last executing test programs:

11.71071455s ago: executing program 1 (id=7201):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_vlan\x00', &(0x7f0000000300)=@ethtool_drvinfo={0x3, "6ff9ce9c6e0373ad226029e738658ff6fc99da1700bafdcb16fa2d74ae645efa", "381d28c7a0164b0ac87736419603b18d7145bf36b7687b886b01ed4a588fcbfe", "0c28f6e918bd13306f2f0b11ba7e68e865eaa5128845fc1f3961f9def3805978", "85e3dd817e6fd3dd4db6e64285dec524c97e4950723f463980ed860d384b2158", "6c2863077f7c054bd1ff6854da0f2c35907affd7ee5ce2de4c9d9c3577dd495e", "6f0c59c39e44c8d6ee189c1c", 0x8, 0x9, 0x5a, 0x7ff, 0x7}})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r1, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r1, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

11.455330818s ago: executing program 1 (id=7204):
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TTY_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x10}, 0xfdf6}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'dummy0\x00', <r3=>0x0})
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r1, r3, 0x25, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r4, 0x4)

11.319057306s ago: executing program 1 (id=7206):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711220000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f00000000c0)={'dummy0\x00', @random="0130210100ff"})
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@local, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0xfffffffffffffffc}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

10.408573911s ago: executing program 1 (id=7207):
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r0 = socket$netlink(0x10, 0x3, 0xb)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)='\b', 0x1}], 0x1}}], 0x1, 0x2004000)

8.373792619s ago: executing program 2 (id=7213):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socketpair(0x1, 0x1, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x0)
r1 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
connect$unix(r1, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="310300000000000000000800000008", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x3c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getpeername$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000340)=0x1c)

7.410455765s ago: executing program 2 (id=7214):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7fd, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x2, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000006000000140008"], 0x28}}, 0x8000)

7.261811913s ago: executing program 2 (id=7215):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x20000811)
socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f00000002c0)=0x10)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)}, 0x1f00)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmmsg$sock(r5, &(0x7f0000006380)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)

6.182352973s ago: executing program 2 (id=7221):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xd, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x9, 0x2}}, @TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x1}]}}]}, 0x50}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.874951355s ago: executing program 2 (id=7222):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x1, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
accept(r0, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000020000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

5.403658858s ago: executing program 1 (id=7225):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff1, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0x8, 0x4, 0x202, 0x1, 0x7}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x7}}]}, 0x40}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.256458444s ago: executing program 1 (id=7229):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002fc0)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000005c0)="05", 0x1}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x4e22, 0x0, @remote, 0x40}, 0x1c, &(0x7f0000000b00)=[{&(0x7f00000006c0)="a2", 0x1}], 0x1}}], 0x2, 0x24000045)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100), 0x4)
recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
bpf$PROG_BIND_MAP(0x1c, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x24}, 0xc)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="0800d90700000000000000bd5656", 0xe)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x48, r6, 0x1, 0x70bd2c, 0x0, {{0x2}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x2, 0x25}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xd}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x8}]]}, 0x48}, 0x1, 0x0, 0x0, 0x8001}, 0x4040000)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_MPATH(r3, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000827bd700000dbdf251500000208200300", @ANYRES32=r7, @ANYBLOB="0a001a00ffffffffffff00000a00060008021100000100000a00060008021100000100000a001a0008021100000100000a001a0008021100000000000a000600ffffffffffff00000a000600ffffffffffff00000a0006000802110000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
unshare(0x62040200)
r8 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000090000000800000002"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r10, &(0x7f0000000040), 0x0}, 0x20)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r9, @ANYBLOB="0a00340002020202020200000a00060008021100000000000800350000000000089926006c090000ffd2203c926230b21ce7a074fed080f1844e5283c884488b825026f1edaa577bdd258e01005336cb7c75f7710c634ea916373496f58001bb33f21847b6b5679c426832b19e4cd1e0d2841976919e0a7fff714e762aee9481817e26be855e4c3d29e190a65d88ecf7ea6ff2455ed0c0ff4adbc95cc7bdda21831f8b5d0933dccb40be2a588b24fac9810d52b011c6b787a440c271d4d91796e617b194058e4077cbac443e2c360fc9ad6f8d39b0af46034e635b0ac27e478969f805642c1101647b9081b1679cb707c4d20879152022a3be2a0fb347"], 0x44}}, 0x0)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, 0x0)

4.877395133s ago: executing program 2 (id=7230):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x4, 0x3, 0x1, 0x5, 0x3091f, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5000000, 0x1}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000100)=0xffff, 0x4)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0xffffffffffffff21, 0x0, 0x0, &(0x7f00000005c0)=""/108, 0x6c}, 0x7fff}], 0x3fffffffffffcbe, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
splice(r1, &(0x7f0000000000)=0x7, r1, &(0x7f0000000040)=0x9, 0x0, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newtaction={0x48, 0x1e, 0x109, 0x100, 0x40000, {}, [{0x34, 0x1, [@m_mirred={0x30, 0x8, 0x0, 0x0, {{0xb, 0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x48}, 0x1, 0x2b1e}, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000640))
ioctl$sock_SIOCGIFINDEX(r2, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0e0000000400000004"], 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a1, &(0x7f0000000080)={'syzkaller0\x00'})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b00)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
r5 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x140e, 0xc3ef2dc4aaddb62c, 0x70bd2a, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x10)

3.954495112s ago: executing program 3 (id=7234):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB='c 75:*\tmm'], 0x3d)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bind$ax25(r7, &(0x7f0000000040)={{0x3, @bcast, 0x1}, [@null={0x40, 0x10}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
setsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0xc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r8=>0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffb}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000040)={0x2, 0x206, 0x8ce, 0xf44, r8}, 0x10)
ppoll(&(0x7f0000000100)=[{r4}], 0x1, &(0x7f0000000180)={0x77359400}, 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
r10 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r10, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r10, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x0, @random='\x00\x00\x00\x00\x00\a'}, 0x10)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x6, 0x81, 0x5}, 0x10)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random}, 0x10)

2.871467102s ago: executing program 4 (id=7239):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0a00000000000000040000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x28, &(0x7f00000003c0)=0x71db50c0, 0x4)
sendmmsg$alg(r2, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d1", 0x5e}, {&(0x7f00000001c0)="66f7", 0x2}, {&(0x7f0000000300)='l3', 0x2}], 0x3}], 0x1, 0x0)
pipe(&(0x7f0000000080))
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000007, 0x1010, 0xffffffffffffffff, 0x2000)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000080)={0x18, 0x0, {0x15, @local, 'bond0\x00'}}, 0x1e)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r5, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r5, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

2.717404812s ago: executing program 4 (id=7240):
socket(0x1e, 0x4, 0x0)
socket(0xa, 0x1, 0x0)
socket(0x1e, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000}, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$sock(r4, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
unshare(0x6020480)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

2.583766118s ago: executing program 3 (id=7241):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
epoll_create1(0x0)
socket(0x1, 0x80802, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
epoll_create1(0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$alg(0x26, 0x5, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="d401000010000000180000000000000000000000000000009500000000"], &(0x7f00000000c0)='GPL\x00', 0x5}, 0x94)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

2.460500453s ago: executing program 4 (id=7243):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000040)={0x5, [0x0, <r2=>0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000100)=0x18)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r2, 0x9, 0xb5}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r5=>0x0})
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7e, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xa, [0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0xffff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc, 0x0, 0x3], [0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40100000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)=@ipmr_newroute={0x28, 0x18, 0x100, 0x70bd2a, 0x25dfdbfc, {0x80, 0x0, 0x0, 0xd9, 0xfe, 0x7, 0xfe, 0x8, 0x200}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4810)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r9)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000008c0)=ANY=[@ANYBLOB="98000000", @ANYRES16=r10, @ANYBLOB="0100000000000000000039000000", @ANYRES32=r11, @ANYBLOB="7c005a807400008005000700020000001e0001000a300c9f4816161b091b030430300109093006220b5112093003000007000100182418"], 0x98}, 0x1, 0x0, 0x0, 0x40080}, 0x20008840)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x44, r4, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}]]}, 0x44}}, 0x40048a4)
r12 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r13=>0x0})
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x30, r14, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000801}, 0x4c000)
socket$kcm(0x11, 0x3, 0x0)
r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r15)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="6d932bbd700000000000010000000800030003000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), r15)

2.283562815s ago: executing program 3 (id=7244):
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="cf7ac32ffb1aff40bf14d87c4d00ce54a8373b1d47fcf44290b4405c676d68e49b6688fcdde4c42ae49ee1e12485df8c9e92a0dce247e4c0c340f0a8c115", @ANYRES32=0x1, @ANYBLOB="018000"/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000010000000500000006"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
vmsplice(0xffffffffffffffff, &(0x7f0000002440)=[{&(0x7f00000002c0)="62af263ea3c1befb3bd81deb2fc1cacaa4d2f3c7d8ed578a43f7c4bb44173641f1fd8524ba1d6678d41a89626989170aadb2c8de3262863630637e1f80b2b4b51ee58b9299e10879e5e7cf131a96d45102b25ddcd1a9c1396236f8a9e1be48f3df174a31122fc89187100d16d31e65e68a314119e411a442d36d25fa1a910a16926bbe70937af1a2daffcd5c3a62c21741d80998ec5bdc21609f993fe686eab92a3d9509e824ba65d8ca5a278c2daaa30bae078462870b37ea7868c8f4793a95dfe47a9c60ea83231e51dda3ae07e726e228a4b101565798f3c4d0633da550910f4615720e9ca37e6f3e77bb52ae52a1312724d2f1a641035db3e81b35e55ca077ae17a98a375b6c3f56395c052113c3f125304a41a735b325b05243c1b8a0b8e47ad70f831e640e4d68e32614faef764f07940dbd655c7c45a7a22630e1c3d77bd86fd2c51621f5196efd4844bc327210f9d34141daa5acc425005e38ccdbeba7eafd392b4f3eb9f297aa6dbc28320b48b3f878d9e45916396519eb2f5c4084d210892cc8bd34489e4e12d78c16e5abcf841243e65dddfd7cbe36ec49b51d4ad368a01bba176ecdd8d147bedd7464a07dc59ad833ab8d26639de4131d324c8c1c1401a6758e660e0c7f0c9bd612f5f3589acba3b06198c30d6beb86a76c18cffff86ea6ebc282411a12ea8959b84672e17f10146575abcf6064ff36821f10c23c2e555b4c8d0af9f368e7db70ba47218a5947a1ecd42e08e6dc08ec3f3d51c522caed9d102a44f6d8f5944fa3307b7234f27483b285ef16925815cd9c05fbeee24b369c18fd05d3e7f034e99462de5f6b45c54f137b4b86e88ae17906071194223638760200d6e185e111301f039780bd9ab2d62682da82b0b752ef85f36a2308ced8b395405d2d30c3c883754767ed379aefbb8e4ff465ac1c6e938a41cb04915a16ab25eed7c2e54cd151821e0620fc314472c57b51d003d07a287d256744b8c8f6ac08fb3c143670b3b8318218d6be5e2ee5b71ad03a7c327a272de129875f170b5f1ea10473c3dac826e96a845aa809905b02c8e3e2e1b451d00f437271af7689f93920db839aba8c8c632cc31c7043b3b7e358c4f5725b31db55aa4f260504f6a78c6ff74d59c480b6f4276433eec67beef368c238bba859d2f4f4c28ab94a65821f55045e540914677befa72c15071d28435a016387cf0c69cef003550d83ef4f866ee78add21e6e69a19ca03ba5381791e38b4fb91d725d3e8c0bc7cfa95aa35f48a9127eb93dd67e9746ab92b9cdc9519f2bca2d5d2eaf864381ee2c6a76db4d1b0440dd3aa65b34fbcb3dbfd649c5886cb9b9be8e6aa0a1e5e09ad0afa6a70c203344468ae3e3750af30aff7b1", 0x3d2}], 0x1, 0x9)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, 0x0, 0x1, 0xff1f, 0x8000000, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x26004808)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000740)={0x5, 0x8e, 0xf, 0x3, 0x9})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.241731475s ago: executing program 0 (id=7245):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.130829368s ago: executing program 4 (id=7246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="04005b000700000000000000"], 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r10, 0x84, 0x20, &(0x7f00000003c0)=0x400, 0x4)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r11, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r11, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c)
sendto$inet6(r11, &(0x7f0000000040)='\x00', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1c)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$GTP_CMD_ECHOREQ(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x17, r13, 0x424, 0x70bd28, 0x25dfdbfb, {}, [@GTPA_TID={0x0, 0x3, 0x4}, @GTPA_PEER_ADDR6={0x0, 0xb, @initdev={0xfe, 0x88, '\x00', 0xfe, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x409c)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000a80)="aa57fe9d974aee576fc01305b70e8e942781ac1999c6194324ad", 0x1007, r14}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000080)={r14, &(0x7f0000001b80), &(0x7f0000001c40)=""/245}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r15=>0x0})
r16 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r16, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01000000000000007c69536b8400003a00000008000300", @ANYRES32=r15, @ANYBLOB="05005b00fc000000"], 0x24}}, 0x0)

2.052454783s ago: executing program 3 (id=7247):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='mm_page_alloc\x00', r0, 0x0, 0x6}, 0x18)
r1 = socket(0x1e, 0x4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r4, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x8, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r4, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000004c0)={0x9, 0xff, 0x204, 0x5, 0xb7b, 0x2, 0x2, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000005007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c)
sendmmsg(r6, &(0x7f00000092c0), 0x4ff, 0xfdff)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x1, 0x9200000000000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)

1.643907479s ago: executing program 3 (id=7248):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x4)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000040)={@broadcast, @multicast1, 0x1, "0d5011f02b7fab96e0aa834d3a9e7cfc12178ac0ab1e6227c2b6ddaa5effda90", 0x5, 0x16, 0xfffffffe, 0x1}, 0x3c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f0000000180), &(0x7f0000000100)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, &(0x7f0000000300), 0x0}, 0x20)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r6, 0x29, 0x3b, 0x0, 0x8)
setsockopt$inet6_int(r6, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r8)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x44}, 0x1, 0x1000000}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x89f9, &(0x7f0000000000)={'veth1_to_bond\x00', @random="faff61000600"})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
r11 = socket(0x10, 0x3, 0xc)
write(r11, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000001000010400"/18, @ANYRES32=0x0, @ANYBLOB="01050400000000003c0012800b00010067726574617000002c00028008000100", @ANYRES32], 0x64}}, 0x0)
r12 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000240)=0x10, 0x80000)
setsockopt$PNPIPE_HANDLE(r12, 0x113, 0x3, 0x0, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000fcdbdf251b00000008009a000210"], 0x20}}, 0x40090)

1.553393892s ago: executing program 0 (id=7249):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x42280, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x2, 0x8, 0x5, 0x4, 0xd}, {0x86, 0x0, 0x7, 0x5, 0x6, 0x84}, 0x4, 0x80, 0x16c8}}, @TCA_TBF_BURST={0x8, 0x6, 0x2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xd11c73e75a38de1e}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.232506718s ago: executing program 0 (id=7250):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
connect$802154_dgram(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x84, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x54, 0x2, {{0x100, 0x6, 0x6361, 0x5, 0xfffffffd, 0x106}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x1, 0x0, 0xb2, 0x9, 0x8, 0x7c}}]}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24004890}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.083786232s ago: executing program 4 (id=7251):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB='c 75:*\tmm'], 0x3d)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ppoll(&(0x7f0000000500), 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bind$ax25(r7, &(0x7f0000000040)={{0x3, @bcast, 0x1}, [@null={0x40, 0x10}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
setsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0xc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r8=>0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffb}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000040)={0x2, 0x206, 0x8ce, 0xf44, r8}, 0x10)
ppoll(&(0x7f0000000100)=[{r4}], 0x1, &(0x7f0000000180)={0x77359400}, 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
r10 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r10, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r10, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x0, @random='\x00\x00\x00\x00\x00\a'}, 0x10)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x6, 0x81, 0x5}, 0x10)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random}, 0x10)

