? alloc_fd+0x64c/0x6c0
[  266.736500][   T31]  do_sys_openat2+0x121/0x1c0
[  266.741215][   T31]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  266.746801][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  266.752043][   T31]  ? rcu_is_watching+0x15/0xb0
[  266.756894][   T31]  __x64_sys_openat+0x138/0x170
[  266.761798][   T31]  do_syscall_64+0xfa/0x3b0
[  266.766438][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.773075][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  266.779413][   T31]  ? clear_bhb_loop+0x60/0xb0
[  266.784324][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.790368][   T31] RIP: 0033:0x7f5c5aaa7407
[  266.794988][   T31] RSP: 002b:00007ffced03dd00 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  266.803436][   T31] RAX: ffffffffffffffda RBX: 00007f5c5b173880 RCX: 00007f5c5aaa7407
[  266.811528][   T31] RDX: 00000000000a0800 RSI: 000055a6d6882690 RDI: ffffffffffffff9c
[  266.819664][   T31] RBP: 000055a6d6842910 R08: 0000000000000000 R09: 0000000000000000
[  266.827869][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 000055a6d6855df0
[  266.835941][   T31] R13: 000055a6d685a3e0 R14: 0000000000000000 R15: 000055a6d6855df0
[  266.844370][   T31]  </TASK>
[  266.854364][   T31] 
[  266.854364][   T31] Showing all locks held in the system:
[  266.864055][   T31] 3 locks held by kworker/1:0/24:
[  266.875961][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  266.914309][   T31]  #1: ffffc900001e7bc0 ((fqdir_free_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  266.955072][   T31]  #2: ffffffff8e144780 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  266.974203][   T31] 1 lock held by khungtaskd/31:
[  266.979152][   T31]  #0: ffffffff8e13eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  267.004248][   T31] 4 locks held by kworker/u8:5/196:
[  267.009538][   T31]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  267.034184][   T31]  #1: ffffc90002e17bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  267.054538][   T31]  #2: ffffffff8f50f988 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  267.063701][   T31]  #3: ffffffff8e1448b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  267.104189][   T31] 2 locks held by getty/5603:
[  267.108937][   T31]  #0: ffff888030c770a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  267.144182][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  267.165163][   T31] 1 lock held by syz-executor/5841:
[  267.170425][   T31]  #0: ffffffff8f50f988 (rtnl_mutex){+.+.}-{4:4}, at: netdev_run_todo+0x721/0xea0
[  267.189797][   T31] 3 locks held by udevd/5891:
[  267.194826][   T31]  #0: ffff888025275358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.209285][   T31]  #1: ffff8880251c0c10 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.219191][   T31]  #2: ffff8880253b7178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.232830][   T31] 3 locks held by udevd/5892:
[  267.239613][   T31]  #0: ffff888025271358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.253530][   T31]  #1: ffff8880251c0810 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.270174][   T31]  #2: ffff888025300178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.279514][   T31] 3 locks held by udevd/5978:
[  267.289925][   T31]  #0: ffff88802556b358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.299529][   T31]  #1: ffff888142b9b290 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.312250][   T31]  #2: ffff8880256e7178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.321334][   T31] 3 locks held by udevd/6227:
[  267.326217][   T31]  #0: ffff888142fd1358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.336426][   T31]  #1: ffff8880251e1010 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.346298][   T31]  #2: ffff8880253ee178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.355410][   T31] 3 locks held by udevd/6901:
[  267.360109][   T31]  #0: ffff888025463358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.369442][   T31]  #1: ffff888025336e90 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.379043][   T31]  #2: ffff88802558e178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.388148][   T31] 3 locks held by udevd/6993:
[  267.392844][   T31]  #0: ffff888025393358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.402167][   T31]  #1: ffff8880251e1610 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.411890][   T31]  #2: ffff8880254851f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.421065][   T31] 3 locks held by udevd/7033:
[  267.425827][   T31]  #0: ffff8880252cb358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.435286][   T31]  #1: ffff888025336290 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.444949][   T31]  #2: ffff888025417178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.453928][   T31] 3 locks held by udevd/8287:
[  267.458720][   T31]  #0: ffff8880252cf358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.468082][   T31]  #1: ffff888025336990 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.477712][   T31]  #2: ffff888025520178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.486729][   T31] 4 locks held by udevd/8751:
