last executing test programs:

1.852085948s ago: executing program 3 (id=1392):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01030000000000000d0001"], 0x34}}, 0x0)

1.753226201s ago: executing program 3 (id=1395):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x7, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x102}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.747634737s ago: executing program 0 (id=1396):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f000000e0c0), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0)
r1 = socket(0x28, 0x1, 0x0)
getsockopt$nfc_llcp(r1, 0x28, 0x0, 0xfffffffffffffffe, 0x20000000)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x4, 0x8}, 0x48)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)={0x14, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x7}]}, 0x14}], 0x1}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x19, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x6}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x7a}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pipe(&(0x7f0000000100))
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYRESOCT=r4, @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}}, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000400)={'broute\x00', 0x0, 0x0, 0x0, [0x5, 0x6, 0x1, 0x1000, 0x5, 0x3cf2]}, &(0x7f0000000240)=0x78)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x60, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x1}, @IFLA_BR_MCAST_QUERY_USE_IFADDR={0x5}, @IFLA_BR_MCAST_QUERIER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5, 0x17, 0x1}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}]}}}]}, 0x60}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xa, &(0x7f0000000380)=@framed={{0xffffffb4, 0x6, 0x0, 0x0, 0x0, 0x71, 0x11, 0x24}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @ldst={0x1, 0x2, 0x0, 0x2, 0xc, 0x100, 0x8000000000000021}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc1, &(0x7f000000cf3d)=""/193, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r9 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r9, 0x107, 0x0, 0x0, &(0x7f0000000180)=0x500)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000091c3000071101f000000000027000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

1.607992371s ago: executing program 3 (id=1398):
r0 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x6c6d}], 0x5, 0x0, 0x0, 0x34000}}, {{0x0, 0xe803, &(0x7f0000000440), 0x56}}], 0x2, 0x2004000)

1.500016975s ago: executing program 0 (id=1400):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, @address_request={0x11, 0x2}}}}}, 0x0) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, @address_request={0x11, 0x2}}}}}, 0x0)
socket$nl_generic(0x11, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ed80e931000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000054000000060a010400000000000000000100000008000b40000000002c00048028000180080001006e6174001c000280080001400000000c080002400000000008000540000000140900010073797a30"], 0xc8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000100850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4) (async)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800001, 0x10012, r3, 0x0)
getsockopt$bt_hci(r2, 0x11a, 0x3, 0x0, &(0x7f00000004c0)=0x4)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

1.472787633s ago: executing program 3 (id=1402):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

1.308468879s ago: executing program 0 (id=1404):
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x10, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x7, 0x7fff, 0xffff, 0x822, 0xffffffffffffffff, 0x10000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x5}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'geneve0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b031000f4ff020002004788aa96a13bb1000000000086ddffff", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x6, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000df730000000000007b8af8ff00000000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000000000000000000000000000370e6cc3b9aabd75885241f382cd61644d0117b687111d2cccfc8dd2ecd055a80bee32ccb070391673bea6ae68a5e2ae9e9242982827c398db2fba398f558361efb1fd67d5d585a0fce961111b2c6cbe4bed7b25b842aed6ee73b2946e6500"/181], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000200), &(0x7f0000000280)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
unshare(0x22020600)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r6, &(0x7f0000000040), 0xc)
socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000001080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r8 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r7, 0x84, 0x7a, &(0x7f0000000080)={r9, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc)

1.30526937s ago: executing program 3 (id=1407):
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f00000001c0)=[@tclass={{0x14, 0x29, 0x43, 0x7fffffff}}], 0x18}}], 0x1, 0x0)
unshare(0x62040200)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc002000000000007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000630000000000000000ddffffff00000000726564697265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000002000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000003000000000000008b357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000005000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001b60000010000380100006367726f75700000000000000000000000000000000000000000000000000000080000000000000000000000000000006172700000000000000000000000000000000000000000000000000000000000380000000000000000000000000000000000000000000b00007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff000000"]}, 0x3a8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="2a003300d0d4fe00ffffffffffff080211000000505050505050"], 0x48}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000011006b906fdfe1ef704ad931c605876c1d0000007ea60864160af365040012000a002e00000000009ee517d34460bc24eab556a705251e6182949a3651f60a", 0x43}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4 '], 0x34}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x30)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$cgroup_pid(r5, &(0x7f0000000400), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x6, &(0x7f0000000340)={<r7=>0x0, @in={{0x2, 0x4e22, @private=0xa010100}}}, &(0x7f0000000240)=0x84)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000002c0)={r7, 0x6}, 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="74000000100003063cb7a60000000064f0000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004800128044000100697036677265746170"], 0x74}}, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000f40)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYBLOB="01000000000000000000180000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000038fa0b000000000006001600000000000500120000000000060011000000000008000b0000000000"], 0x64}}, 0x0)
r11 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r11, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