850.217537ms ago: executing program 0 (id=7252):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000100)={'gre0\x00', <r2=>0x0, 0x8000, 0x1, 0x2, 0x3, {{0x13, 0x4, 0x1, 0x6, 0x4c, 0x66, 0x0, 0x4, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, {[@timestamp_prespec={0x44, 0x34, 0x64, 0x3, 0xf, [{@rand_addr=0x64010102, 0x9}, {@empty, 0xfffffffe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xd}, {@multicast1, 0x80000000}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x7}]}, @noop]}}}}})
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x44, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x8, 0x3, 0xa50, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x9d8, 0xffffffff, 0xffffffff, 0x9d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x73, 0x0, 0x0, 0x45}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, [], [0x0, 0xffffffff, 0xff000000], 'wg1\x00', 'gre0\x00'}, 0x0, 0x888, 0x8b0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x7fff, 0x1}, {0x8, 0x3}, {0xfffff7ec, 0x1}, {0xfff, 0xbd3626e1c8b1df09}, {0x5, 0x2}, {0xb34c, 0x3}, {0x2}, {0xe48b, 0x2}, {0x101, 0x2}, {0x5, 0x2}, {0x5}], [{0x400}, {0x6, 0x8001}, {0x401, 0x40}, {0x7fff}, {0xffffc1b1, 0x32de}, {0xfff, 0x8}, {0x2, 0x9}, {0x1, 0xbbca}, {0x83, 0x1}, {0x5, 0x7}, {0x3}], 0x1, 0x7}, {[{0x9, 0x3}, {0x6, 0x3}, {0x4, 0x3}, {0x1, 0x2}, {0x9, 0x1}, {0xfffffffa}, {0x0, 0x2}, {0x80000000, 0x3}, {0x80000001}, {0x8001, 0x2}, {0xff, 0x3}], [{0x7, 0x5}, {0x3, 0x6b6}, {0x4, 0x400}, {0x3}, {0x4, 0xfff}, {0x3ff, 0xe5d7}, {0x6, 0x3ff}, {0xa78, 0xffffffff}, {0xa9e1, 0x3}, {0x8, 0x1000}, {0xc7, 0xf385}], 0x6, 0x3}, {[{0x101, 0x2}, {0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x48}, {0x9, 0x2}, {0x1, 0x2}, {0x7, 0x2}, {0x9}, {0x7, 0x1}, {0x0, 0x3}], [{0xfffffffb, 0x5}, {0x8, 0xa17}, {0x80, 0x4}, {0x8}, {0x3, 0x7}, {0x5e18, 0x7}, {0x4, 0x101}, {0x7, 0xfff}, {0xd, 0x7f}, {0x2, 0x2}, {0xfb3, 0xa94}], 0xb, 0x4}, {[{0x8, 0x1}, {0x4, 0x2}, {0x4e, 0xc781c4f1f9c1fa4f}, {0x8, 0x1}, {0x4e5, 0x2}, {0x3, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x5, 0x2}, {0xfff}, {0x4}], [{0x9, 0x8001}, {0xffff, 0x4}, {0x7fff, 0xf}, {0x66d, 0x9}, {0x92, 0xb}, {0x3, 0x6}, {0x7, 0xfff}, {0x1, 0xff}, {0x1, 0x1}, {0x0, 0x8}, {0x1, 0xff}], 0xa}, {[{0x5, 0x2}, {0x7a3, 0x2}, {0x1, 0x3}, {0x100, 0x3}, {0x40}, {0x8d, 0x1}, {0x8, 0x3}, {0x9, 0x3}, {0x8, 0x2}, {0x1, 0x1}, {0x7}], [{0x854f, 0x6b}, {0x7, 0x7}, {0x6, 0x80}, {0x3, 0xffc00000}, {0x7}, {0x3, 0x6}, {0x2, 0xf17}, {0x25, 0x401}, {0x200, 0x84b}, {0x7fff, 0x80}, {0x3, 0x1}], 0x4, 0x8}, {[{0xc3d, 0x147d12363fe5c40a}, {0x64, 0x1}, {0xf, 0x3}, {0x5, 0x1}, {0x7fffffff, 0x2}, {0x5}, {0x2af0, 0x2}, {0x1bd6, 0x2}, {0x1, 0x2}, {0x7, 0x1}, {0x7, 0x2}], [{0x92b, 0x1ff}, {0x1, 0xf458}, {0x5, 0x3}, {0x84, 0x1}, {0xe923, 0x7fff}, {0x4, 0xe}, {0x3, 0x6}, {0xad3f, 0x59f}, {0x4, 0xfffffffc}, {0x6}, {0x5, 0x6f}], 0x9}, {[{0x8}, {0x2f, 0x1}, {0x7, 0x1}, {0x0, 0x2}, {0x3, 0x3}, {0x0, 0x1}, {0x1, 0x3}, {0x8, 0x3}, {0x7}, {0x2}, {0x2, 0x3}], [{0x101, 0x80000000}, {0x1, 0x9}, {0x40, 0xff}, {0x4, 0x2}, {0x5, 0x6}, {0x2, 0x5}, {0x0, 0x3}, {0xe, 0x5}, {0x6, 0x1ff}, {0xc, 0x7}, {0x1, 0x4}], 0xb, 0x7}, {[{0x8c, 0x1}, {0xd}, {0x10000, 0x2}, {0x8, 0x2}, {0x3, 0x3}, {0x0, 0x3}, {0x1ff, 0x1}, {}, {0xc, 0x1}, {0xf0f}, {0xf629}], [{0x4, 0x5}, {0x35f7, 0x1}, {0x401, 0xf6}, {0x94, 0xd16}, {0x8, 0x5}, {0x35, 0x4929}, {0x8001, 0x5}, {0x1000, 0x9}, {0x9f, 0x65}, {0x9, 0x4}, {0x9, 0xf0a9}], 0x1, 0x4}, {[{0x9, 0x1}, {0x9, 0x2}, {0x7, 0x1}, {0x4, 0x4adbb8db8b6f3087}, {0x3}, {0x3, 0x3}, {0x7ff}, {0x7, 0x1}, {0x10000, 0x3}, {0x0, 0x2}, {0x80000000, 0x1}], [{0xf767, 0x8}, {0xc, 0x5}, {0x9, 0x8}, {0x6, 0xb23}, {0x101, 0x4}, {0xfffffff7, 0xb98}, {0x10001, 0x8f}, {0x9, 0xa83}, {0xd, 0x1}, {0x4, 0xe00}, {0x7, 0x444}], 0x6, 0x4}, {[{0x2, 0x3}, {0x2}, {0x26914786, 0x3}, {0x3}, {0xd7f, 0x1}, {0x7fffffff}, {0xf}, {0x4, 0x2}, {0x8, 0x1}, {0x4, 0x3}, {0xe, 0x1}], [{0xb59, 0x6}, {0x4, 0x70c063f5}, {0x2, 0xfffffffe}, {0x5, 0x6}, {0x10000, 0x872}, {0x6, 0x8}, {0xffff, 0x7}, {0x7, 0x4}, {0x6, 0x10}, {0xfff, 0xa}, {0x81, 0x4}], 0xb, 0x4}, {[{0x200, 0x1}, {0x2, 0x3}, {0xa, 0x1}, {0x3ff, 0x1}, {0x7}, {0x1, 0x2}, {0x6, 0x3}, {0x7}, {0x92, 0x3}, {0x6, 0x1}, {0x7fffffff, 0x2}], [{0x3, 0xbbb9}, {0x4, 0x400}, {0xdec, 0x9}, {0x7, 0x1d}, {0x0, 0x9a}, {0x1, 0x7}, {0x1, 0xf580}, {0x4, 0x9f}, {0x2, 0x4}, {0x5, 0x7}, {0xfff, 0x1}], 0x5, 0x7}], 0x4, 0x1}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x8, 0xff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xab0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)
pipe(&(0x7f00000045c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r6, 0x0)
vmsplice(r5, &(0x7f0000000380)=[{&(0x7f00000003c0)="ce9ada41c8f5", 0x6}], 0x1, 0x1)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x0)
splice(r4, 0x0, r8, 0x0, 0x2, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}}, 0x4010)

845.112709ms ago: executing program 3 (id=7253):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
sendto(r2, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)

380.550429ms ago: executing program 0 (id=7254):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb0100180000ffff0000002000f0ff1f0000000400000008"], &(0x7f0000000100)=""/101, 0x3c, 0x65, 0x1, 0x2}, 0x28)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[], 0x7c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x94)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002a00)=""/4100, 0x1004}], 0x1}}], 0x1, 0x10000, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)
sendmsg$kcm(r0, 0x0, 0x24080000)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)

1.209691ms ago: executing program 0 (id=7255):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000800)={0x438, 0x3f3, 0x20, 0x70bd28, 0x25dfdbfe, {0x5, 0x1, 0x27, [0x8000, 0x4, 0x9, 0x9, 0xffffffff, 0x2bb, 0x2, 0xff, 0x8, 0x302a, 0xdc3, 0x200, 0x8, 0x401, 0x1, 0x4, 0x0, 0x6, 0xffffffff, 0x9, 0x8, 0x800, 0x2, 0x5, 0xffffffff, 0x7, 0x80000000, 0xf3a, 0x6, 0x59c0, 0x6, 0x10000, 0x8, 0x51, 0x5, 0xfffffffe, 0x8, 0x0, 0x7fffffff, 0x6, 0x400, 0x4, 0xfffffff4, 0x0, 0x6982, 0x9, 0x3, 0x7, 0x9, 0x3, 0x9, 0x9, 0x7, 0x0, 0x7, 0x4, 0x0, 0x3, 0x3, 0x3, 0x400, 0x0, 0x2, 0x5], [0x8001, 0x3, 0x9, 0x6, 0xfffffff8, 0x7, 0x5, 0xfff, 0x200, 0xff, 0x1c000, 0xffffff50, 0x3, 0x6, 0x0, 0x6, 0x1, 0x9, 0x8, 0x2, 0xb, 0x7fff, 0x572a, 0x3ff, 0x0, 0x6, 0x8, 0x0, 0x0, 0xfffffb22, 0x9, 0x7, 0x7f, 0x6, 0x10001, 0x0, 0x5, 0x8, 0x8, 0x0, 0x401, 0x0, 0x1, 0x5, 0x0, 0xd, 0xffff, 0x1, 0x400, 0x570, 0x4, 0x2, 0x1, 0xfa3c, 0x1ff, 0x3, 0x4, 0x82, 0xe065, 0x0, 0x3ff, 0x3, 0x6, 0x9], [0x8, 0x5, 0x4b0c, 0x73a, 0x0, 0xffffffff, 0x5, 0xcc, 0x6, 0xfffffc01, 0x4, 0x1ff, 0xae5, 0x7fffffff, 0xffff, 0x0, 0x7, 0xfffeffff, 0x8, 0x9, 0x1, 0xfffffffa, 0x40, 0x7fff, 0x7, 0xb90c, 0x7, 0x1, 0x788768ec, 0xec8e, 0x10001, 0x5, 0x0, 0x4, 0x7, 0x7b, 0xb, 0xa, 0xba, 0x9, 0x1, 0x10, 0xf6, 0xba77, 0x7, 0x0, 0xfffffff9, 0x0, 0x8, 0xaf77, 0x7, 0x8, 0xfe, 0x6c878658, 0x6, 0x9, 0xffff, 0xfffffff9, 0x4, 0x8, 0x4, 0x8, 0x25, 0x5], [0xfffffff8, 0x0, 0x6, 0x0, 0x7, 0x7, 0x10, 0x2, 0x6ddeb0ee, 0x0, 0x7, 0xe, 0x75a, 0xcb, 0xffff, 0x7, 0x3, 0x2, 0x8, 0x9, 0x5, 0x0, 0xb2, 0xffffffff, 0x5, 0x1, 0x5, 0x4, 0x10, 0x100, 0x1, 0xffffff00, 0x3, 0x0, 0x3, 0x2, 0xfffff9b4, 0x5, 0x2, 0x7, 0x5e, 0x3, 0x5c2, 0x1000, 0x9a, 0x9, 0x4, 0x9, 0x2, 0xc, 0xce, 0x3e, 0x9, 0x7, 0x400, 0x0, 0xf, 0xffff, 0xffff0a42, 0xb, 0x8000, 0x7, 0x4, 0x50bf], 0x16, ['-+.\x00', '!-}\x00', '-\\\x00', 'nl80211\x00', '\x00', '[\x00']}, ["", "", "", ""]}, 0x438}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0600000004"], 0x48)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, 0x0, 0x1, 0xff1f, 0x8000000, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x26004808)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000700)=@req3={0x6, 0x0, 0x7, 0x8, 0x2, 0x1, 0x1}, 0x1c)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0xe4}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000004a00010000000000000000000a0080"], 0x1c}}, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000", @ANYRES32=r2, @ANYRES32=r4, @ANYRES32, @ANYBLOB], 0x50)
ioctl$FS_IOC_FSGETXATTR(r5, 0x801c581f, &(0x7f0000000740)={0x5, 0x8e, 0xf, 0x3, 0x9})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r7 = accept4(r6, 0x0, 0x0, 0x800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, 0x0, 0x0)

0s ago: executing program 4 (id=7256):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0xd, 0xfffffffffffffff8, 0x2, 0x8001, 0x8000059, 0x3ff}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x80002, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {0x8, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):

