last executing test programs:

1m38.784703304s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

1m24.119007844s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

1m10.475923054s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

51.308884746s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

37.041649842s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

28.996817424s ago: executing program 1 (id=1016):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = epoll_create1(0x0)
r3 = socket(0x1, 0x80802, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000))
epoll_pwait(r4, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r4)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x20000083, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback={0x800000000000000}, 0x3ff}, 0x1c)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r9, 0x8953, &(0x7f0000000840)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x1, @remote}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}}, 0x0)

27.112333698s ago: executing program 1 (id=1018):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000a0000000040000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bind$bt_hci(r1, &(0x7f0000000340)={0x1f, 0x1, 0x4}, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYRESOCT], 0xa8}}, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000380)={'security\x00', 0x0, [0x10, 0x0, 0x8001, 0xc, 0x4]}, &(0x7f0000000300)=0x54)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x780, 0x1d0, 0x5c8, 0x0, 0x5c8, 0x0, 0x6b0, 0x6b0, 0x6b0, 0x6b0, 0x6b0, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [0xffffff00, 0x0, 0x0, 0x1f9814788dbf7ab2], 'veth1\x00', 'syz_tun\x00'}, 0x11e, 0xa8, 0x1d0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'unconfined\x00'}}}, {{@ipv6={@loopback, @dev, [], [], 'batadv_slave_0\x00', 'ip6gretap0\x00', {}, {}, 0x2b}, 0x0, 0x1e0, 0x208, 0x7400, {}, [@common=@rt={{0x138}, {0x0, [0x0, 0x5], 0x0, 0x0, 0x0, [@dev, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, @private2, @private1, @dev, @dev={0xfe, 0x80, '\x00', 0x34}, @mcast2, @local, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, @loopback, @mcast1, @private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@ipv6header={{0x28}, {0x81, 0x10, 0x1}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x68}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@inet=@socket3={{0x28}, 0x2}]}, @inet=@TOS={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@mcast2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7e0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xfff3}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x8, "4f14a4f69104a939b97a4043bc0a4160"}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r1}, 0x8)
r6 = socket$kcm(0xf, 0x3, 0x2)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYRESHEX=r3], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e00000000000000fcfe070008000000000000008013205e6318f527fd0c33d57e80b9931f3f7c17d357b965b40b9a6dc0ac4654131d61a3601102cf951661e666d4afbbe02886290e19b3c585cbb0d642382c3300f8d5a6ae69799395416da959f8c8cde17e26936655", @ANYRES32=0x1, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002d0001fffffff3000000000001"], 0x114}], 0x1}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r8)
sendmsg$inet(r6, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0x1, <r9=>0xffffffffffffffff}, 0x4)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a008080"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x4000)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000001c0)={0x0, 0x5, 0x18}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000007000000000000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000008d600c00f0ffffffbf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xd, 0x20, &(0x7f0000000200)=ANY=[@ANYRESDEC=r10, @ANYRES32=r9, @ANYRES64=r0, @ANYRES32=r12, @ANYBLOB="0000000000000000b70200000000000085000000860000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000eb05000085000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

26.831951119s ago: executing program 1 (id=1021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x13)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x82680027})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket(0x10, 0x80003, 0x0)
write(r4, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe000000", 0x18)
recvmsg$unix(r4, &(0x7f0000003580)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
listen(r5, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[], 0x0)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="0100000000000000000002000000200005006c000000000000000c0002000000000000000000040007800c00080000000000000000000800010000", @ANYBLOB], 0x90}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

26.052087895s ago: executing program 2 (id=1024):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0xf, &(0x7f0000000180)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x1ff}, {{0x18, 0x1, 0x1, 0x0, r1, 0x0, 0x0, 0x0, 0xe000000}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)

25.928827639s ago: executing program 2 (id=1025):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}}], {0x14}}, 0x88}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x1c000000, 0x0, 0x8015}, 0x4)

24.020924553s ago: executing program 2 (id=1028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x4, 0x1a, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000000000000000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf612a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

23.954544745s ago: executing program 1 (id=1029):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000340)={@private, @initdev, <r1=>0x0}, &(0x7f0000000400)=0xc)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000500)={0x1d, r1, 0x3, {0x2}, 0xff}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$alg(0x26, 0x5, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000001240)={0x41c, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [{{0x8}, {0x4}}, {{0x8}, {0x4}}, {{0x8}, {0x4}}, {{0x8}, {0x4}}, {{0x8}, {0x4}}, {{0x8}, {0x18c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x34, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x40}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x13}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x41c}, 0x1, 0x0, 0x0, 0x400d0}, 0x20008801)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="670028bd8000fcdbdf25010000000000000002"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x200c48a4)
syz_open_procfs$namespace(0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/cgroup\x00')
socket(0x5, 0x5, 0x80010003)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xd, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2c900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

23.810059641s ago: executing program 2 (id=1032):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100003e4e00000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
close(r3)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)="f1bbaa8e074247b04ec59f672f9274", &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r4}, 0x20)
syz_emit_ethernet(0x7e, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x5, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}]}}}}}}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket(0x1, 0x803, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRESHEX=0x0], 0xb0}, 0x1, 0x0, 0x0, 0x880}, 0x20040850)
socket$can_bcm(0x1d, 0x2, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vxcan0\x00'})

23.604261106s ago: executing program 1 (id=1033):
socket$inet6(0xa, 0x80002, 0x0) (async)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x4, 0x4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r1)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000001880)={'wg1\x00', <r3=>0x0})
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r4, 0x0, 0x40, &(0x7f0000000000)={'security\x00', 0x7003, [0x80002, 0x40009, 0x5, 0xfffffffe, 0x2]}, &(0x7f0000000100)=0x54)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000080)={'mangle\x00', 0x2, [{}, {}]}, 0x48) (async)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000080)={'mangle\x00', 0x2, [{}, {}]}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r7, 0x84, 0xd, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x470, 0xffffffff, 0x0, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x3a0, 0x3a0, 0x3a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xffffff00], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev, @private1, [0x0, 0x0, 0xff], [], [], 0x843}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0) (async)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x470, 0xffffffff, 0x0, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x3a0, 0x3a0, 0x3a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xffffff00], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev, @private1, [0x0, 0x0, 0xff], [], [], 0x843}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r10, 0xb0b}, 0x14}}, 0x0)
r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), r2)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000520001072dbd7000ffdbdf2502"], 0x14}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES8=r6, @ANYBLOB="670000b90000000000", @ANYRES64=r7, @ANYBLOB="2400030000000000"], 0x40}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, r11, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x40}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x40, 0x0, 0x0) (async)
sendto$inet6(r0, 0x0, 0x0, 0x40, 0x0, 0x0)

20.960122424s ago: executing program 2 (id=1040):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@loopback, @empty, <r0=>0x0}, &(0x7f0000000300)=0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021c4cb0000000000fdff0000850000006d000000070000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', r0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket(0x840000000002, 0x3, 0x100)
pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0xc14, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xa, 0x0, 0x0, 0x6ca}, 0x0, 0x0)

20.489003417s ago: executing program 3 (id=1045):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000010000100f5ffffff000000000000000a20000000000a01080000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a300000000014000000020a0b01000000000000000000000000f4000000000a010300000000000000000a0000040900010073797a3000000000c1000600a55d62432ef5e1eec3847bcb2f0aa75b71519be13051157bcf47d59fa8b4410cd79eaa0e90f7b94a46e03f5c14110a2f125c039240da9a6bfc49f1cbbb23e2b8d9bb590d1632a78ba60fedca470bc6bf340ec12404bd5c44a84a37e9ba3231093abda52a9c194529edd3537f527f153a9325a170e98413dae31bdb69599d16e904e9c7dd6def7bebee5f7291270ee35a7b0c602cd610e41e96a5ca1e2fbb46b50537e327cb9a62dce3431ed2bc251ef3142972a04aa6ef87d78be12d8d0000000800024000000001080002400000000130000000120a05000000000000000000050000071c0004800c00044000000001000000010c000140000000000000000218010000060a010100000000000000000500000208000a4000000001fb000740e06b97df9d5adebe1869e7f5f916de2165c31e094e59d58d16ad9b6fbc3de0ac583e31a42d3250e65d6e14696ed173dc186d54d06195ba8c026a3bfa70f5c93fba42cecb2644f687609328dae66416c1da8340628eb660edb38c6ac577cefe188efc734bf36dec18e35b5e4ee3a5be61270f2e00e903d9b5df4cc7e27d3cb7c6c16c684f47d9999e102dca63c4f5f3fcc53186a7df0dae549302763766be5b9581f8034d7117836b218fe78d106a4a4f08d34aa93b79ae9d3ec2ae89d81b20b5369553b7ee7abc21e382dda9a5ec7616bac31dfd1b47908d3fcc10e16d1883d88dd2ba73f3cceb84267ecdc8dad30b7676c771313b32ba00f4010000020a0102000000000000000003000007d8000600daa9a1887b2d0552f3dfc146dc93e9b2bb3b83a8f214ea3c1d5a08e2dda51718ae3147396f82b9a80198bbfc16c8aa7aa8118626fd4b89abdb9acc5f7e4c059f0725434c83a965924140782b4e4cbd9e3ed21ae799720a195d6fdb7dd3758b36030cdab30030a73715374fcd16907fe4df7c0652ab474513f0ac095f9f47f7b8d0dd683255ec6321bdb5797a86687aadfadcc3a39f7622cbfc0ec62429841ac03968f6adcf13328fae283640bfa3d4c57082322f9ee50b185df1bc117fd4a7cb2f4927d7dff9a775524803101024d98fca843e590900010073797a30000000000c0004400000000000000003f0000600d62f90c90b879ee0ef091444d43d7d8cbb4ab9d8bcb9f751916b350dc8c6db7cae9e2ce89136016af270937a657d71f02a71b96cf5ddb864db765c1dce98d53299e80665adcc0615d5a5f9614c0fe75e10f21564f53b695e104db7d41a3b2b13cc08a5c5ec0b51e890da2b2004435059a9602047629cbfa49639f0e7cce0a6731d76ed90b36ce35b4b0b572e63f81d73a663368462f2c9f7e95a220ddd009ff31644590f3dc0f78a2036fd7c3059a81d48a2556dcd906ed46003052d2c83b9af9a30e9a15319d9c86469f8c3801ea89183958ea24893279891612f87e8e4cd3c3d84f3fc105e91f0b68f27273c0000000e0a0108000000000000000001000009080004400000000208000440000000010900010073797a30"], 0x520}}, 0x0)

20.445824836s ago: executing program 3 (id=1046):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x10000, 0x0, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r4}, 0x10, &(0x7f0000000280)={&(0x7f0000000080)=@can={{0x1, 0x1, 0x0, 0x1}, 0x0, 0x1, 0x0, 0x0, "1b2e30af4d101c03"}, 0x10}, 0x1, 0x0, 0x0, 0x800}, 0xc0)
write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008001400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

20.328686283s ago: executing program 1 (id=1047):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x8, 0x6, 0xfffffffa)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x7f, 0x5})
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000040)={0x0, 0x40}, 0x8)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000030000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100"], 0x90}}, 0x0)

20.279410786s ago: executing program 4 (id=426):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0xffffff7f00000000, 0x4004}, 0x0)

18.734251916s ago: executing program 2 (id=1049):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="180200000000000000000000000000008500000022000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed3871be52930316f5bec", 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x60, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x19, 0xf}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x60}}, 0x8000)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000200)={0x50, r0, 0x801, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x34, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4a0b016c63"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20001905}, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="0600000000000000000000000000000005000600000000000a00000000000000000000000000000000000000000000010000000000000000020001000000000000000006010000400500050033000000000000000001010000000000000000000000ffff00a84cbf9d39d7d2464d8df68fcef0f4fdb0a8d63d2713aa27dfa3e658face152df82375ed98e5bce1f30bc4491f0d4134264367bbe06e5a524c339f4ea496b7ebe5b3e4072b9bc83bbf84ea5654753c0a52351aa9b6f8e0073834cb3f557b454f68f15bd46609794a98a604841eb69b9a"], 0x70}, 0x1, 0x7}, 0x0)

18.733060558s ago: executing program 3 (id=1050):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000304000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038340300000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000080303"], 0x3c8}, 0x1, 0x0, 0x0, 0x810}, 0x0)

18.612040777s ago: executing program 3 (id=1051):
unshare(0x22020400)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)

18.388117842s ago: executing program 3 (id=1054):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x68, 0xb, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x3c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x7, 0x1a, '$.\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x9}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x10}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0xffff}}]}, @IPSET_ATTR_ADT={0x4}]}, 0x68}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000047c0000040000000c0001800600060008"], 0x528}}, 0xc000)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x453, 0x4, 0x70bd24, 0x25dfdbbf}, 0x10}, 0x1, 0x0, 0x0, 0x4000}, 0x4048800)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000180)=0x4a9a, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)}}], 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e2a30456b880000145b41fe6900000079616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c200000000faffffffffffffff000000670100009001000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000646e61740000000000000000ff0300000000000000000000000000000000000010000000000000ffffffff000000006e666c010000000000000000000000000000000000000000000000000000ff0050000000121b6eb244d4f0fffbf04a000000007e4b000022d4e27ebdf3b9dc569e338e2c551c2fc4a19597ba4c501c8b1f16fb7809c40aee86f4fe16383d2afb577ed2bb6dd99f024b3f54ba00000000415544495400000000000000000000000000000000000000000000000000000008000000000000200000000000000000000200"/544]}, 0x298)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff})
read$alg(r5, &(0x7f0000000140)=""/116, 0x74)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x4c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x38, 0x1, [@m_tunnel_key={0x34, 0x1, 0x0, 0x0, {{0xf}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x4c}}, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x89f1, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000140)=@ethtool_cmd={0x3a, 0x3, 0x0, 0x0, 0x0, 0x5, 0xc8, 0x0, 0x80, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x45, [0x67, 0x8001]}})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="5000000010000304000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="05a00200000000002800128009000100766c616e00000000180002800c000200540a00001d000000060001000000000008000500", @ANYRES32=r3], 0x50}, 0x1, 0xba01}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000000)="2400000011005f0414f9f40700110400810000000d0000000000000008000f0001000000", 0x24)

17.414808888s ago: executing program 0 (id=1056):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000300)
recvmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x181)
r2 = socket(0x848000000015, 0x805, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @mcast1}}, 0x5c)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r6}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x3, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0)
bind$can_raw(r4, &(0x7f0000001000)={0x1d, r6}, 0x10)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r8, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4)
sendmmsg$inet(r8, &(0x7f0000002240)=[{{&(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x30}}], 0x1, 0xa884)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028004000100000000002c0002801400030000000000000000000000ffffac1414bb1400040000000000000000000000ffff000000003c0003800c00028004000100000000002c00018014000300fc00000000000000000000000000000014000400fe80f0ffffffffffffff0000000000bb3c0002800c00028005000100000000002c00018014000300fc020000000000000000000000000000140004"], 0xc8}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a3b830000000000000000050000020900410073797a300000000014"], 0x48}, 0x1, 0x0, 0x0, 0x40800}, 0x4000)

17.413445283s ago: executing program 3 (id=1057):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)={0x44, r1, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) (async)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xb, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r2, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1a, 0x10, 0x0, &(0x7f0000000300)='GPL\x00', 0x4, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000814, &(0x7f0000000380)={0xa, 0x4e20, 0x6, @remote}, 0x1c) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r4 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wg1\x00', 0x10) (async)
sendto$unix(r4, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) (async)
ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000080)) (async)
r5 = accept4(r3, 0x0, 0x0, 0x0) (async)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00'}) (async)
sendmsg$inet6(r5, &(0x7f00000003c0)={&(0x7f00000000c0)={0xa, 0x4e20, 0x401, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000340), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1400000000000000290000000b0000007fffffff00000000c80000000000000029000000040000002f15000000000000c2040000000905a4f53658eb04e61a6e3d6781557577d2e3ee5ac0c61d73ee366a03871d438a1e914b04b71066ef3dc8d6de41a51273a06105413e23ce1c8a5348576acbcb45381f9b9a4572f171081cb1d2b4256c53c24d1648dad820962c200d64aab6915c4a53d21c064d1c517657d31e5a1a813c0716f22c684eead70b9cd1df463348aae88e06d4dc712eae1a0fbd4b36f692ec176bbe7f689e9b906ebef5a4c9540401ff00200000000000000029000000360000001d00000000000000c204000000010000280000000000000029000000370000009101000000000000000100000100c204000000d600"/296], 0x128}, 0x4044005)
sendmsg$alg(r5, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000001400f83300001400000006000000004eff0000000100000d0003000003000000010000000000005f496cd088fed4aa4083a075ea1859ad5b7bc680014a777858b7b1ee8a4ba15027bf7a53f8d5676783560a30576195a2796b5b32e15822711ba9378d4033c19219f481ddbe7c03a3f1af22c1dd4ac83397e74865f552fd542254324f3970b7e3608cea065c6589102c91e253f22793be987a9541bee444ae1d2c4fde8c1002dc5cdb19a2b1bcb2fc72040000000000000098488c3f0e0000000000000080c586439b5194fd65d36a114104dbeb7e2b7ee2c01334c8568274f5a601b38c3e815f2d893cdb2d2bf3287a47879aec5667c06e5c64ab0adb8d0339dd58fb767c1405afcb4ceaee6664bd84fd71cb5bf59b120f7df690ee428a48bfa423b7a087887ff503bef9a937ea0ba30a2bbf4ff7522ac956b606e5ac701bf83494edb3cebd670be82fda6fce39c05f822a00893038ca3c534a03ce490a8b6fa62c7a5c3953a6b78a10eb219e"], 0x0, 0x32, 0x0, 0x1, 0x1, 0x0, @void, @value}, 0x28)