1.188215119s ago: executing program 2 (id=1410):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000100a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0)

1.084696531s ago: executing program 2 (id=1413):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) (async)
socket$igmp(0x2, 0x3, 0x2) (async)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300) (async)
socket$packet(0x11, 0x2, 0x300) (async)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x80}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000cc0)={r1, 0xe0, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x2c, 0x28, 0x107, 0x0, 0x0, {0x1}, [@nested={0x10, 0x1, 0x0, 0x1, [@typed={0x9, 0x0, 0x0, 0x0, @str='!])&\x00'}]}, @typed={0x8, 0x2, 0x0, 0x0, @uid}]}, 0x2c}}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$kcm(0xa, 0x6, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10d, 0xb, &(0x7f0000000000)=r4, 0x4) (async)
getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x88}, [@ldst={0x6}]}, &(0x7f0000000080)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

1.003977444s ago: executing program 4 (id=1415):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x3c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_REPLY={0x4}]}, 0x3c}, 0xff0c}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
unshare(0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3fe, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

982.985627ms ago: executing program 2 (id=1416):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xffe6)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e20, 0xfffffffb, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff7}, 0x1c)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000870000008500000050000000950000000000000071e02f38dd1baec962b242d10de7d7e6483398cf5af433e470f48719d758520f08557f6d618b8e60a27667c075f281cb5728037e3ce2d7d6c2db8391005c0cba81c89a1c8efa999107bbb34bf9778e02fc37f32c7e28fc04233895a2353b17c47fbde177c79e06eedd7a467ff0820131320333c8d532126bb83ffe547377c5018e4abded3051eaa777b2f5c0a1b8ec073665ceb1e2cd66d8ba4f07f382f792de66012955ac82067e853e138c2f7affeaf75294360f3c4947bc"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000940)=@base={0x10, 0x3, 0x1, 0x0, 0x40, 0xffffffffffffffff, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811000041fe0a745c44929d61dd83bc58a4bab291b2f0c8565d918d9291c987e3d4ddb2e65656a2a402fcd0eccf0ddbe5418ebd53a9c051319d30e7600d43ecfcef2757eaf84089df18bf254a46bb4ef18a7a6cd9b1bd9f4c02b2d001568c355444779e2edd20610c86d5da250ce842048b902fcead2c5773edc4ad1cd81e1a7884bfbbea5e23057b8217868c61c95904b59961f4c31679be97387d2e9d317fa097d28c8603664129a4451368a1427e52dda4c5a28dd6c7948627325637c8", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000200), &(0x7f0000000280)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r7, &(0x7f00000004c0)={&(0x7f0000000540)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
socket$packet(0x11, 0x2, 0x300)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0000000000000000010001000900010073797a30000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a300001000028009e00060a010400000000000000000100000008000b40000000000900010073797a300000000014000000020a0b01000000000000000000000000140000001100010000000000000000000000000ab428205c8197a0a4123bbe538e1bca74bb68df97e4ddcf07399219e5660587874c7a3d05316f407e64e8662fef63d92c716bd3cad5a54a6851e3c22c4815228c111c656afa62484e3d8f26379a6455c19e3e3b65b217e13c0899c13502eb9092e41342dfa60ab45395b2cc"], 0xb0}}, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00d770c49b26daecc3eb8054238907d0d5d960b14a4f4c4bdf7334ce4dce51b4a2cec95975effa29384ecbe1bc769726778265f6cc23098115098912e1e8b8e3577c00"/77, @ANYRES16=r9, @ANYBLOB="010000000000000000000f00000008002c000000000008000300", @ANYRES32=r10, @ANYBLOB="05002d0000000000"], 0x2c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x7, 0x0, &(0x7f0000000900)="e02742e8680d85", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