 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1277.532911][T27001] RSP: 002b:00007ff5999ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1277.532934][T27001] RAX: ffffffffffffffda RBX: 00007ff598dc6180 RCX: 00007ff598b8ebe9
[ 1277.532949][T27001] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1277.532962][T27001] RBP: 00007ff598c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1277.532975][T27001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1277.532987][T27001] R13: 00007ff598dc6218 R14: 00007ff598dc6180 R15: 00007ffe94d51248
[ 1277.533025][T27001]  </TASK>
[ 1278.804661][T27012] tipc: Enabling of bearer <ib:ip6gre0> rejected, already enabled
[ 1279.861788][T27028] netlink: 'syz.0.6393': attribute type 13 has an invalid length.
[ 1279.888333][T27028] netlink: 'syz.0.6393': attribute type 17 has an invalid length.
[ 1279.963757][T27028] tipc: Resetting bearer <ib:ip6gre0>
[ 1279.991348][T27028] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1280.226406][T27015] Failed to register nexthop notifier
[ 1280.907128][T27048] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma?
[ 1283.977307][T27062] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1285.923920][T27071] netlink: 'syz.3.6403': attribute type 9 has an invalid length.
[ 1286.000542][T27071] netlink: 'syz.3.6403': attribute type 6 has an invalid length.
[ 1288.606797][T27095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6410'.
[ 1288.658401][T27095] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1288.682290][T27095] CPU: 0 UID: 0 PID: 27095 Comm: syz.0.6410 Not tainted syzkaller #0 PREEMPT(full) 
[ 1288.682321][T27095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1288.682334][T27095] Call Trace:
[ 1288.682344][T27095]  <TASK>
[ 1288.682354][T27095]  dump_stack_lvl+0x189/0x250
[ 1288.682391][T27095]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1288.682418][T27095]  ? __pfx__printk+0x10/0x10
[ 1288.682457][T27095]  ? kernfs_path_from_node+0x2f/0x290
[ 1288.682480][T27095]  ? kernfs_path_from_node+0x250/0x290
[ 1288.682501][T27095]  ? kernfs_path_from_node+0x2f/0x290
[ 1288.682529][T27095]  sysfs_warn_dup+0x8e/0xa0
[ 1288.682552][T27095]  sysfs_do_create_link_sd+0xc0/0x110
[ 1288.682578][T27095]  device_add_class_symlinks+0x1cf/0x240
[ 1288.682606][T27095]  device_add+0x475/0xb50
[ 1288.682644][T27095]  wiphy_register+0x1ba6/0x28d0
[ 1288.682689][T27095]  ? __pfx_wiphy_register+0x10/0x10
[ 1288.682710][T27095]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1288.682748][T27095]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1288.682781][T27095]  ieee80211_register_hw+0x3425/0x4080
[ 1288.682832][T27095]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1288.682872][T27095]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1288.682905][T27095]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1288.682948][T27095]  ? __hrtimer_setup+0x187/0x210
[ 1288.682967][T27095]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1288.683002][T27095]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1288.683072][T27095]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1288.683099][T27095]  ? trace_kmalloc+0x1f/0xd0
[ 1288.683123][T27095]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1288.683151][T27095]  ? kstrndup+0xbf/0x160
[ 1288.683188][T27095]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1288.683221][T27095]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1288.683272][T27095]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1288.683317][T27095]  ? __nla_parse+0x40/0x60
[ 1288.683354][T27095]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1288.683392][T27095]  genl_family_rcv_msg_doit+0x212/0x300
[ 1288.683430][T27095]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1288.683475][T27095]  ? bpf_lsm_capable+0x9/0x20
[ 1288.683501][T27095]  ? security_capable+0x7e/0x2e0
[ 1288.683541][T27095]  genl_rcv_msg+0x60e/0x790
[ 1288.683578][T27095]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1288.683603][T27095]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1288.683659][T27095]  netlink_rcv_skb+0x205/0x470
[ 1288.683677][T27095]  ? __lock_acquire+0xab9/0xd20
[ 1288.683708][T27095]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1288.683737][T27095]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1288.683785][T27095]  ? down_read+0x1ad/0x2e0
[ 1288.683814][T27095]  genl_rcv+0x28/0x40
[ 1288.683838][T27095]  netlink_unicast+0x82f/0x9e0
[ 1288.683882][T27095]  ? __pfx_netlink_unicast+0x10/0x10
[ 1288.683916][T27095]  ? netlink_sendmsg+0x642/0xb30
[ 1288.683935][T27095]  ? skb_put+0x11b/0x210
[ 1288.683962][T27095]  netlink_sendmsg+0x805/0xb30
[ 1288.683997][T27095]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1288.684024][T27095]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1288.684048][T27095]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1288.684070][T27095]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1288.684093][T27095]  __sock_sendmsg+0x219/0x270
[ 1288.684128][T27095]  ____sys_sendmsg+0x505/0x830
[ 1288.684161][T27095]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1288.684198][T27095]  ? import_iovec+0x74/0xa0
[ 1288.684228][T27095]  ___sys_sendmsg+0x21f/0x2a0
[ 1288.684256][T27095]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1288.684332][T27095]  ? __fget_files+0x2a/0x420
[ 1288.684369][T27095]  ? __fget_files+0x3a0/0x420
[ 1288.684401][T27095]  __x64_sys_sendmsg+0x19b/0x260
[ 1288.684430][T27095]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1288.684471][T27095]  ? rcu_is_watching+0x15/0xb0
[ 1288.684500][T27095]  ? do_syscall_64+0xbe/0x3b0
[ 1288.684530][T27095]  do_syscall_64+0xfa/0x3b0
[ 1288.684550][T27095]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1288.684570][T27095]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.684590][T27095]  ? clear_bhb_loop+0x60/0xb0
[ 1288.684617][T27095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.684647][T27095] RIP: 0033:0x7f89ae98ebe9
[ 1288.684668][T27095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1288.684686][T27095] RSP: 002b:00007f89af8a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1288.684709][T27095] RAX: ffffffffffffffda RBX: 00007f89aebc5fa0 RCX: 00007f89ae98ebe9
[ 1288.684724][T27095] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1288.684737][T27095] RBP: 00007f89aea11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1288.684750][T27095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1288.684763][T27095] R13: 00007f89aebc6038 R14: 00007f89aebc5fa0 R15: 00007ffdff8922d8
[ 1288.684802][T27095]  </TASK>
[ 1289.622591][T27100] netlink: 'syz.1.6414': attribute type 13 has an invalid length.
[ 1289.641902][T27100] netlink: 'syz.1.6414': attribute type 17 has an invalid length.
[ 1289.670915][T27100] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1289.699958][T27101] netlink: 'syz.0.6412': attribute type 1 has an invalid length.
[ 1289.712655][T27101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6412'.
[ 1289.728793][T27101] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6412'.
[ 1289.741378][T27103] netlink: 14 bytes leftover after parsing attributes in process `syz.3.6413'.
[ 1289.744320][T27101] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6412'.
[ 1289.909976][T27111] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1289.939498][T27108] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6413'.
[ 1289.972109][T27109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1290.053294][T27117] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6419'.
[ 1290.066891][T27109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1290.079936][T27117] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6419'.
[ 1290.246825][T27119] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6419'.
[ 1290.745803][T27130] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6422'.
[ 1290.841366][T27130] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1290.853717][T27130] CPU: 1 UID: 0 PID: 27130 Comm: syz.4.6422 Not tainted syzkaller #0 PREEMPT(full) 
[ 1290.853749][T27130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1290.853763][T27130] Call Trace:
[ 1290.853772][T27130]  <TASK>
[ 1290.853781][T27130]  dump_stack_lvl+0x189/0x250
[ 1290.853818][T27130]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1290.853844][T27130]  ? __pfx__printk+0x10/0x10
[ 1290.853882][T27130]  ? kernfs_path_from_node+0x2f/0x290
[ 1290.853906][T27130]  ? kernfs_path_from_node+0x250/0x290
[ 1290.853927][T27130]  ? kernfs_path_from_node+0x2f/0x290
[ 1290.853953][T27130]  sysfs_warn_dup+0x8e/0xa0
[ 1290.853976][T27130]  sysfs_do_create_link_sd+0xc0/0x110
[ 1290.854002][T27130]  device_add_class_symlinks+0x1cf/0x240
[ 1290.854028][T27130]  device_add+0x475/0xb50
[ 1290.854055][T27130]  wiphy_register+0x1ba6/0x28d0
[ 1290.854095][T27130]  ? __pfx_wiphy_register+0x10/0x10
[ 1290.854116][T27130]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1290.854154][T27130]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1290.854186][T27130]  ieee80211_register_hw+0x3425/0x4080
[ 1290.854234][T27130]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1290.854272][T27130]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1290.854306][T27130]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1290.854348][T27130]  ? __hrtimer_setup+0x187/0x210
[ 1290.854366][T27130]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1290.854413][T27130]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1290.854482][T27130]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1290.854508][T27130]  ? trace_kmalloc+0x1f/0xd0
[ 1290.854532][T27130]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1290.854559][T27130]  ? kstrndup+0xbf/0x160
[ 1290.854593][T27130]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1290.854624][T27130]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1290.854671][T27130]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1290.854717][T27130]  ? __nla_parse+0x40/0x60
[ 1290.854754][T27130]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1290.854792][T27130]  genl_family_rcv_msg_doit+0x212/0x300
[ 1290.854827][T27130]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1290.854866][T27130]  ? bpf_lsm_capable+0x9/0x20
[ 1290.854886][T27130]  ? security_capable+0x7e/0x2e0
[ 1290.854915][T27130]  genl_rcv_msg+0x60e/0x790
[ 1290.854941][T27130]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1290.854960][T27130]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1290.854996][T27130]  netlink_rcv_skb+0x205/0x470
[ 1290.855009][T27130]  ? __lock_acquire+0xab9/0xd20
[ 1290.855031][T27130]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1290.855052][T27130]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1290.855088][T27130]  ? down_read+0x1ad/0x2e0
[ 1290.855109][T27130]  genl_rcv+0x28/0x40
[ 1290.855126][T27130]  netlink_unicast+0x82f/0x9e0
[ 1290.855158][T27130]  ? __pfx_netlink_unicast+0x10/0x10
[ 1290.855183][T27130]  ? netlink_sendmsg+0x642/0xb30
[ 1290.855196][T27130]  ? skb_put+0x11b/0x210
[ 1290.855217][T27130]  netlink_sendmsg+0x805/0xb30
[ 1290.855242][T27130]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1290.855262][T27130]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1290.855279][T27130]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1290.855295][T27130]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1290.855312][T27130]  __sock_sendmsg+0x219/0x270
[ 1290.855337][T27130]  ____sys_sendmsg+0x505/0x830
[ 1290.855362][T27130]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1290.855398][T27130]  ? import_iovec+0x74/0xa0
[ 1290.855421][T27130]  ___sys_sendmsg+0x21f/0x2a0
[ 1290.855441][T27130]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1290.855499][T27130]  ? __fget_files+0x2a/0x420
[ 1290.855511][T27130]  ? __fget_files+0x3a0/0x420
[ 1290.855537][T27130]  __x64_sys_sendmsg+0x19b/0x260
[ 1290.855558][T27130]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1290.855587][T27130]  ? rcu_is_watching+0x15/0xb0
[ 1290.855610][T27130]  ? do_syscall_64+0xbe/0x3b0
[ 1290.855631][T27130]  do_syscall_64+0xfa/0x3b0
[ 1290.855647][T27130]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1290.855662][T27130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1290.855677][T27130]  ? clear_bhb_loop+0x60/0xb0
[ 1290.855700][T27130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1290.855717][T27130] RIP: 0033:0x7f411d18ebe9
[ 1290.855734][T27130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1290.855747][T27130] RSP: 002b:00007f411df99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1290.855766][T27130] RAX: ffffffffffffffda RBX: 00007f411d3c5fa0 RCX: 00007f411d18ebe9
[ 1290.855777][T27130] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1290.855787][T27130] RBP: 00007f411d211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1290.855796][T27130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1290.855805][T27130] R13: 00007f411d3c6038 R14: 00007f411d3c5fa0 R15: 00007ffd47f869f8
[ 1290.855835][T27130]  </TASK>
[ 1291.559909][T27141] netlink: 'syz.2.6423': attribute type 9 has an invalid length.
[ 1291.616496][T27141] netlink: 'syz.2.6423': attribute type 6 has an invalid length.
[ 1291.649102][T27145] netlink: 'syz.4.6425': attribute type 13 has an invalid length.
[ 1291.678644][T27145] netlink: 'syz.4.6425': attribute type 17 has an invalid length.
[ 1291.849541][T27145] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1292.009923][T27150] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1294.872165][T27157] netlink: 'syz.1.6427': attribute type 1 has an invalid length.
[ 1294.910630][T27157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6427'.
[ 1294.919673][T27157] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6427'.
[ 1294.941391][T27157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6427'.
[ 1296.867156][T27180] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6433'.
[ 1296.909247][T27182] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6434'.
[ 1297.019798][T27184] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6434'.
[ 1297.212068][T27182] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6434'.
[ 1297.353249][T27188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6435'.
[ 1297.367060][T27188] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1297.377883][T27188] CPU: 1 UID: 0 PID: 27188 Comm: syz.1.6435 Not tainted syzkaller #0 PREEMPT(full) 
[ 1297.377914][T27188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1297.377927][T27188] Call Trace:
[ 1297.377936][T27188]  <TASK>
[ 1297.377946][T27188]  dump_stack_lvl+0x189/0x250
[ 1297.377982][T27188]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1297.378008][T27188]  ? __pfx__printk+0x10/0x10
[ 1297.378045][T27188]  ? kernfs_path_from_node+0x2f/0x290
[ 1297.378068][T27188]  ? kernfs_path_from_node+0x250/0x290
[ 1297.378089][T27188]  ? kernfs_path_from_node+0x2f/0x290
[ 1297.378117][T27188]  sysfs_warn_dup+0x8e/0xa0
[ 1297.378139][T27188]  sysfs_do_create_link_sd+0xc0/0x110
[ 1297.378165][T27188]  device_add_class_symlinks+0x1cf/0x240
[ 1297.378194][T27188]  device_add+0x475/0xb50
[ 1297.378222][T27188]  wiphy_register+0x1ba6/0x28d0
[ 1297.378268][T27188]  ? __pfx_wiphy_register+0x10/0x10
[ 1297.378289][T27188]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1297.378327][T27188]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1297.378357][T27188]  ieee80211_register_hw+0x3425/0x4080
[ 1297.378415][T27188]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1297.378454][T27188]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1297.378487][T27188]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1297.378530][T27188]  ? __hrtimer_setup+0x187/0x210
[ 1297.378550][T27188]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1297.378585][T27188]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1297.378654][T27188]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1297.378680][T27188]  ? trace_kmalloc+0x1f/0xd0
[ 1297.378705][T27188]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1297.378732][T27188]  ? kstrndup+0xbf/0x160
[ 1297.378768][T27188]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1297.378800][T27188]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1297.378852][T27188]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1297.378897][T27188]  ? __nla_parse+0x40/0x60
[ 1297.378934][T27188]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1297.378974][T27188]  genl_family_rcv_msg_doit+0x212/0x300
[ 1297.379010][T27188]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1297.379056][T27188]  ? bpf_lsm_capable+0x9/0x20
[ 1297.379083][T27188]  ? security_capable+0x7e/0x2e0
[ 1297.379122][T27188]  genl_rcv_msg+0x60e/0x790
[ 1297.379157][T27188]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1297.379183][T27188]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1297.379231][T27188]  netlink_rcv_skb+0x205/0x470
[ 1297.379249][T27188]  ? __lock_acquire+0xab9/0xd20
[ 1297.379279][T27188]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1297.379308][T27188]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1297.379356][T27188]  ? down_read+0x1ad/0x2e0
[ 1297.379383][T27188]  genl_rcv+0x28/0x40
[ 1297.379415][T27188]  netlink_unicast+0x82f/0x9e0
[ 1297.379456][T27188]  ? __pfx_netlink_unicast+0x10/0x10
[ 1297.379489][T27188]  ? netlink_sendmsg+0x642/0xb30
[ 1297.379508][T27188]  ? skb_put+0x11b/0x210
[ 1297.379537][T27188]  netlink_sendmsg+0x805/0xb30
[ 1297.379571][T27188]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1297.379598][T27188]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1297.379621][T27188]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1297.379642][T27188]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1297.379663][T27188]  __sock_sendmsg+0x219/0x270
[ 1297.379697][T27188]  ____sys_sendmsg+0x505/0x830
[ 1297.379730][T27188]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1297.379767][T27188]  ? import_iovec+0x74/0xa0
[ 1297.379798][T27188]  ___sys_sendmsg+0x21f/0x2a0
[ 1297.379825][T27188]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1297.379901][T27188]  ? __fget_files+0x2a/0x420
[ 1297.379918][T27188]  ? __fget_files+0x3a0/0x420
[ 1297.379953][T27188]  __x64_sys_sendmsg+0x19b/0x260
[ 1297.379981][T27188]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1297.380021][T27188]  ? rcu_is_watching+0x15/0xb0
[ 1297.380049][T27188]  ? do_syscall_64+0xbe/0x3b0
[ 1297.380077][T27188]  do_syscall_64+0xfa/0x3b0
[ 1297.380098][T27188]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1297.380118][T27188]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.380139][T27188]  ? clear_bhb_loop+0x60/0xb0
[ 1297.380163][T27188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.380182][T27188] RIP: 0033:0x7ff598b8ebe9
[ 1297.380200][T27188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1297.380217][T27188] RSP: 002b:00007ff5999ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1297.380247][T27188] RAX: ffffffffffffffda RBX: 00007ff598dc5fa0 RCX: 00007ff598b8ebe9
[ 1297.380262][T27188] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1297.380275][T27188] RBP: 00007ff598c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1297.380287][T27188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1297.380299][T27188] R13: 00007ff598dc6038 R14: 00007ff598dc5fa0 R15: 00007ffe94d51248
[ 1297.380338][T27188]  </TASK>
[ 1298.077688][T27191] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6437'.
[ 1299.898588][T27205] IPVS: persistence engine module ip_vs_pe_ not found
[ 1299.939550][T27208] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1300.068508][T27207] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1300.470224][T27220] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6444'.
[ 1300.631841][T27225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6444'.
[ 1300.957187][T27236] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6447'.
[ 1300.980677][T27236] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6447'.
[ 1301.156177][T27237] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6447'.
[ 1301.438448][T27239] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6448'.
[ 1301.580037][T27246] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1302.080947][T26751] Bluetooth: hci4: command tx timeout
[ 1302.358477][T27266] IPVS: persistence engine module ip_vs_pe_ not found
[ 1302.456470][T27268] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1302.947645][T27273] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6455'.
[ 1302.979238][T27273] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1303.006579][T27273] CPU: 1 UID: 0 PID: 27273 Comm: syz.3.6455 Not tainted syzkaller #0 PREEMPT(full) 
[ 1303.006612][T27273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1303.006626][T27273] Call Trace:
[ 1303.006636][T27273]  <TASK>
[ 1303.006645][T27273]  dump_stack_lvl+0x189/0x250
[ 1303.006682][T27273]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1303.006708][T27273]  ? __pfx__printk+0x10/0x10
[ 1303.006746][T27273]  ? kernfs_path_from_node+0x2f/0x290
[ 1303.006769][T27273]  ? kernfs_path_from_node+0x250/0x290
[ 1303.006790][T27273]  ? kernfs_path_from_node+0x2f/0x290
[ 1303.006818][T27273]  sysfs_warn_dup+0x8e/0xa0
[ 1303.006842][T27273]  sysfs_do_create_link_sd+0xc0/0x110
[ 1303.006869][T27273]  device_add_class_symlinks+0x1cf/0x240
[ 1303.006898][T27273]  device_add+0x475/0xb50
[ 1303.006926][T27273]  wiphy_register+0x1ba6/0x28d0
[ 1303.006972][T27273]  ? __pfx_wiphy_register+0x10/0x10
[ 1303.006993][T27273]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1303.007031][T27273]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1303.007064][T27273]  ieee80211_register_hw+0x3425/0x4080
[ 1303.007115][T27273]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1303.007154][T27273]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1303.007189][T27273]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1303.007232][T27273]  ? __hrtimer_setup+0x187/0x210
[ 1303.007252][T27273]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1303.007304][T27273]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1303.007376][T27273]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1303.007403][T27273]  ? trace_kmalloc+0x1f/0xd0