16.73183796s ago: executing program 0 (id=1058):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000001240)={@local, 0x800003, 0x1, 0xff, 0x3, 0x9, 0x1}, &(0x7f0000001280)=0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000080)=0x9, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="480000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000800c00028008000001000014bb0a0001"], 0x48}}, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)
getsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x5, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, &(0x7f00000000c0)=0x3, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socket$inet6(0xa, 0x10, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r3, 0x8982, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xfe01})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x8918, &(0x7f0000000140)={'wg1\x00', {0x2, 0x0, @empty=0xfe000000}})
socket$nl_generic(0x10, 0x3, 0x10)

15.809026887s ago: executing program 0 (id=1059):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

15.807980499s ago: executing program 0 (id=1060):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x4, 0x1a, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000000000000000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf612a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

15.766027514s ago: executing program 0 (id=1061):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x0, 0xfffffffc, {0x2, 0x1f, 0x0, 0x0, r1}, [@IFA_ADDRESS={0x8, 0x1, @multicast2}, @IFA_LOCAL={0x8, 0x2, @broadcast}, @IFA_BROADCAST={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x20}}, @IFA_BROADCAST={0x8, 0x4, @local}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x1}, @IFA_LOCAL={0x8, 0x2, @multicast1}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000080}, 0x40040)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x20008004)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r2, 0x0, 0x20040000)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)

15.720814425s ago: executing program 0 (id=1062):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100003e4e00000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
close(r3)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)="f1bbaa8e074247b04ec59f672f9274", &(0x7f0000000140), 0x5, r4}, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x5, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}]}}}}}}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket(0x1, 0x803, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRESHEX=0x0], 0xb0}, 0x1, 0x0, 0x0, 0x880}, 0x20040850)
socket$can_bcm(0x1d, 0x2, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vxcan0\x00'})

5.007290416s ago: executing program 32 (id=1047):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x8, 0x6, 0xfffffffa)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x7f, 0x5})
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000040)={0x0, 0x40}, 0x8)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000030000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100"], 0x90}}, 0x0)

3.506432774s ago: executing program 33 (id=1049):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="180200000000000000000000000000008500000022000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed3871be52930316f5bec", 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x60, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x19, 0xf}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x60}}, 0x8000)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000200)={0x50, r0, 0x801, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x34, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4a0b016c63"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20001905}, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="0600000000000000000000000000000005000600000000000a00000000000000000000000000000000000000000000010000000000000000020001000000000000000006010000400500050033000000000000000001010000000000000000000000ffff00a84cbf9d39d7d2464d8df68fcef0f4fdb0a8d63d2713aa27dfa3e658face152df82375ed98e5bce1f30bc4491f0d4134264367bbe06e5a524c339f4ea496b7ebe5b3e4072b9bc83bbf84ea5654753c0a52351aa9b6f8e0073834cb3f557b454f68f15bd46609794a98a604841eb69b9a"], 0x70}, 0x1, 0x7}, 0x0)

2.00475459s ago: executing program 34 (id=1057):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)={0x44, r1, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) (async)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xb, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r2, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1a, 0x10, 0x0, &(0x7f0000000300)='GPL\x00', 0x4, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000814, &(0x7f0000000380)={0xa, 0x4e20, 0x6, @remote}, 0x1c) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r4 = socket(0x40000000002, 0x3, 0x80000000002)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='wg1\x00', 0x10) (async)
sendto$unix(r4, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) (async)
ioctl$sock_TIOCINQ(r4, 0x541b, &(0x7f0000000080)) (async)
r5 = accept4(r3, 0x0, 0x0, 0x0) (async)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00'}) (async)
sendmsg$inet6(r5, &(0x7f00000003c0)={&(0x7f00000000c0)={0xa, 0x4e20, 0x401, @rand_addr=' \x01\x00', 0x3}, 0x1c, &(0x7f0000000340), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1400000000000000290000000b0000007fffffff00000000c80000000000000029000000040000002f15000000000000c2040000000905a4f53658eb04e61a6e3d6781557577d2e3ee5ac0c61d73ee366a03871d438a1e914b04b71066ef3dc8d6de41a51273a06105413e23ce1c8a5348576acbcb45381f9b9a4572f171081cb1d2b4256c53c24d1648dad820962c200d64aab6915c4a53d21c064d1c517657d31e5a1a813c0716f22c684eead70b9cd1df463348aae88e06d4dc712eae1a0fbd4b36f692ec176bbe7f689e9b906ebef5a4c9540401ff00200000000000000029000000360000001d00000000000000c204000000010000280000000000000029000000370000009101000000000000000100000100c204000000d600"/296], 0x128}, 0x4044005)
sendmsg$alg(r5, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000001400f83300001400000006000000004eff0000000100000d0003000003000000010000000000005f496cd088fed4aa4083a075ea1859ad5b7bc680014a777858b7b1ee8a4ba15027bf7a53f8d5676783560a30576195a2796b5b32e15822711ba9378d4033c19219f481ddbe7c03a3f1af22c1dd4ac83397e74865f552fd542254324f3970b7e3608cea065c6589102c91e253f22793be987a9541bee444ae1d2c4fde8c1002dc5cdb19a2b1bcb2fc72040000000000000098488c3f0e0000000000000080c586439b5194fd65d36a114104dbeb7e2b7ee2c01334c8568274f5a601b38c3e815f2d893cdb2d2bf3287a47879aec5667c06e5c64ab0adb8d0339dd58fb767c1405afcb4ceaee6664bd84fd71cb5bf59b120f7df690ee428a48bfa423b7a087887ff503bef9a937ea0ba30a2bbf4ff7522ac956b606e5ac701bf83494edb3cebd670be82fda6fce39c05f822a00893038ca3c534a03ce490a8b6fa62c7a5c3953a6b78a10eb219e"], 0x0, 0x32, 0x0, 0x1, 0x1, 0x0, @void, @value}, 0x28)

0s ago: executing program 35 (id=1062):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100003e4e00000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
close(r3)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)="f1bbaa8e074247b04ec59f672f9274", &(0x7f0000000140), 0x5, r4}, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x5, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}]}}}}}}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket(0x1, 0x803, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRESHEX=0x0], 0xb0}, 0x1, 0x0, 0x0, 0x880}, 0x20040850)
socket$can_bcm(0x1d, 0x2, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vxcan0\x00'})

kernel console output (not intermixed with test programs):