951.393286ms ago: executing program 4 (id=1417):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

814.054959ms ago: executing program 4 (id=1419):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000006c0)=@gettaction={0x14}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_newneigh={0x2c, 0x1c, 0xd105d1610db53515, 0x0, 0x0, {0x2, 0x0, 0x0, r2}, [@NDA_DST_IPV4={0x8}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x2c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newlink={0x20, 0x11, 0x40d, 0x0, 0x0, {0x10, 0x0, 0x0, r5}}, 0x20}, 0x1, 0x600}, 0x0)

757.482063ms ago: executing program 2 (id=1420):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000020600000000000000000000000000000500040000000000050001000700000011000300686173683a69702cf06f7274000000000c000780080012"], 0x44}}, 0x0)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000600)=@security={'security\x00', 0xe, 0x4, 0x2b8, 0xffffffff, 0x1b8, 0x1b8, 0x1b8, 0xffffffff, 0xffffffff, 0x290, 0x290, 0x290, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x2, {'syz0\x00'}}}, {{@ip={@dev, @private, 0x0, 0x0, 'veth1_to_bond\x00', 'wlan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@ip={@multicast1, @loopback, 0x0, 0x0, 'geneve1\x00', 'wg2\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="090000001000000000f2ff3f0000000000000000", @ANYRESHEX=r0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000f"], 0x44}}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
bind$isdn_base(r0, &(0x7f0000000040)={0x22, 0x9, 0x5, 0x45, 0x9a}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r2, 0x0, r5, 0x0, 0x4ffe2, 0x0)

704.145189ms ago: executing program 1 (id=1421):
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000100bbfe8000000000000000000000000000aa"], 0x0)

678.951346ms ago: executing program 4 (id=1422):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)={0x5, 0x802, 0x0, {0x0, 0x2710}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000480)={0x0, 0x49, &(0x7f0000000440)={&(0x7f0000000380)={0x5, 0xd10, 0x0, {0x77359400}, {0x77359400}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "645b6048a2e4931133f6d9919fd48557d76811cd874f3c107bbfc1c8831026d40798a2be4cc414e02216198977dc3d41ed0880c64c39e5f4059bae641ed15112"}}, 0x80}}, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000006c0)={'filter\x00', 0x7, 0x4, 0x3d0, 0x1d8, 0xe0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@CONNSECMARK={0x28}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local, @broadcast, @local}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
socket(0x10, 0x80002, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bind$vsock_stream(r3, &(0x7f0000000000)={0x10}, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000a40)=@newae={0x64, 0x1e, 0x21, 0x0, 0x0, {{@in6=@remote}, @in=@empty}, [@lifetime_val={0x24}]}, 0x64}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0)
r11 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r11, 0x65, 0x7, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="980000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000004c001280110001006272696467655f736c617665000000003400058005001900020000000500090000000000050001"], 0x98}}, 0x0)

663.50839ms ago: executing program 1 (id=1423):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900070282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)

504.090778ms ago: executing program 1 (id=1424):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000dc0)=ANY=[@ANYBLOB="85000000080000006a0a00ff000000002e00000000000000950000000000001810000000", @ANYRES32], &(0x7f0000000140)='GPL\x00', 0x2, 0xa5, &(0x7f0000000240)=""/165}, 0x90)