[ 1303.007428][T27273]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1303.007456][T27273]  ? kstrndup+0xbf/0x160
[ 1303.007493][T27273]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1303.007525][T27273]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1303.007575][T27273]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1303.007621][T27273]  ? __nla_parse+0x40/0x60
[ 1303.007658][T27273]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1303.007698][T27273]  genl_family_rcv_msg_doit+0x212/0x300
[ 1303.007736][T27273]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1303.007782][T27273]  ? bpf_lsm_capable+0x9/0x20
[ 1303.007808][T27273]  ? security_capable+0x7e/0x2e0
[ 1303.007848][T27273]  genl_rcv_msg+0x60e/0x790
[ 1303.007884][T27273]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1303.007910][T27273]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1303.007959][T27273]  netlink_rcv_skb+0x205/0x470
[ 1303.007977][T27273]  ? __lock_acquire+0xab9/0xd20
[ 1303.008008][T27273]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1303.008036][T27273]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1303.008085][T27273]  ? down_read+0x1ad/0x2e0
[ 1303.008113][T27273]  genl_rcv+0x28/0x40
[ 1303.008137][T27273]  netlink_unicast+0x82f/0x9e0
[ 1303.008180][T27273]  ? __pfx_netlink_unicast+0x10/0x10
[ 1303.008213][T27273]  ? netlink_sendmsg+0x642/0xb30
[ 1303.008231][T27273]  ? skb_put+0x11b/0x210
[ 1303.008259][T27273]  netlink_sendmsg+0x805/0xb30
[ 1303.008303][T27273]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1303.008330][T27273]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1303.008353][T27273]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1303.008375][T27273]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1303.008398][T27273]  __sock_sendmsg+0x219/0x270
[ 1303.008432][T27273]  ____sys_sendmsg+0x505/0x830
[ 1303.008465][T27273]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1303.008504][T27273]  ? import_iovec+0x74/0xa0
[ 1303.008534][T27273]  ___sys_sendmsg+0x21f/0x2a0
[ 1303.008562][T27273]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1303.008640][T27273]  ? __fget_files+0x2a/0x420
[ 1303.008658][T27273]  ? __fget_files+0x3a0/0x420
[ 1303.008692][T27273]  __x64_sys_sendmsg+0x19b/0x260
[ 1303.008720][T27273]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1303.008760][T27273]  ? rcu_is_watching+0x15/0xb0
[ 1303.008788][T27273]  ? do_syscall_64+0xbe/0x3b0
[ 1303.008817][T27273]  do_syscall_64+0xfa/0x3b0
[ 1303.008837][T27273]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1303.008857][T27273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.008877][T27273]  ? clear_bhb_loop+0x60/0xb0
[ 1303.008904][T27273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.008923][T27273] RIP: 0033:0x7fe1cbf8ebe9
[ 1303.008944][T27273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1303.008962][T27273] RSP: 002b:00007fe1ccd54038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1303.008985][T27273] RAX: ffffffffffffffda RBX: 00007fe1cc1c5fa0 RCX: 00007fe1cbf8ebe9
[ 1303.009000][T27273] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[ 1303.009013][T27273] RBP: 00007fe1cc011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1303.009026][T27273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1303.009038][T27273] R13: 00007fe1cc1c6038 R14: 00007fe1cc1c5fa0 R15: 00007ffcb0d9f9c8
[ 1303.009086][T27273]  </TASK>
[ 1303.576083][T27275] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1303.595293][T27275] tipc: Bearer <udp:syz0>: already 2 bearers with priority 10
[ 1303.603269][T27275] tipc: Bearer <udp:syz0>: trying with adjusted priority
[ 1303.610551][T27275] tipc: Enabling of bearer <udp:syz0> rejected, max 3 bearers permitted
[ 1303.907224][T27279] netlink: 92 bytes leftover after parsing attributes in process `syz.3.6458'.
[ 1303.965644][T27279] netlink: 64 bytes leftover after parsing attributes in process `syz.3.6458'.
[ 1304.015790][T27283] netem: change failed
[ 1304.432409][T27291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6460'.
[ 1304.481036][T26751] Bluetooth: hci4: command tx timeout
[ 1304.664845][T27293] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1304.708564][T27293] CPU: 1 UID: 0 PID: 27293 Comm: syz.3.6460 Not tainted syzkaller #0 PREEMPT(full) 
[ 1304.708595][T27293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1304.708608][T27293] Call Trace:
[ 1304.708617][T27293]  <TASK>
[ 1304.708627][T27293]  dump_stack_lvl+0x189/0x250
[ 1304.708661][T27293]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1304.708684][T27293]  ? __pfx__printk+0x10/0x10
[ 1304.708721][T27293]  ? kernfs_path_from_node+0x2f/0x290
[ 1304.708744][T27293]  ? kernfs_path_from_node+0x250/0x290
[ 1304.708763][T27293]  ? kernfs_path_from_node+0x2f/0x290
[ 1304.708788][T27293]  sysfs_warn_dup+0x8e/0xa0
[ 1304.708808][T27293]  sysfs_do_create_link_sd+0xc0/0x110
[ 1304.708833][T27293]  device_add_class_symlinks+0x1cf/0x240
[ 1304.708858][T27293]  device_add+0x475/0xb50
[ 1304.708881][T27293]  wiphy_register+0x1ba6/0x28d0
[ 1304.708917][T27293]  ? __pfx_wiphy_register+0x10/0x10
[ 1304.708932][T27293]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1304.708960][T27293]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1304.708986][T27293]  ieee80211_register_hw+0x3425/0x4080
[ 1304.709024][T27293]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1304.709054][T27293]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1304.709079][T27293]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1304.709112][T27293]  ? __hrtimer_setup+0x187/0x210
[ 1304.709127][T27293]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1304.709153][T27293]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1304.709205][T27293]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1304.709225][T27293]  ? trace_kmalloc+0x1f/0xd0
[ 1304.709242][T27293]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1304.709262][T27293]  ? kstrndup+0xbf/0x160
[ 1304.709290][T27293]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1304.709314][T27293]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1304.709352][T27293]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1304.709387][T27293]  ? __nla_parse+0x40/0x60
[ 1304.709414][T27293]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1304.709444][T27293]  genl_family_rcv_msg_doit+0x212/0x300
[ 1304.709472][T27293]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1304.709505][T27293]  ? bpf_lsm_capable+0x9/0x20
[ 1304.709525][T27293]  ? security_capable+0x7e/0x2e0
[ 1304.709569][T27293]  genl_rcv_msg+0x60e/0x790
[ 1304.709595][T27293]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1304.709614][T27293]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1304.709650][T27293]  netlink_rcv_skb+0x205/0x470
[ 1304.709663][T27293]  ? __lock_acquire+0xab9/0xd20
[ 1304.709687][T27293]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1304.709709][T27293]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1304.709746][T27293]  ? down_read+0x1ad/0x2e0
[ 1304.709768][T27293]  genl_rcv+0x28/0x40
[ 1304.709785][T27293]  netlink_unicast+0x82f/0x9e0
[ 1304.709820][T27293]  ? __pfx_netlink_unicast+0x10/0x10
[ 1304.709846][T27293]  ? netlink_sendmsg+0x642/0xb30
[ 1304.709860][T27293]  ? skb_put+0x11b/0x210
[ 1304.709881][T27293]  netlink_sendmsg+0x805/0xb30
[ 1304.709907][T27293]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1304.709927][T27293]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1304.709944][T27293]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1304.709960][T27293]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1304.709977][T27293]  __sock_sendmsg+0x219/0x270
[ 1304.710002][T27293]  ____sys_sendmsg+0x505/0x830
[ 1304.710026][T27293]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1304.710054][T27293]  ? import_iovec+0x74/0xa0
[ 1304.710077][T27293]  ___sys_sendmsg+0x21f/0x2a0
[ 1304.710097][T27293]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1304.710155][T27293]  ? __fget_files+0x2a/0x420
[ 1304.710168][T27293]  ? __fget_files+0x3a0/0x420
[ 1304.710193][T27293]  __x64_sys_sendmsg+0x19b/0x260
[ 1304.710214][T27293]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1304.710245][T27293]  ? rcu_is_watching+0x15/0xb0
[ 1304.710272][T27293]  ? do_syscall_64+0xbe/0x3b0
[ 1304.710298][T27293]  do_syscall_64+0xfa/0x3b0
[ 1304.710318][T27293]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1304.710338][T27293]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1304.710376][T27293]  ? clear_bhb_loop+0x60/0xb0
[ 1304.710402][T27293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1304.710422][T27293] RIP: 0033:0x7fe1cbf8ebe9
[ 1304.710442][T27293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1304.710460][T27293] RSP: 002b:00007fe1ccd33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1304.710483][T27293] RAX: ffffffffffffffda RBX: 00007fe1cc1c6090 RCX: 00007fe1cbf8ebe9
[ 1304.710498][T27293] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1304.710512][T27293] RBP: 00007fe1cc011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1304.710525][T27293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1304.710545][T27293] R13: 00007fe1cc1c6128 R14: 00007fe1cc1c6090 R15: 00007ffcb0d9f9c8
[ 1304.710584][T27293]  </TASK>
[ 1305.596450][T27304] netlink: 'syz.3.6462': attribute type 13 has an invalid length.
[ 1305.624867][T27304] netlink: 'syz.3.6462': attribute type 17 has an invalid length.
[ 1305.703880][T27304] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1308.171313][T27318] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1308.186998][T27318] syzkaller0: entered promiscuous mode
[ 1308.194044][T27318] syzkaller0: entered allmulticast mode
[ 1308.208529][T27318] netem: change failed
[ 1310.557196][T27341] __nla_validate_parse: 1 callbacks suppressed
[ 1310.557411][T27341] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6473'.
[ 1313.805848][T27377] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1315.841352][T26751] Bluetooth: hci4: command tx timeout
[ 1316.711249][T27396] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6486'.
[ 1319.465561][T27427] IPVS: persistence engine module ip_vs_pe_ not found
[ 1319.572326][T27430] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1319.580032][T27427] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1319.870751][T27437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6495'.
[ 1319.910595][T27437] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6495'.
[ 1319.931156][T27437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6495'.
[ 1319.948559][T27437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6495'.
[ 1319.971002][T27439] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6496'.
[ 1319.989733][T27442] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1320.009872][T27442] netem: change failed
[ 1320.110174][T27447] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6498'.
[ 1320.314197][T27452] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1321.600891][T26751] Bluetooth: hci4: command tx timeout
[ 1321.709090][T27474] netlink: 'syz.3.6503': attribute type 1 has an invalid length.
[ 1321.795753][T27475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6503'.
[ 1321.808996][T27475] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6503'.
[ 1323.750540][T27485] IPVS: persistence engine module ip_vs_pe_ not found
[ 1323.761780][T27488] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1323.843792][T27487] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1324.326886][T27494] erspan0: entered allmulticast mode
[ 1324.349121][T27494] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[ 1324.388420][T27493] erspan0: left allmulticast mode
[ 1324.621233][T27498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6509'.
[ 1324.655025][T27498] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1324.694793][T27498] CPU: 1 UID: 0 PID: 27498 Comm: syz.3.6509 Not tainted syzkaller #0 PREEMPT(full) 
[ 1324.694825][T27498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1324.694839][T27498] Call Trace:
[ 1324.694848][T27498]  <TASK>
[ 1324.694858][T27498]  dump_stack_lvl+0x189/0x250
[ 1324.694894][T27498]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1324.694920][T27498]  ? __pfx__printk+0x10/0x10
[ 1324.694956][T27498]  ? kernfs_path_from_node+0x2f/0x290
[ 1324.694979][T27498]  ? kernfs_path_from_node+0x250/0x290
[ 1324.695000][T27498]  ? kernfs_path_from_node+0x2f/0x290
[ 1324.695028][T27498]  sysfs_warn_dup+0x8e/0xa0
[ 1324.695052][T27498]  sysfs_do_create_link_sd+0xc0/0x110
[ 1324.695079][T27498]  device_add_class_symlinks+0x1cf/0x240
[ 1324.695108][T27498]  device_add+0x475/0xb50
[ 1324.695137][T27498]  wiphy_register+0x1ba6/0x28d0
[ 1324.695181][T27498]  ? __pfx_wiphy_register+0x10/0x10
[ 1324.695202][T27498]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1324.695238][T27498]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1324.695271][T27498]  ieee80211_register_hw+0x3425/0x4080
[ 1324.695321][T27498]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1324.695359][T27498]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1324.695393][T27498]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1324.695435][T27498]  ? __hrtimer_setup+0x187/0x210
[ 1324.695454][T27498]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1324.695498][T27498]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1324.695567][T27498]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1324.695592][T27498]  ? trace_kmalloc+0x1f/0xd0
[ 1324.695616][T27498]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1324.695643][T27498]  ? kstrndup+0xbf/0x160
[ 1324.695678][T27498]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1324.695712][T27498]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1324.695762][T27498]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1324.695807][T27498]  ? __nla_parse+0x40/0x60
[ 1324.695843][T27498]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1324.695883][T27498]  genl_family_rcv_msg_doit+0x212/0x300
[ 1324.695919][T27498]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1324.695964][T27498]  ? bpf_lsm_capable+0x9/0x20
[ 1324.695990][T27498]  ? security_capable+0x7e/0x2e0
[ 1324.696028][T27498]  genl_rcv_msg+0x60e/0x790
[ 1324.696063][T27498]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1324.696089][T27498]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1324.696136][T27498]  netlink_rcv_skb+0x205/0x470
[ 1324.696155][T27498]  ? __lock_acquire+0xab9/0xd20
[ 1324.696186][T27498]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1324.696214][T27498]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1324.696259][T27498]  ? down_read+0x1ad/0x2e0
[ 1324.696288][T27498]  genl_rcv+0x28/0x40
[ 1324.696312][T27498]  netlink_unicast+0x82f/0x9e0
[ 1324.696355][T27498]  ? __pfx_netlink_unicast+0x10/0x10
[ 1324.696388][T27498]  ? netlink_sendmsg+0x642/0xb30
[ 1324.696406][T27498]  ? skb_put+0x11b/0x210
[ 1324.696433][T27498]  netlink_sendmsg+0x805/0xb30
[ 1324.696467][T27498]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1324.696503][T27498]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1324.696523][T27498]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1324.696543][T27498]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1324.696563][T27498]  __sock_sendmsg+0x219/0x270
[ 1324.696593][T27498]  ____sys_sendmsg+0x505/0x830
[ 1324.696623][T27498]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1324.696661][T27498]  ? import_iovec+0x74/0xa0
[ 1324.696691][T27498]  ___sys_sendmsg+0x21f/0x2a0
[ 1324.696718][T27498]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1324.696792][T27498]  ? __fget_files+0x2a/0x420
[ 1324.696811][T27498]  ? __fget_files+0x3a0/0x420
[ 1324.696844][T27498]  __x64_sys_sendmsg+0x19b/0x260
[ 1324.696887][T27498]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1324.696926][T27498]  ? rcu_is_watching+0x15/0xb0
[ 1324.696955][T27498]  ? do_syscall_64+0xbe/0x3b0
[ 1324.696983][T27498]  do_syscall_64+0xfa/0x3b0
[ 1324.697003][T27498]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1324.697025][T27498]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1324.697045][T27498]  ? clear_bhb_loop+0x60/0xb0
[ 1324.697072][T27498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1324.697092][T27498] RIP: 0033:0x7fe1cbf8ebe9
[ 1324.697113][T27498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1324.697130][T27498] RSP: 002b:00007fe1ccd54038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1324.697153][T27498] RAX: ffffffffffffffda RBX: 00007fe1cc1c5fa0 RCX: 00007fe1cbf8ebe9
[ 1324.697168][T27498] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1324.697182][T27498] RBP: 00007fe1cc011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1324.697194][T27498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1324.697207][T27498] R13: 00007fe1cc1c6038 R14: 00007fe1cc1c5fa0 R15: 00007ffcb0d9f9c8
[ 1324.697244][T27498]  </TASK>
[ 1325.930598][T26751] Bluetooth: hci4: command tx timeout
[ 1326.315643][T27510] IPVS: persistence engine module ip_vs_pe_ not found
[ 1326.501101][T27512] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1326.786381][T27516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6513'.
[ 1326.884863][T27516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6513'.
[ 1326.895280][T27518] netlink: 14 bytes leftover after parsing attributes in process `syz.4.6514'.
[ 1327.146226][T27518] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6514'.
[ 1327.298561][T27522] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6515'.
[ 1327.342364][T27522] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1327.370484][T27522] CPU: 1 UID: 0 PID: 27522 Comm: syz.1.6515 Not tainted syzkaller #0 PREEMPT(full) 
[ 1327.370517][T27522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1327.370530][T27522] Call Trace:
[ 1327.370541][T27522]  <TASK>
[ 1327.370550][T27522]  dump_stack_lvl+0x189/0x250
[ 1327.370585][T27522]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1327.370611][T27522]  ? __pfx__printk+0x10/0x10
[ 1327.370647][T27522]  ? kernfs_path_from_node+0x2f/0x290
[ 1327.370670][T27522]  ? kernfs_path_from_node+0x250/0x290
[ 1327.370691][T27522]  ? kernfs_path_from_node+0x2f/0x290
[ 1327.370719][T27522]  sysfs_warn_dup+0x8e/0xa0
[ 1327.370743][T27522]  sysfs_do_create_link_sd+0xc0/0x110
[ 1327.370770][T27522]  device_add_class_symlinks+0x1cf/0x240
[ 1327.370798][T27522]  device_add+0x475/0xb50
[ 1327.370827][T27522]  wiphy_register+0x1ba6/0x28d0
[ 1327.370871][T27522]  ? __pfx_wiphy_register+0x10/0x10
[ 1327.370891][T27522]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1327.370929][T27522]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1327.370962][T27522]  ieee80211_register_hw+0x3425/0x4080
[ 1327.371011][T27522]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1327.371049][T27522]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1327.371083][T27522]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1327.371125][T27522]  ? __hrtimer_setup+0x187/0x210
[ 1327.371144][T27522]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1327.371179][T27522]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1327.371257][T27522]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1327.371282][T27522]  ? trace_kmalloc+0x1f/0xd0
[ 1327.371306][T27522]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1327.371333][T27522]  ? kstrndup+0xbf/0x160
[ 1327.371370][T27522]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1327.371403][T27522]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1327.371454][T27522]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1327.371497][T27522]  ? __nla_parse+0x40/0x60
[ 1327.371534][T27522]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1327.371574][T27522]  genl_family_rcv_msg_doit+0x212/0x300
[ 1327.371610][T27522]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1327.371653][T27522]  ? bpf_lsm_capable+0x9/0x20
[ 1327.371677][T27522]  ? security_capable+0x7e/0x2e0
[ 1327.371715][T27522]  genl_rcv_msg+0x60e/0x790
[ 1327.371751][T27522]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1327.371776][T27522]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1327.371820][T27522]  netlink_rcv_skb+0x205/0x470
[ 1327.371837][T27522]  ? __lock_acquire+0xab9/0xd20
[ 1327.371867][T27522]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1327.371896][T27522]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1327.371944][T27522]  ? down_read+0x1ad/0x2e0
[ 1327.371972][T27522]  genl_rcv+0x28/0x40
[ 1327.371995][T27522]  netlink_unicast+0x82f/0x9e0
[ 1327.372040][T27522]  ? __pfx_netlink_unicast+0x10/0x10
[ 1327.372072][T27522]  ? netlink_sendmsg+0x642/0xb30
[ 1327.372090][T27522]  ? skb_put+0x11b/0x210
[ 1327.372119][T27522]  netlink_sendmsg+0x805/0xb30
[ 1327.372153][T27522]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1327.372180][T27522]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1327.372205][T27522]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1327.372261][T27522]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1327.372285][T27522]  __sock_sendmsg+0x219/0x270
[ 1327.372321][T27522]  ____sys_sendmsg+0x505/0x830
[ 1327.372355][T27522]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1327.372393][T27522]  ? import_iovec+0x74/0xa0
[ 1327.372424][T27522]  ___sys_sendmsg+0x21f/0x2a0
[ 1327.372454][T27522]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1327.372529][T27522]  ? __fget_files+0x2a/0x420
[ 1327.372547][T27522]  ? __fget_files+0x3a0/0x420
[ 1327.372581][T27522]  __x64_sys_sendmsg+0x19b/0x260
[ 1327.372610][T27522]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1327.372650][T27522]  ? rcu_is_watching+0x15/0xb0
[ 1327.372679][T27522]  ? do_syscall_64+0xbe/0x3b0
[ 1327.372708][T27522]  do_syscall_64+0xfa/0x3b0
[ 1327.372726][T27522]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1327.372745][T27522]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.372765][T27522]  ? clear_bhb_loop+0x60/0xb0
[ 1327.372790][T27522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.372809][T27522] RIP: 0033:0x7ff598b8ebe9