omm: syz.3.672 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  187.287844][ T8507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  187.297944][ T8507] Call Trace:
[  187.301331][ T8507]  <TASK>
[  187.304288][ T8507]  dump_stack_lvl+0x241/0x360
[  187.308995][ T8507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.314217][ T8507]  ? __pfx__printk+0x10/0x10
[  187.318872][ T8507]  ? __pfx_lock_release+0x10/0x10
[  187.323931][ T8507]  should_fail_ex+0x3b0/0x4e0
[  187.328630][ T8507]  _copy_from_user+0x2f/0xc0
[  187.333241][ T8507]  copy_msghdr_from_user+0xae/0x680
[  187.338465][ T8507]  ? __pfx___might_resched+0x10/0x10
[  187.343771][ T8507]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  187.349609][ T8507]  ? do_recvmmsg+0x44e/0xab0
[  187.354222][ T8507]  ? __might_fault+0xaa/0x120
[  187.359090][ T8507]  do_recvmmsg+0x3bd/0xab0
[  187.363621][ T8507]  ? __pfx_do_recvmmsg+0x10/0x10
[  187.368596][ T8507]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  187.374516][ T8507]  ? ksys_write+0x22a/0x2b0
[  187.379467][ T8507]  ? __pfx_lock_release+0x10/0x10
[  187.384516][ T8507]  ? vfs_write+0x730/0xd30
[  187.388957][ T8507]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  187.394953][ T8507]  ? __fget_files+0x2a/0x410
[  187.399573][ T8507]  __x64_sys_recvmmsg+0x199/0x250
[  187.404622][ T8507]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  187.410190][ T8507]  ? do_syscall_64+0x100/0x230
[  187.414973][ T8507]  ? do_syscall_64+0xb6/0x230
[  187.419667][ T8507]  do_syscall_64+0xf3/0x230
[  187.424191][ T8507]  ? clear_bhb_loop+0x35/0x90
[  187.428891][ T8507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.434801][ T8507] RIP: 0033:0x7fa6d3785d29
[  187.439227][ T8507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.458841][ T8507] RSP: 002b:00007fa6d45dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  187.467278][ T8507] RAX: ffffffffffffffda RBX: 00007fa6d3975fa0 RCX: 00007fa6d3785d29
[  187.475292][ T8507] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  187.483283][ T8507] RBP: 00007fa6d45dc090 R08: 0000000000000000 R09: 0000000000000000
[  187.491262][ T8507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  187.499243][ T8507] R13: 0000000000000000 R14: 00007fa6d3975fa0 R15: 00007ffdefe75548
[  187.507261][ T8507]  </TASK>
[  187.542356][ T3490] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.599916][ T3490] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.665198][ T3490] veth1_macvtap: left promiscuous mode
[  187.671004][ T3490] veth0_macvtap: left promiscuous mode
[  187.677886][ T3490] veth1_vlan: left promiscuous mode
[  187.683381][ T3490] veth0_vlan: left promiscuous mode
[  187.834013][ T8523] netlink: 32 bytes leftover after parsing attributes in process `syz.3.673'.
[  188.446873][ T3490] team0 (unregistering): Port device team_slave_1 removed
[  188.541756][ T3490] team0 (unregistering): Port device team_slave_0 removed
[  188.991531][ T8508] net_ratelimit: 10 callbacks suppressed
[  188.991544][ T8508] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  189.075466][ T8518] batadv0: entered promiscuous mode
[  189.081324][ T8518] macvtap1: entered promiscuous mode
[  189.102689][ T8518] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  189.135058][ T8518] batadv0: left promiscuous mode
[  189.277088][ T8340] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.705359][ T8560] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  189.942527][ T8565] netlink: 16 bytes leftover after parsing attributes in process `syz.3.681'.
[  190.108885][ T8340] veth0_vlan: entered promiscuous mode
[  190.159886][ T8340] veth1_vlan: entered promiscuous mode
[  190.275758][ T8340] veth0_macvtap: entered promiscuous mode
[  190.300903][ T8340] veth1_macvtap: entered promiscuous mode
[  190.384579][ T8340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.451570][ T8340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.475763][ T8340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.492680][ T8579] netlink: 4936 bytes leftover after parsing attributes in process `syz.1.684'.
[  190.499338][ T8340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.513343][ T8340] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.551210][ T8579] openvswitch: netlink: Flow key attr not present in new flow.
[  190.569568][ T8340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.594420][ T8340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.630633][ T8340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.653888][ T8340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.692205][ T8340] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.746821][ T8340] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.783877][ T8340] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.792659][ T8340] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.844169][ T8340] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.164208][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.172102][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.255624][ T3490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.263599][ T3490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.410573][ T8594] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  191.432183][ T8596] netlink: zone id is out of range
[  191.441608][ T8596] netlink: zone id is out of range
[  191.449530][ T8596] netlink: zone id is out of range
[  191.466750][ T8596] netlink: zone id is out of range
[  191.476875][ T8596] netlink: zone id is out of range
[  191.493641][ T8596] netlink: zone id is out of range
[  191.519709][ T8596] netlink: zone id is out of range
[  191.525067][ T8596] netlink: zone id is out of range
[  191.901389][ T1091] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.008646][ T1091] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.180100][ T1091] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.360965][ T1091] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.564391][ T1091] bridge_slave_1: left allmulticast mode
[  192.570117][ T1091] bridge_slave_1: left promiscuous mode
[  192.589831][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.615935][ T1091] bridge_slave_0: left allmulticast mode
[  192.621672][ T1091] bridge_slave_0: left promiscuous mode
[  192.631277][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.283303][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  193.308544][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  193.317209][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  193.334676][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  193.344238][ T5848] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  193.351588][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  193.666211][ T1091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.688121][ T1091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.699566][ T1091] bond0 (unregistering): Released all slaves
[  193.722601][ T8626] netlink: 'syz.0.692': attribute type 15 has an invalid length.
[  193.730678][ T8626] netlink: 24 bytes leftover after parsing attributes in process `syz.0.692'.
[  193.756276][ T8635] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  193.817971][ T8625] lo speed is unknown, defaulting to 1000
[  194.313388][ T8625] lo speed is unknown, defaulting to 1000
[  194.385393][ T8655] netlink: 28 bytes leftover after parsing attributes in process `syz.1.699'.
[  194.512150][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  194.520869][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.947130][ T8664] FAULT_INJECTION: forcing a failure.
[  194.947130][ T8664] name failslab, interval 1, probability 0, space 0, times 0
[  195.017950][ T8664] CPU: 1 UID: 0 PID: 8664 Comm: syz.0.700 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  195.028639][ T8664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  195.038743][ T8664] Call Trace:
[  195.042054][ T8664]  <TASK>
[  195.045011][ T8664]  dump_stack_lvl+0x241/0x360
[  195.049749][ T8664]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.055005][ T8664]  ? __pfx__printk+0x10/0x10
[  195.059657][ T8664]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  195.066235][ T8664]  ? __pfx___might_resched+0x10/0x10
[  195.071580][ T8664]  should_fail_ex+0x3b0/0x4e0
[  195.076328][ T8664]  should_failslab+0xac/0x100
[  195.081069][ T8664]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  195.087456][ T8664]  ? alloc_vfsmnt+0xeb/0x4d0
[  195.092093][ T8664]  kstrdup+0x39/0xb0
[  195.096055][ T8664]  alloc_vfsmnt+0xeb/0x4d0
[  195.100629][ T8664]  clone_mnt+0x6b/0xc80
[  195.104832][ T8664]  ? do_raw_spin_unlock+0x13c/0x8b0
[  195.110088][ T8664]  ? attach_mnt+0x4ed/0x600
[  195.114642][ T8664]  copy_tree+0x482/0x940
[  195.118936][ T8664]  ? copy_mnt_ns+0x176/0x8c0
[  195.123576][ T8664]  copy_mnt_ns+0x176/0x8c0
[  195.128087][ T8664]  ? rcu_is_watching+0x15/0xb0
[  195.132911][ T8664]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  195.138430][ T8664]  create_new_namespaces+0xd3/0x7b0
[  195.143692][ T8664]  ? bpf_lsm_capable+0x9/0x10
[  195.148463][ T8664]  ? security_capable+0x7e/0x2d0
[  195.153457][ T8664]  unshare_nsproxy_namespaces+0x124/0x180
[  195.159232][ T8664]  ksys_unshare+0x57d/0xa70
[  195.163800][ T8664]  ? __pfx_ksys_unshare+0x10/0x10
[  195.168878][ T8664]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  195.175258][ T8664]  ? do_syscall_64+0x100/0x230
[  195.180089][ T8664]  __x64_sys_unshare+0x38/0x40
[  195.184900][ T8664]  do_syscall_64+0xf3/0x230
[  195.189451][ T8664]  ? clear_bhb_loop+0x35/0x90
[  195.194182][ T8664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.200122][ T8664] RIP: 0033:0x7f4d51385d29
[  195.204577][ T8664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.224327][ T8664] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  195.232797][ T8664] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  195.240905][ T8664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024020400
[  195.248926][ T8664] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  195.256948][ T8664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  195.264968][ T8664] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  195.273014][ T8664]  </TASK>
[  195.308932][ T8669] netlink: 44 bytes leftover after parsing attributes in process `syz.3.702'.
[  195.394005][ T5837] Bluetooth: hci2: command tx timeout
[  195.438498][ T8669] vlan0: left allmulticast mode
[  195.443728][ T8669] vlan0: left promiscuous mode
[  195.591782][ T8669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.702'.
[  195.673252][ T1091] hsr_slave_0: left promiscuous mode
[  195.685334][ T1091] hsr_slave_1: left promiscuous mode
[  195.691362][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.704026][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.732473][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.755977][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.812734][ T1091] veth1_macvtap: left promiscuous mode
[  195.819535][ T1091] veth0_macvtap: left promiscuous mode
[  195.825447][ T1091] veth1_vlan: left promiscuous mode
[  195.830987][ T1091] veth0_vlan: left promiscuous mode
[  196.331899][ T1091] team0 (unregistering): Port device team_slave_1 removed
[  196.378302][ T1091] team0 (unregistering): Port device team_slave_0 removed
[  196.590883][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[  196.597101][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  196.911774][ T8687] vlan0: entered promiscuous mode
[  197.031948][ T8699] syz_tun: left promiscuous mode
[  197.088062][ T8699] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.117598][ T8706] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.712'.
[  197.125367][ T8699] team0: left promiscuous mode
[  197.131581][ T8699] team_slave_0: left promiscuous mode
[  197.152258][ T8699] team_slave_1: left promiscuous mode
[  197.159343][ T8699] 8021q: adding VLAN 0 to HW filter on device team0
[  197.169445][ T8699] dummy0: left promiscuous mode
[  197.182392][ T8699] dummy0: entered promiscuous mode
[  197.193337][ T8699] net_ratelimit: 125 callbacks suppressed
[  197.193351][ T8699] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  197.274861][  T976] lo speed is unknown, defaulting to 1000
[  197.282119][ T8708] bridge0: entered allmulticast mode
[  197.327205][ T8714] pim6reg: entered allmulticast mode
[  197.334671][ T8706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'.
[  197.465858][ T5844] Bluetooth: hci2: command tx timeout
[  197.487904][ T8625] chnl_net:caif_netlink_parms(): no params data found
[  197.574480][ T8726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.716'.
[  197.842382][ T8625] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.850294][ T8625] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.867688][ T8625] bridge_slave_0: entered allmulticast mode
[  197.880424][ T8625] bridge_slave_0: entered promiscuous mode
[  197.889535][ T8740] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  197.918530][ T8625] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.928625][ T8625] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.942008][ T8625] bridge_slave_1: entered allmulticast mode
[  197.952608][ T8625] bridge_slave_1: entered promiscuous mode
[  198.178717][ T8625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.207255][ T8625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.284355][ T8757] netlink: 1280 bytes leftover after parsing attributes in process `syz.3.721'.
[  198.393587][ T8625] team0: Port device team_slave_0 added
[  198.412282][ T8625] team0: Port device team_slave_1 added
[  198.450155][ T8757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'.
[  198.474911][ T8625] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.482257][ T8625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.512108][ T8625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.534101][ T8625] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.541394][ T8625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.578317][ T8625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.800188][ T8625] hsr_slave_0: entered promiscuous mode
[  198.855082][ T8625] hsr_slave_1: entered promiscuous mode
[  198.861331][ T8625] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.889595][ T8625] Cannot create hsr debugfs directory
[  198.981167][ T8785] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  199.310392][ T8795] FAULT_INJECTION: forcing a failure.
[  199.310392][ T8795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.336687][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.728'.
[  199.337758][ T8795] CPU: 1 UID: 0 PID: 8795 Comm: syz.1.729 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  199.347839][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.728'.
[  199.356098][ T8795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  199.356120][ T8795] Call Trace:
[  199.356132][ T8795]  <TASK>
[  199.356143][ T8795]  dump_stack_lvl+0x241/0x360
[  199.356185][ T8795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.366315][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.728'.
[  199.375016][ T8795]  ? __pfx__printk+0x10/0x10
[  199.375067][ T8795]  ? __pfx_lock_release+0x10/0x10
[  199.375104][ T8795]  should_fail_ex+0x3b0/0x4e0
[  199.414409][ T8795]  _copy_from_iter+0x1e9/0x1c20
[  199.419319][ T8795]  ? __virt_addr_valid+0x183/0x530
[  199.424492][ T8795]  ? __alloc_skb+0x28f/0x440
[  199.429131][ T8795]  ? __pfx__copy_from_iter+0x10/0x10
[  199.434485][ T8795]  ? __virt_addr_valid+0x183/0x530
[  199.439651][ T8795]  ? __virt_addr_valid+0x183/0x530
[  199.444818][ T8795]  ? __virt_addr_valid+0x45f/0x530
[  199.450442][ T8795]  ? __phys_addr_symbol+0x2f/0x70
[  199.455526][ T8795]  ? __check_object_size+0x47a/0x730
[  199.460873][ T8795]  pfkey_sendmsg+0x235/0x1050
[  199.465613][ T8795]  ? __pfx___might_resched+0x10/0x10
[  199.470959][ T8795]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  199.476132][ T8795]  ? aa_sk_perm+0x96d/0xab0
[  199.480707][ T8795]  ? __pfx_aa_sk_perm+0x10/0x10
[  199.485618][ T8795]  ? __pfx_lock_release+0x10/0x10
[  199.490694][ T8795]  ? __import_iovec+0x590/0x870
[  199.495608][ T8795]  ? aa_sock_msg_perm+0x91/0x160
[  199.500601][ T8795]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  199.505763][ T8795]  __sock_sendmsg+0x221/0x270
[  199.510508][ T8795]  ____sys_sendmsg+0x52a/0x7e0
[  199.515326][ T8795]  ? __pfx_____sys_sendmsg+0x10/0x10
[  199.520670][ T8795]  ? __fget_files+0x2a/0x410
[  199.525322][ T8795]  ? __fget_files+0x2a/0x410
[  199.530067][ T8795]  __sys_sendmsg+0x269/0x350
[  199.534707][ T8795]  ? __pfx_lock_release+0x10/0x10
[  199.539786][ T8795]  ? __pfx___sys_sendmsg+0x10/0x10
[  199.544961][ T8795]  ? __pfx_vfs_write+0x10/0x10
[  199.549818][ T8795]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  199.556198][ T8795]  ? do_syscall_64+0x100/0x230
[  199.561024][ T8795]  ? do_syscall_64+0xb6/0x230
[  199.565759][ T8795]  do_syscall_64+0xf3/0x230
[  199.570318][ T8795]  ? clear_bhb_loop+0x35/0x90
[  199.575063][ T8795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.581023][ T8795] RIP: 0033:0x7fbad8985d29
[  199.584747][ T5844] Bluetooth: hci2: command tx timeout
[  199.585460][ T8795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.610479][ T8795] RSP: 002b:00007fbad97d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.618950][ T8795] RAX: ffffffffffffffda RBX: 00007fbad8b75fa0 RCX: 00007fbad8985d29
[  199.626977][ T8795] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  199.635029][ T8795] RBP: 00007fbad97d7090 R08: 0000000000000000 R09: 0000000000000000
[  199.643046][ T8795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.651063][ T8795] R13: 0000000000000000 R14: 00007fbad8b75fa0 R15: 00007ffef2b9d058
[  199.659101][ T8795]  </TASK>
[  199.677040][ T8799] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.731'.
[  199.691516][ T8799] openvswitch: netlink: Missing key (keys=40, expected=80)
[  199.700530][ T8799] netlink: 8 bytes leftover after parsing attributes in process `syz.3.731'.
[  199.743242][ T8801] FAULT_INJECTION: forcing a failure.
[  199.743242][ T8801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.757973][ T8801] CPU: 1 UID: 0 PID: 8801 Comm: syz.0.732 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  199.768649][ T8801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  199.778756][ T8801] Call Trace:
[  199.782159][ T8801]  <TASK>
[  199.785131][ T8801]  dump_stack_lvl+0x241/0x360
[  199.789865][ T8801]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.795127][ T8801]  ? __pfx__printk+0x10/0x10
[  199.799778][ T8801]  ? __pfx_lock_release+0x10/0x10
[  199.804875][ T8801]  should_fail_ex+0x3b0/0x4e0
[  199.809605][ T8801]  _copy_from_user+0x2f/0xc0
[  199.814254][ T8801]  copy_msghdr_from_user+0xae/0x680
[  199.819505][ T8801]  ? __pfx___might_resched+0x10/0x10
[  199.824814][ T8801]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  199.830706][ T8801]  ? do_recvmmsg+0x44e/0xab0
[  199.835313][ T8801]  ? __might_fault+0xaa/0x120
[  199.840010][ T8801]  do_recvmmsg+0x3bd/0xab0
[  199.844460][ T8801]  ? __pfx_do_recvmmsg+0x10/0x10
[  199.849435][ T8801]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  199.855349][ T8801]  ? ksys_write+0x22a/0x2b0
[  199.859865][ T8801]  ? __pfx_lock_release+0x10/0x10
[  199.864911][ T8801]  ? vfs_write+0x730/0xd30
[  199.869352][ T8801]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  199.875353][ T8801]  ? __fget_files+0x2a/0x410
[  199.879984][ T8801]  __x64_sys_recvmmsg+0x199/0x250
[  199.885087][ T8801]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  199.890659][ T8801]  ? do_syscall_64+0x100/0x230
[  199.895452][ T8801]  ? do_syscall_64+0xb6/0x230
[  199.900161][ T8801]  do_syscall_64+0xf3/0x230
[  199.904681][ T8801]  ? clear_bhb_loop+0x35/0x90
[  199.909379][ T8801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.915291][ T8801] RIP: 0033:0x7f4d51385d29
[  199.919718][ T8801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.939336][ T8801] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  199.947766][ T8801] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  199.955752][ T8801] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  199.963778][ T8801] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  199.971794][ T8801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  199.979798][ T8801] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  199.987819][ T8801]  </TASK>
[  200.190631][ T8799] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  200.210598][ T8799] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  200.467931][ T8824] netlink: 'syz.3.736': attribute type 10 has an invalid length.
[  200.488694][ T8824] netlink: 40 bytes leftover after parsing attributes in process `syz.3.736'.