499.614671ms ago: executing program 2 (id=1425):
socket$netlink(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000031c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f00000001c0)="5c733c1f5c014e2a4405abce2e2192542afa9748dcd0a777a42e01d2f6290d970e2f9a1d422ca71d4207e563f192538f52", 0x31}, {&(0x7f0000000480)}, {&(0x7f0000000c40)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb2805e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8da45e7b38ce7c6c4daf306d0136c353c109f0a63c26e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849699dae2e0bb675bf07392f4b0303f2498c892988420f1e144e73eb89146ccde129625478ae391d7ed1d6f5fc03c603c699250ff4801890eda63df41b0b9d619b2dad24798faf47863f79ee52ee40e8550c52c28a795377d934e9b3cb2f9f0ae973055288f5ebbb6a193e5cf89d3dfff60d4e545abda64b1c55d315931540117b96e72a5cea284c4a9d99d165d19e12176acd226a9ec38d6889c913b8c98b3a1666ec9b378655838df06b8318691cded6314ce3bcdd3d1ac172c3ecd2f82879771034f5f1ebb3d6ee5b10c77f269954680acc2495c586cf6bc33b2c8b374cf64275cfb06a0ef5485c269b152cbdd6c0489307000000c5a28372a45f3c79f3e45ce94ffb14bf3aa8e5f0e54d942e8440c94bf5d2f0eb05e32337b6ee0087f8047e2a820b1fe6c4db3d9969f9705d9ef5df25e8373de300f04ce07cbda2e41459024d13fa2ee32103d00b6642e6fe0ae493a9ad418329de", 0x33d}], 0x4, &(0x7f0000003200)=ANY=[@ANYRES8], 0x18}, 0x8080)
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={'team_slave_0\x00'})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) (async)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept$alg(r2, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000001500)=[{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000003640)="60c82576efc9d0a70afe7d1f701514e8dd", 0x11}], 0x1}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000200)=""/153, 0x99}, {&(0x7f00000002c0)=""/153, 0x99}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000004d40)="cf", 0xfdfa}], 0x1, &(0x7f00000000c0)=[@assoc={0x18}], 0x18}, 0x0)
r4 = syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000f80)=ANY=[@ANYBLOB="4800000004b3a0f44ff9a10f9e54a1f34dbb10799376eeaea34ff87925e151aea0ede4be10eddb7c5776fffcb7a469d3542e9eabb9e8cef52ba17cbc78d73194bfa003a13f1451a8a8b582ce4045bbeae98f7569aba2f299424e06de117d4edcd0216167fb62b689de7416d1d88fd654f06184497ab4c20f8177f50ebe0afb8c3b287b9f3f68a1ae31f379f8b4d226125a438b50c485c9ff4098255e35b332cb96d60538cc948f8fef077acb6fd9754a82ac086e0a4245ccd3982f9b76b70775374969be34cf36a8b008987da1d51ec80be52b8806356a8900"/226, @ANYRES16=r4, @ANYBLOB="00002bbd7000ffdbdf252b0000000c0005000201aaaaaaaaaaaa0c0005000202aaaaaaaaaaaa08000200", @ANYRES32=0x0, @ANYBLOB="0c000500000000000000000008000200", @ANYRES32=r5, @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x44001}, 0x48000) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000f80)=ANY=[@ANYBLOB="4800000004b3a0f44ff9a10f9e54a1f34dbb10799376eeaea34ff87925e151aea0ede4be10eddb7c5776fffcb7a469d3542e9eabb9e8cef52ba17cbc78d73194bfa003a13f1451a8a8b582ce4045bbeae98f7569aba2f299424e06de117d4edcd0216167fb62b689de7416d1d88fd654f06184497ab4c20f8177f50ebe0afb8c3b287b9f3f68a1ae31f379f8b4d226125a438b50c485c9ff4098255e35b332cb96d60538cc948f8fef077acb6fd9754a82ac086e0a4245ccd3982f9b76b70775374969be34cf36a8b008987da1d51ec80be52b8806356a8900"/226, @ANYRES16=r4, @ANYBLOB="00002bbd7000ffdbdf252b0000000c0005000201aaaaaaaaaaaa0c0005000202aaaaaaaaaaaa08000200", @ANYRES32=0x0, @ANYBLOB="0c000500000000000000000008000200", @ANYRES32=r5, @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x44001}, 0x48000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r6, 0x0, 0x0)
accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000300))
listen(0xffffffffffffffff, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
bpf$OBJ_PIN_MAP(0x6, 0xfffffffffffffffc, 0xda)
sendmsg$NL80211_CMD_AUTHENTICATE(r7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000003c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="080000000000fcdbdf252500000008000300", @ANYRES32=0x0, @ANYBLOB="0a003400020202020202000017003400c77b6ee54ba78fa8780be4a0341e5bb6228c3f0008003500050000000a003400010101010101000008003500f700000004002800"], 0x60}, 0x1, 0x0, 0x0, 0x400c025}, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socket(0x10, 0x80000, 0x9) (async)
socket(0x10, 0x80000, 0x9)
sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="380000001c00010400000000000000000200008008000000b8fd0001080001"], 0x38}], 0x1}, 0x0) (async)
sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="380000001c00010400000000000000000200008008000000b8fd0001080001"], 0x38}], 0x1}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES64], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x18, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x9}, 0xffffffffffffffdb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_es_lookup_extent_exit\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_es_lookup_extent_exit\x00', r9}, 0x10)