[ 1327.372829][T27522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1327.372847][T27522] RSP: 002b:00007ff5999ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1327.372871][T27522] RAX: ffffffffffffffda RBX: 00007ff598dc5fa0 RCX: 00007ff598b8ebe9
[ 1327.372886][T27522] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1327.372900][T27522] RBP: 00007ff598c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1327.372912][T27522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1327.372925][T27522] R13: 00007ff598dc6038 R14: 00007ff598dc5fa0 R15: 00007ffe94d51248
[ 1327.372963][T27522]  </TASK>
[ 1328.560823][T26751] Bluetooth: hci4: command tx timeout
[ 1329.110740][T27541] IPVS: persistence engine module ip_vs_pe_ not found
[ 1329.220516][T27547] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1329.245440][T27540] IPVS: persistence engine module ip_vs_pe_ not found
[ 1329.282624][T27541] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1329.345444][T27541] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1329.402337][T27551] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1329.463835][T27551] tipc: Resetting bearer <eth:syzkaller0>
[ 1329.726706][T27564] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6527'.
[ 1329.744998][T27564] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1329.754680][T27564] CPU: 0 UID: 0 PID: 27564 Comm: syz.1.6527 Not tainted syzkaller #0 PREEMPT(full) 
[ 1329.754711][T27564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1329.754725][T27564] Call Trace:
[ 1329.754734][T27564]  <TASK>
[ 1329.754745][T27564]  dump_stack_lvl+0x189/0x250
[ 1329.754782][T27564]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1329.754807][T27564]  ? __pfx__printk+0x10/0x10
[ 1329.754845][T27564]  ? kernfs_path_from_node+0x2f/0x290
[ 1329.754868][T27564]  ? kernfs_path_from_node+0x250/0x290
[ 1329.754889][T27564]  ? kernfs_path_from_node+0x2f/0x290
[ 1329.754917][T27564]  sysfs_warn_dup+0x8e/0xa0
[ 1329.754940][T27564]  sysfs_do_create_link_sd+0xc0/0x110
[ 1329.754967][T27564]  device_add_class_symlinks+0x1cf/0x240
[ 1329.754995][T27564]  device_add+0x475/0xb50
[ 1329.755023][T27564]  wiphy_register+0x1ba6/0x28d0
[ 1329.755069][T27564]  ? __pfx_wiphy_register+0x10/0x10
[ 1329.755090][T27564]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1329.755137][T27564]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1329.755171][T27564]  ieee80211_register_hw+0x3425/0x4080
[ 1329.755220][T27564]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1329.755260][T27564]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1329.755293][T27564]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1329.755336][T27564]  ? __hrtimer_setup+0x187/0x210
[ 1329.755354][T27564]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1329.755388][T27564]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1329.755457][T27564]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1329.755483][T27564]  ? trace_kmalloc+0x1f/0xd0
[ 1329.755506][T27564]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1329.755535][T27564]  ? kstrndup+0xbf/0x160
[ 1329.755571][T27564]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1329.755603][T27564]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1329.755654][T27564]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1329.755701][T27564]  ? __nla_parse+0x40/0x60
[ 1329.755737][T27564]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1329.755777][T27564]  genl_family_rcv_msg_doit+0x212/0x300
[ 1329.755814][T27564]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1329.755860][T27564]  ? bpf_lsm_capable+0x9/0x20
[ 1329.755886][T27564]  ? security_capable+0x7e/0x2e0
[ 1329.755928][T27564]  genl_rcv_msg+0x60e/0x790
[ 1329.755965][T27564]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1329.755990][T27564]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1329.756039][T27564]  netlink_rcv_skb+0x205/0x470
[ 1329.756057][T27564]  ? __lock_acquire+0xab9/0xd20
[ 1329.756088][T27564]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1329.756117][T27564]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1329.756174][T27564]  ? down_read+0x1ad/0x2e0
[ 1329.756201][T27564]  genl_rcv+0x28/0x40
[ 1329.756225][T27564]  netlink_unicast+0x82f/0x9e0
[ 1329.756269][T27564]  ? __pfx_netlink_unicast+0x10/0x10
[ 1329.756302][T27564]  ? netlink_sendmsg+0x642/0xb30
[ 1329.756321][T27564]  ? skb_put+0x11b/0x210
[ 1329.756351][T27564]  netlink_sendmsg+0x805/0xb30
[ 1329.756384][T27564]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1329.756411][T27564]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1329.756435][T27564]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1329.756456][T27564]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1329.756480][T27564]  __sock_sendmsg+0x219/0x270
[ 1329.756514][T27564]  ____sys_sendmsg+0x505/0x830
[ 1329.756546][T27564]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1329.756585][T27564]  ? import_iovec+0x74/0xa0
[ 1329.756615][T27564]  ___sys_sendmsg+0x21f/0x2a0
[ 1329.756643][T27564]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1329.756720][T27564]  ? __fget_files+0x2a/0x420
[ 1329.756738][T27564]  ? __fget_files+0x3a0/0x420
[ 1329.756773][T27564]  __x64_sys_sendmsg+0x19b/0x260
[ 1329.756801][T27564]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1329.756841][T27564]  ? rcu_is_watching+0x15/0xb0
[ 1329.756870][T27564]  ? do_syscall_64+0xbe/0x3b0
[ 1329.756898][T27564]  do_syscall_64+0xfa/0x3b0
[ 1329.756918][T27564]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1329.756939][T27564]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1329.756959][T27564]  ? clear_bhb_loop+0x60/0xb0
[ 1329.756986][T27564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1329.757006][T27564] RIP: 0033:0x7ff598b8ebe9
[ 1329.757026][T27564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1329.757044][T27564] RSP: 002b:00007ff5999ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1329.757066][T27564] RAX: ffffffffffffffda RBX: 00007ff598dc5fa0 RCX: 00007ff598b8ebe9
[ 1329.757081][T27564] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1329.757094][T27564] RBP: 00007ff598c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1329.757107][T27564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1329.757120][T27564] R13: 00007ff598dc6038 R14: 00007ff598dc5fa0 R15: 00007ffe94d51248
[ 1329.757170][T27564]  </TASK>
[ 1329.782576][T27566] netlink: 'syz.4.6526': attribute type 13 has an invalid length.
[ 1330.241831][T27580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6528'.
[ 1330.327682][T27579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1330.487977][T27570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1330.562702][T27566] netlink: 'syz.4.6526': attribute type 17 has an invalid length.
[ 1330.685445][T27566] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1331.280768][T26751] Bluetooth: hci4: command tx timeout
[ 1332.171375][T27593] netlink: 64 bytes leftover after parsing attributes in process `syz.3.6531'.
[ 1334.822902][T27610] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6534'.
[ 1335.028324][T27614] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6535'.
[ 1335.064340][T27610] 8021q: adding VLAN 0 to HW filter on device bond24
[ 1335.261576][T27607] 8021q: adding VLAN 0 to HW filter on device bond24
[ 1335.295593][T27607] bond24: (slave vxcan5): The slave device specified does not support setting the MAC address
[ 1335.378684][T27607] bond24: (slave vxcan5): Error -95 calling set_mac_address
[ 1335.832437][T27621] netlink: 'syz.0.6536': attribute type 13 has an invalid length.
[ 1335.840825][T27621] netlink: 'syz.0.6536': attribute type 17 has an invalid length.
[ 1335.863484][T27621] tipc: Resetting bearer <ib:ip6gre0>
[ 1335.882966][T27621] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1335.988618][T27620] IPVS: persistence engine module ip_vs_pe_ not found
[ 1336.068916][T27623] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1336.410676][T27627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6538'.
[ 1336.438426][T27627] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1336.457766][T27627] CPU: 0 UID: 0 PID: 27627 Comm: syz.4.6538 Not tainted syzkaller #0 PREEMPT(full) 
[ 1336.457798][T27627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1336.457811][T27627] Call Trace:
[ 1336.457821][T27627]  <TASK>
[ 1336.457831][T27627]  dump_stack_lvl+0x189/0x250
[ 1336.457867][T27627]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1336.457893][T27627]  ? __pfx__printk+0x10/0x10
[ 1336.457925][T27627]  ? __rcu_read_unlock+0x84/0xe0
[ 1336.457954][T27627]  ? kernfs_path_from_node+0x2f/0x290
[ 1336.457976][T27627]  ? kernfs_path_from_node+0x250/0x290
[ 1336.457997][T27627]  ? kernfs_path_from_node+0x2f/0x290
[ 1336.458026][T27627]  sysfs_warn_dup+0x8e/0xa0
[ 1336.458048][T27627]  sysfs_do_create_link_sd+0xc0/0x110
[ 1336.458075][T27627]  device_add_class_symlinks+0x1cf/0x240
[ 1336.458103][T27627]  device_add+0x475/0xb50
[ 1336.458131][T27627]  wiphy_register+0x1ba6/0x28d0
[ 1336.458176][T27627]  ? __pfx_wiphy_register+0x10/0x10
[ 1336.458196][T27627]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1336.458234][T27627]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1336.458266][T27627]  ieee80211_register_hw+0x3425/0x4080
[ 1336.458315][T27627]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1336.458362][T27627]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1336.458395][T27627]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1336.458436][T27627]  ? __hrtimer_setup+0x187/0x210
[ 1336.458454][T27627]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1336.458490][T27627]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1336.458559][T27627]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1336.458585][T27627]  ? trace_kmalloc+0x1f/0xd0
[ 1336.458608][T27627]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1336.458636][T27627]  ? kstrndup+0xbf/0x160
[ 1336.458671][T27627]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1336.458703][T27627]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1336.458753][T27627]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1336.458804][T27627]  ? __nla_parse+0x40/0x60
[ 1336.458840][T27627]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1336.458879][T27627]  genl_family_rcv_msg_doit+0x212/0x300
[ 1336.458915][T27627]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1336.458960][T27627]  ? bpf_lsm_capable+0x9/0x20
[ 1336.458986][T27627]  ? security_capable+0x7e/0x2e0
[ 1336.459025][T27627]  genl_rcv_msg+0x60e/0x790
[ 1336.459060][T27627]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1336.459081][T27627]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1336.459123][T27627]  netlink_rcv_skb+0x205/0x470
[ 1336.459140][T27627]  ? __lock_acquire+0xab9/0xd20
[ 1336.459165][T27627]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1336.459191][T27627]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1336.459233][T27627]  ? down_read+0x1ad/0x2e0
[ 1336.459258][T27627]  genl_rcv+0x28/0x40
[ 1336.459279][T27627]  netlink_unicast+0x82f/0x9e0
[ 1336.459317][T27627]  ? __pfx_netlink_unicast+0x10/0x10
[ 1336.459359][T27627]  ? netlink_sendmsg+0x642/0xb30
[ 1336.459378][T27627]  ? skb_put+0x11b/0x210
[ 1336.459406][T27627]  netlink_sendmsg+0x805/0xb30
[ 1336.459440][T27627]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1336.459466][T27627]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1336.459488][T27627]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1336.459510][T27627]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1336.459533][T27627]  __sock_sendmsg+0x219/0x270
[ 1336.459567][T27627]  ____sys_sendmsg+0x505/0x830
[ 1336.459599][T27627]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1336.459636][T27627]  ? import_iovec+0x74/0xa0
[ 1336.459665][T27627]  ___sys_sendmsg+0x21f/0x2a0
[ 1336.459694][T27627]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1336.459769][T27627]  ? __fget_files+0x2a/0x420
[ 1336.459787][T27627]  ? __fget_files+0x3a0/0x420
[ 1336.459820][T27627]  __x64_sys_sendmsg+0x19b/0x260
[ 1336.459848][T27627]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1336.459887][T27627]  ? rcu_is_watching+0x15/0xb0
[ 1336.459915][T27627]  ? do_syscall_64+0xbe/0x3b0
[ 1336.459943][T27627]  do_syscall_64+0xfa/0x3b0
[ 1336.459963][T27627]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1336.459983][T27627]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.460003][T27627]  ? clear_bhb_loop+0x60/0xb0
[ 1336.460030][T27627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.460050][T27627] RIP: 0033:0x7f411d18ebe9
[ 1336.460070][T27627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1336.460086][T27627] RSP: 002b:00007f411df99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1336.460110][T27627] RAX: ffffffffffffffda RBX: 00007f411d3c5fa0 RCX: 00007f411d18ebe9
[ 1336.460125][T27627] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1336.460138][T27627] RBP: 00007f411d211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1336.460151][T27627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1336.460164][T27627] R13: 00007f411d3c6038 R14: 00007f411d3c5fa0 R15: 00007ffd47f869f8
[ 1336.460203][T27627]  </TASK>
[ 1338.080467][T26751] Bluetooth: hci4: command tx timeout
[ 1339.166470][T27651] netlink: 'syz.4.6543': attribute type 9 has an invalid length.
[ 1339.180367][T27651] netlink: 'syz.4.6543': attribute type 6 has an invalid length.
[ 1342.386966][T27668] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6547'.
[ 1343.347050][T27683] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1343.389751][T27683] sch_tbf: burst 127 is lower than device syzkaller0 mtu (313) !
[ 1343.844941][T27689] netlink: 'syz.1.6555': attribute type 13 has an invalid length.
[ 1343.860398][T27689] netlink: 'syz.1.6555': attribute type 17 has an invalid length.
[ 1343.891571][T27689] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1343.975388][T27691] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6556'.
[ 1344.080435][T27692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1344.187005][T27692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1344.489083][T27697] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6557'.
[ 1344.535364][T27697] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1344.570443][T27697] CPU: 0 UID: 0 PID: 27697 Comm: syz.0.6557 Not tainted syzkaller #0 PREEMPT(full) 
[ 1344.570474][T27697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1344.570487][T27697] Call Trace:
[ 1344.570496][T27697]  <TASK>
[ 1344.570505][T27697]  dump_stack_lvl+0x189/0x250
[ 1344.570543][T27697]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1344.570568][T27697]  ? __pfx__printk+0x10/0x10
[ 1344.570604][T27697]  ? kernfs_path_from_node+0x2f/0x290
[ 1344.570628][T27697]  ? kernfs_path_from_node+0x250/0x290
[ 1344.570648][T27697]  ? kernfs_path_from_node+0x2f/0x290
[ 1344.570677][T27697]  sysfs_warn_dup+0x8e/0xa0
[ 1344.570700][T27697]  sysfs_do_create_link_sd+0xc0/0x110
[ 1344.570725][T27697]  device_add_class_symlinks+0x1cf/0x240
[ 1344.570753][T27697]  device_add+0x475/0xb50
[ 1344.570781][T27697]  wiphy_register+0x1ba6/0x28d0
[ 1344.570826][T27697]  ? __pfx_wiphy_register+0x10/0x10
[ 1344.570847][T27697]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1344.570884][T27697]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1344.570915][T27697]  ieee80211_register_hw+0x3425/0x4080
[ 1344.570965][T27697]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1344.571004][T27697]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1344.571036][T27697]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1344.571077][T27697]  ? __hrtimer_setup+0x187/0x210
[ 1344.571095][T27697]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1344.571129][T27697]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1344.571197][T27697]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1344.571223][T27697]  ? trace_kmalloc+0x1f/0xd0
[ 1344.571246][T27697]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1344.571273][T27697]  ? kstrndup+0xbf/0x160
[ 1344.571309][T27697]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1344.571340][T27697]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1344.571395][T27697]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1344.571440][T27697]  ? __nla_parse+0x40/0x60
[ 1344.571476][T27697]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1344.571515][T27697]  genl_family_rcv_msg_doit+0x212/0x300
[ 1344.571552][T27697]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1344.571596][T27697]  ? bpf_lsm_capable+0x9/0x20
[ 1344.571622][T27697]  ? security_capable+0x7e/0x2e0
[ 1344.571661][T27697]  genl_rcv_msg+0x60e/0x790
[ 1344.571697][T27697]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1344.571722][T27697]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1344.571769][T27697]  netlink_rcv_skb+0x205/0x470
[ 1344.571787][T27697]  ? __lock_acquire+0xab9/0xd20
[ 1344.571817][T27697]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1344.571845][T27697]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1344.571892][T27697]  ? down_read+0x1ad/0x2e0
[ 1344.571919][T27697]  genl_rcv+0x28/0x40
[ 1344.571943][T27697]  netlink_unicast+0x82f/0x9e0
[ 1344.571987][T27697]  ? __pfx_netlink_unicast+0x10/0x10
[ 1344.572019][T27697]  ? netlink_sendmsg+0x642/0xb30
[ 1344.572037][T27697]  ? skb_put+0x11b/0x210
[ 1344.572065][T27697]  netlink_sendmsg+0x805/0xb30
[ 1344.572100][T27697]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1344.572126][T27697]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1344.572148][T27697]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1344.572169][T27697]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1344.572192][T27697]  __sock_sendmsg+0x219/0x270
[ 1344.572226][T27697]  ____sys_sendmsg+0x505/0x830
[ 1344.572258][T27697]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1344.572296][T27697]  ? import_iovec+0x74/0xa0
[ 1344.572323][T27697]  ___sys_sendmsg+0x21f/0x2a0
[ 1344.572349][T27697]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1344.572427][T27697]  ? __fget_files+0x2a/0x420
[ 1344.572445][T27697]  ? __fget_files+0x3a0/0x420
[ 1344.572478][T27697]  __x64_sys_sendmsg+0x19b/0x260
[ 1344.572524][T27697]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1344.572561][T27697]  ? rcu_is_watching+0x15/0xb0
[ 1344.572588][T27697]  ? do_syscall_64+0xbe/0x3b0
[ 1344.572614][T27697]  do_syscall_64+0xfa/0x3b0
[ 1344.572632][T27697]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1344.572650][T27697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1344.572669][T27697]  ? clear_bhb_loop+0x60/0xb0
[ 1344.572693][T27697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1344.572712][T27697] RIP: 0033:0x7f89ae98ebe9
[ 1344.572731][T27697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1344.572747][T27697] RSP: 002b:00007f89af8a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1344.572770][T27697] RAX: ffffffffffffffda RBX: 00007f89aebc5fa0 RCX: 00007f89ae98ebe9
[ 1344.572784][T27697] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1344.572796][T27697] RBP: 00007f89aea11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1344.572808][T27697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1344.572821][T27697] R13: 00007f89aebc6038 R14: 00007f89aebc5fa0 R15: 00007ffdff8922d8
[ 1344.572860][T27697]  </TASK>
[ 1345.831871][T27708] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6560'.
[ 1346.192636][T27715] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6562'.
[ 1346.215952][T27718] netlink: 'syz.0.6563': attribute type 13 has an invalid length.
[ 1346.260318][T27718] netlink: 'syz.0.6563': attribute type 17 has an invalid length.
[ 1346.282712][T27718] tipc: Resetting bearer <ib:ip6gre0>
[ 1346.320005][T27718] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1346.478911][T27722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6564'.
[ 1347.618497][T27731] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1347.995957][T27740] netlink: 'syz.4.6569': attribute type 9 has an invalid length.
[ 1348.004212][T27740] netlink: 'syz.4.6569': attribute type 6 has an invalid length.
[ 1348.017794][T27741] netem: change failed
[ 1349.309974][T27755] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6573'.
[ 1349.387333][T27757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6574'.
[ 1349.518167][T27760] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6575'.
[ 1349.640419][T26751] Bluetooth: hci4: command tx timeout
[ 1349.731793][T27767] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6575'.
[ 1349.801776][T27765] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6577'.
[ 1349.904137][T27765] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6577'.
[ 1350.847823][T27779] syzkaller1: entered promiscuous mode
[ 1350.852657][T27784] netlink: 'syz.0.6582': attribute type 13 has an invalid length.
[ 1350.866739][T27779] syzkaller1: entered allmulticast mode
[ 1350.898878][T27784] netlink: 'syz.0.6582': attribute type 17 has an invalid length.
[ 1350.909814][T27784] tipc: Resetting bearer <ib:ip6gre0>
[ 1350.952650][T27784] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1351.358554][T27792] netlink: 'syz.1.6584': attribute type 13 has an invalid length.
[ 1351.384797][T27792] netlink: 'syz.1.6584': attribute type 17 has an invalid length.
[ 1351.448691][T27792] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1352.520894][T27799] netlink: 'syz.3.6586': attribute type 13 has an invalid length.
[ 1352.530501][T27799] netlink: 'syz.3.6586': attribute type 17 has an invalid length.
[ 1352.580857][T27799] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1353.314559][T27797] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1356.864119][T27804] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6587'.
[ 1357.378092][T27808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6588'.
[ 1357.391269][T27810] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1357.436559][T27808] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6588'.