[  267.491440][   T31]  #0: ffff888148c035a0 (&sb->s_type->i_mutex_key#8){++++}-{4:4}, at: blkdev_read_iter+0x2f8/0x440
[  267.502517][   T31]  #1: ffff888148c03740 (mapping.invalidate_lock){++++}-{4:4}, at: page_cache_ra_unbounded+0x129/0x7b0
[  267.513674][   T31]  #2: ffff8880254c8290 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.523271][   T31]  #3: ffff8880255be178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.532266][   T31] 3 locks held by udevd/8781:
[  267.537050][   T31]  #0: ffff88802554f358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.546449][   T31]  #1: ffff8880254c8e90 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.556113][   T31]  #2: ffff888025687178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.565102][   T31] 3 locks held by udevd/8921:
[  267.569818][   T31]  #0: ffff88802554b358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.579709][   T31]  #1: ffff8880254c8690 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.589447][   T31]  #2: ffff8880255f51f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.598685][   T31] 3 locks held by udevd/8923:
[  267.603403][   T31]  #0: ffff88802556f358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  267.613083][   T31]  #1: ffff888142b9b690 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  267.622947][   T31]  #2: ffff88802575e178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  267.632016][   T31] 3 locks held by kworker/1:7/9691:
[  267.637314][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  267.648825][   T31]  #1: ffffc90005467bc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  267.659319][   T31]  #2: ffffffff8e1448b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  267.670651][   T31] 2 locks held by syz.1.1952/12383:
[  267.675980][   T31]  #0: ffffffff8f502d90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  267.685491][   T31]  #1: ffffffff8f50f988 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1c/0x1d0
[  267.694917][   T31] 1 lock held by syz.2.1965/12430:
[  267.700059][   T31]  #0: ffffffff8f50f988 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  267.709121][   T31] 4 locks held by syz.4.1966/12432:
[  267.714474][   T31]  #0: ffff888031848d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x1fe/0x500
[  267.724465][   T31]  #1: ffff888031848078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  267.734868][   T31]  #2: ffffffff8f6779e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  267.745037][   T31]  #3: ffff888026834b38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  267.767962][   T31] 
[  267.770369][   T31] =============================================
[  267.770369][   T31] 
[  267.778995][   T31] NMI backtrace for cpu 1
[  267.779013][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  267.779036][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.779047][   T31] Call Trace:
[  267.779055][   T31]  <TASK>
[  267.779065][   T31]  dump_stack_lvl+0x189/0x250
[  267.779099][   T31]  ? __wake_up_klogd+0xd9/0x110
[  267.779125][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.779155][   T31]  ? __pfx__printk+0x10/0x10
[  267.779192][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  267.779221][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  267.779242][   T31]  ? _printk+0xcf/0x120
[  267.779269][   T31]  ? __pfx__printk+0x10/0x10
[  267.779293][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  267.779322][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  267.779351][   T31]  watchdog+0xfee/0x1030
[  267.779380][   T31]  ? watchdog+0x1de/0x1030
[  267.779415][   T31]  kthread+0x70e/0x8a0
[  267.779443][   T31]  ? __pfx_watchdog+0x10/0x10
[  267.779467][   T31]  ? __pfx_kthread+0x10/0x10
[  267.779492][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  267.779518][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.779544][   T31]  ? __pfx_kthread+0x10/0x10
[  267.779567][   T31]  ret_from_fork+0x3fc/0x770
[  267.779598][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  267.779632][   T31]  ? __switch_to_asm+0x39/0x70
[  267.779650][   T31]  ? __switch_to_asm+0x33/0x70
[  267.779669][   T31]  ? __pfx_kthread+0x10/0x10
[  267.779692][   T31]  ret_from_fork_asm+0x1a/0x30
[  267.779738][   T31]  </TASK>
[  267.779745][   T31] Sending NMI from CPU 1 to CPUs 0:
[  267.945874][    C0] NMI backtrace for cpu 0
[  267.945892][    C0] CPU: 0 UID: 0 PID: 12297 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  267.945912][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.945923][    C0] RIP: 0010:check_preemption_disabled+0x40/0x120
[  267.945945][    C0] Code: 08 65 8b 05 06 9e 36 07 65 8b 0d fb 9d 36 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d db 9d 36 07 48 3b 4c 24 08 0f 85 cc 00 00 00 <48> 83 c4 10 5b 41 5e 41 5f 5d e9 41 b7 02 00 cc 48 c7 04 24 00 00
[  267.945966][    C0] RSP: 0018:ffffc9001c1af4e0 EFLAGS: 00000246
[  267.945982][    C0] RAX: 0000000000000000 RBX: ffffffff903edb01 RCX: b97d02f14cba9200
[  267.945994][    C0] RDX: ffffc9001c1af601 RSI: ffffffff8be282e0 RDI: ffffffff8be282a0
[  267.946005][    C0] RBP: dffffc0000000000 R08: ffffc9001c1afa10 R09: 0000000000000000
[  267.946016][    C0] R10: ffffc9001c1af658 R11: fffff52003835ecd R12: ffffc9001c1afa20