467.794841ms ago: executing program 4 (id=1426):
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x7a, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)

380.035345ms ago: executing program 1 (id=1427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}, @IFLA_OPERSTATE={0x5}, @IFLA_TXQLEN={0x8}]}, 0x44}, 0x1, 0xba01, 0x0, 0x1000000}, 0x0)

379.811999ms ago: executing program 0 (id=1428):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x7a, 0x8, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, &(0x7f0000000040), 0x0}, 0x20)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f0000000240), &(0x7f0000000280)=0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000002c0))
ioctl$SIOCGSTAMP(r3, 0x8906, &(0x7f0000000000))
getsockopt$bt_hci(r1, 0x11a, 0x3, 0x0, &(0x7f0000000040))
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001080)=ANY=[@ANYBLOB="50000000020905000000000000000000000000003c0002"], 0x50}}, 0x0)

285.186606ms ago: executing program 1 (id=1429):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x80)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

224.788229ms ago: executing program 0 (id=1430):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)='%pK    \x00'}, 0x20)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="364000004900913a"], 0xfe33)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x80111500, &(0x7f0000000900)={'ip6_vti0\x00', @random="0600002000"})

164.002406ms ago: executing program 2 (id=1431):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x4c050}, 0x0)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0x5, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r0], 0x450}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
r1 = epoll_create1(0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r1)
socket$packet(0x11, 0x2, 0x300)
accept$packet(r3, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000400000100012800800010068"], 0x30}}, 0x4001c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01010000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000040000000160a01010000000000000000010000000900020073797a30001c00000900010073797a3000000000140003"], 0xc8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
r7 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r7, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={&(0x7f0000000880)=@l2tp6={0xa, 0x1100, 0x0, @mcast1, 0x5}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000780)="f4000900062b2f25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000c80), 0x0, 0x0)

130.510282ms ago: executing program 3 (id=1432):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x44}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)

108.670849ms ago: executing program 4 (id=1433):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000580)={'wg0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a40)=@newqdisc={0x30, 0x26, 0x1, 0x0, 0x88a8ffff, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}}, 0x0)

63.317675ms ago: executing program 1 (id=1434):
r0 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x0)
sendto$inet6(r0, &(0x7f0000000680)='m', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback={0x4000000}}, 0x1c)