[ 1357.647338][T27815] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6588'.
[ 1357.934530][T27823] netlink: 'syz.1.6594': attribute type 29 has an invalid length.
[ 1357.947264][T27823] netlink: 'syz.1.6594': attribute type 29 has an invalid length.
[ 1358.276821][T27832] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6597'.
[ 1358.296655][T27832] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6597'.
[ 1358.325629][T27832] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6597'.
[ 1358.343202][T27834] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6598'.
[ 1358.387488][T27832] netlink: 36 bytes leftover after parsing attributes in process `syz.0.6597'.
[ 1358.727815][T27848] netlink: 'syz.0.6600': attribute type 13 has an invalid length.
[ 1358.736372][T27848] netlink: 'syz.0.6600': attribute type 17 has an invalid length.
[ 1358.776028][T27848] tipc: Resetting bearer <ib:ip6gre0>
[ 1358.795353][T27848] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1362.899124][T27871] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1364.043005][T27879] netlink: 'syz.0.6610': attribute type 1 has an invalid length.
[ 1364.092995][T27880] netlink: 68 bytes leftover after parsing attributes in process `syz.0.6610'.
[ 1364.441870][T27883] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1364.960380][T26751] Bluetooth: hci4: command tx timeout
[ 1366.605585][T27895] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1367.021453][T27900] netlink: 'syz.3.6616': attribute type 10 has an invalid length.
[ 1367.128269][T27903] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1367.151883][T27903] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[ 1367.167822][T27903] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[ 1367.188604][T27903] tipc: Resetting bearer <eth:syzkaller0>
[ 1367.506053][T27910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6620'.
[ 1367.596664][T27910] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1367.646231][T27910] CPU: 1 UID: 0 PID: 27910 Comm: syz.1.6620 Not tainted syzkaller #0 PREEMPT(full) 
[ 1367.646273][T27910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1367.646286][T27910] Call Trace:
[ 1367.646296][T27910]  <TASK>
[ 1367.646306][T27910]  dump_stack_lvl+0x189/0x250
[ 1367.646342][T27910]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1367.646366][T27910]  ? __pfx__printk+0x10/0x10
[ 1367.646414][T27910]  ? kernfs_path_from_node+0x2f/0x290
[ 1367.646437][T27910]  ? kernfs_path_from_node+0x250/0x290
[ 1367.646458][T27910]  ? kernfs_path_from_node+0x2f/0x290
[ 1367.646487][T27910]  sysfs_warn_dup+0x8e/0xa0
[ 1367.646510][T27910]  sysfs_do_create_link_sd+0xc0/0x110
[ 1367.646536][T27910]  device_add_class_symlinks+0x1cf/0x240
[ 1367.646565][T27910]  device_add+0x475/0xb50
[ 1367.646594][T27910]  wiphy_register+0x1ba6/0x28d0
[ 1367.646639][T27910]  ? __pfx_wiphy_register+0x10/0x10
[ 1367.646659][T27910]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1367.646697][T27910]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1367.646730][T27910]  ieee80211_register_hw+0x3425/0x4080
[ 1367.646782][T27910]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1367.646821][T27910]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1367.646854][T27910]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1367.646897][T27910]  ? __hrtimer_setup+0x187/0x210
[ 1367.646916][T27910]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1367.646951][T27910]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1367.647021][T27910]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1367.647047][T27910]  ? trace_kmalloc+0x1f/0xd0
[ 1367.647071][T27910]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1367.647099][T27910]  ? kstrndup+0xbf/0x160
[ 1367.647135][T27910]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1367.647167][T27910]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1367.647218][T27910]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1367.647272][T27910]  ? __nla_parse+0x40/0x60
[ 1367.647309][T27910]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1367.647350][T27910]  genl_family_rcv_msg_doit+0x212/0x300
[ 1367.647387][T27910]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1367.647433][T27910]  ? bpf_lsm_capable+0x9/0x20
[ 1367.647459][T27910]  ? security_capable+0x7e/0x2e0
[ 1367.647499][T27910]  genl_rcv_msg+0x60e/0x790
[ 1367.647536][T27910]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1367.647561][T27910]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1367.647610][T27910]  netlink_rcv_skb+0x205/0x470
[ 1367.647629][T27910]  ? __lock_acquire+0xab9/0xd20
[ 1367.647660][T27910]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1367.647689][T27910]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1367.647738][T27910]  ? down_read+0x1ad/0x2e0
[ 1367.647766][T27910]  genl_rcv+0x28/0x40
[ 1367.647791][T27910]  netlink_unicast+0x82f/0x9e0
[ 1367.647835][T27910]  ? __pfx_netlink_unicast+0x10/0x10
[ 1367.647868][T27910]  ? netlink_sendmsg+0x642/0xb30
[ 1367.647887][T27910]  ? skb_put+0x11b/0x210
[ 1367.647915][T27910]  netlink_sendmsg+0x805/0xb30
[ 1367.647950][T27910]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1367.647977][T27910]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1367.648000][T27910]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1367.648020][T27910]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1367.648043][T27910]  __sock_sendmsg+0x219/0x270
[ 1367.648078][T27910]  ____sys_sendmsg+0x505/0x830
[ 1367.648111][T27910]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1367.648150][T27910]  ? import_iovec+0x74/0xa0
[ 1367.648180][T27910]  ___sys_sendmsg+0x21f/0x2a0
[ 1367.648208][T27910]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1367.648293][T27910]  ? __fget_files+0x2a/0x420
[ 1367.648311][T27910]  ? __fget_files+0x3a0/0x420
[ 1367.648345][T27910]  __x64_sys_sendmsg+0x19b/0x260
[ 1367.648374][T27910]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1367.648413][T27910]  ? rcu_is_watching+0x15/0xb0
[ 1367.648442][T27910]  ? do_syscall_64+0xbe/0x3b0
[ 1367.648471][T27910]  do_syscall_64+0xfa/0x3b0
[ 1367.648491][T27910]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1367.648512][T27910]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.648532][T27910]  ? clear_bhb_loop+0x60/0xb0
[ 1367.648558][T27910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.648578][T27910] RIP: 0033:0x7ff598b8ebe9
[ 1367.648598][T27910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1367.648616][T27910] RSP: 002b:00007ff5999ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1367.648639][T27910] RAX: ffffffffffffffda RBX: 00007ff598dc5fa0 RCX: 00007ff598b8ebe9
[ 1367.648653][T27910] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1367.648666][T27910] RBP: 00007ff598c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1367.648680][T27910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1367.648693][T27910] R13: 00007ff598dc6038 R14: 00007ff598dc5fa0 R15: 00007ffe94d51248
[ 1367.648733][T27910]  </TASK>
[ 1369.286692][T27925] netlink: 'syz.4.6624': attribute type 3 has an invalid length.
[ 1369.909972][T27940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6629'.
[ 1370.584449][T27949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6631'.
[ 1370.671438][T27949] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1370.706616][T27949] CPU: 0 UID: 0 PID: 27949 Comm: syz.4.6631 Not tainted syzkaller #0 PREEMPT(full) 
[ 1370.706648][T27949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1370.706661][T27949] Call Trace:
[ 1370.706670][T27949]  <TASK>
[ 1370.706681][T27949]  dump_stack_lvl+0x189/0x250
[ 1370.706717][T27949]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1370.706743][T27949]  ? __pfx__printk+0x10/0x10
[ 1370.706780][T27949]  ? kernfs_path_from_node+0x2f/0x290
[ 1370.706802][T27949]  ? kernfs_path_from_node+0x250/0x290
[ 1370.706823][T27949]  ? kernfs_path_from_node+0x2f/0x290
[ 1370.706852][T27949]  sysfs_warn_dup+0x8e/0xa0
[ 1370.706876][T27949]  sysfs_do_create_link_sd+0xc0/0x110
[ 1370.706903][T27949]  device_add_class_symlinks+0x1cf/0x240
[ 1370.706931][T27949]  device_add+0x475/0xb50
[ 1370.706959][T27949]  wiphy_register+0x1ba6/0x28d0
[ 1370.706999][T27949]  ? __pfx_wiphy_register+0x10/0x10
[ 1370.707018][T27949]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1370.707056][T27949]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1370.707089][T27949]  ieee80211_register_hw+0x3425/0x4080
[ 1370.707141][T27949]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1370.707179][T27949]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1370.707220][T27949]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1370.707262][T27949]  ? __hrtimer_setup+0x187/0x210
[ 1370.707281][T27949]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1370.707317][T27949]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1370.707388][T27949]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1370.707413][T27949]  ? trace_kmalloc+0x1f/0xd0
[ 1370.707437][T27949]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1370.707464][T27949]  ? kstrndup+0xbf/0x160
[ 1370.707500][T27949]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1370.707532][T27949]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1370.707583][T27949]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1370.707634][T27949]  ? __nla_parse+0x40/0x60
[ 1370.707670][T27949]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1370.707709][T27949]  genl_family_rcv_msg_doit+0x212/0x300
[ 1370.707746][T27949]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1370.707792][T27949]  ? bpf_lsm_capable+0x9/0x20
[ 1370.707817][T27949]  ? security_capable+0x7e/0x2e0
[ 1370.707857][T27949]  genl_rcv_msg+0x60e/0x790
[ 1370.707892][T27949]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1370.707918][T27949]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1370.707974][T27949]  netlink_rcv_skb+0x205/0x470
[ 1370.707992][T27949]  ? __lock_acquire+0xab9/0xd20
[ 1370.708022][T27949]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1370.708051][T27949]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1370.708099][T27949]  ? down_read+0x1ad/0x2e0
[ 1370.708127][T27949]  genl_rcv+0x28/0x40
[ 1370.708151][T27949]  netlink_unicast+0x82f/0x9e0
[ 1370.708193][T27949]  ? __pfx_netlink_unicast+0x10/0x10
[ 1370.708234][T27949]  ? netlink_sendmsg+0x642/0xb30
[ 1370.708251][T27949]  ? skb_put+0x11b/0x210
[ 1370.708279][T27949]  netlink_sendmsg+0x805/0xb30
[ 1370.708314][T27949]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1370.708340][T27949]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1370.708363][T27949]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1370.708384][T27949]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1370.708408][T27949]  __sock_sendmsg+0x219/0x270
[ 1370.708441][T27949]  ____sys_sendmsg+0x505/0x830
[ 1370.708474][T27949]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1370.708512][T27949]  ? import_iovec+0x74/0xa0
[ 1370.708541][T27949]  ___sys_sendmsg+0x21f/0x2a0
[ 1370.708570][T27949]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1370.708646][T27949]  ? __fget_files+0x2a/0x420
[ 1370.708664][T27949]  ? __fget_files+0x3a0/0x420
[ 1370.708697][T27949]  __x64_sys_sendmsg+0x19b/0x260
[ 1370.708726][T27949]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1370.708766][T27949]  ? rcu_is_watching+0x15/0xb0
[ 1370.708794][T27949]  ? do_syscall_64+0xbe/0x3b0
[ 1370.708823][T27949]  do_syscall_64+0xfa/0x3b0
[ 1370.708842][T27949]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1370.708859][T27949]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.708878][T27949]  ? clear_bhb_loop+0x60/0xb0
[ 1370.708903][T27949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.708920][T27949] RIP: 0033:0x7f411d18ebe9
[ 1370.708939][T27949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1370.708955][T27949] RSP: 002b:00007f411df99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1370.708975][T27949] RAX: ffffffffffffffda RBX: 00007f411d3c5fa0 RCX: 00007f411d18ebe9
[ 1370.708989][T27949] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1370.709001][T27949] RBP: 00007f411d211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1370.709014][T27949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1370.709027][T27949] R13: 00007f411d3c6038 R14: 00007f411d3c5fa0 R15: 00007ffd47f869f8
[ 1370.709066][T27949]  </TASK>
[ 1371.592481][T27946] Failed to register nexthop notifier
[ 1371.610155][T27959] netlink: 'syz.3.6633': attribute type 9 has an invalid length.
[ 1371.655518][T27959] netlink: 'syz.3.6633': attribute type 6 has an invalid length.
[ 1371.918309][T27964] netlink: 'syz.1.6634': attribute type 13 has an invalid length.
[ 1371.932155][T27964] netlink: 'syz.1.6634': attribute type 17 has an invalid length.
[ 1371.966335][T27964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1374.498684][T27977] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6637'.
[ 1374.527619][T27977] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6637'.
[ 1375.124139][T27982] lo: entered allmulticast mode
[ 1375.163946][T27982] dvmrp6: entered allmulticast mode
[ 1375.198291][T27981] lo: left allmulticast mode
[ 1375.205770][T27981] dvmrp6: left allmulticast mode
[ 1375.324244][T27985] netlink: 'syz.1.6639': attribute type 13 has an invalid length.
[ 1375.340455][T27985] netlink: 'syz.1.6639': attribute type 17 has an invalid length.
[ 1375.353367][T27985] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1376.130912][T27987] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6640'.
[ 1376.185979][T27987] netlink: 64 bytes leftover after parsing attributes in process `syz.4.6640'.
[ 1377.653633][T28003] tipc: Resetting bearer <ib:ip6gre0>
[ 1377.663657][T28004] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1377.769010][T28003] bond13: (slave veth23): Releasing active interface
[ 1380.464394][T28045] netlink: 'syz.1.6649': attribute type 13 has an invalid length.
[ 1380.488422][T28045] netlink: 'syz.1.6649': attribute type 17 has an invalid length.
[ 1380.542130][T28045] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1380.975661][T28048] netlink: zone id is out of range
[ 1380.983242][T28048] netlink: zone id is out of range
[ 1380.988541][T28048] netlink: zone id is out of range
[ 1380.998404][T28048] netlink: zone id is out of range
[ 1381.004608][T28048] netlink: zone id is out of range
[ 1381.010022][T28048] netlink: zone id is out of range
[ 1381.016553][T28048] netlink: zone id is out of range
[ 1381.022397][T28048] netlink: zone id is out of range
[ 1381.027794][T28048] netlink: zone id is out of range
[ 1381.597864][T28065] netlink: 'syz.4.6652': attribute type 13 has an invalid length.
[ 1381.633361][T28065] netlink: 'syz.4.6652': attribute type 17 has an invalid length.
[ 1383.620623][T28082] netlink: 'syz.2.6658': attribute type 13 has an invalid length.
[ 1383.634294][T28082] netlink: 'syz.2.6658': attribute type 17 has an invalid length.
[ 1384.392158][T28080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1384.649455][T28090] wg1: entered promiscuous mode
[ 1384.659533][T28090] wg1: entered allmulticast mode
[ 1388.251246][T28113] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6667'.
[ 1388.438211][T28117] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6667'.
[ 1388.487031][T28118] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1388.626892][T28121] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[ 1389.837680][T28150] netlink: 'syz.2.6675': attribute type 10 has an invalid length.
[ 1389.840789][T28154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6677'.
[ 1390.607569][T26751] Bluetooth: hci4: command tx timeout
[ 1390.640572][T26751] Bluetooth: hci0: command tx timeout
[ 1390.785561][T28166] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1390.803423][T28165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6679'.
[ 1390.986418][T28171] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6682'.
[ 1391.139125][T28175] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6682'.
[ 1391.263679][T28178] tipc: Enabling of bearer <ib:ip6gre0> rejected, already enabled
[ 1391.497393][T28187] netlink: 'syz.3.6686': attribute type 13 has an invalid length.
[ 1391.519405][T28187] netlink: 'syz.3.6686': attribute type 17 has an invalid length.
[ 1391.707757][T28187] net_ratelimit: 18 callbacks suppressed
[ 1391.707781][T28187] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1391.956024][T28193] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6687'.
[ 1392.364518][T28209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6688'.
[ 1393.429536][T28226] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6693'.
[ 1393.515514][T28223] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[ 1393.576794][T28233] netlink: 'syz.1.6692': attribute type 10 has an invalid length.
[ 1393.599633][T28227] team0: Port device dummy0 removed
[ 1393.669125][T28227] bond9: (slave geneve3): Releasing active interface
[ 1393.737229][T28227] team0: Port device bond10 removed
[ 1393.794471][T28231] sysfs: cannot create duplicate filename '/class/ieee80211/!å'
[ 1393.803292][T28231] CPU: 0 UID: 0 PID: 28231 Comm: syz.2.6693 Not tainted syzkaller #0 PREEMPT(full) 
[ 1393.803323][T28231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1393.803335][T28231] Call Trace:
[ 1393.803345][T28231]  <TASK>
[ 1393.803355][T28231]  dump_stack_lvl+0x189/0x250
[ 1393.803390][T28231]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1393.803417][T28231]  ? __pfx__printk+0x10/0x10
[ 1393.803454][T28231]  ? kernfs_path_from_node+0x2f/0x290
[ 1393.803477][T28231]  ? kernfs_path_from_node+0x250/0x290
[ 1393.803498][T28231]  ? kernfs_path_from_node+0x2f/0x290
[ 1393.803535][T28231]  sysfs_warn_dup+0x8e/0xa0
[ 1393.803558][T28231]  sysfs_do_create_link_sd+0xc0/0x110
[ 1393.803591][T28231]  device_add_class_symlinks+0x1cf/0x240
[ 1393.803620][T28231]  device_add+0x475/0xb50
[ 1393.803662][T28231]  wiphy_register+0x1ba6/0x28d0
[ 1393.803707][T28231]  ? __pfx_wiphy_register+0x10/0x10
[ 1393.803728][T28231]  ? minstrel_ht_alloc+0x6dd/0x7e0
[ 1393.803787][T28231]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[ 1393.803821][T28231]  ieee80211_register_hw+0x3425/0x4080
[ 1393.803872][T28231]  ? ieee80211_register_hw+0x14e1/0x4080
[ 1393.803911][T28231]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1393.803945][T28231]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1393.803988][T28231]  ? __hrtimer_setup+0x187/0x210
[ 1393.804006][T28231]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1393.804050][T28231]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[ 1393.804119][T28231]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1393.804145][T28231]  ? trace_kmalloc+0x1f/0xd0
[ 1393.804168][T28231]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[ 1393.804203][T28231]  ? kstrndup+0xbf/0x160
[ 1393.804238][T28231]  hwsim_new_radio_nl+0xea4/0x1b10
[ 1393.804270][T28231]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1393.804327][T28231]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1393.804374][T28231]  ? __nla_parse+0x40/0x60
[ 1393.804410][T28231]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1393.804450][T28231]  genl_family_rcv_msg_doit+0x212/0x300
[ 1393.804487][T28231]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1393.804532][T28231]  ? bpf_lsm_capable+0x9/0x20
[ 1393.804558][T28231]  ? security_capable+0x7e/0x2e0
[ 1393.804597][T28231]  genl_rcv_msg+0x60e/0x790
[ 1393.804633][T28231]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1393.804658][T28231]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1393.804707][T28231]  netlink_rcv_skb+0x205/0x470
[ 1393.804726][T28231]  ? __lock_acquire+0xab9/0xd20
[ 1393.804756][T28231]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1393.804784][T28231]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1393.804830][T28231]  ? down_read+0x1ad/0x2e0
[ 1393.804856][T28231]  genl_rcv+0x28/0x40
[ 1393.804880][T28231]  netlink_unicast+0x82f/0x9e0
[ 1393.804923][T28231]  ? __pfx_netlink_unicast+0x10/0x10
[ 1393.804956][T28231]  ? netlink_sendmsg+0x642/0xb30
[ 1393.804975][T28231]  ? skb_put+0x11b/0x210
[ 1393.805002][T28231]  netlink_sendmsg+0x805/0xb30
[ 1393.805045][T28231]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1393.805072][T28231]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1393.805095][T28231]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1393.805116][T28231]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1393.805139][T28231]  __sock_sendmsg+0x219/0x270
[ 1393.805173][T28231]  ____sys_sendmsg+0x505/0x830
[ 1393.805206][T28231]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1393.805244][T28231]  ? import_iovec+0x74/0xa0
[ 1393.805275][T28231]  ___sys_sendmsg+0x21f/0x2a0
[ 1393.805304][T28231]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1393.805380][T28231]  ? __fget_files+0x2a/0x420
[ 1393.805397][T28231]  ? __fget_files+0x3a0/0x420
[ 1393.805430][T28231]  __x64_sys_sendmsg+0x19b/0x260
[ 1393.805459][T28231]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1393.805499][T28231]  ? rcu_is_watching+0x15/0xb0
[ 1393.805528][T28231]  ? do_syscall_64+0xbe/0x3b0
[ 1393.805557][T28231]  do_syscall_64+0xfa/0x3b0
[ 1393.805577][T28231]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1393.805598][T28231]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1393.805618][T28231]  ? clear_bhb_loop+0x60/0xb0
[ 1393.805644][T28231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1393.805663][T28231] RIP: 0033:0x7f27a6b8ebe9
[ 1393.805684][T28231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1393.805702][T28231] RSP: 002b:00007f27a79c9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1393.805726][T28231] RAX: ffffffffffffffda RBX: 00007f27a6dc6090 RCX: 00007f27a6b8ebe9
[ 1393.805741][T28231] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[ 1393.805754][T28231] RBP: 00007f27a6c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1393.805767][T28231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1393.805780][T28231] R13: 00007f27a6dc6128 R14: 00007f27a6dc6090 R15: 00007ffdb1e3eb58
[ 1393.805816][T28231]  </TASK>