[  200.549024][ T8824] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  200.569562][ T8827] netlink: 12 bytes leftover after parsing attributes in process `syz.2.737'.
[  201.125811][ T8625] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  201.172281][ T8625] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  201.256058][ T8625] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  201.282551][ T8625] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  201.549638][ T8625] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.621027][ T8625] 8021q: adding VLAN 0 to HW filter on device team0
[  201.627773][ T5848] Bluetooth: hci2: command tx timeout
[  201.695988][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.703193][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.761505][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.768733][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.910435][ T8625] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.032932][ T8871] netlink: 28 bytes leftover after parsing attributes in process `syz.0.749'.
[  202.252342][ T8889] netlink: 28 bytes leftover after parsing attributes in process `syz.2.752'.
[  202.445400][ T8894] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  202.552490][ T8625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.780371][ T8902] lo speed is unknown, defaulting to 1000
[  202.822733][ T8907] vlan3: entered promiscuous mode
[  202.851282][ T8907] team0: entered promiscuous mode
[  202.866840][ T8907] team_slave_0: entered promiscuous mode
[  202.885056][ T8907] team_slave_1: entered promiscuous mode
[  202.906898][ T8907] bond0: (slave vlan3): Enslaving as an active interface with an up link
[  202.942051][ T8902] lo speed is unknown, defaulting to 1000
[  203.427640][ T8625] veth0_vlan: entered promiscuous mode
[  203.441776][ T8625] veth1_vlan: entered promiscuous mode
[  203.468483][ T8625] veth0_macvtap: entered promiscuous mode
[  203.477729][ T8625] veth1_macvtap: entered promiscuous mode
[  203.493092][ T8625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.504006][ T8625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.514131][ T8625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.524913][ T8625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.540347][ T8625] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.552839][ T8625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.563387][ T8625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.573657][ T8625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.584488][ T8625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.595533][ T8625] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.636145][ T8625] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.654233][ T8625] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.663370][ T8625] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.703897][ T5848] Bluetooth: hci2: command 0x0405 tx timeout
[  203.707950][ T8625] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.101707][ T8955] openvswitch: netlink: nsh attribute has 65524 unknown bytes.
[  204.110344][ T8955] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  204.165389][ T1121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.173696][ T1121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.427548][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.435541][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.654523][ T8972] netlink: 12 bytes leftover after parsing attributes in process `syz.2.770'.
[  204.996487][ T8976] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  205.043075][ T8987] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  205.309162][ T8996] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  205.539783][ T9001] lo speed is unknown, defaulting to 1000
[  205.601998][ T9008] netlink: 'syz.0.778': attribute type 10 has an invalid length.
[  205.613010][ T9001] lo speed is unknown, defaulting to 1000
[  205.760273][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.954323][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.109118][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.203677][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.361811][   T12] bridge_slave_1: left allmulticast mode
[  206.367583][   T12] bridge_slave_1: left promiscuous mode
[  206.373353][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.395499][   T12] bridge_slave_0: left allmulticast mode
[  206.401441][   T12] bridge_slave_0: left promiscuous mode
[  206.408237][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.009724][ T9054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.779'.
[  207.320873][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.347481][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.366265][   T12] bond0 (unregistering): Released all slaves
[  207.520469][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  207.531546][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  207.540541][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  207.565224][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  207.585724][ T5848] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  207.595620][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  207.649995][ T9072] netlink: 8 bytes leftover after parsing attributes in process `syz.0.784'.
[  207.659156][ T9072] nbd: illegal input index 16744192
[  207.693716][ T9069] lo speed is unknown, defaulting to 1000
[  207.724143][ T9069] lo speed is unknown, defaulting to 1000
[  207.916365][ T9080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.786'.
[  208.072989][ T9085] FAULT_INJECTION: forcing a failure.
[  208.072989][ T9085] name failslab, interval 1, probability 0, space 0, times 0
[  208.086277][ T9085] CPU: 1 UID: 0 PID: 9085 Comm: syz.0.789 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  208.096920][ T9085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  208.107012][ T9085] Call Trace:
[  208.110333][ T9085]  <TASK>
[  208.113300][ T9085]  dump_stack_lvl+0x241/0x360
[  208.118042][ T9085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.123337][ T9085]  ? __pfx__printk+0x10/0x10
[  208.127991][ T9085]  ? __kmalloc_cache_noprof+0x48/0x390
[  208.133503][ T9085]  ? __pfx___might_resched+0x10/0x10
[  208.138840][ T9085]  should_fail_ex+0x3b0/0x4e0
[  208.143562][ T9085]  should_failslab+0xac/0x100
[  208.148284][ T9085]  __kmalloc_cache_noprof+0x70/0x390
[  208.153612][ T9085]  ? genl_start+0x1cb/0x6d0
[  208.158155][ T9085]  genl_start+0x1cb/0x6d0
[  208.162522][ T9085]  __netlink_dump_start+0x45c/0x790
[  208.167752][ T9085]  genl_rcv_msg+0x88c/0xec0
[  208.172293][ T9085]  ? __pfx_genl_rcv_msg+0x10/0x10
[  208.177355][ T9085]  ? __pfx_genl_start+0x10/0x10
[  208.182230][ T9085]  ? __pfx_genl_dumpit+0x10/0x10
[  208.187191][ T9085]  ? __pfx_genl_done+0x10/0x10
[  208.191993][ T9085]  ? __pfx_lock_acquire+0x10/0x10
[  208.197036][ T9085]  ? __pfx_ethnl_default_start+0x10/0x10
[  208.202723][ T9085]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  208.208473][ T9085]  ? __pfx_ethnl_default_done+0x10/0x10
[  208.214153][ T9085]  ? __pfx___might_resched+0x10/0x10
[  208.219474][ T9085]  netlink_rcv_skb+0x1e3/0x430
[  208.224270][ T9085]  ? __pfx_genl_rcv_msg+0x10/0x10
[  208.229319][ T9085]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  208.234634][ T9085]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  208.240133][ T9085]  genl_rcv+0x28/0x40
[  208.244138][ T9085]  netlink_unicast+0x7f6/0x990
[  208.248924][ T9085]  ? __pfx_netlink_unicast+0x10/0x10
[  208.254221][ T9085]  ? __virt_addr_valid+0x45f/0x530
[  208.259351][ T9085]  ? __phys_addr_symbol+0x2f/0x70
[  208.264418][ T9085]  ? __check_object_size+0x47a/0x730
[  208.269724][ T9085]  netlink_sendmsg+0x8e4/0xcb0
[  208.274524][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.279861][ T9085]  ? aa_sock_msg_perm+0x91/0x160
[  208.284819][ T9085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.290121][ T9085]  __sock_sendmsg+0x221/0x270
[  208.294824][ T9085]  ____sys_sendmsg+0x52a/0x7e0
[  208.299610][ T9085]  ? __pfx_____sys_sendmsg+0x10/0x10
[  208.304908][ T9085]  ? __fget_files+0x2a/0x410
[  208.309521][ T9085]  ? __fget_files+0x2a/0x410
[  208.314226][ T9085]  __sys_sendmsg+0x269/0x350
[  208.318922][ T9085]  ? __pfx_lock_release+0x10/0x10
[  208.323965][ T9085]  ? __pfx___sys_sendmsg+0x10/0x10
[  208.329102][ T9085]  ? __pfx_vfs_write+0x10/0x10
[  208.333915][ T9085]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  208.340257][ T9085]  ? do_syscall_64+0x100/0x230
[  208.345072][ T9085]  ? do_syscall_64+0xb6/0x230
[  208.349771][ T9085]  do_syscall_64+0xf3/0x230
[  208.354316][ T9085]  ? clear_bhb_loop+0x35/0x90
[  208.359035][ T9085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.364968][ T9085] RIP: 0033:0x7f4d51385d29
[  208.369395][ T9085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.389113][ T9085] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.397552][ T9085] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  208.405536][ T9085] RDX: 0000000000000050 RSI: 0000000020000380 RDI: 0000000000000004
[  208.413520][ T9085] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  208.421505][ T9085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.429488][ T9085] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  208.437488][ T9085]  </TASK>
[  208.471327][ T9075] lo speed is unknown, defaulting to 1000
[  208.625617][ T9075] lo speed is unknown, defaulting to 1000
[  208.769137][ T9069] chnl_net:caif_netlink_parms(): no params data found
[  208.819116][ T9096] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  209.130862][ T9117] netlink: 'syz.2.793': attribute type 22 has an invalid length.
[  209.139612][ T9117] netlink: 36 bytes leftover after parsing attributes in process `syz.2.793'.
[  209.237287][ T9069] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.263718][ T9069] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.286028][ T9069] bridge_slave_0: entered allmulticast mode
[  209.303508][ T9069] bridge_slave_0: entered promiscuous mode
[  209.328793][ T9069] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.368059][ T9076] netlink: 'syz.1.785': attribute type 10 has an invalid length.
[  209.369369][ T9069] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.429131][ T9069] bridge_slave_1: entered allmulticast mode
[  209.532414][ T9069] bridge_slave_1: entered promiscuous mode
[  209.708829][ T5848] Bluetooth: hci2: command tx timeout
[  209.741763][ T9126] netlink: 28 bytes leftover after parsing attributes in process `syz.2.795'.
[  209.753378][ T9126] netlink: 'syz.2.795': attribute type 7 has an invalid length.
[  209.761650][ T9126] netlink: 'syz.2.795': attribute type 8 has an invalid length.
[  209.769766][ T9126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.795'.
[  209.794491][ T9076] syz_tun: entered promiscuous mode
[  209.806839][ T9076] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  209.842944][   T12] hsr_slave_0: left promiscuous mode
[  209.851870][   T12] hsr_slave_1: left promiscuous mode
[  209.860474][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.890028][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.898929][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.917076][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.958577][   T12] veth1_macvtap: left promiscuous mode
[  209.972342][   T12] veth0_macvtap: left promiscuous mode
[  209.978602][   T12] veth1_vlan: left promiscuous mode
[  209.992391][   T12] veth0_vlan: left promiscuous mode
[  210.643001][   T12] team0 (unregistering): Port device team_slave_1 removed
[  210.691727][   T12] team0 (unregistering): Port device team_slave_0 removed
[  211.100845][ T9126] ip6gretap0: entered promiscuous mode
[  211.112048][ T9126] batadv_slave_1: entered promiscuous mode
[  211.124416][ T9126] gretap0: entered promiscuous mode
[  211.130171][ T9126] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  211.139053][ T9126] Cannot create hsr debugfs directory
[  211.145992][ T9126] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.186074][ T9069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.224498][ T9069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.288020][ T9141] netlink: 216 bytes leftover after parsing attributes in process `syz.2.802'.
[  211.297379][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.802'.
[  211.458098][ T9069] team0: Port device team_slave_0 added
[  211.470997][ T9069] team0: Port device team_slave_1 added
[  211.601894][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.609695][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.664600][ T9069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.725210][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.742480][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.784071][ T5848] Bluetooth: hci2: command tx timeout
[  211.790800][ T9069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.950191][ T9155] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'.
[  212.081152][ T9161] xt_TCPMSS: Only works on TCP SYN packets
[  212.105569][ T9155] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.136641][ T9155] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.241499][ T9069] hsr_slave_0: entered promiscuous mode
[  212.248189][ T9069] hsr_slave_1: entered promiscuous mode
[  212.254590][ T9069] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.262251][ T9069] Cannot create hsr debugfs directory
[  212.444278][ T9174] netlink: 16 bytes leftover after parsing attributes in process `syz.3.806'.
[  212.455827][ T9174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'.
[  212.464927][ T9174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'.
[  212.554228][ T9174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'.
[  212.563401][ T9174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'.
[  212.880405][ T9186] netlink: 'syz.2.807': attribute type 4 has an invalid length.
[  212.960639][ T9187] ip6t_srh: unknown srh invflags 4000
[  213.062710][ T9193] netlink: 'syz.3.811': attribute type 9 has an invalid length.
[  213.095998][   T46] lo speed is unknown, defaulting to 1000
[  213.307347][   T62] tipc: Subscription rejected, illegal request
[  213.883601][ T5848] Bluetooth: hci2: command tx timeout
[  214.015868][ T9069] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  214.120384][ T9069] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  214.140253][ T9225] syzkaller1: entered promiscuous mode
[  214.151464][ T9225] syzkaller1: entered allmulticast mode
[  214.304627][ T9069] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  214.341811][ T9069] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  214.473655][ T9242] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  214.488949][ T9242] syzkaller0: entered promiscuous mode
[  214.497642][ T9242] syzkaller0: entered allmulticast mode
[  215.945404][ T5848] Bluetooth: hci2: command tx timeout
[  216.742780][ T9069] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.813134][ T9069] 8021q: adding VLAN 0 to HW filter on device team0
[  216.846748][ T1121] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.853988][ T1121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.863431][ T1121] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.870636][ T1121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.970887][ T9279] __nla_validate_parse: 5 callbacks suppressed
[  216.970910][ T9279] netlink: 324 bytes leftover after parsing attributes in process `syz.0.832'.
[  216.980493][ T9069] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  217.005453][ T9069] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.041533][ T9279] FAULT_INJECTION: forcing a failure.
[  217.041533][ T9279] name failslab, interval 1, probability 0, space 0, times 0
[  217.095335][ T9284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.831'.
[  217.159031][ T9279] CPU: 0 UID: 0 PID: 9279 Comm: syz.0.832 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  217.169710][ T9279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  217.171120][ T9286] netlink: 'syz.2.830': attribute type 10 has an invalid length.
[  217.179837][ T9279] Call Trace:
[  217.179884][ T9279]  <TASK>
[  217.179897][ T9279]  dump_stack_lvl+0x241/0x360
[  217.179938][ T9279]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.179971][ T9279]  ? __pfx__printk+0x10/0x10
[  217.180004][ T9279]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  217.180036][ T9279]  ? __pfx___might_resched+0x10/0x10
[  217.180061][ T9279]  ? xfrm_user_rcv_msg+0xaa8/0xc20
[  217.180098][ T9279]  should_fail_ex+0x3b0/0x4e0
[  217.188262][ T9284] nbd: illegal input index 65407
[  217.191120][ T9279]  should_failslab+0xac/0x100
[  217.191163][ T9279]  kmem_cache_alloc_node_noprof+0x77/0x380
[  217.245385][ T9279]  ? __alloc_skb+0x1c3/0x440
[  217.250012][ T9279]  __alloc_skb+0x1c3/0x440
[  217.254450][ T9279]  ? __pfx___alloc_skb+0x10/0x10
[  217.259407][ T9279]  ? netlink_ack_tlv_len+0x6e/0x200
[  217.264631][ T9279]  netlink_ack+0x145/0xa50
[  217.269069][ T9279]  ? __pfx___mutex_trylock_common+0x10/0x10
[  217.274993][ T9279]  netlink_rcv_skb+0x262/0x430
[  217.279771][ T9279]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  217.285262][ T9279]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.290586][ T9279]  xfrm_netlink_rcv+0x79/0x90
[  217.295293][ T9279]  netlink_unicast+0x7f6/0x990
[  217.300078][ T9279]  ? __pfx_netlink_unicast+0x10/0x10
[  217.305378][ T9279]  ? __virt_addr_valid+0x45f/0x530
[  217.310508][ T9279]  ? __phys_addr_symbol+0x2f/0x70
[  217.315549][ T9279]  ? __check_object_size+0x47a/0x730
[  217.320853][ T9279]  netlink_sendmsg+0x8e4/0xcb0
[  217.325647][ T9279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.330953][ T9279]  ? aa_sock_msg_perm+0x91/0x160
[  217.335908][ T9279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.341206][ T9279]  __sock_sendmsg+0x221/0x270
[  217.345913][ T9279]  ____sys_sendmsg+0x52a/0x7e0
[  217.350701][ T9279]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.356000][ T9279]  ? __fget_files+0x2a/0x410
[  217.360611][ T9279]  ? __fget_files+0x2a/0x410
[  217.365226][ T9279]  __sys_sendmsg+0x269/0x350
[  217.369838][ T9279]  ? __pfx_lock_release+0x10/0x10
[  217.374882][ T9279]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.380019][ T9279]  ? __pfx_vfs_write+0x10/0x10
[  217.384825][ T9279]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  217.391169][ T9279]  ? do_syscall_64+0x100/0x230
[  217.395958][ T9279]  ? do_syscall_64+0xb6/0x230
[  217.400651][ T9279]  do_syscall_64+0xf3/0x230
[  217.405173][ T9279]  ? clear_bhb_loop+0x35/0x90
[  217.409958][ T9279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.415871][ T9279] RIP: 0033:0x7f4d51385d29
[  217.420297][ T9279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.439916][ T9279] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.448364][ T9279] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  217.456349][ T9279] RDX: 000000000404c0a0 RSI: 0000000020000080 RDI: 0000000000000003
[  217.464328][ T9279] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  217.472308][ T9279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.480301][ T9279] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  217.488303][ T9279]  </TASK>
[  217.756338][ T9069] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.901862][ T9307] FAULT_INJECTION: forcing a failure.
[  217.901862][ T9307] name failslab, interval 1, probability 0, space 0, times 0
[  217.960187][ T9307] CPU: 1 UID: 0 PID: 9307 Comm: syz.3.838 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  217.970864][ T9307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  217.980970][ T9307] Call Trace:
[  217.984297][ T9307]  <TASK>
[  217.987268][ T9307]  dump_stack_lvl+0x241/0x360
[  217.992004][ T9307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.997271][ T9307]  ? __pfx__printk+0x10/0x10
[  218.001912][ T9307]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[  218.008461][ T9307]  ? __pfx___might_resched+0x10/0x10
[  218.013779][ T9307]  should_fail_ex+0x3b0/0x4e0
[  218.018476][ T9307]  should_failslab+0xac/0x100
[  218.023174][ T9307]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  218.029522][ T9307]  ? __request_module+0x2d5/0x640
[  218.034568][ T9307]  kstrdup+0x39/0xb0
[  218.038485][ T9307]  __request_module+0x2d5/0x640
[  218.043356][ T9307]  ? __pfx___request_module+0x10/0x10
[  218.048747][ T9307]  ? __pfx_lock_release+0x10/0x10
[  218.053806][ T9307]  ? __xfrm_init_state+0x725/0x12e0
[  218.059052][ T9307]  __xfrm_init_state+0x762/0x12e0
[  218.064106][ T9307]  ? __kmalloc_noprof+0x2a5/0x4c0
[  218.069149][ T9307]  xfrm_init_state+0x1f/0x80
[  218.073769][ T9307]  pfkey_add+0x1dfe/0x3030