0s ago: executing program 0 (id=1435):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e14060288a800000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.44' (ED25519) to the list of known hosts.
[   52.135163][ T5075] cgroup: Unknown subsys name 'net'
[   52.297338][ T5075] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   53.691940][ T5075] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   57.043945][ T5098] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   57.064161][ T5103] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   57.073578][ T5106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   57.085314][ T5104] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   57.085664][ T5103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   57.093472][ T5106] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   57.101865][ T5103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   57.108449][ T5106] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   57.115684][ T5103] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   57.121289][ T5104] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   57.129709][ T5103] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   57.136734][ T5106] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   57.143879][ T5103] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   57.152746][ T5104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   57.161606][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   57.167484][ T5106] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   57.174400][ T5103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   57.182298][ T5104] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   57.190079][ T5108] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   57.204049][ T5108] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   57.204217][ T5104] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   57.212017][ T5108] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   57.227144][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   57.227597][ T5108] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   57.243844][ T5104] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   57.252393][ T5106] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   57.270343][ T5104] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   57.277874][ T5106] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   57.278722][ T5108] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   57.292461][ T5104] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   57.808411][ T5087] chnl_net:caif_netlink_parms(): no params data found
[   57.910811][ T5093] chnl_net:caif_netlink_parms(): no params data found
[   57.974649][ T5086] chnl_net:caif_netlink_parms(): no params data found
[   57.993453][ T5090] chnl_net:caif_netlink_parms(): no params data found
[   58.043521][ T5088] chnl_net:caif_netlink_parms(): no params data found
[   58.192766][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.201211][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.208499][ T5087] bridge_slave_0: entered allmulticast mode
[   58.216584][ T5087] bridge_slave_0: entered promiscuous mode
[   58.238471][ T5093] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.245759][ T5093] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.253247][ T5093] bridge_slave_0: entered allmulticast mode
[   58.260243][ T5093] bridge_slave_0: entered promiscuous mode
[   58.268280][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.275731][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.283166][ T5087] bridge_slave_1: entered allmulticast mode
[   58.290629][ T5087] bridge_slave_1: entered promiscuous mode
[   58.334435][ T5093] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.343344][ T5093] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.353151][ T5093] bridge_slave_1: entered allmulticast mode
[   58.360174][ T5093] bridge_slave_1: entered promiscuous mode
[   58.398444][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.405741][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.413336][ T5090] bridge_slave_0: entered allmulticast mode
[   58.421392][ T5090] bridge_slave_0: entered promiscuous mode
[   58.468182][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.478491][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.485885][ T5086] bridge_slave_0: entered allmulticast mode
[   58.493463][ T5086] bridge_slave_0: entered promiscuous mode
[   58.501806][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.508948][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.516689][ T5090] bridge_slave_1: entered allmulticast mode
[   58.523702][ T5090] bridge_slave_1: entered promiscuous mode
[   58.538775][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.546104][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.553509][ T5088] bridge_slave_0: entered allmulticast mode
[   58.560626][ T5088] bridge_slave_0: entered promiscuous mode
[   58.568774][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.576025][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.583260][ T5088] bridge_slave_1: entered allmulticast mode
[   58.591159][ T5088] bridge_slave_1: entered promiscuous mode
[   58.600760][ T5093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.612977][ T5093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.624507][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.636612][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.646137][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.653411][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.660725][ T5086] bridge_slave_1: entered allmulticast mode
[   58.667462][ T5086] bridge_slave_1: entered promiscuous mode
[   58.751576][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.764216][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.788751][ T5093] team0: Port device team_slave_0 added
[   58.809396][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.836256][ T5088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.852764][ T5088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.863169][ T5093] team0: Port device team_slave_1 added
[   58.872976][ T5087] team0: Port device team_slave_0 added
[   58.881602][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.926649][ T5087] team0: Port device team_slave_1 added
[   58.946137][ T5090] team0: Port device team_slave_0 added
[   58.956018][ T5090] team0: Port device team_slave_1 added
[   59.020994][ T5088] team0: Port device team_slave_0 added
[   59.027872][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.035104][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.062340][ T5093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.088491][ T5086] team0: Port device team_slave_0 added
[   59.098734][ T5086] team0: Port device team_slave_1 added
[   59.118459][ T5088] team0: Port device team_slave_1 added
[   59.137754][ T5093] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.145031][ T5093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.171584][ T5093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.183986][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.191374][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.217409][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.238426][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.246331][ T5097] Bluetooth: hci2: command tx timeout
[   59.248373][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.278494][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.291437][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.298419][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.324488][ T5097] Bluetooth: hci0: command tx timeout
[   59.324560][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.330564][ T5097] Bluetooth: hci3: command tx timeout
[   59.340656][ T5092] Bluetooth: hci1: command tx timeout