[ 1394.545479][T28233] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[ 1394.957702][T28242] netlink: 'syz.1.6695': attribute type 10 has an invalid length.
[ 1395.766431][T28245] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6697'.
[ 1395.987375][T28253] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6697'.
[ 1396.029638][T28255] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6699'.
[ 1396.880545][T28267] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6702'.
[ 1397.007241][T28273] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1397.997856][T28282] netlink: 92 bytes leftover after parsing attributes in process `syz.0.6705'.
[ 1398.062605][T28282] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6705'.
[ 1398.327169][T28289] bpq0: left promiscuous mode
[ 1398.575665][T28293] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6709'.
[ 1398.637269][T28293] macvtap0: entered promiscuous mode
[ 1398.654195][T28297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6709'.
[ 1398.664166][T28293] macvtap0: entered allmulticast mode
[ 1398.669575][T28293] batadv0: entered allmulticast mode
[ 1398.678126][T28293] 8021q: adding VLAN 0 to HW filter on device macvtap0
[ 1398.693783][T28297] batadv0: left allmulticast mode
[ 1398.890129][T28299] netlink: 'syz.1.6710': attribute type 1 has an invalid length.
[ 1399.091213][T28301] team0: Mode changed to "activebackup"
[ 1399.255464][T28303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6712'.
[ 1399.289371][T28303] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6712'.
[ 1399.305924][T28303] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1402.031524][T28311] netlink: 'syz.3.6714': attribute type 13 has an invalid length.
[ 1402.039402][T28311] netlink: 'syz.3.6714': attribute type 17 has an invalid length.
[ 1402.060503][T28311] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1404.803939][T28318] netlink: 'syz.1.6715': attribute type 4 has an invalid length.
[ 1405.337655][T28322] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6716'.
[ 1405.901955][T28326] netlink: 'syz.1.6717': attribute type 12 has an invalid length.
[ 1406.518953][T28339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6720'.
[ 1406.692802][T28343] netlink: 'syz.2.6721': attribute type 1 has an invalid length.
[ 1407.292795][T28349] IPVS: persistence engine module ip_vs_pe_ not found
[ 1407.338641][T28354] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1407.386113][T28358] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6725'.
[ 1407.446056][T28358] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6725'.
[ 1407.459297][T28353] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1407.582922][T28358] netlink: 104 bytes leftover after parsing attributes in process `syz.1.6725'.
[ 1407.831889][T28364] netlink: 'syz.4.6726': attribute type 1 has an invalid length.
[ 1408.139598][T28374] 8021q: adding VLAN 0 to HW filter on device bond31
[ 1408.409222][T28364] veth59: entered promiscuous mode
[ 1408.445912][T28384] team0: Port device geneve0 removed
[ 1408.466717][T28384] bond18: (slave geneve4): Releasing active interface
[ 1408.483229][T28384] bond19: (slave batadv1): Releasing active interface
[ 1408.840859][T28390] netlink: 19 bytes leftover after parsing attributes in process `syz.1.6731'.
[ 1408.978711][T28393] netlink: 766 bytes leftover after parsing attributes in process `syz.4.6733'.
[ 1408.991996][T28398] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6733'.
[ 1409.012802][T28398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6733'.
[ 1409.433986][T28405] IPVS: persistence engine module ip_vs_pe_ not found
[ 1409.462693][T28415] netlink: 'syz.3.6738': attribute type 1 has an invalid length.
[ 1409.520355][T26751] Bluetooth: hci4: command tx timeout
[ 1409.527615][T28409] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1409.885102][T28417] IPVS: persistence engine module ip_vs_pe_ not found
[ 1409.968209][T28422] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1410.059384][T28421] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1411.135045][T28436] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1411.600621][T26751] Bluetooth: hci4: command tx timeout
[ 1411.700081][T28438] tipc: Resetting bearer <ib:ip6gre0>
[ 1414.134273][T28465] netlink: 'syz.0.6749': attribute type 1 has an invalid length.
[ 1414.402739][T28472] netlink: 'syz.3.6751': attribute type 13 has an invalid length.
[ 1414.420362][T28472] netlink: 'syz.3.6751': attribute type 17 has an invalid length.
[ 1414.455328][T28472] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1416.641682][T28484] netlink: 'syz.0.6754': attribute type 9 has an invalid length.
[ 1416.649466][T28484] netlink: 'syz.0.6754': attribute type 6 has an invalid length.
[ 1417.487290][T28493] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6756'.
[ 1417.556238][T28495] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1421.705620][T28514] erspan0: entered allmulticast mode
[ 1421.748937][T28516] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1421.802753][T28512] erspan0: left allmulticast mode
[ 1423.760782][T26751] Bluetooth: hci0: command tx timeout
[ 1424.225245][   T30] audit: type=1800 audit(1756842807.601:82): pid=28538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.6765" name="blkio.bfq.time_recursive" dev="tmpfs" ino=6832 res=0 errno=0
[ 1424.561935][T28540] netlink: 92 bytes leftover after parsing attributes in process `syz.3.6766'.
[ 1425.430648][T28551] netlink: 'syz.2.6768': attribute type 13 has an invalid length.
[ 1425.438522][T28551] netlink: 'syz.2.6768': attribute type 17 has an invalid length.
[ 1426.240673][T28551] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1426.681242][T28557] netlink: 'syz.3.6769': attribute type 13 has an invalid length.
[ 1426.696039][T28557] netlink: 'syz.3.6769': attribute type 17 has an invalid length.
[ 1426.813489][T28557] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1427.436043][T28555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1428.748922][T28574] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6773'.
[ 1429.706697][T28579] netlink: 'syz.1.6774': attribute type 1 has an invalid length.
[ 1429.715193][T28579] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6774'.
[ 1429.798459][T28572] netlink: 1 bytes leftover after parsing attributes in process `syz.4.6773'.
[ 1430.532436][T28589] netlink: 'syz.4.6776': attribute type 1 has an invalid length.
[ 1430.540420][T28589] netlink: 140 bytes leftover after parsing attributes in process `syz.4.6776'.
[ 1430.549486][T28589] netlink: 96 bytes leftover after parsing attributes in process `syz.4.6776'.
[ 1431.472996][T28594] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6777'.
[ 1431.702459][T28599] netlink: 'syz.4.6778': attribute type 1 has an invalid length.
[ 1431.714889][T28599] netlink: 208 bytes leftover after parsing attributes in process `syz.4.6778'.
[ 1432.348849][T28604] xfrm0: left promiscuous mode
[ 1432.386963][T28604] xfrm0: left allmulticast mode
[ 1432.394106][T28604] vlan1: left allmulticast mode
[ 1432.399375][T28604] veth0_vlan: left allmulticast mode
[ 1432.440988][T28604] gretap5: left promiscuous mode
[ 1432.476459][T28604] syzkaller0: left promiscuous mode
[ 1432.489926][T28604] syzkaller0: left allmulticast mode
[ 1432.512171][T28604] team1: left promiscuous mode
[ 1432.517545][T28604] team1: left allmulticast mode
[ 1432.525727][T28604] veth59: left promiscuous mode
[ 1433.065358][T28609] netlink: 596 bytes leftover after parsing attributes in process `syz.4.6780'.
[ 1433.341695][T28613] netlink: 14 bytes leftover after parsing attributes in process `syz.4.6782'.
[ 1433.479344][T28615] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6782'.
[ 1435.218404][T28624] tipc: Resetting bearer <eth:syzkaller0>
[ 1436.471910][T28643] tipc: Enabling of bearer <ib:ip6gre0> rejected, already enabled
[ 1436.630896][T28645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6790'.
[ 1436.864443][T28647] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6791'.
[ 1436.987839][T28649] smc: net device bond0 applied user defined pnetid SYZ2
[ 1437.011571][T28649] smc: net device bond0 erased user defined pnetid SYZ2
[ 1438.151679][   T30] audit: type=1800 audit(1756842821.531:83): pid=28657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6794" name="memory.events" dev="tmpfs" ino=6568 res=0 errno=0
[ 1438.453960][T28662] netlink: 'syz.0.6795': attribute type 13 has an invalid length.
[ 1438.480853][T28662] netlink: 'syz.0.6795': attribute type 17 has an invalid length.
[ 1438.518347][T28662] tipc: Resetting bearer <ib:ip6gre0>
[ 1438.565435][T28662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1438.806353][T28663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1438.891136][T28663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1439.022245][T28670] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6796'.
[ 1439.461600][T28675] netlink: 'syz.1.6797': attribute type 1 has an invalid length.
[ 1440.167455][T28681] IPVS: persistence engine module ip_vs_pe_ not found
[ 1440.270933][T28683] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1441.388035][T28692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6801'.
[ 1441.506947][T28692] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6801'.
[ 1442.323567][T26751] Bluetooth: hci4: command tx timeout
[ 1442.767436][T28715] netlink: 'syz.4.6805': attribute type 1 has an invalid length.
[ 1442.809777][T28719] netlink: 'syz.3.6806': attribute type 13 has an invalid length.
[ 1442.836446][T28719] netlink: 'syz.3.6806': attribute type 17 has an invalid length.
[ 1442.871990][T28715] 8021q: adding VLAN 0 to HW filter on device bond32
[ 1443.031737][T28720] 8021q: adding VLAN 0 to HW filter on device bond32
[ 1443.039220][T28720] bond32: (slave vxcan1): The slave device specified does not support setting the MAC address
[ 1443.149925][T28720] bond32: (slave vxcan1): Error -95 calling set_mac_address
[ 1443.477178][T28719] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1443.581316][T28716] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1443.918839][T28736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6809'.
[ 1443.968882][T28734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6808'.
[ 1444.007607][T28736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.6809'.
[ 1444.149123][T28740] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6809'.
[ 1444.960811][T28745] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1444.988311][T28745] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1445.004674][T28745] bond6: (slave macvlan2): Enslaving as a backup interface with a down link
[ 1445.121566][T28745] netlink: 'syz.4.6811': attribute type 1 has an invalid length.
[ 1445.146535][T28746] bond6: (slave macvlan2): Releasing backup interface
[ 1446.209267][T28762] IPVS: persistence engine module ip_vs_pe_ not found
[ 1446.333350][T28764] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1447.590003][T28778] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6819'.
[ 1448.001087][T28788] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6819'.
[ 1448.029892][T28790] netlink: 'syz.1.6820': attribute type 303 has an invalid length.
[ 1448.206874][T28789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6820'.
[ 1448.400515][T26751] Bluetooth: hci4: command tx timeout
[ 1449.837059][T28811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6825'.
[ 1451.106752][T28830] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1451.118253][T28831] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1451.168878][T28815] Failed to register nexthop notifier
[ 1452.305390][T28843] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6831'.
[ 1452.960760][T28848] netlink: 'syz.3.6833': attribute type 1 has an invalid length.
[ 1452.968550][T28848] netlink: 232 bytes leftover after parsing attributes in process `syz.3.6833'.
[ 1453.010861][T28848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6833'.
[ 1453.120878][T26751] Bluetooth: hci4: command tx timeout
[ 1453.518072][T28858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6834'.
[ 1454.161292][T28863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6835'.
[ 1454.942053][T28876] dummy0: entered allmulticast mode
[ 1454.957660][T28876] batman_adv: batadv0: Adding interface: dummy0
[ 1454.970456][T28876] batman_adv: batadv0: The MTU of interface dummy0 is too small (1280) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1455.023465][T28876] batman_adv: batadv0: Interface activated: dummy0
[ 1455.083533][T28878] macvtap2: mtu less than device minimum
[ 1455.118088][T28878] batadv0: mtu less than device minimum
[ 1455.197800][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.210049][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.222339][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.234707][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.247050][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.259240][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.271438][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.283653][T28878] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1455.911026][T28890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6842'.
[ 1455.934350][T28890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6842'.
[ 1456.228838][T28894] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6843'.
[ 1456.367416][T28897] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6843'.
[ 1457.356668][T28904] smc: ib device syz0 ibport 2 applied user defined pnetid SYZ2
[ 1457.940389][T28906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6845'.
[ 1457.949390][T28906] netlink: 216 bytes leftover after parsing attributes in process `syz.1.6845'.
[ 1458.819404][T28923] batman_adv: batadv0: Interface deactivated: dummy0
[ 1458.845202][T28923] batman_adv: batadv0: Removing interface: dummy0
[ 1458.906982][T28923] bond22: (slave bond23): Releasing backup interface
[ 1459.014197][T28923] netlink: 'syz.2.6851': attribute type 10 has an invalid length.
[ 1459.551173][T28934] netlink: 'syz.1.6853': attribute type 13 has an invalid length.
[ 1459.589759][T28934] netlink: 'syz.1.6853': attribute type 17 has an invalid length.
[ 1461.646984][T28963] IPVS: persistence engine module ip_vs_pe_ not found
[ 1461.682231][T28972] IPVS: set_ctl: invalid protocol: 31091 97.108.108.101:29184
[ 1461.733240][T28963] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1463.238485][T29003] netlink: 'syz.0.6869': attribute type 4 has an invalid length.
[ 1463.249594][T29003] netlink: 'syz.0.6869': attribute type 4 has an invalid length.
[ 1463.329133][T29004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6869'.
[ 1463.762120][T26751] Bluetooth: hci4: command tx timeout
[ 1468.491800][T29027] netlink: 'syz.4.6876': attribute type 9 has an invalid length.
[ 1468.499583][T29027] netlink: 'syz.4.6876': attribute type 6 has an invalid length.
[ 1469.502248][T29043] netlink: 'syz.1.6883': attribute type 13 has an invalid length.
[ 1469.551118][T29043] netlink: 'syz.1.6883': attribute type 17 has an invalid length.
[ 1469.617156][T29043] net_ratelimit: 12 callbacks suppressed
[ 1469.617170][T29043] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1469.733145][T29043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1469.797603][T29045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1469.926116][T29049] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1470.037234][T29052] netlink: 68 bytes leftover after parsing attributes in process `syz.3.6886'.
[ 1470.340805][T29057] openvswitch: netlink: Geneve opt len 30 is not a multiple of 4.
[ 1470.791451][T29061] netlink: zone id is out of range
[ 1472.231998][T29086] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[ 1472.661072][T29094] openvswitch: netlink: VXLAN extension 274 out of range max 1
[ 1472.819269][T29100] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6903'.
[ 1472.850794][T29100] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6903'.
[ 1472.939454][T29103] netlink: 'syz.2.6904': attribute type 9 has an invalid length.
[ 1473.039571][T29103] netlink: 'syz.2.6904': attribute type 6 has an invalid length.
[ 1473.207478][T29108] netlink: zone id is out of range
[ 1473.227538][T29108] netlink: zone id is out of range
[ 1473.245590][T29108] netlink: zone id is out of range
[ 1473.251411][T29108] netlink: zone id is out of range
[ 1473.256792][T29108] netlink: zone id is out of range
[ 1473.275063][T29108] netlink: zone id is out of range
[ 1474.031346][T29113] netlink: 'syz.0.6907': attribute type 13 has an invalid length.
[ 1474.039393][T29113] netlink: 'syz.0.6907': attribute type 17 has an invalid length.
[ 1474.078608][T29113] tipc: Resetting bearer <ib:ip6gre0>
[ 1474.259261][T29114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1474.346473][T29116] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1475.051688][T29125] netlink: 277 bytes leftover after parsing attributes in process `syz.4.6911'.
[ 1477.252021][T29142] net_ratelimit: 19 callbacks suppressed
[ 1477.252046][T29142] netlink: zone id is out of range
[ 1477.271347][T29142] netlink: zone id is out of range
[ 1477.276754][T29142] netlink: zone id is out of range
[ 1477.282509][T29142] netlink: zone id is out of range
[ 1477.287647][T29142] netlink: zone id is out of range
[ 1477.323375][T29142] netlink: zone id is out of range
[ 1477.330128][T29142] netlink: zone id is out of range
[ 1477.370637][T29142] netlink: zone id is out of range
[ 1477.400515][T29142] netlink: zone id is out of range
[ 1477.422627][T29142] netlink: zone id is out of range
[ 1477.682221][T29146] netlink: 'syz.4.6918': attribute type 9 has an invalid length.
[ 1477.690000][T29146] netlink: 'syz.4.6918': attribute type 6 has an invalid length.
[ 1481.420124][T29163] netlink: 'syz.1.6924': attribute type 13 has an invalid length.
[ 1481.441760][T29163] netlink: 'syz.1.6924': attribute type 17 has an invalid length.
[ 1482.260518][T29175] net_ratelimit: 32 callbacks suppressed
[ 1482.261523][T29175] netlink: zone id is out of range
[ 1482.322640][T29175] netlink: zone id is out of range
[ 1482.327814][T29175] netlink: zone id is out of range
[ 1482.377063][T29175] netlink: zone id is out of range
[ 1482.425863][T29175] netlink: zone id is out of range
[ 1482.455704][T29176] netlink: del zone limit has 4 unknown bytes
[ 1482.567609][T29175] netlink: set zone limit has 4 unknown bytes
[ 1482.611608][T29180] netlink: 'syz.3.6929': attribute type 9 has an invalid length.
[ 1482.619409][T29180] netlink: 'syz.3.6929': attribute type 6 has an invalid length.
[ 1482.789006][T29183] netlink: zone id is out of range
[ 1482.808189][T29183] netlink: zone id is out of range
[ 1482.820119][T29183] netlink: zone id is out of range
[ 1483.264426][T29187] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6931'.
[ 1484.466150][T29203] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6936'.
[ 1484.694182][T29201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6936'.
[ 1487.857472][T29228] net_ratelimit: 21 callbacks suppressed
[ 1487.857496][T29228] netlink: zone id is out of range
[ 1487.876759][T29228] netlink: zone id is out of range
[ 1487.900502][T29228] netlink: zone id is out of range
[ 1487.905773][T29228] netlink: zone id is out of range
[ 1487.935701][T29228] netlink: zone id is out of range
[ 1487.943069][T29228] netlink: zone id is out of range
[ 1487.949031][T29228] netlink: zone id is out of range
[ 1487.954443][T29228] netlink: zone id is out of range
[ 1487.959613][T29228] netlink: zone id is out of range
[ 1487.966886][T29228] netlink: zone id is out of range
[ 1488.312184][T29239] netlink: 'syz.3.6944': attribute type 16 has an invalid length.
[ 1488.356143][T29239] netlink: 'syz.3.6944': attribute type 3 has an invalid length.
[ 1488.428273][T29239] netlink: 64066 bytes leftover after parsing attributes in process `syz.3.6944'.
[ 1488.861716][T29253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6946'.
[ 1491.828618][T29274] netlink: 'syz.4.6950': attribute type 9 has an invalid length.
[ 1491.860567][T29274] netlink: 'syz.4.6950': attribute type 6 has an invalid length.
[ 1493.318317][T29279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6951'.
[ 1495.325619][T29295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6957'.
[ 1497.929670][T29326] net_ratelimit: 13 callbacks suppressed
[ 1497.929694][T29326] netlink: del zone limit has 4 unknown bytes
[ 1498.205135][T29333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6970'.
[ 1498.683820][T29351] netlink: zone id is out of range
[ 1498.689169][T29351] netlink: zone id is out of range
[ 1498.695213][T29351] netlink: zone id is out of range
[ 1498.760906][T29351] netlink: zone id is out of range
[ 1498.776224][T29351] netlink: zone id is out of range
[ 1498.796859][T29351] netlink: zone id is out of range
[ 1498.815671][T29351] netlink: zone id is out of range
[ 1498.836675][T29351] netlink: zone id is out of range
[ 1498.860602][T29351] netlink: zone id is out of range
[ 1499.368708][T29371] netlink: 'syz.1.6980': attribute type 13 has an invalid length.
[ 1499.405932][T29371] netlink: 'syz.1.6980': attribute type 17 has an invalid length.
[ 1503.141228][T29408] netlink: 'syz.3.6990': attribute type 13 has an invalid length.
[ 1503.149106][T29408] netlink: 'syz.3.6990': attribute type 17 has an invalid length.
[ 1503.173047][T29408] net_ratelimit: 8 callbacks suppressed
[ 1503.173059][T29408] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1503.830899][T29416] netlink: 14 bytes leftover after parsing attributes in process `syz.4.6993'.
[ 1503.972464][T29418] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6993'.
[ 1505.836382][T29428] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6996'.
[ 1506.777222][T29433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6998'.
[ 1506.829755][T29435] debugfs: 'netdev:nicvf0' already exists in 'phy5'
[ 1508.147323][T29465] netlink: 92 bytes leftover after parsing attributes in process `syz.0.7008'.
[ 1508.639058][T29479] netlink: 'syz.3.7010': attribute type 13 has an invalid length.
[ 1508.669816][T29479] netlink: 'syz.3.7010': attribute type 17 has an invalid length.