[  218.078229][ T9307]  ? __pfx_pfkey_add+0x10/0x10
[  218.083009][ T9307]  ? pfkey_broadcast+0x45/0x400
[  218.087873][ T9307]  ? pfkey_broadcast+0x3e3/0x400
[  218.092842][ T9307]  pfkey_sendmsg+0xbcc/0x1050
[  218.097544][ T9307]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  218.102680][ T9307]  ? __pfx_aa_sk_perm+0x10/0x10
[  218.107559][ T9307]  ? __pfx_lock_release+0x10/0x10
[  218.112660][ T9307]  ? __import_iovec+0x590/0x870
[  218.117531][ T9307]  ? aa_sock_msg_perm+0x91/0x160
[  218.122487][ T9307]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  218.127608][ T9307]  __sock_sendmsg+0x221/0x270
[  218.132324][ T9307]  ____sys_sendmsg+0x52a/0x7e0
[  218.137141][ T9307]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.142544][ T9307]  ? __fget_files+0x2a/0x410
[  218.147183][ T9307]  ? __fget_files+0x2a/0x410
[  218.151814][ T9307]  __sys_sendmsg+0x269/0x350
[  218.156430][ T9307]  ? __pfx_lock_release+0x10/0x10
[  218.161481][ T9307]  ? __pfx___sys_sendmsg+0x10/0x10
[  218.166622][ T9307]  ? __pfx_vfs_write+0x10/0x10
[  218.171426][ T9307]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.177774][ T9307]  ? do_syscall_64+0x100/0x230
[  218.182561][ T9307]  ? do_syscall_64+0xb6/0x230
[  218.187257][ T9307]  do_syscall_64+0xf3/0x230
[  218.191863][ T9307]  ? clear_bhb_loop+0x35/0x90
[  218.196568][ T9307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.202486][ T9307] RIP: 0033:0x7fa6d3785d29
[  218.206930][ T9307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.226561][ T9307] RSP: 002b:00007fa6d45dc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.234996][ T9307] RAX: ffffffffffffffda RBX: 00007fa6d3975fa0 RCX: 00007fa6d3785d29
[  218.242978][ T9307] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  218.250959][ T9307] RBP: 00007fa6d45dc090 R08: 0000000000000000 R09: 0000000000000000
[  218.258942][ T9307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.266926][ T9307] R13: 0000000000000000 R14: 00007fa6d3975fa0 R15: 00007ffdefe75548
[  218.274922][ T9307]  </TASK>
[  218.662624][ T9312] syzkaller0: entered promiscuous mode
[  218.708756][ T9312] syzkaller0: entered allmulticast mode
[  219.220903][ T9333] syz_tun: left promiscuous mode
[  219.580081][ T9365] x_tables: unsorted entry at hook 3
[  219.748559][ T9333] veth0_to_team: left promiscuous mode
[  219.754411][ T9333] veth0_to_team: left allmulticast mode
[  219.777632][ T9333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.791496][ T9333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.207059][ T9333] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.216518][ T9333] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.231206][ T9333] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.243661][ T9333] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.969677][ T9364] gre1: entered promiscuous mode
[  222.135917][ T9069] veth0_vlan: entered promiscuous mode
[  222.203259][ T9069] veth1_vlan: entered promiscuous mode
[  222.285428][ T9380] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  222.299211][ T9069] veth0_macvtap: entered promiscuous mode
[  222.324550][ T9386] netlink: 216 bytes leftover after parsing attributes in process `syz.2.854'.
[  222.329279][ T9069] veth1_macvtap: entered promiscuous mode
[  222.334064][ T9386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.854'.
[  222.454894][ T9388] bond0: (slave syz_tun): Releasing backup interface
[  222.521074][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.579478][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.605147][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.647814][ T9069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.709774][ T9069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.721028][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.770021][ T9405] lo speed is unknown, defaulting to 1000
[  222.778280][ T9069] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.799976][ T9069] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.833843][ T9069] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.863876][ T9069] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.910607][ T9405] lo speed is unknown, defaulting to 1000
[  222.910886][ T9417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'.
[  223.055979][ T9415] netlink: 'syz.1.858': attribute type 1 has an invalid length.
[  223.083192][ T9415] bond2: entered promiscuous mode
[  223.107119][ T9415] 8021q: adding VLAN 0 to HW filter on device bond2
[  223.432670][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.448897][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.520273][ T9432] netlink: zone id is out of range
[  223.537329][ T9432] netlink: zone id is out of range
[  223.555981][ T9432] netlink: del zone limit has 8 unknown bytes
[  223.573100][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.590711][ T9434] netlink: zone id is out of range
[  223.598527][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.608360][ T9434] netlink: zone id is out of range
[  223.620452][ T9434] netlink: del zone limit has 8 unknown bytes
[  223.866967][ T9436] syzkaller0: entered promiscuous mode
[  223.872724][ T9436] syzkaller0: entered allmulticast mode
[  223.882777][ T9445] netlink: 'syz.1.864': attribute type 10 has an invalid length.
[  223.891010][ T9445] netlink: 40 bytes leftover after parsing attributes in process `syz.1.864'.
[  223.983151][ T9445] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  224.138629][ T9454] netlink: 96 bytes leftover after parsing attributes in process `syz.1.865'.
[  224.169661][ T9455] netlink: 76 bytes leftover after parsing attributes in process `syz.3.863'.
[  224.181202][ T9455] block nbd0: NBD_DISCONNECT
[  224.186488][ T9455] block nbd0: Send disconnect failed -89
[  224.192223][ T9455] block nbd0: Disconnected due to user request.
[  224.205818][ T9455] block nbd0: shutting down sockets
[  224.454942][ T9460] netlink: 'syz.1.866': attribute type 10 has an invalid length.
[  226.193724][ T9465] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  226.273406][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.334320][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  226.353876][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  226.355658][ T9472] syzkaller1: entered promiscuous mode
[  226.381480][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  226.393325][ T9472] syzkaller1: entered allmulticast mode
[  226.399636][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  226.407822][ T5844] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  226.416754][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  226.609396][ T9482] netlink: 28 bytes leftover after parsing attributes in process `syz.0.872'.
[  226.629877][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.772363][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.842574][ T9469] lo speed is unknown, defaulting to 1000
[  226.922457][ T9498] FAULT_INJECTION: forcing a failure.
[  226.922457][ T9498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.936629][ T9498] CPU: 1 UID: 0 PID: 9498 Comm: syz.3.875 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  226.947285][ T9498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  226.957389][ T9498] Call Trace:
[  226.960706][ T9498]  <TASK>
[  226.963669][ T9498]  dump_stack_lvl+0x241/0x360
[  226.968412][ T9498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.973678][ T9498]  ? __pfx__printk+0x10/0x10
[  226.978330][ T9498]  ? __pfx_lock_release+0x10/0x10
[  226.983418][ T9498]  should_fail_ex+0x3b0/0x4e0
[  226.988157][ T9498]  _copy_from_user+0x2f/0xc0
[  226.992812][ T9498]  xsk_setsockopt+0x34e/0x950
[  226.997551][ T9498]  ? __pfx_xsk_setsockopt+0x10/0x10
[  227.002778][ T9498]  ? vfs_write+0x730/0xd30
[  227.007909][ T9498]  ? do_sys_openat2+0x17a/0x1d0
[  227.012779][ T9498]  ? aa_sock_opt_perm+0x79/0x120
[  227.017743][ T9498]  ? __pfx_xsk_setsockopt+0x10/0x10
[  227.022980][ T9498]  do_sock_setsockopt+0x3af/0x720
[  227.028071][ T9498]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  227.033642][ T9498]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  227.039644][ T9498]  __x64_sys_setsockopt+0x1ee/0x280
[  227.044866][ T9498]  do_syscall_64+0xf3/0x230
[  227.049390][ T9498]  ? clear_bhb_loop+0x35/0x90
[  227.054090][ T9498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.060016][ T9498] RIP: 0033:0x7fa6d3785d29
[  227.064452][ T9498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.084078][ T9498] RSP: 002b:00007fa6d45dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  227.092513][ T9498] RAX: ffffffffffffffda RBX: 00007fa6d3975fa0 RCX: 00007fa6d3785d29
[  227.100590][ T9498] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[  227.108590][ T9498] RBP: 00007fa6d45dc090 R08: 0000000000000020 R09: 0000000000000000
[  227.116594][ T9498] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  227.124581][ T9498] R13: 0000000000000000 R14: 00007fa6d3975fa0 R15: 00007ffdefe75548
[  227.132581][ T9498]  </TASK>
[  227.266615][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.289624][ T9469] lo speed is unknown, defaulting to 1000
[  227.307867][ T5844] Bluetooth: hci4: command 0x0406 tx timeout
[  227.324514][ T9508] netlink: 44 bytes leftover after parsing attributes in process `syz.1.877'.
[  227.381498][ T9510] netlink: 'syz.3.878': attribute type 11 has an invalid length.
[  227.389743][ T9510] netlink: 232 bytes leftover after parsing attributes in process `syz.3.878'.
[  227.746576][ T9522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.880'.
[  227.828510][ T9524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.882'.
[  227.954475][ T9524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  227.990530][ T9529] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  228.025967][ T9524] netlink: 32 bytes leftover after parsing attributes in process `syz.3.882'.
[  228.042303][ T9532] netlink: 96 bytes leftover after parsing attributes in process `syz.2.884'.
[  228.087594][   T11] bridge_slave_1: left allmulticast mode
[  228.093611][   T11] bridge_slave_1: left promiscuous mode
[  228.099815][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.114491][ T9524] nbd0: detected capacity change from 0 to 140460462964736
[  228.146922][ T8168] block nbd0: Send control failed (result -89)
[  228.154240][ T8168] block nbd0: Request send failed, requeueing
[  228.165151][ T5842] block nbd0: Receive control failed (result -32)
[  228.168793][   T26] block nbd0: Dead connection, failed to find a fallback
[  228.191947][   T11] bridge_slave_0: left allmulticast mode
[  228.198789][   T11] bridge_slave_0: left promiscuous mode
[  228.207678][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.503970][ T5842] Bluetooth: hci2: command tx timeout
[  228.677729][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.690098][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.701991][   T11] bond0 (unregistering): Released all slaves
[  228.744980][ T9469] chnl_net:caif_netlink_parms(): no params data found
[  229.088009][ T9555] lo speed is unknown, defaulting to 1000
[  229.194166][ T9563] netlink: 'syz.1.894': attribute type 10 has an invalid length.
[  229.214764][ T9563] netlink: 40 bytes leftover after parsing attributes in process `syz.1.894'.
[  229.255046][ T9555] lo speed is unknown, defaulting to 1000
[  229.293501][ T9469] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.313909][ T9469] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.330015][ T9469] bridge_slave_0: entered allmulticast mode
[  229.357741][ T9469] bridge_slave_0: entered promiscuous mode
[  229.387812][ T9571] netlink: 16 bytes leftover after parsing attributes in process `syz.2.895'.
[  229.410400][ T9571] netlink: 16 bytes leftover after parsing attributes in process `syz.2.895'.
[  229.467480][ T9574] netlink: 44 bytes leftover after parsing attributes in process `syz.1.896'.
[  229.518482][ T9469] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.544262][ T9469] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.572055][ T9469] bridge_slave_1: entered allmulticast mode
[  229.585198][ T9469] bridge_slave_1: entered promiscuous mode
[  229.851032][ T9588] FAULT_INJECTION: forcing a failure.
[  229.851032][ T9588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.886321][ T9588] CPU: 1 UID: 0 PID: 9588 Comm: syz.0.898 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  229.897039][ T9588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  229.907150][ T9588] Call Trace:
[  229.910469][ T9588]  <TASK>
[  229.913440][ T9588]  dump_stack_lvl+0x241/0x360
[  229.918176][ T9588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.923429][ T9588]  ? __pfx__printk+0x10/0x10
[  229.928074][ T9588]  ? __pfx_lock_release+0x10/0x10
[  229.933151][ T9588]  should_fail_ex+0x3b0/0x4e0
[  229.937874][ T9588]  _copy_from_user+0x2f/0xc0
[  229.942522][ T9588]  copy_msghdr_from_user+0xae/0x680
[  229.947775][ T9588]  ? __pfx___might_resched+0x10/0x10
[  229.953121][ T9588]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  229.959036][ T9588]  ? do_recvmmsg+0x44e/0xab0
[  229.963677][ T9588]  ? __might_fault+0xaa/0x120
[  229.968400][ T9588]  do_recvmmsg+0x3bd/0xab0
[  229.972876][ T9588]  ? __pfx_do_recvmmsg+0x10/0x10
[  229.977893][ T9588]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  229.983844][ T9588]  ? ksys_write+0x22a/0x2b0
[  229.988406][ T9588]  ? __pfx_lock_release+0x10/0x10
[  229.993473][ T9588]  ? vfs_write+0x730/0xd30
[  229.997933][ T9588]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  230.003977][ T9588]  ? __fget_files+0x2a/0x410
[  230.008650][ T9588]  __x64_sys_recvmmsg+0x199/0x250
[  230.013821][ T9588]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  230.019431][ T9588]  ? do_syscall_64+0x100/0x230
[  230.024253][ T9588]  ? do_syscall_64+0xb6/0x230
[  230.029002][ T9588]  do_syscall_64+0xf3/0x230
[  230.033564][ T9588]  ? clear_bhb_loop+0x35/0x90
[  230.038309][ T9588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.044262][ T9588] RIP: 0033:0x7f4d51385d29
[  230.048722][ T9588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.068383][ T9588] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  230.076843][ T9588] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  230.084839][ T9588] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  230.092854][ T9588] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  230.100880][ T9588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  230.108954][ T9588] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  230.116993][ T9588]  </TASK>
[  230.125107][ T9469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.182665][ T9469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.424676][ T9606] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  230.439015][ T9469] team0: Port device team_slave_0 added
[  230.521961][   T11] hsr_slave_0: left promiscuous mode
[  230.531888][   T11] hsr_slave_1: left promiscuous mode
[  230.538135][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.545747][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.554073][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.561737][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.594199][ T5842] Bluetooth: hci2: command tx timeout
[  230.598616][   T11] veth1_macvtap: left promiscuous mode
[  230.624684][   T11] veth0_macvtap: left promiscuous mode
[  230.637894][   T11] veth1_vlan: left promiscuous mode
[  230.643470][   T11] veth0_vlan: left promiscuous mode
[  231.148275][   T11] team0 (unregistering): Port device team_slave_1 removed
[  231.192090][   T11] team0 (unregistering): Port device team_slave_0 removed
[  231.611882][ T9607] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  231.622230][ T9469] team0: Port device team_slave_1 added
[  231.652882][ T9603] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  231.661715][ T9603] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  231.670672][ T9603] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  231.680220][ T9603] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  231.800638][ T9469] batman_adv: batadv0: Adding interface: batadv_slave_0
[  231.823895][ T9469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.854424][ T9469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  231.969629][ T9469] batman_adv: batadv0: Adding interface: batadv_slave_1
[  231.994898][ T9469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.052119][ T9469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.460830][ T9469] hsr_slave_0: entered promiscuous mode
[  232.467061][ T9643] netlink: 'syz.1.910': attribute type 10 has an invalid length.
[  232.477930][ T9469] hsr_slave_1: entered promiscuous mode
[  232.486266][ T9469] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  232.508867][ T9643] __nla_validate_parse: 8 callbacks suppressed
[  232.508890][ T9643] netlink: 40 bytes leftover after parsing attributes in process `syz.1.910'.
[  232.542355][ T9469] Cannot create hsr debugfs directory
[  232.585954][ T9643] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  232.635069][ T9654] netlink: 'syz.2.909': attribute type 22 has an invalid length.
[  232.642869][ T9654] netlink: 36 bytes leftover after parsing attributes in process `syz.2.909'.
[  232.664225][ T5842] Bluetooth: hci2: command tx timeout
[  233.403229][ T9683] netlink: 47 bytes leftover after parsing attributes in process `syz.1.914'.
[  233.848125][ T9666] team0: left promiscuous mode
[  233.852980][ T9666] team_slave_0: left promiscuous mode
[  233.862596][ T9666] team_slave_1: left promiscuous mode
[  233.994128][ T9687] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  234.147593][ T9705] netlink: 4 bytes leftover after parsing attributes in process `syz.1.918'.
[  234.382748][ T9720] netlink: 96 bytes leftover after parsing attributes in process `syz.2.921'.
[  234.730931][ T9732] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  234.745194][ T5842] Bluetooth: hci2: command tx timeout
[  234.822513][ T9731] lo speed is unknown, defaulting to 1000
[  234.898387][ T9731] lo speed is unknown, defaulting to 1000
[  234.956146][ T9469] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  235.042516][ T9469] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  235.068673][ T9469] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  235.127365][ T9469] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  235.272356][ T9752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.929'.
[  235.371150][ T9758] xt_l2tp: v2 tid > 0xffff: 150994944
[  235.380499][ T9759] FAULT_INJECTION: forcing a failure.
[  235.380499][ T9759] name failslab, interval 1, probability 0, space 0, times 0
[  235.383042][ T9469] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.424976][ T9759] CPU: 0 UID: 0 PID: 9759 Comm: syz.1.931 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  235.435649][ T9759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  235.445789][ T9759] Call Trace:
[  235.449111][ T9759]  <TASK>
[  235.452091][ T9759]  dump_stack_lvl+0x241/0x360
[  235.456840][ T9759]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.462098][ T9759]  ? __pfx__printk+0x10/0x10
[  235.466739][ T9759]  ? kmem_cache_alloc_noprof+0x48/0x380
[  235.472342][ T9759]  ? __pfx___might_resched+0x10/0x10
[  235.477679][ T9759]  should_fail_ex+0x3b0/0x4e0
[  235.482412][ T9759]  should_failslab+0xac/0x100
[  235.483565][ T9469] 8021q: adding VLAN 0 to HW filter on device team0
[  235.487117][ T9759]  ? skb_clone+0x20c/0x390
[  235.487150][ T9759]  kmem_cache_alloc_noprof+0x70/0x380
[  235.487184][ T9759]  ? __pfx_lock_release+0x10/0x10
[  235.487218][ T9759]  skb_clone+0x20c/0x390
[  235.487253][ T9759]  pfkey_broadcast_one+0x99/0x330
[  235.487282][ T9759]  ? pfkey_broadcast+0x45/0x400
[  235.487303][ T9759]  pfkey_broadcast+0x3ca/0x400
[  235.487324][ T9759]  ? pfkey_broadcast+0x45/0x400
[  235.487351][ T9759]  pfkey_sendmsg+0xe10/0x1050
[  235.487391][ T9759]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  235.510870][ T3526] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.513073][ T9759]  ? __pfx_aa_sk_perm+0x10/0x10
[  235.518241][ T3526] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.522945][ T9759]  ? __pfx_lock_release+0x10/0x10
[  235.566590][ T9759]  ? __import_iovec+0x590/0x870
[  235.571504][ T9759]  ? aa_sock_msg_perm+0x91/0x160
[  235.576503][ T9759]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  235.581666][ T9759]  __sock_sendmsg+0x221/0x270
[  235.586417][ T9759]  ____sys_sendmsg+0x52a/0x7e0
[  235.591591][ T9759]  ? __pfx_____sys_sendmsg+0x10/0x10
[  235.596925][ T9759]  ? __fget_files+0x2a/0x410
[  235.601564][ T9759]  ? __fget_files+0x2a/0x410
[  235.606212][ T9759]  __sys_sendmsg+0x269/0x350
[  235.610850][ T9759]  ? __pfx_lock_release+0x10/0x10