[  267.946027][    C0] R13: ffffc9001c1a8000 R14: ffffc9001c1af608 R15: ffffffff81729de5
[  267.946039][    C0] FS:  0000000000000000(0000) GS:ffff888125c52000(0000) knlGS:0000000000000000
[  267.946052][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  267.946063][    C0] CR2: 00007f0a551a6e9c CR3: 0000000034df8000 CR4: 00000000003526f0
[  267.946079][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  267.946088][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  267.946099][    C0] Call Trace:
[  267.946105][    C0]  <TASK>
[  267.946113][    C0]  ? unwind_next_frame+0xa5/0x2390
[  267.946136][    C0]  rcu_is_watching+0x15/0xb0
[  267.946159][    C0]  ? unwind_next_frame+0xa5/0x2390
[  267.946180][    C0]  unwind_next_frame+0x1965/0x2390
[  267.946205][    C0]  ? unwind_next_frame+0xa5/0x2390
[  267.946227][    C0]  ? __fput+0x44c/0xa70
[  267.946258][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  267.946276][    C0]  arch_stack_walk+0x11c/0x150
[  267.946294][    C0]  ? task_work_run+0x1d1/0x260
[  267.946315][    C0]  stack_trace_save+0x9c/0xe0
[  267.946331][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  267.946353][    C0]  save_stack+0xf5/0x1f0
[  267.946370][    C0]  ? __pfx_save_stack+0x10/0x10
[  267.946383][    C0]  ? __free_frozen_pages+0xc71/0xe70
[  267.946398][    C0]  ? vfree+0x25a/0x400
[  267.946411][    C0]  ? kcov_close+0x28/0x50
[  267.946429][    C0]  ? __fput+0x44c/0xa70
[  267.946453][    C0]  ? page_ext_put+0x97/0xc0
[  267.946471][    C0]  __reset_page_owner+0x71/0x1f0
[  267.946488][    C0]  __free_frozen_pages+0xc71/0xe70
[  267.946509][    C0]  vfree+0x25a/0x400
[  267.946524][    C0]  ? __pfx_kcov_close+0x10/0x10
[  267.946543][    C0]  kcov_close+0x28/0x50
[  267.946560][    C0]  __fput+0x44c/0xa70
[  267.946608][    C0]  task_work_run+0x1d1/0x260
[  267.946628][    C0]  ? __pfx_task_work_run+0x10/0x10
[  267.946648][    C0]  ? kmem_cache_free+0x18f/0x400
[  267.946665][    C0]  do_exit+0x6ad/0x22e0
[  267.946687][    C0]  ? do_raw_spin_lock+0x121/0x290
[  267.946705][    C0]  ? __pfx_do_exit+0x10/0x10
[  267.946721][    C0]  ? cgroup_freezing+0x20/0x360
[  267.946748][    C0]  do_group_exit+0x21c/0x2d0
[  267.946765][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.946788][    C0]  get_signal+0x1286/0x1340
[  267.946821][    C0]  arch_do_signal_or_restart+0x9a/0x750
[  267.946841][    C0]  ? blkcg_maybe_throttle_current+0x1ab/0xb40
[  267.946865][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  267.946893][    C0]  ? exit_to_user_mode_loop+0x40/0x110
[  267.946916][    C0]  exit_to_user_mode_loop+0x75/0x110
[  267.946936][    C0]  do_syscall_64+0x2bd/0x3b0
[  267.946949][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.946977][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.946993][    C0]  ? clear_bhb_loop+0x60/0xb0
[  267.947011][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.947025][    C0] RIP: 0033:0x7fd01e5907bc
[  267.947038][    C0] Code: Unable to access opcode bytes at 0x7fd01e590792.
[  267.947047][    C0] RSP: 002b:00007ffe6c3ac140 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  267.947063][    C0] RAX: 0000000000000068 RBX: 00007fd01f2e4620 RCX: 00007fd01e5907bc
[  267.947074][    C0] RDX: 0000000000000068 RSI: 00007fd01f2e4670 RDI: 0000000000000003
[  267.947084][    C0] RBP: 0000000000000000 R08: 00007ffe6c3ac194 R09: 000000000000000c
[  267.947094][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  267.947104][    C0] R13: 0000000000000000 R14: 00007fd01f2e4670 R15: 0000000000000000
[  267.947123][    C0]  </TASK>
[  267.957278][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  267.957301][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-00120-g0aff00432cc7 #0 PREEMPT(full) 
[  267.957325][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.957336][   T31] Call Trace:
[  267.957345][   T31]  <TASK>
[  267.957355][   T31]  dump_stack_lvl+0x99/0x250
[  267.957389][   T31]  ? __asan_memcpy+0x40/0x70
[  267.957415][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.957442][   T31]  ? __pfx__printk+0x10/0x10
[  267.957476][   T31]  panic+0x2db/0x790
[  267.957508][   T31]  ? __pfx_panic+0x10/0x10
[  267.957535][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  267.957567][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  267.957591][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  267.957622][   T31]  watchdog+0x102d/0x1030
[  267.957649][   T31]  ? watchdog+0x1de/0x1030
[  267.957681][   T31]  kthread+0x70e/0x8a0
[  267.957712][   T31]  ? __pfx_watchdog+0x10/0x10
[  267.957736][   T31]  ? __pfx_kthread+0x10/0x10
[  267.957758][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  267.957783][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.957806][   T31]  ? __pfx_kthread+0x10/0x10
[  267.957828][   T31]  ret_from_fork+0x3fc/0x770
[  267.957856][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  267.957887][   T31]  ? __switch_to_asm+0x39/0x70
[  267.957905][   T31]  ? __switch_to_asm+0x33/0x70
[  267.957923][   T31]  ? __pfx_kthread+0x10/0x10
[  267.957944][   T31]  ret_from_fork_asm+0x1a/0x30
[  267.957979][   T31]  </TASK>
[  268.528667][   T31] Kernel Offset: disabled
[  268.533019][   T31] Rebooting in 86400 seconds..