[ 1508.744833][T29479] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1508.961728][T29490] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7013'.
[ 1509.030433][T29479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1509.169996][T29479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1509.284845][T29488] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7013'.
[ 1509.422629][T29504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7018'.
[ 1509.818877][T29513] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7022'.
[ 1510.786827][T29531] netlink: 'syz.4.7028': attribute type 13 has an invalid length.
[ 1510.805276][T29531] netlink: 'syz.4.7028': attribute type 17 has an invalid length.
[ 1510.934895][T29531] 8021q: adding VLAN 0 to HW filter on device team0
[ 1510.981079][T29531] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1511.014299][T29532] xfrm0: entered promiscuous mode
[ 1511.057463][T29532] xfrm0: entered allmulticast mode
[ 1511.544009][T29527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1511.919520][T29552] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7033'.
[ 1512.046026][T29555] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7034'.
[ 1512.188672][T29549] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7033'.
[ 1513.770096][T29586] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7042'.
[ 1514.566123][T29599] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7045'.
[ 1514.759180][T29601] syzkaller1: entered promiscuous mode
[ 1514.768243][T29601] syzkaller1: entered allmulticast mode
[ 1514.945857][T29606] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7048'.
[ 1515.107889][T29616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7048'.
[ 1515.414427][T29625] netlink: 'syz.1.7053': attribute type 13 has an invalid length.
[ 1515.424042][T29625] netlink: 'syz.1.7053': attribute type 17 has an invalid length.
[ 1515.455963][T29625] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1515.554317][T29626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1515.627302][T29626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1515.970435][T29636] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7055'.
[ 1517.735833][T29665] netlink: zone id is out of range
[ 1517.787447][T29665] netlink: zone id is out of range
[ 1517.809902][T29665] netlink: zone id is out of range
[ 1517.860418][T29665] netlink: zone id is out of range
[ 1517.865594][T29665] netlink: zone id is out of range
[ 1517.910357][T29665] netlink: zone id is out of range
[ 1517.910909][T29667] netlink: del zone limit has 4 unknown bytes
[ 1517.926932][T29665] netlink: zone id is out of range
[ 1517.940417][T29665] netlink: zone id is out of range
[ 1518.534238][T29670] netlink: 14 bytes leftover after parsing attributes in process `syz.2.7066'.
[ 1518.687966][T29677] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7066'.
[ 1519.083127][T29678] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7068'.
[ 1520.927189][T29740] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7087'.
[ 1521.058391][T29740] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7087'.
[ 1521.994778][T29774] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7097'.
[ 1522.086131][T29779] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7099'.
[ 1522.359058][T29786] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7100'.
[ 1522.499745][T29793] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7102'.
[ 1522.615749][T29781] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7100'.
[ 1524.415463][T29836] syzkaller1: entered promiscuous mode
[ 1524.426082][T29836] syzkaller1: entered allmulticast mode
[ 1525.781802][T29856] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7117'.
[ 1525.785488][T29848] scsi_nl_rcv_msg: discarding partial skb
[ 1526.036325][T29852] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7117'.
[ 1526.378034][T29872] net_ratelimit: 4 callbacks suppressed
[ 1526.378054][T29872] openvswitch: netlink: Key type 29 is not supported
[ 1526.515544][T29874] mac80211_hwsim hwsim3 syzkaller0: left promiscuous mode
[ 1526.530434][T29874] mac80211_hwsim hwsim3 syzkaller0: left allmulticast mode
[ 1526.848684][T29886] netlink: zone id is out of range
[ 1526.883075][T29886] netlink: zone id is out of range
[ 1526.903115][T29886] netlink: zone id is out of range
[ 1526.926566][T29886] netlink: zone id is out of range
[ 1526.952510][T29886] netlink: zone id is out of range
[ 1527.009259][T29886] netlink: zone id is out of range
[ 1527.040662][T29886] netlink: zone id is out of range
[ 1527.047279][T29886] netlink: zone id is out of range
[ 1527.064308][T29886] netlink: zone id is out of range
[ 1527.930793][T29897] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1528.698443][T29899] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7129'.
[ 1529.425096][T29926] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7133'.
[ 1529.735915][T29923] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7133'.
[ 1530.000362][T26751] Bluetooth: hci4: command tx timeout
[ 1530.378082][T29951] Bluetooth: hci4: Opcode 0x0401 failed: -22
[ 1530.775995][T29965] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7143'.
[ 1530.950076][T29971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7145'.
[ 1531.515940][T29985] netlink: 14 bytes leftover after parsing attributes in process `syz.3.7149'.
[ 1531.651111][T29985] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7149'.
[ 1532.401894][T26751] Bluetooth: hci4: command tx timeout
[ 1532.530599][T30001] syzkaller0: left promiscuous mode
[ 1532.546188][T30001] syzkaller0: left allmulticast mode
[ 1532.628924][T30001] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1532.747011][T30009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7156'.
[ 1533.629092][T30023] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7159'.
[ 1534.877300][T30053] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7166'.
[ 1535.053630][T30059] syzkaller1: entered promiscuous mode
[ 1535.069399][T30059] syzkaller1: entered allmulticast mode
[ 1535.755691][T30073] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7173'.
[ 1536.518406][T30108] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7178'.
[ 1536.818444][T30115] dummy0: entered promiscuous mode
[ 1536.827475][T30115] vlan3: entered promiscuous mode
[ 1537.357667][T30128] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1537.611387][T30133] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7185'.
[ 1537.695320][T30140] syz_tun: entered promiscuous mode
[ 1537.712512][T30140] vlan0: entered promiscuous mode
[ 1538.167715][T30148] netlink: 'syz.0.7189': attribute type 13 has an invalid length.
[ 1538.197135][T30148] netlink: 'syz.0.7189': attribute type 17 has an invalid length.
[ 1538.232705][T30148] tipc: Resetting bearer <ib:ip6gre0>
[ 1538.247229][T30147] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7188'.
[ 1538.310324][T30148] net_ratelimit: 5 callbacks suppressed
[ 1538.310338][T30148] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1540.449111][T30181] netlink: zone id is out of range
[ 1540.456741][T30183] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7198'.
[ 1540.460286][T30181] netlink: zone id is out of range
[ 1540.471367][T30181] netlink: zone id is out of range
[ 1540.478254][T30181] netlink: zone id is out of range
[ 1540.492023][T30181] netlink: zone id is out of range
[ 1540.498069][T30181] netlink: zone id is out of range
[ 1540.519115][T30181] netlink: zone id is out of range
[ 1540.542369][T30181] netlink: zone id is out of range
[ 1540.548361][T30181] netlink: zone id is out of range
[ 1541.165744][T30202] !
: renamed from dummy0 (while UP)
[ 1542.566332][T30209] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1542.598684][T30210] syzkaller0: entered promiscuous mode
[ 1542.610612][T30210] syzkaller0: entered allmulticast mode
[ 1543.058377][T30214] syzkaller0: left promiscuous mode
[ 1543.064210][T30214] syzkaller0: left allmulticast mode
[ 1545.237264][T30227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1545.848549][T30238] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1545.866624][T30238] syzkaller0: entered promiscuous mode
[ 1545.875560][T30238] syzkaller0: entered allmulticast mode
[ 1545.960815][T30238] tipc: Resetting bearer <eth:syzkaller0>
[ 1546.403879][T30248] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1546.431626][T30248] syzkaller0: entered promiscuous mode
[ 1546.437456][T30248] syzkaller0: entered allmulticast mode
[ 1546.461126][T30248] syzkaller0: Caught tx_queue_len zero misconfig
[ 1546.467617][T30248] netem: change failed
[ 1546.801076][T30252] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7223'.
[ 1546.971079][T30252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7223'.
[ 1547.123744][T30261] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1547.134372][T30261] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[ 1547.142389][T30261] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[ 1547.236845][T30266] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1547.355408][T30276] netlink: 'syz.1.7229': attribute type 13 has an invalid length.
[ 1547.379483][T30276] netlink: 'syz.1.7229': attribute type 17 has an invalid length.
[ 1547.454177][T30276] net_ratelimit: 9 callbacks suppressed
[ 1547.454191][T30276] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1547.477982][T30278] netlink: 'syz.0.7228': attribute type 1 has an invalid length.
[ 1547.503294][T30278] netlink: 136 bytes leftover after parsing attributes in process `syz.0.7228'.
[ 1547.563164][T30278] netlink: 'syz.0.7228': attribute type 2 has an invalid length.
[ 1547.581857][T30278] netlink: 'syz.0.7228': attribute type 1 has an invalid length.
[ 1547.691976][T30284] netlink: 'syz.2.7230': attribute type 9 has an invalid length.
[ 1547.741107][T30284] netlink: 'syz.2.7230': attribute type 6 has an invalid length.
[ 1548.268309][T30290] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1548.407298][T30292] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1549.246689][T30301] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1549.491436][T30312] netlink: zone id is out of range
[ 1549.540877][T30312] netlink: zone id is out of range
[ 1549.546278][T30312] netlink: zone id is out of range
[ 1549.561961][T30312] netlink: zone id is out of range
[ 1549.567150][T30312] netlink: zone id is out of range
[ 1549.598945][T30312] netlink: zone id is out of range
[ 1549.609361][T30313] netlink: del zone limit has 4 unknown bytes
[ 1549.619924][T30312] netlink: zone id is out of range
[ 1549.641483][T30312] netlink: zone id is out of range
[ 1549.980948][T30319] vlan0: entered promiscuous mode
[ 1549.986715][T30319] batadv0: entered promiscuous mode
[ 1550.075790][T30323] netlink: 92 bytes leftover after parsing attributes in process `syz.4.7243'.
[ 1550.121972][T30323] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7243'.
[ 1550.499384][T30330] 8021q: adding VLAN 0 to HW filter on device macvlan4
[ 1550.556939][T30330] bond3: (slave macvlan4): Enslaving as an active interface with a down link
[ 1550.610507][T30333] tipc: Resetting bearer <ib:ip6gre0>
[ 1550.697425][T30340] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7246'.
[ 1550.727448][T30333] bond3: (slave macvlan4): Releasing active interface
[ 1551.008287][T30345] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1551.020424][T30345] sch_tbf: burst 2 is lower than device syzkaller0 mtu (313) !
[ 1551.050577][T30346] netlink: 'syz.3.7248': attribute type 1 has an invalid length.
[ 1551.094557][T30348] netlink: 68 bytes leftover after parsing attributes in process `syz.3.7248'.
[ 1551.139968][T30348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7248'.
[ 1551.393618][T30350] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1551.777771][T30363] tipc: Resetting bearer <ib:ip6gre0>
[ 1552.544899][T30364] ------------[ cut here ]------------
[ 1552.551694][T30364] WARNING: CPU: 1 PID: 30364 at net/mptcp/subflow.c:1516 subflow_data_ready+0x4b8/0x7e0
[ 1552.562318][T30364] Modules linked in:
[ 1552.566641][T30364] CPU: 1 UID: 0 PID: 30364 Comm: syz.3.7253 Not tainted syzkaller #0 PREEMPT(full) 
[ 1552.576959][T30364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1552.587827][T30364] RIP: 0010:subflow_data_ready+0x4b8/0x7e0
[ 1552.594492][T30364] Code: 0f 0b 90 90 e9 bc fc ff ff e8 24 5c 59 f6 48 89 df 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6e 0e 00 00 e8 09 5c 59 f6 90 <0f> 0b 90 e9 e5 fd ff ff 90 0f 0b 90 43 0f b6 04 2f 84 c0 0f 85 a1
[ 1552.615059][T30364] RSP: 0018:ffffc9001c86f440 EFLAGS: 00010283
[ 1552.622167][T30364] RAX: ffffffff8b664f87 RBX: ffff8880509f9980 RCX: 0000000000080000
[ 1552.631020][T30364] RDX: ffffc9000e982000 RSI: 00000000000005bb RDI: 00000000000005bc
[ 1552.639788][T30364] RBP: 0000000000000000 R08: ffff88807cdbc52f R09: 1ffff1100f9b78a5
[ 1552.648843][T30364] R10: dffffc0000000000 R11: ffffed100f9b78a6 R12: 0000000000000000
[ 1552.657768][T30364] R13: dffffc0000000000 R14: ffff88807cdbbc00 R15: 0000000000000000
[ 1552.666660][T30364] FS:  00007fe1ca1f66c0(0000) GS:ffff888125d16000(0000) knlGS:0000000000000000
[ 1552.676392][T30364] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1552.683264][T30364] CR2: 0000200000fbd030 CR3: 000000003358c000 CR4: 00000000003526f0
[ 1552.691334][T30364] Call Trace:
[ 1552.694730][T30364]  <TASK>
[ 1552.697691][T30364]  tcp_data_queue+0x54b/0x6380
[ 1552.702560][T30364]  ? __pfx_tcp_data_queue+0x10/0x10
[ 1552.708041][T30364]  ? __pfx_tcp_urg+0x10/0x10
[ 1552.712743][T30364]  tcp_rcv_state_process+0x2767/0x4140
[ 1552.718282][T30364]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[ 1552.724259][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1552.729751][T30364]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1552.735080][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1552.740631][T30364]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1552.746392][T30364]  tcp_v4_do_rcv+0x3f2/0xce0
[ 1552.751054][T30364]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[ 1552.756201][T30364]  __release_sock+0x21c/0x350
[ 1552.760988][T30364]  ? __tcp_close+0x69e/0xde0
[ 1552.765613][T30364]  __tcp_close+0x6c5/0xde0
[ 1552.770214][T30364]  ? do_raw_spin_unlock+0x122/0x240
[ 1552.775558][T30364]  __mptcp_close_ssk+0x3d7/0xfd0
[ 1552.781005][T30364]  mptcp_destroy_common+0x152/0x320
[ 1552.786263][T30364]  ? __timer_delete+0x5d/0x390
[ 1552.791248][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1552.796802][T30364]  mptcp_destroy+0x84/0x120
[ 1552.801481][T30364]  __mptcp_destroy_sock+0x153/0x350
[ 1552.806725][T30364]  __mptcp_close+0x76a/0xb00
[ 1552.811398][T30364]  ? mptcp_close+0x28/0x1a0
[ 1552.815957][T30364]  mptcp_close+0x28/0x1a0
[ 1552.820496][T30364]  inet_release+0x141/0x190
[ 1552.825089][T30364]  sock_close+0xc0/0x240
[ 1552.829554][T30364]  ? __pfx_sock_close+0x10/0x10
[ 1552.834531][T30364]  __fput+0x449/0xa70
[ 1552.838578][T30364]  task_work_run+0x1d4/0x260
[ 1552.843258][T30364]  ? __pfx_task_work_run+0x10/0x10
[ 1552.848412][T30364]  ? __fput_deferred+0x215/0x390
[ 1552.853462][T30364]  ? __pfx___fput_deferred+0x10/0x10
[ 1552.858789][T30364]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1552.864214][T30364]  get_signal+0x11ed/0x1340
[ 1552.868784][T30364]  ? __sys_sendto+0x44f/0x520
[ 1552.873553][T30364]  ? do_futex+0x333/0x420
[ 1552.878028][T30364]  arch_do_signal_or_restart+0x9a/0x750
[ 1552.883765][T30364]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1552.889986][T30364]  ? exit_to_user_mode_loop+0x40/0x110
[ 1552.895571][T30364]  exit_to_user_mode_loop+0x75/0x110
[ 1552.900930][T30364]  do_syscall_64+0x2bd/0x3b0
[ 1552.905552][T30364]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1552.910839][T30364]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.916933][T30364]  ? clear_bhb_loop+0x60/0xb0
[ 1552.921679][T30364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.927687][T30364] RIP: 0033:0x7fe1cbf8ebe9
[ 1552.932184][T30364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1552.952003][T30364] RSP: 002b:00007fe1ca1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1552.960513][T30364] RAX: fffffffffffffe00 RBX: 00007fe1cc1c6180 RCX: 00007fe1cbf8ebe9
[ 1552.968712][T30364] RDX: 0000000000300000 RSI: 00002000000002c0 RDI: 0000000000000006
[ 1552.976804][T30364] RBP: 00007fe1cc011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1552.984884][T30364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1552.992938][T30364] R13: 00007fe1cc1c6218 R14: 00007fe1cc1c6180 R15: 00007ffcb0d9f9c8
[ 1553.001235][T30364]  </TASK>
[ 1553.004287][T30364] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1553.011636][T30364] CPU: 1 UID: 0 PID: 30364 Comm: syz.3.7253 Not tainted syzkaller #0 PREEMPT(full) 
[ 1553.021138][T30364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1553.031297][T30364] Call Trace:
[ 1553.034605][T30364]  <TASK>
[ 1553.037725][T30364]  dump_stack_lvl+0x99/0x250
[ 1553.042334][T30364]  ? __asan_memcpy+0x40/0x70
[ 1553.046940][T30364]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1553.052147][T30364]  ? __pfx__printk+0x10/0x10
[ 1553.056763][T30364]  vpanic+0x281/0x750
[ 1553.060751][T30364]  ? __pfx__printk+0x10/0x10
[ 1553.065371][T30364]  ? __pfx_vpanic+0x10/0x10
[ 1553.069881][T30364]  ? is_bpf_text_address+0x26/0x2b0
[ 1553.075103][T30364]  panic+0xb9/0xc0
[ 1553.078838][T30364]  ? __pfx_panic+0x10/0x10
[ 1553.083371][T30364]  __warn+0x31b/0x4b0
[ 1553.087374][T30364]  ? subflow_data_ready+0x4b8/0x7e0
[ 1553.092580][T30364]  ? subflow_data_ready+0x4b8/0x7e0
[ 1553.097805][T30364]  report_bug+0x2be/0x4f0
[ 1553.102164][T30364]  ? subflow_data_ready+0x4b8/0x7e0
[ 1553.107384][T30364]  ? subflow_data_ready+0x4b8/0x7e0
[ 1553.112689][T30364]  ? subflow_data_ready+0x4ba/0x7e0
[ 1553.117915][T30364]  handle_bug+0x84/0x160
[ 1553.122191][T30364]  exc_invalid_op+0x1a/0x50
[ 1553.126702][T30364]  asm_exc_invalid_op+0x1a/0x20
[ 1553.131582][T30364] RIP: 0010:subflow_data_ready+0x4b8/0x7e0
[ 1553.137398][T30364] Code: 0f 0b 90 90 e9 bc fc ff ff e8 24 5c 59 f6 48 89 df 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6e 0e 00 00 e8 09 5c 59 f6 90 <0f> 0b 90 e9 e5 fd ff ff 90 0f 0b 90 43 0f b6 04 2f 84 c0 0f 85 a1
[ 1553.157182][T30364] RSP: 0018:ffffc9001c86f440 EFLAGS: 00010283
[ 1553.163282][T30364] RAX: ffffffff8b664f87 RBX: ffff8880509f9980 RCX: 0000000000080000
[ 1553.171260][T30364] RDX: ffffc9000e982000 RSI: 00000000000005bb RDI: 00000000000005bc
[ 1553.179236][T30364] RBP: 0000000000000000 R08: ffff88807cdbc52f R09: 1ffff1100f9b78a5
[ 1553.187241][T30364] R10: dffffc0000000000 R11: ffffed100f9b78a6 R12: 0000000000000000
[ 1553.195312][T30364] R13: dffffc0000000000 R14: ffff88807cdbbc00 R15: 0000000000000000
[ 1553.203385][T30364]  ? subflow_data_ready+0x4b7/0x7e0
[ 1553.208606][T30364]  tcp_data_queue+0x54b/0x6380
[ 1553.213487][T30364]  ? __pfx_tcp_data_queue+0x10/0x10
[ 1553.218695][T30364]  ? __pfx_tcp_urg+0x10/0x10
[ 1553.223312][T30364]  tcp_rcv_state_process+0x2767/0x4140
[ 1553.228793][T30364]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[ 1553.234964][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1553.240781][T30364]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1553.245984][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1553.251449][T30364]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1553.257260][T30364]  tcp_v4_do_rcv+0x3f2/0xce0
[ 1553.261862][T30364]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[ 1553.266987][T30364]  __release_sock+0x21c/0x350
[ 1553.271716][T30364]  ? __tcp_close+0x69e/0xde0
[ 1553.276314][T30364]  __tcp_close+0x6c5/0xde0
[ 1553.280834][T30364]  ? do_raw_spin_unlock+0x122/0x240
[ 1553.286131][T30364]  __mptcp_close_ssk+0x3d7/0xfd0
[ 1553.291176][T30364]  mptcp_destroy_common+0x152/0x320
[ 1553.296381][T30364]  ? __timer_delete+0x5d/0x390
[ 1553.301250][T30364]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1553.306650][T30364]  mptcp_destroy+0x84/0x120
[ 1553.311248][T30364]  __mptcp_destroy_sock+0x153/0x350
[ 1553.316465][T30364]  __mptcp_close+0x76a/0xb00
[ 1553.321065][T30364]  ? mptcp_close+0x28/0x1a0
[ 1553.325666][T30364]  mptcp_close+0x28/0x1a0
[ 1553.330083][T30364]  inet_release+0x141/0x190
[ 1553.334598][T30364]  sock_close+0xc0/0x240
[ 1553.338848][T30364]  ? __pfx_sock_close+0x10/0x10
[ 1553.343716][T30364]  __fput+0x449/0xa70
[ 1553.347954][T30364]  task_work_run+0x1d4/0x260
[ 1553.352596][T30364]  ? __pfx_task_work_run+0x10/0x10
[ 1553.357724][T30364]  ? __fput_deferred+0x215/0x390
[ 1553.362662][T30364]  ? __pfx___fput_deferred+0x10/0x10
[ 1553.367951][T30364]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1553.373244][T30364]  get_signal+0x11ed/0x1340
[ 1553.377764][T30364]  ? __sys_sendto+0x44f/0x520
[ 1553.382461][T30364]  ? do_futex+0x333/0x420
[ 1553.386906][T30364]  arch_do_signal_or_restart+0x9a/0x750
[ 1553.392666][T30364]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1553.398855][T30364]  ? exit_to_user_mode_loop+0x40/0x110
[ 1553.404327][T30364]  exit_to_user_mode_loop+0x75/0x110
[ 1553.409886][T30364]  do_syscall_64+0x2bd/0x3b0
[ 1553.414506][T30364]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1553.419740][T30364]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.425844][T30364]  ? clear_bhb_loop+0x60/0xb0
[ 1553.430542][T30364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1553.436452][T30364] RIP: 0033:0x7fe1cbf8ebe9
[ 1553.440878][T30364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1553.460507][T30364] RSP: 002b:00007fe1ca1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1553.469066][T30364] RAX: fffffffffffffe00 RBX: 00007fe1cc1c6180 RCX: 00007fe1cbf8ebe9
[ 1553.477053][T30364] RDX: 0000000000300000 RSI: 00002000000002c0 RDI: 0000000000000006
[ 1553.485081][T30364] RBP: 00007fe1cc011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1553.493149][T30364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1553.501212][T30364] R13: 00007fe1cc1c6218 R14: 00007fe1cc1c6180 R15: 00007ffcb0d9f9c8
[ 1553.509382][T30364]  </TASK>
[ 1553.512723][T30364] Kernel Offset: disabled
[ 1553.517045][T30364] Rebooting in 86400 seconds..