[  235.615922][ T9759]  ? __pfx___sys_sendmsg+0x10/0x10
[  235.621092][ T9759]  ? __pfx_vfs_write+0x10/0x10
[  235.624143][ T3526] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.625904][ T9759]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  235.633036][ T3526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.639239][ T9759]  ? do_syscall_64+0x100/0x230
[  235.639275][ T9759]  ? do_syscall_64+0xb6/0x230
[  235.656006][ T9759]  do_syscall_64+0xf3/0x230
[  235.660592][ T9759]  ? clear_bhb_loop+0x35/0x90
[  235.665333][ T9759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.671285][ T9759] RIP: 0033:0x7fbad8985d29
[  235.675753][ T9759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.689938][ T9469] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  235.695485][ T9759] RSP: 002b:00007fbad97d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.695518][ T9759] RAX: ffffffffffffffda RBX: 00007fbad8b75fa0 RCX: 00007fbad8985d29
[  235.695535][ T9759] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  235.695550][ T9759] RBP: 00007fbad97d7090 R08: 0000000000000000 R09: 0000000000000000
[  235.695566][ T9759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.695581][ T9759] R13: 0000000000000000 R14: 00007fbad8b75fa0 R15: 00007ffef2b9d058
[  235.695614][ T9759]  </TASK>
[  235.765257][ T9469] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  236.143659][ T9773] netlink: 96 bytes leftover after parsing attributes in process `syz.1.932'.
[  236.360576][ T9781] netlink: 4 bytes leftover after parsing attributes in process `syz.2.933'.
[  236.605830][ T9785] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (7)
[  236.774962][ T9785] netlink: 'syz.3.935': attribute type 1 has an invalid length.
[  236.782684][ T9785] netlink: 'syz.3.935': attribute type 1 has an invalid length.
[  236.827769][ T9469] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.840382][ T9785] netlink: 'syz.3.935': attribute type 2 has an invalid length.
[  236.853191][ T9802] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  236.868829][ T9785] netlink: 68 bytes leftover after parsing attributes in process `syz.3.935'.
[  237.242582][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.941'.
[  237.291147][ T9812] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.301590][ T9812] 8021q: adding VLAN 0 to HW filter on device team0
[  237.310932][ T9812] team0: entered promiscuous mode
[  237.326423][ T9812] team_slave_0: entered promiscuous mode
[  237.332514][ T9812] team_slave_1: entered promiscuous mode
[  237.347793][ T9812] dummy0: left promiscuous mode
[  237.361166][ T9812] dummy0: entered promiscuous mode
[  237.371549][ T9812] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.414704][ T7865] lo speed is unknown, defaulting to 1000
[  237.421280][ T9815] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.491516][ T9815] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.634284][ T9469] veth0_vlan: entered promiscuous mode
[  237.657142][ T9469] veth1_vlan: entered promiscuous mode
[  237.712027][ T9833] syz_tun: left promiscuous mode
[  237.746240][ T9833] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.753482][ T9833] bridge0: port 2(bridge_slave_1) entered listening state
[  237.760944][ T9833] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.768175][ T9833] bridge0: port 1(bridge_slave_0) entered listening state
[  237.805810][ T9833] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.895028][ T9469] veth0_macvtap: entered promiscuous mode
[  237.910630][ T9469] veth1_macvtap: entered promiscuous mode
[  237.943561][ T9469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.969312][ T9469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.981702][ T9469] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.004552][ T9469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.015472][ T9469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.027254][ T9469] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.039961][ T9469] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.077489][ T9469] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.090990][ T9469] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.100557][ T9469] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.249118][ T9851] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  238.256164][ T3526] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.279033][ T3526] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.307671][ T3490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.315886][ T3490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.478603][ T9857] __nla_validate_parse: 1 callbacks suppressed
[  238.478627][ T9857] netlink: 216 bytes leftover after parsing attributes in process `syz.0.956'.
[  238.498683][ T9857] netlink: 8 bytes leftover after parsing attributes in process `syz.0.956'.
[  238.511042][ T9859] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  238.657144][ T9868] netlink: 68 bytes leftover after parsing attributes in process `syz.2.958'.
[  238.676925][ T9868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.958'.
[  238.725128][ T9868] IPVS: set_ctl: invalid protocol: 43 0.0.0.0:20000
[  238.871423][   T62] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.029202][   T62] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.113637][   T62] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.180052][   T62] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.484003][   T62] bridge_slave_1: left allmulticast mode
[  239.489701][   T62] bridge_slave_1: left promiscuous mode
[  239.499501][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.509570][   T62] bridge_slave_0: left allmulticast mode
[  239.515635][   T62] bridge_slave_0: left promiscuous mode
[  239.521384][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.818224][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.829403][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.840597][   T62] bond0 (unregistering): Released all slaves
[  240.273521][   T62] hsr_slave_0: left promiscuous mode
[  240.285192][   T62] hsr_slave_1: left promiscuous mode
[  240.292342][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.300152][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.310014][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.317523][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.339561][   T62] veth1_macvtap: left promiscuous mode
[  240.345254][   T62] veth0_macvtap: left promiscuous mode
[  240.352377][   T62] veth1_vlan: left promiscuous mode
[  240.394122][   T62] veth0_vlan: left promiscuous mode
[  240.445332][ T9905] netlink: 28 bytes leftover after parsing attributes in process `syz.0.962'.
[  240.463971][ T9905] netlink: 'syz.0.962': attribute type 7 has an invalid length.
[  240.471731][ T9905] netlink: 'syz.0.962': attribute type 8 has an invalid length.
[  240.485091][ T9905] netlink: 4 bytes leftover after parsing attributes in process `syz.0.962'.
[  240.704802][ T9916] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  240.771315][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  240.787354][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  240.795608][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  240.803706][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  240.820701][ T5844] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  240.828511][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  241.250478][   T62] team0 (unregistering): Port device team_slave_1 removed
[  241.300267][   T62] team0 (unregistering): Port device team_slave_0 removed
[  241.839009][ T9919] lo speed is unknown, defaulting to 1000
[  241.854972][ T9919] lo speed is unknown, defaulting to 1000
[  242.209694][ T9943] xt_ecn: cannot match TCP bits for non-tcp packets
[  242.451605][ T9956] FAULT_INJECTION: forcing a failure.
[  242.451605][ T9956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.500179][ T9956] CPU: 1 UID: 0 PID: 9956 Comm: syz.1.975 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  242.510868][ T9956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  242.520975][ T9956] Call Trace:
[  242.524299][ T9956]  <TASK>
[  242.527265][ T9956]  dump_stack_lvl+0x241/0x360
[  242.532009][ T9956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.537302][ T9956]  ? __pfx__printk+0x10/0x10
[  242.541965][ T9956]  ? __pfx_lock_release+0x10/0x10
[  242.547023][ T9956]  should_fail_ex+0x3b0/0x4e0
[  242.551727][ T9956]  _copy_from_user+0x2f/0xc0
[  242.556349][ T9956]  copy_msghdr_from_user+0xae/0x680
[  242.561618][ T9956]  ? __pfx___might_resched+0x10/0x10
[  242.566930][ T9956]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  242.572773][ T9956]  ? do_recvmmsg+0x44e/0xab0
[  242.577391][ T9956]  ? __might_fault+0xaa/0x120
[  242.582106][ T9956]  do_recvmmsg+0x3bd/0xab0
[  242.586564][ T9956]  ? __pfx_do_recvmmsg+0x10/0x10
[  242.591540][ T9956]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  242.597455][ T9956]  ? ksys_write+0x22a/0x2b0
[  242.602412][ T9956]  ? __pfx_lock_release+0x10/0x10
[  242.607462][ T9956]  ? vfs_write+0x730/0xd30
[  242.611900][ T9956]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  242.617895][ T9956]  ? __fget_files+0x2a/0x410
[  242.622518][ T9956]  __x64_sys_recvmmsg+0x199/0x250
[  242.627572][ T9956]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  242.633138][ T9956]  ? do_syscall_64+0x100/0x230
[  242.637923][ T9956]  ? do_syscall_64+0xb6/0x230
[  242.642621][ T9956]  do_syscall_64+0xf3/0x230
[  242.647146][ T9956]  ? clear_bhb_loop+0x35/0x90
[  242.651850][ T9956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.657762][ T9956] RIP: 0033:0x7fbad8985d29
[  242.662202][ T9956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.681821][ T9956] RSP: 002b:00007fbad97d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  242.690254][ T9956] RAX: ffffffffffffffda RBX: 00007fbad8b75fa0 RCX: 00007fbad8985d29
[  242.698245][ T9956] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  242.706227][ T9956] RBP: 00007fbad97d7090 R08: 0000000000000000 R09: 0000000000000000
[  242.714207][ T9956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  242.722190][ T9956] R13: 0000000000000000 R14: 00007fbad8b75fa0 R15: 00007ffef2b9d058
[  242.730190][ T9956]  </TASK>
[  242.783896][ T9954] lo speed is unknown, defaulting to 1000
[  242.790807][ T9954] lo speed is unknown, defaulting to 1000
[  242.899726][ T9962] netlink: 44 bytes leftover after parsing attributes in process `syz.3.976'.
[  242.909994][ T5842] Bluetooth: hci2: command tx timeout
[  242.958173][ T9919] chnl_net:caif_netlink_parms(): no params data found
[  243.099450][ T9976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.976'.
[  243.326525][ T9919] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.334748][ T9919] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.360328][ T9919] bridge_slave_0: entered allmulticast mode
[  243.385320][ T9919] bridge_slave_0: entered promiscuous mode
[  243.439147][ T9919] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.454302][ T9919] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.461604][ T9919] bridge_slave_1: entered allmulticast mode
[  243.485036][ T9919] bridge_slave_1: entered promiscuous mode
[  243.555502][ T9919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.615126][ T9919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.823406][ T9919] team0: Port device team_slave_0 added
[  243.857376][ T9919] team0: Port device team_slave_1 added
[  243.996938][ T9919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.021825][ T9919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.065329][T10018] netlink: 'syz.3.985': attribute type 4 has an invalid length.
[  244.113425][ T9919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.132793][T10021] ip6t_srh: unknown srh invflags 4000
[  244.164798][ T9919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.171815][ T9919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.254278][ T9919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.313056][T10025] netlink: 'syz.2.989': attribute type 1 has an invalid length.
[  244.346638][T10025] netlink: 224 bytes leftover after parsing attributes in process `syz.2.989'.
[  244.388629][ T9919] hsr_slave_0: entered promiscuous mode
[  244.404758][ T9919] hsr_slave_1: entered promiscuous mode
[  244.410807][ T9919] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.429670][ T9919] Cannot create hsr debugfs directory
[  244.984127][ T5842] Bluetooth: hci2: command tx timeout
[  245.155482][T10051] netlink: 188 bytes leftover after parsing attributes in process `syz.3.996'.
[  245.172115][T10051] netlink: 'syz.3.996': attribute type 1 has an invalid length.
[  245.363328][T10056] IPVS: persistence engine module ip_vs_pe_ not found
[  245.422208][T10063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1000'.
[  245.441612][T10063] nbd: illegal input index -8454144
[  245.567681][T10069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1002'.
[  245.695199][T10074] FAULT_INJECTION: forcing a failure.
[  245.695199][T10074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.708996][T10077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1004'.
[  245.723643][T10077] netlink: 39 bytes leftover after parsing attributes in process `syz.1.1004'.
[  245.746562][T10074] CPU: 1 UID: 0 PID: 10074 Comm: syz.0.1003 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  245.757489][T10074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.767585][T10074] Call Trace:
[  245.770898][T10074]  <TASK>
[  245.773869][T10074]  dump_stack_lvl+0x241/0x360
[  245.778613][T10074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.779726][T10079] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  245.783859][T10074]  ? __pfx__printk+0x10/0x10
[  245.783899][T10074]  ? __pfx_lock_release+0x10/0x10
[  245.783938][T10074]  should_fail_ex+0x3b0/0x4e0
[  245.804641][T10074]  _copy_from_user+0x2f/0xc0
[  245.809279][T10074]  copy_msghdr_from_user+0xae/0x680
[  245.814503][T10074]  ? __pfx___might_resched+0x10/0x10
[  245.819809][T10074]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  245.825659][T10074]  ? do_recvmmsg+0x44e/0xab0
[  245.830262][T10074]  ? __might_fault+0xaa/0x120
[  245.834954][T10074]  do_recvmmsg+0x3bd/0xab0
[  245.839397][T10074]  ? __pfx_do_recvmmsg+0x10/0x10
[  245.844483][T10074]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  245.850398][T10074]  ? ksys_write+0x22a/0x2b0
[  245.854929][T10074]  ? __pfx_lock_release+0x10/0x10
[  245.860008][T10074]  ? vfs_write+0x730/0xd30
[  245.864469][T10074]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  245.870472][T10074]  ? __fget_files+0x2a/0x410
[  245.875087][T10074]  __x64_sys_recvmmsg+0x199/0x250
[  245.880150][T10074]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  245.885736][T10074]  ? do_syscall_64+0x100/0x230
[  245.890540][T10074]  ? do_syscall_64+0xb6/0x230
[  245.895245][T10074]  do_syscall_64+0xf3/0x230
[  245.899796][T10074]  ? clear_bhb_loop+0x35/0x90
[  245.904523][T10074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.910459][T10074] RIP: 0033:0x7f4d51385d29
[  245.914884][T10074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.934505][T10074] RSP: 002b:00007f4d4f1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  245.942966][T10074] RAX: ffffffffffffffda RBX: 00007f4d51575fa0 RCX: 00007f4d51385d29
[  245.950953][T10074] RDX: 03ffffffffffff67 RSI: 0000000020002440 RDI: 0000000000000004
[  245.958967][T10074] RBP: 00007f4d4f1f6090 R08: 0000000000000000 R09: 0000000000000000
[  245.967088][T10074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  245.975134][T10074] R13: 0000000000000000 R14: 00007f4d51575fa0 R15: 00007ffc79c14a98
[  245.983146][T10074]  </TASK>
[  246.240849][T10084] syzkaller0: entered promiscuous mode
[  246.247136][T10084] syzkaller0: entered allmulticast mode
[  246.255082][T10089] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  246.271706][ T9919] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  246.310977][ T9919] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  246.547652][T10102] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1012'.
[  246.559635][ T9919] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  246.571700][ T9919] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  247.066890][ T5842] Bluetooth: hci2: command tx timeout
[  248.530121][T10106] lo speed is unknown, defaulting to 1000
[  248.555295][T10106] lo speed is unknown, defaulting to 1000
[  248.778788][ T9919] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.796860][T10138] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  248.988194][ T9919] 8021q: adding VLAN 0 to HW filter on device team0
[  249.096048][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.103266][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.147394][ T5842] Bluetooth: hci2: command tx timeout
[  249.219298][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.226542][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.319411][T10151] netlink: 'syz.1.1021': attribute type 5 has an invalid length.
[  249.350298][T10151] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1021'.
[  249.400448][T10151] nbd: must specify an index to disconnect
[  250.099793][T10157] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.107094][T10157] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.264925][T10157] team0: left promiscuous mode
[  250.269954][T10157] team_slave_0: left promiscuous mode
[  250.284300][T10157] team_slave_1: left promiscuous mode
[  250.294960][T10157] batman_adv: batadv0: Interface deactivated: dummy0
[  250.836317][T10157] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.965627][T10157] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  251.397842][T10157] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  251.420610][T10157] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  251.438333][T10157] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  251.447309][T10157] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  251.566816][T10157] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 20000 - 0
[  251.583324][T10157] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 20000 - 0
[  251.592495][T10157] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 20000 - 0
[  251.601733][T10157] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 20000 - 0
[  251.758395][ T9919] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.126353][T10253] vlan2: left promiscuous mode
[  252.189620][T10254] vlan3: entered promiscuous mode
[  252.406975][T10266] lo speed is unknown, defaulting to 1000
[  252.445289][ T9919] veth0_vlan: entered promiscuous mode
[  252.477225][T10263] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  252.501145][T10274] FAULT_INJECTION: forcing a failure.
[  252.501145][T10274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  252.501406][T10263] syzkaller0: entered promiscuous mode
[  252.527417][T10263] syzkaller0: entered allmulticast mode
[  252.534626][T10274] CPU: 1 UID: 0 PID: 10274 Comm: syz.3.1035 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  252.544930][ T9919] veth1_vlan: entered promiscuous mode
[  252.545437][T10274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  252.561012][T10274] Call Trace:
[  252.564332][T10274]  <TASK>
[  252.567303][T10274]  dump_stack_lvl+0x241/0x360
[  252.572048][T10274]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.577307][T10274]  ? __pfx__printk+0x10/0x10
[  252.578109][ T9919] veth0_macvtap: entered promiscuous mode
[  252.581933][T10274]  ? snprintf+0xda/0x120
[  252.591927][T10274]  should_fail_ex+0x3b0/0x4e0
[  252.593607][ T9919] veth1_macvtap: entered promiscuous mode
[  252.596718][T10274]  _copy_to_user+0x31/0xb0
[  252.596761][T10274]  simple_read_from_buffer+0xca/0x150
[  252.612348][T10274]  proc_fail_nth_read+0x1e9/0x250
[  252.617458][T10274]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  252.623032][T10274]  ? rw_verify_area+0x55e/0x6f0
[  252.627896][T10274]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  252.633460][T10274]  vfs_read+0x1fc/0xb70
[  252.637631][T10274]  ? __pfx___mutex_lock+0x10/0x10
[  252.642680][T10274]  ? __pfx_vfs_read+0x10/0x10
[  252.647373][T10274]  ? __fget_files+0x2a/0x410
[  252.651985][T10274]  ? __fget_files+0x395/0x410
[  252.656702][T10274]  ? __fget_files+0x2a/0x410
[  252.661316][T10274]  ksys_read+0x18f/0x2b0
[  252.665572][T10274]  ? __pfx_ksys_read+0x10/0x10
[  252.670347][T10274]  ? do_syscall_64+0x100/0x230
[  252.675130][T10274]  ? do_syscall_64+0xb6/0x230
[  252.679827][T10274]  do_syscall_64+0xf3/0x230
[  252.684347][T10274]  ? clear_bhb_loop+0x35/0x90
[  252.689043][T10274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.694955][T10274] RIP: 0033:0x7fa6d378473c