[   59.362174][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.369316][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.396072][ T5088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.406838][ T5092] Bluetooth: hci4: command tx timeout
[   59.422818][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.429902][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.455964][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.480891][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.487865][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.514176][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.532318][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.539286][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.565843][ T5088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.591960][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.598936][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.625196][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.675817][ T5093] hsr_slave_0: entered promiscuous mode
[   59.683060][ T5093] hsr_slave_1: entered promiscuous mode
[   59.780954][ T5090] hsr_slave_0: entered promiscuous mode
[   59.787301][ T5090] hsr_slave_1: entered promiscuous mode
[   59.796597][ T5090] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.804643][ T5090] Cannot create hsr debugfs directory
[   59.815537][ T5086] hsr_slave_0: entered promiscuous mode
[   59.822160][ T5086] hsr_slave_1: entered promiscuous mode
[   59.828239][ T5086] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.836222][ T5086] Cannot create hsr debugfs directory
[   59.853367][ T5088] hsr_slave_0: entered promiscuous mode
[   59.859907][ T5088] hsr_slave_1: entered promiscuous mode
[   59.866625][ T5088] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.874361][ T5088] Cannot create hsr debugfs directory
[   59.926962][ T5087] hsr_slave_0: entered promiscuous mode
[   59.935240][ T5087] hsr_slave_1: entered promiscuous mode
[   59.942434][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   59.950954][ T5087] Cannot create hsr debugfs directory
[   60.395749][ T5088] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   60.411094][ T5088] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   60.430442][ T5088] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   60.449164][ T5088] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   60.485228][ T5090] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   60.497917][ T5090] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   60.521442][ T5090] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   60.544409][ T5090] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   60.603812][ T5086] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   60.630376][ T5086] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   60.653361][ T5086] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   60.664802][ T5086] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   60.771154][ T5093] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   60.782641][ T5093] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   60.794028][ T5093] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   60.804885][ T5093] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   60.932002][ T5087] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   60.944327][ T5087] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   60.958056][ T5087] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   60.968630][ T5087] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   60.993111][ T5088] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.054997][ T5088] 8021q: adding VLAN 0 to HW filter on device team0
[   61.067779][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.093787][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.125540][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.132924][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.165070][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.172198][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.206572][ T5086] 8021q: adding VLAN 0 to HW filter on device team0
[   61.231530][ T5090] 8021q: adding VLAN 0 to HW filter on device team0
[   61.255061][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.262266][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.274598][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.281804][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.330622][ T5092] Bluetooth: hci2: command tx timeout
[   61.348969][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.356132][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.366515][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.373720][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.395084][ T5093] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.399895][ T5092] Bluetooth: hci1: command tx timeout
[   61.407369][ T5092] Bluetooth: hci3: command tx timeout
[   61.413136][ T5104] Bluetooth: hci0: command tx timeout
[   61.447832][ T5093] 8021q: adding VLAN 0 to HW filter on device team0
[   61.479834][ T5092] Bluetooth: hci4: command tx timeout
[   61.508073][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.515285][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.549333][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.556502][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.635498][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.693758][ T5086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.758586][ T5087] 8021q: adding VLAN 0 to HW filter on device team0
[   61.817720][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.825034][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.841737][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.848917][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.005550][ T5088] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.098990][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.214474][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.268840][ T5093] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.319367][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.365037][ T5090] veth0_vlan: entered promiscuous mode
[   62.407853][ T5090] veth1_vlan: entered promiscuous mode
[   62.443283][ T5088] veth0_vlan: entered promiscuous mode
[   62.457249][ T5088] veth1_vlan: entered promiscuous mode
[   62.483017][ T5086] veth0_vlan: entered promiscuous mode
[   62.543211][ T5090] veth0_macvtap: entered promiscuous mode
[   62.563947][ T5086] veth1_vlan: entered promiscuous mode
[   62.597879][ T5093] veth0_vlan: entered promiscuous mode
[   62.608838][ T5090] veth1_macvtap: entered promiscuous mode
[   62.669150][ T5093] veth1_vlan: entered promiscuous mode
[   62.686096][ T5088] veth0_macvtap: entered promiscuous mode
[   62.708168][ T5086] veth0_macvtap: entered promiscuous mode
[   62.726286][ T5088] veth1_macvtap: entered promiscuous mode
[   62.738651][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.751323][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.773323][ T5086] veth1_macvtap: entered promiscuous mode
[   62.785006][ T5090] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.795210][ T5090] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.804587][ T5090] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.813505][ T5090] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.876219][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.888277][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.904162][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.937415][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.955438][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.968086][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.981270][ T5093] veth0_macvtap: entered promiscuous mode