[  252.699384][T10274] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  252.719001][T10274] RSP: 002b:00007fa6d45dc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  252.727434][T10274] RAX: ffffffffffffffda RBX: 00007fa6d3975fa0 RCX: 00007fa6d378473c
[  252.735421][T10274] RDX: 000000000000000f RSI: 00007fa6d45dc0a0 RDI: 0000000000000004
[  252.743408][T10274] RBP: 00007fa6d45dc090 R08: 0000000000000000 R09: 0000000000000000
[  252.751392][T10274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.759380][T10274] R13: 0000000000000000 R14: 00007fa6d3975fa0 R15: 00007ffdefe75548
[  252.767391][T10274]  </TASK>
[  252.785843][T10266] lo speed is unknown, defaulting to 1000
[  252.812491][T10272] syzkaller1: entered promiscuous mode
[  252.822440][T10272] syzkaller1: entered allmulticast mode
[  252.993611][ T9919] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.004573][ T9919] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.116029][T10282] netlink: 'syz.0.1037': attribute type 1 has an invalid length.
[  253.129558][T10282] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1037'.
[  254.764984][ T9919] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.774794][ T9919] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.783563][ T9919] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.793035][ T9919] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.050063][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.063035][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.072862][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.091595][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.350946][T10301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1045'.
[  255.573286][T10309] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1047'.
[  255.677913][ T3526] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.795602][ T3526] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.870605][ T3526] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.929882][ T3526] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.946632][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  255.953028][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  256.099565][ T3526] bridge_slave_1: left allmulticast mode
[  256.110189][ T3526] bridge_slave_1: left promiscuous mode
[  256.116614][ T3526] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.125690][ T3526] bridge_slave_0: left allmulticast mode
[  256.131358][ T3526] bridge_slave_0: left promiscuous mode
[  256.140829][ T3526] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.464997][ T3526] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.477485][ T3526] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.488114][ T3526] bond0 (unregistering): Released all slaves
[  256.804939][ T3526] hsr_slave_0: left promiscuous mode
[  256.810862][ T3526] hsr_slave_1: left promiscuous mode
[  256.820287][ T3526] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  256.828110][ T3526] batman_adv: batadv0: Removing interface: batadv_slave_0
[  256.840856][ T3526] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  256.848514][ T3526] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.871239][ T3526] veth1_macvtap: left promiscuous mode
[  256.877042][ T3526] veth0_macvtap: left promiscuous mode
[  256.882643][ T3526] veth1_vlan: left promiscuous mode
[  256.888083][ T3526] veth0_vlan: left promiscuous mode
[  257.482188][T10326] netlink: 1280 bytes leftover after parsing attributes in process `syz.3.1054'.
[  257.516495][T10325] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1053'.
[  257.530136][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  257.549694][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  257.574669][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  257.593272][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  257.601504][ T5844] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  257.609504][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  257.737236][ T3526] team0 (unregistering): Port device team_slave_1 removed
[  257.768380][T10333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1054'.
[  257.801185][ T3526] team0 (unregistering): Port device team_slave_0 removed
[  258.242960][T10328] lo speed is unknown, defaulting to 1000
[  258.268237][T10328] lo speed is unknown, defaulting to 1000
[  258.539038][T10328] chnl_net:caif_netlink_parms(): no params data found
[  258.685831][T10328] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.697026][T10328] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.705259][T10328] bridge_slave_0: entered allmulticast mode
[  258.712512][T10328] bridge_slave_0: entered promiscuous mode
[  258.729296][T10328] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.736797][T10328] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.744855][T10328] bridge_slave_1: entered allmulticast mode
[  258.752180][T10328] bridge_slave_1: entered promiscuous mode
[  258.792455][T10328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.809743][T10328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.854232][T10328] team0: Port device team_slave_0 added
[  258.863530][T10328] team0: Port device team_slave_1 added
[  258.892614][T10328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.900097][T10328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.931594][T10328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.944958][T10328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.951956][T10328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.978583][T10328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.032419][T10328] hsr_slave_0: entered promiscuous mode
[  259.039684][T10328] hsr_slave_1: entered promiscuous mode
[  259.046206][T10328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.054023][T10328] Cannot create hsr debugfs directory
[  259.715428][ T5842] Bluetooth: hci2: command tx timeout
[  260.158936][T10361] syzkaller0: entered promiscuous mode
[  260.164737][T10361] syzkaller0: entered allmulticast mode
[  261.785169][ T5842] Bluetooth: hci2: command tx timeout
[  263.864041][ T5842] Bluetooth: hci2: command tx timeout
[  265.953947][ T5842] Bluetooth: hci2: command tx timeout
[  271.005440][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  271.014797][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  271.022711][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  271.032797][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  271.041130][ T5844] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  271.049262][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  271.080879][T10364] lo speed is unknown, defaulting to 1000
[  271.087499][T10364] lo speed is unknown, defaulting to 1000
[  271.247293][T10364] chnl_net:caif_netlink_parms(): no params data found
[  271.301998][T10364] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.309676][T10364] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.323012][T10364] bridge_slave_0: entered allmulticast mode
[  271.330781][T10364] bridge_slave_0: entered promiscuous mode
[  271.345310][T10364] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.352500][T10364] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.360123][T10364] bridge_slave_1: entered allmulticast mode
[  271.367603][T10364] bridge_slave_1: entered promiscuous mode
[  271.397640][T10364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.409768][T10364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.448396][T10364] team0: Port device team_slave_0 added
[  271.458109][T10364] team0: Port device team_slave_1 added
[  271.488836][T10364] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.495989][T10364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.522299][T10364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.535687][T10364] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.542674][T10364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.569055][T10364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.615754][T10364] hsr_slave_0: entered promiscuous mode
[  271.622317][T10364] hsr_slave_1: entered promiscuous mode
[  271.631439][T10364] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.643516][T10364] Cannot create hsr debugfs directory
[  272.518700][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  272.527999][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  272.538668][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  272.547140][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  272.556058][ T5842] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  272.563540][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  272.599941][T10373] lo speed is unknown, defaulting to 1000
[  272.607953][T10373] lo speed is unknown, defaulting to 1000
[  272.779485][T10373] chnl_net:caif_netlink_parms(): no params data found
[  272.858527][T10373] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.866541][T10373] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.874244][T10373] bridge_slave_0: entered allmulticast mode
[  272.881305][T10373] bridge_slave_0: entered promiscuous mode
[  272.889784][T10373] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.897387][T10373] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.904969][T10373] bridge_slave_1: entered allmulticast mode
[  272.912077][T10373] bridge_slave_1: entered promiscuous mode
[  272.938323][T10373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.950567][T10373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.980855][T10373] team0: Port device team_slave_0 added
[  272.991627][T10373] team0: Port device team_slave_1 added
[  273.018535][T10373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.026300][T10373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.052743][T10373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.065430][T10373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.072408][T10373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.098584][T10373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.137674][T10373] hsr_slave_0: entered promiscuous mode
[  273.143962][ T5844] Bluetooth: hci5: command tx timeout
[  273.147251][T10373] hsr_slave_1: entered promiscuous mode
[  273.159259][T10373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  273.167114][T10373] Cannot create hsr debugfs directory
[  274.016350][ T5842] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  274.026224][ T5842] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  274.035291][ T5842] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  274.043477][ T5842] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  274.051688][ T5842] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  274.060489][ T5842] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  274.098535][T10382] lo speed is unknown, defaulting to 1000
[  274.105584][T10382] lo speed is unknown, defaulting to 1000
[  274.291841][T10382] chnl_net:caif_netlink_parms(): no params data found
[  274.349242][T10382] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.356791][T10382] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.364605][T10382] bridge_slave_0: entered allmulticast mode
[  274.371410][T10382] bridge_slave_0: entered promiscuous mode
[  274.379847][T10382] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.387247][T10382] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.394588][T10382] bridge_slave_1: entered allmulticast mode
[  274.401596][T10382] bridge_slave_1: entered promiscuous mode
[  274.432378][T10382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.445533][T10382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.478574][T10382] team0: Port device team_slave_0 added
[  274.489692][T10382] team0: Port device team_slave_1 added
[  274.514123][T10382] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.521160][T10382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.547159][T10382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.559909][T10382] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.566940][T10382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.592954][T10382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.593042][ T5844] Bluetooth: hci6: command tx timeout
[  274.636873][T10382] hsr_slave_0: entered promiscuous mode
[  274.643191][T10382] hsr_slave_1: entered promiscuous mode
[  274.649845][T10382] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  274.657531][T10382] Cannot create hsr debugfs directory
[  275.224101][ T5844] Bluetooth: hci5: command tx timeout
[  276.026799][ T5842] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  276.038261][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  276.046637][ T5842] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  276.055646][ T5842] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  276.063458][ T5842] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  276.071155][ T5842] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  276.106051][ T5842] Bluetooth: hci7: command tx timeout
[  276.113458][T10391] lo speed is unknown, defaulting to 1000
[  276.120336][T10391] lo speed is unknown, defaulting to 1000
[  276.302254][T10391] chnl_net:caif_netlink_parms(): no params data found
[  276.362050][T10391] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.369427][T10391] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.377361][T10391] bridge_slave_0: entered allmulticast mode
[  276.384828][T10391] bridge_slave_0: entered promiscuous mode
[  276.394149][T10391] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.401298][T10391] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.409136][T10391] bridge_slave_1: entered allmulticast mode
[  276.417144][T10391] bridge_slave_1: entered promiscuous mode
[  276.445399][T10391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.457855][T10391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.488999][T10391] team0: Port device team_slave_0 added
[  276.497626][T10391] team0: Port device team_slave_1 added
[  276.529890][T10391] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.537142][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.563416][T10391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.577050][T10391] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.584381][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.610387][T10391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  276.648636][T10391] hsr_slave_0: entered promiscuous mode
[  276.655389][T10391] hsr_slave_1: entered promiscuous mode
[  276.661583][T10391] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  276.664114][ T5842] Bluetooth: hci6: command tx timeout
[  276.670248][T10391] Cannot create hsr debugfs directory
[  277.304022][ T5842] Bluetooth: hci5: command tx timeout
[  278.114044][ T5842] Bluetooth: hci8: command tx timeout
[  278.184127][ T5842] Bluetooth: hci7: command tx timeout
[  278.744039][ T5842] Bluetooth: hci6: command tx timeout
[  279.383991][ T5842] Bluetooth: hci5: command tx timeout
[  280.184077][ T5842] Bluetooth: hci8: command tx timeout
[  280.263939][ T5842] Bluetooth: hci7: command tx timeout
[  280.823893][ T5842] Bluetooth: hci6: command tx timeout
[  282.264102][ T5842] Bluetooth: hci8: command tx timeout
[  282.344008][ T5842] Bluetooth: hci7: command tx timeout
[  284.353927][ T5842] Bluetooth: hci8: command tx timeout
[  288.813925][ T5207] udevd[5207]: worker [8168] /devices/virtual/block/nbd0 is taking a long time
[  317.385881][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  317.392308][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  318.980798][ T5844] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  318.990398][ T5844] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  319.000551][ T5844] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  319.009854][ T5844] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  319.018858][ T5844] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  319.026423][ T5844] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  319.068945][T10400] lo speed is unknown, defaulting to 1000
[  319.075645][T10400] lo speed is unknown, defaulting to 1000
[  319.263130][T10400] chnl_net:caif_netlink_parms(): no params data found
[  319.322304][T10400] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.330314][T10400] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.337676][T10400] bridge_slave_0: entered allmulticast mode
[  319.345315][T10400] bridge_slave_0: entered promiscuous mode
[  319.353575][T10400] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.361321][T10400] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.368957][T10400] bridge_slave_1: entered allmulticast mode
[  319.376309][T10400] bridge_slave_1: entered promiscuous mode
[  319.407203][T10400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.419660][T10400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.451478][T10400] team0: Port device team_slave_0 added
[  319.459307][T10400] team0: Port device team_slave_1 added
[  319.485375][T10400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.492382][T10400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.518816][T10400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.531686][T10400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.539163][T10400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.565326][T10400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.607852][T10400] hsr_slave_0: entered promiscuous mode
[  319.614357][T10400] hsr_slave_1: entered promiscuous mode
[  319.620649][T10400] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  319.628720][T10400] Cannot create hsr debugfs directory
[  321.063922][ T5842] Bluetooth: hci9: command tx timeout
[  323.144122][ T5842] Bluetooth: hci9: command tx timeout
[  325.223981][ T5842] Bluetooth: hci9: command tx timeout
[  327.303940][ T5842] Bluetooth: hci9: command tx timeout
[  331.596310][ T5844] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  331.605839][ T5844] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  331.614625][ T5844] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  331.625422][ T5844] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  331.634914][ T5844] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  331.642526][ T5844] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  331.678512][T10409] lo speed is unknown, defaulting to 1000
[  331.685676][T10409] lo speed is unknown, defaulting to 1000
[  331.882019][T10409] chnl_net:caif_netlink_parms(): no params data found
[  331.953630][T10409] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.960941][T10409] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.968589][T10409] bridge_slave_0: entered allmulticast mode
[  331.976360][T10409] bridge_slave_0: entered promiscuous mode
[  331.985640][T10409] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.993556][T10409] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.001316][T10409] bridge_slave_1: entered allmulticast mode
[  332.009109][T10409] bridge_slave_1: entered promiscuous mode
[  332.036569][T10409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  332.048814][T10409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  332.084295][T10409] team0: Port device team_slave_0 added
[  332.091974][T10409] team0: Port device team_slave_1 added
[  332.117660][T10409] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.125126][T10409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.151549][T10409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.164973][T10409] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.171946][T10409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.198410][T10409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.239699][T10409] hsr_slave_0: entered promiscuous mode
[  332.246187][T10409] hsr_slave_1: entered promiscuous mode
[  332.252206][T10409] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  332.260076][T10409] Cannot create hsr debugfs directory
[  332.665877][ T5844] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  332.676314][ T5844] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  332.688043][ T5844] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  332.696804][ T5844] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  332.705041][ T5844] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  332.714744][ T5844] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  332.760591][T10418] lo speed is unknown, defaulting to 1000
[  332.767798][T10418] lo speed is unknown, defaulting to 1000
[  333.039693][T10418] chnl_net:caif_netlink_parms(): no params data found
[  333.235762][T10418] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.243013][T10418] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.254612][T10418] bridge_slave_0: entered allmulticast mode
[  333.262044][T10418] bridge_slave_0: entered promiscuous mode
[  333.270899][T10418] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.291302][T10418] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.303458][T10418] bridge_slave_1: entered allmulticast mode
[  333.324168][T10418] bridge_slave_1: entered promiscuous mode
[  333.382720][T10418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.406626][T10418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.440010][T10418] team0: Port device team_slave_0 added
[  333.451032][T10418] team0: Port device team_slave_1 added
[  333.476583][T10418] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.483611][T10418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.509699][T10418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.522797][T10418] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.529865][T10418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.556204][T10418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.598242][T10418] hsr_slave_0: entered promiscuous mode
[  333.604833][T10418] hsr_slave_1: entered promiscuous mode
[  333.610957][T10418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.618657][T10418] Cannot create hsr debugfs directory
[  333.704064][ T5842] Bluetooth: hci10: command tx timeout
[  334.172606][ T5844] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  334.182104][ T5844] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  334.192955][ T5844] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  334.201290][ T5844] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  334.210204][ T5844] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  334.221409][ T5844] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  334.274333][T10427] lo speed is unknown, defaulting to 1000
[  334.281270][T10427] lo speed is unknown, defaulting to 1000
[  334.480056][T10427] chnl_net:caif_netlink_parms(): no params data found
[  334.566366][T10427] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.573553][T10427] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.581221][T10427] bridge_slave_0: entered allmulticast mode
[  334.588775][T10427] bridge_slave_0: entered promiscuous mode
[  334.597208][T10427] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.604452][T10427] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.611661][T10427] bridge_slave_1: entered allmulticast mode
[  334.619149][T10427] bridge_slave_1: entered promiscuous mode
[  334.648134][T10427] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.659852][T10427] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.695270][T10427] team0: Port device team_slave_0 added
[  334.705035][T10427] team0: Port device team_slave_1 added
[  334.735439][T10427] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.742463][T10427] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.768953][T10427] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.774220][ T5842] Bluetooth: hci11: command tx timeout
[  334.782039][T10427] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.792449][T10427] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.818911][T10427] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.868829][T10427] hsr_slave_0: entered promiscuous mode
[  334.875434][T10427] hsr_slave_1: entered promiscuous mode
[  334.881497][T10427] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  334.889219][T10427] Cannot create hsr debugfs directory
[  335.783939][ T5842] Bluetooth: hci10: command tx timeout
[  336.130782][ T5844] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  336.142057][ T5844] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  336.151494][ T5844] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  336.159858][ T5844] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  336.168601][ T5844] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  336.176112][ T5844] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  336.216745][T10436] lo speed is unknown, defaulting to 1000
[  336.223490][T10436] lo speed is unknown, defaulting to 1000
[  336.264067][ T5844] Bluetooth: hci12: command tx timeout
[  336.433584][T10436] chnl_net:caif_netlink_parms(): no params data found
[  336.508283][T10436] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.515669][T10436] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.522925][T10436] bridge_slave_0: entered allmulticast mode
[  336.530899][T10436] bridge_slave_0: entered promiscuous mode
[  336.539699][T10436] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.547693][T10436] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.555383][T10436] bridge_slave_1: entered allmulticast mode
[  336.562527][T10436] bridge_slave_1: entered promiscuous mode
[  336.598944][T10436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.611345][T10436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.650398][T10436] team0: Port device team_slave_0 added
[  336.659964][T10436] team0: Port device team_slave_1 added
[  336.692533][T10436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.699746][T10436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.726747][T10436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.740173][T10436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.747807][T10436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.773847][T10436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.815120][T10436] hsr_slave_0: entered promiscuous mode
[  336.821804][T10436] hsr_slave_1: entered promiscuous mode
[  336.828570][T10436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.834061][ T5844] Bluetooth: hci11: command tx timeout
[  336.836827][T10436] Cannot create hsr debugfs directory
[  337.863941][ T5844] Bluetooth: hci10: command tx timeout
[  338.274015][ T5844] Bluetooth: hci13: command tx timeout
[  338.343937][ T5844] Bluetooth: hci12: command tx timeout
[  338.914163][ T5844] Bluetooth: hci11: command tx timeout
[  339.943956][ T5844] Bluetooth: hci10: command tx timeout
[  340.343909][ T5844] Bluetooth: hci13: command tx timeout
[  340.423900][ T5844] Bluetooth: hci12: command tx timeout
[  340.993887][ T5844] Bluetooth: hci11: command tx timeout
[  342.423945][ T5844] Bluetooth: hci13: command tx timeout
[  342.503905][ T5844] Bluetooth: hci12: command tx timeout
[  344.504118][ T5844] Bluetooth: hci13: command tx timeout
[  374.984409][   T31] INFO: task kworker/1:0H:26 blocked for more than 143 seconds.
[  374.992124][   T31]       Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  375.000605][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  375.009697][   T31] task:kworker/1:0H    state:D stack:25112 pid:26    tgid:26    ppid:2      flags:0x00004000
[  375.020263][   T31] Workqueue: kblockd blk_mq_requeue_work
[  375.026236][   T31] Call Trace:
[  375.029550][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  375.032513][   T31]  __schedule+0x1850/0x4c30
[  375.038185][   T31]  ? __pfx___schedule+0x10/0x10
[  375.043116][   T31]  ? __pfx_lock_release+0x10/0x10
[  375.048909][   T31]  ? kthread_data+0x52/0xd0
[  375.053512][   T31]  ? wq_worker_sleeping+0x66/0x240
[  375.059138][   T31]  ? schedule+0x90/0x320
[  375.063443][   T31]  schedule+0x14b/0x320
[  375.068188][   T31]  schedule_timeout+0x15a/0x290
[  375.093756][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  375.099247][   T31]  ? __pfx_process_timeout+0x10/0x10
[  375.119972][   T31]  ? prepare_to_wait_event+0x3bd/0x400
[  375.135180][   T31]  nbd_queue_rq+0x7d9/0x2ef0
[  375.139875][   T31]  ? mark_lock+0x9a/0x360
[  375.148089][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  375.153184][   T31]  ? __lock_acquire+0x1397/0x2100
[  375.158760][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  375.165283][   T31]  blk_mq_dispatch_rq_list+0xad3/0x19d0
[  375.170876][   T31]  ? sbitmap_get+0x289/0x3f0
[  375.176018][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  375.182036][   T31]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  375.188403][   T31]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  375.195165][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  375.201965][   T31]  ? __pfx_lock_acquire+0x10/0x10
[  375.207492][   T31]  ? __pfx___might_resched+0x10/0x10
[  375.212840][   T31]  ? xa_find+0x17f/0x420
[  375.217239][   T31]  ? sbitmap_any_bit_set+0x155/0x190
[  375.222563][   T31]  ? blk_mq_hw_queue_need_run+0x14d/0x6d0
[  375.228795][   T31]  blk_mq_sched_dispatch_requests+0xd6/0x190
[  375.234921][   T31]  ? blk_mq_run_hw_queue+0x32b/0x500
[  375.240261][   T31]  blk_mq_run_hw_queue+0x354/0x500
[  375.245534][   T31]  blk_mq_run_hw_queues+0x364/0x450
[  375.250775][   T31]  ? __pfx_blk_mq_run_hw_queues+0x10/0x10
[  375.256683][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  375.261963][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  375.267311][   T31]  blk_mq_requeue_work+0x7f1/0x840
[  375.272491][   T31]  ? __pfx_blk_mq_requeue_work+0x10/0x10
[  375.278288][   T31]  ? process_scheduled_works+0x976/0x1840
[  375.284196][   T31]  process_scheduled_works+0xa66/0x1840
[  375.289817][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  375.295909][   T31]  ? assign_work+0x364/0x3d0
[  375.300538][   T31]  worker_thread+0x870/0xd30
[  375.305364][   T31]  ? __kthread_parkme+0x169/0x1d0
[  375.310424][   T31]  ? __pfx_worker_thread+0x10/0x10
[  375.315685][   T31]  kthread+0x2f0/0x390
[  375.319801][   T31]  ? __pfx_worker_thread+0x10/0x10
[  375.325123][   T31]  ? __pfx_kthread+0x10/0x10
[  375.329751][   T31]  ret_from_fork+0x4b/0x80
[  375.334592][   T31]  ? __pfx_kthread+0x10/0x10
[  375.339226][   T31]  ret_from_fork_asm+0x1a/0x30
[  375.344161][   T31]  </TASK>
[  375.347405][   T31] 
[  375.347405][   T31] Showing all locks held in the system:
[  375.355268][   T31] 4 locks held by kworker/1:0H/26:
[  375.360400][   T31]  #0: ffff888141a8b148 ((wq_completion)kblockd){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  375.371847][   T31]  #1: ffffc90000a0fd00 ((work_completion)(&(&q->requeue_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  375.394315][   T31]  #2: ffff88801fb3eb10 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x32b/0x500
[  375.404587][   T31]  #3: ffff8880256f51f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xfe/0x2ef0
[  375.413866][   T31] 1 lock held by khungtaskd/31:
[  375.418922][   T31]  #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  375.429204][   T31] 2 locks held by kworker/u8:4/62:
[  375.434603][   T31] 2 locks held by dhcpcd/5500:
[  375.439399][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.447737][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.457157][   T31] 2 locks held by getty/5584:
[  375.461867][   T31]  #0: ffff88814d7d60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  375.471825][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  375.482329][   T31] 1 lock held by udevd/8168:
[  375.487033][   T31]  #0: ffff88814279b4c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xf0/0xc50
[  375.496554][   T31] 5 locks held by syz.1.1047/10309:
[  375.501873][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.510236][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.519370][   T31]  #2: ffff888143b58998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_reconfigure+0x42d/0x1c40
[  375.529860][   T31]  #3: ffff88814278a7c8 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: nbd_set_size+0xe0/0x8f0
[  375.540341][   T31]  #4: ffff88814278a800 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: nbd_set_size+0xe0/0x8f0
[  375.551163][   T31] 2 locks held by syz.2.1049/10314:
[  375.556510][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.565100][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.574453][   T31] 2 locks held by syz-executor/10328:
[  375.579892][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.588488][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.597933][   T31] 2 locks held by syz.3.1057/10341:
[  375.603152][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.611696][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.621081][   T31] 2 locks held by syz.0.1062/10362:
[  375.626646][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.635187][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.644488][   T31] 2 locks held by syz-executor/10364:
[  375.649896][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.658549][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.667905][   T31] 2 locks held by syz-executor/10373:
[  375.673297][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.681890][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.691226][   T31] 2 locks held by syz-executor/10382:
[  375.696877][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.705373][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.714737][   T31] 2 locks held by syz-executor/10391:
[  375.720141][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.728731][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.738209][   T31] 2 locks held by syz-executor/10400:
[  375.743605][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.751898][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.761060][   T31] 2 locks held by syz-executor/10409:
[  375.766512][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.774942][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.784028][   T31] 2 locks held by syz-executor/10418:
[  375.789424][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.797820][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.806940][   T31] 2 locks held by syz-executor/10427:
[  375.812327][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.820699][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.829790][   T31] 2 locks held by syz-executor/10436:
[  375.835556][   T31]  #0: ffffffff8fd171b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  375.844030][   T31]  #1: ffffffff8fd17068 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x121/0xec0
[  375.853173][   T31] 
[  375.855840][   T31] =============================================
[  375.855840][   T31] 
[  375.864410][   T31] NMI backtrace for cpu 0
[  375.868774][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  375.879309][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.889422][   T31] Call Trace:
[  375.892727][   T31]  <TASK>
[  375.895694][   T31]  dump_stack_lvl+0x241/0x360
[  375.900406][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.905625][   T31]  ? __pfx__printk+0x10/0x10
[  375.910265][   T31]  nmi_cpu_backtrace+0x49c/0x4d0
[  375.915249][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  375.920757][   T31]  ? _printk+0xd5/0x120
[  375.924932][   T31]  ? __wake_up_klogd+0xcc/0x110
[  375.929815][   T31]  ? __pfx__printk+0x10/0x10
[  375.934449][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  375.940451][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  375.946536][   T31]  watchdog+0xff6/0x1040
[  375.950796][   T31]  ? watchdog+0x1ea/0x1040
[  375.955229][   T31]  ? __pfx_watchdog+0x10/0x10
[  375.959936][   T31]  kthread+0x2f0/0x390
[  375.964021][   T31]  ? __pfx_watchdog+0x10/0x10
[  375.968726][   T31]  ? __pfx_kthread+0x10/0x10
[  375.973349][   T31]  ret_from_fork+0x4b/0x80
[  375.977774][   T31]  ? __pfx_kthread+0x10/0x10
[  375.982380][   T31]  ret_from_fork_asm+0x1a/0x30
[  375.987170][   T31]  </TASK>
[  375.990479][   T31] Sending NMI from CPU 0 to CPUs 1:
[  375.995795][    C1] NMI backtrace for cpu 1
[  375.995815][    C1] CPU: 1 UID: 0 PID: 62 Comm: kworker/u8:4 Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  375.995836][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.995848][    C1] Workqueue: bat_events batadv_nc_worker
[  375.995883][    C1] RIP: 0010:__lock_acquire+0x8aa/0x2100
[  375.995914][    C1] Code: 8b 5d 00 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 80 08 2c 94 be 08 00 00 00 e8 ee 1c 8b 00 48 0f a3 1d b6 3a b1 12 <73> 1a 48 69 c3 c8 00 00 00 48 8d 98 40 87 c3 93 48 ba 00 00 00 00
[  375.995931][    C1] RSP: 0018:ffffc9000213f8f0 EFLAGS: 00000057
[  375.995946][    C1] RAX: 0000000000000001 RBX: 0000000000000752 RCX: ffffffff817acdc2
[  375.995960][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff942c0968
[  375.995972][    C1] RBP: 00000000ffffffff R08: ffffffff942c096f R09: 1ffffffff285812d
[  375.995986][    C1] R10: dffffc0000000000 R11: fffffbfff285812e R12: 0000000000000000
[  375.995999][    C1] R13: ffff88801cb88b00 R14: 0000000000000000 R15: ffff88801cb88b00
[  375.996013][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  375.996028][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.996041][    C1] CR2: 00007f4e32aae551 CR3: 000000000e736000 CR4: 00000000003526f0
[  375.996058][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.996069][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.996081][    C1] Call Trace:
[  375.996087][    C1]  <NMI>
[  375.996094][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  375.996113][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  375.996135][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  375.996162][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  375.996179][    C1]  ? nmi_handle+0x14f/0x5a0
[  375.996202][    C1]  ? nmi_handle+0x2a/0x5a0
[  375.996224][    C1]  ? __lock_acquire+0x8aa/0x2100
[  375.996245][    C1]  ? default_do_nmi+0x63/0x160
[  375.996273][    C1]  ? exc_nmi+0x123/0x1f0
[  375.996300][    C1]  ? end_repeat_nmi+0xf/0x53
[  375.996328][    C1]  ? __lock_acquire+0x8a2/0x2100
[  375.996349][    C1]  ? __lock_acquire+0x8aa/0x2100
[  375.996370][    C1]  ? __lock_acquire+0x8aa/0x2100
[  375.996392][    C1]  ? __lock_acquire+0x8aa/0x2100
[  375.996412][    C1]  </NMI>
[  375.996418][    C1]  <TASK>
[  375.996432][    C1]  lock_acquire+0x1ed/0x550
[  375.996452][    C1]  ? batadv_nc_worker+0xcb/0x610
[  375.996481][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  375.996503][    C1]  ? batadv_nc_worker+0xcb/0x610
[  375.996530][    C1]  ? __pfx_lock_release+0x10/0x10
[  375.996552][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  375.996576][    C1]  batadv_nc_worker+0xec/0x610
[  375.996602][    C1]  ? batadv_nc_worker+0xcb/0x610
[  375.996627][    C1]  ? batadv_nc_worker+0xcb/0x610
[  375.996653][    C1]  ? process_scheduled_works+0x976/0x1840
[  375.996672][    C1]  process_scheduled_works+0xa66/0x1840
[  375.996703][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  375.996725][    C1]  ? assign_work+0x364/0x3d0
[  375.996743][    C1]  worker_thread+0x870/0xd30
[  375.996766][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  375.996787][    C1]  ? __kthread_parkme+0x169/0x1d0
[  375.996808][    C1]  ? __pfx_worker_thread+0x10/0x10
[  375.996826][    C1]  kthread+0x2f0/0x390
[  375.996847][    C1]  ? __pfx_worker_thread+0x10/0x10
[  375.996866][    C1]  ? __pfx_kthread+0x10/0x10
[  375.996894][    C1]  ret_from_fork+0x4b/0x80
[  375.996913][    C1]  ? __pfx_kthread+0x10/0x10
[  375.996934][    C1]  ret_from_fork_asm+0x1a/0x30
[  375.996957][    C1]  </TASK>
[  375.998628][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  376.344989][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.13.0-rc6-syzkaller-00918-g7b24f164cf00 #0
[  376.355499][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  376.365601][   T31] Call Trace:
[  376.368886][   T31]  <TASK>
[  376.371824][   T31]  dump_stack_lvl+0x241/0x360
[  376.376522][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.381740][   T31]  ? __pfx__printk+0x10/0x10
[  376.386353][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  376.392385][   T31]  ? vscnprintf+0x5d/0x90
[  376.396738][   T31]  panic+0x349/0x880
[  376.400648][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  376.406810][   T31]  ? __pfx_panic+0x10/0x10
[  376.411261][   T31]  ? tick_nohz_tick_stopped+0x82/0xb0
[  376.416651][   T31]  ? __irq_work_queue_local+0x137/0x410
[  376.422211][   T31]  ? preempt_schedule_thunk+0x1a/0x30
[  376.427604][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  376.433770][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  376.439939][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  376.446106][   T31]  watchdog+0x1035/0x1040
[  376.450451][   T31]  ? watchdog+0x1ea/0x1040
[  376.454883][   T31]  ? __pfx_watchdog+0x10/0x10
[  376.459601][   T31]  kthread+0x2f0/0x390
[  376.463686][   T31]  ? __pfx_watchdog+0x10/0x10
[  376.468379][   T31]  ? __pfx_kthread+0x10/0x10
[  376.472980][   T31]  ret_from_fork+0x4b/0x80
[  376.477404][   T31]  ? __pfx_kthread+0x10/0x10
[  376.482009][   T31]  ret_from_fork_asm+0x1a/0x30
[  376.486791][   T31]  </TASK>
[  376.490217][   T31] Kernel Offset: disabled
[  376.494549][   T31] Rebooting in 86400 seconds..