[   62.995495][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.007797][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.018931][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.031067][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.042466][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.057181][ T5093] veth1_macvtap: entered promiscuous mode
[   63.076419][ T5088] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.095979][ T5088] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.105191][ T5088] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.114133][ T5088] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.176632][ T5087] veth0_vlan: entered promiscuous mode
[   63.192298][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.195303][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.204055][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.220351][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.230333][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.242239][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.253669][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.265713][ T5086] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.275871][ T5086] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.285435][ T5086] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.296186][ T5086] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.334056][ T5087] veth1_vlan: entered promiscuous mode
[   63.342557][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.353510][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.367300][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.378417][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.388787][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.400017][ T5092] Bluetooth: hci2: command tx timeout
[   63.405782][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.417066][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.453557][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.464678][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.476527][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.479744][ T5092] Bluetooth: hci3: command tx timeout
[   63.487316][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.492524][ T5104] Bluetooth: hci0: command tx timeout
[   63.503107][ T5097] Bluetooth: hci1: command tx timeout
[   63.509336][ T5093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.524845][ T5093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.536305][ T5093] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.548248][ T5093] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.558169][ T5093] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.567324][ T5097] Bluetooth: hci4: command tx timeout
[   63.567465][ T5093] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.582996][ T5093] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.620938][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.642218][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.772868][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.805002][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.872791][ T5173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'.
[   63.873115][ T1114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.894796][ T1114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.904857][ T5087] veth0_macvtap: entered promiscuous mode
[   63.941763][ T5087] veth1_macvtap: entered promiscuous mode
[   64.016960][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.033514][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.065727][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.075685][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.093591][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.104616][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.114765][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.126615][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.137914][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.148592][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.159225][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.171134][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.184229][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.199210][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.210692][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.221234][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.238712][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.249122][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.260814][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.271366][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.282221][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.299281][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.328317][ T5087] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.344791][ T5087] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.355577][ T5087] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.386650][ T5087] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.420288][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.433199][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.588150][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.617710][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.629622][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.636794][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.737860][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.774055][ T5186] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7'.
[   64.775792][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.831732][ T5186] openvswitch: netlink: Key 17 has unexpected len 3064 expected 4
[   65.128267][ T5198] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.167124][ T5195] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.200251][ T5198] netlink: 'syz.3.11': attribute type 10 has an invalid length.
[   65.260913][ T5198] 8021q: adding VLAN 0 to HW filter on device team0
[   65.298232][ T5198] bond0: (slave team0): Enslaving as an active interface with an up link
[   65.341278][ T5209] netlink: 'syz.2.14': attribute type 25 has an invalid length.
[   65.381272][ T5209] netlink: 'syz.2.14': attribute type 7 has an invalid length.
[   65.454953][ T5209] netlink: 'syz.2.14': attribute type 25 has an invalid length.
[   65.482425][ T5097] Bluetooth: hci2: command tx timeout
[   65.508501][ T5209] netlink: 'syz.2.14': attribute type 7 has an invalid length.
[   65.562634][ T5092] Bluetooth: hci0: command tx timeout
[   65.564641][ T5104] Bluetooth: hci3: command tx timeout
[   65.568143][ T5097] Bluetooth: hci1: command tx timeout
[   65.615416][ T5219] ieee802154 phy0 wpan0: encryption failed: -22
[   65.639904][ T5104] Bluetooth: hci4: command tx timeout
[   65.645643][ T5221] netlink: 'syz.4.18': attribute type 4 has an invalid length.
[   65.656548][ T5222] syz.1.19 uses obsolete (PF_INET,SOCK_PACKET)
[   65.666316][ T5221] netlink: 17 bytes leftover after parsing attributes in process `syz.4.18'.
[   65.700961][ T5227] netlink: 16 bytes leftover after parsing attributes in process `syz.0.20'.
[   66.346453][ T5253] netlink: 64 bytes leftover after parsing attributes in process `syz.0.32'.
[   66.735296][ T5271] warning: `syz.3.38' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   66.814475][ T5283] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   67.102665][ T5293] veth0_vlan: left promiscuous mode
[   67.135136][ T5304] dccp_invalid_packet: P.Data Offset(172) too large
[   67.230978][ T5284] delete_channel: no stack
[   67.356259][ T5314] FAULT_INJECTION: forcing a failure.
[   67.356259][ T5314] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   67.395487][ T5314] CPU: 1 PID: 5314 Comm: syz.3.52 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[   67.405427][ T5314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   67.415517][ T5314] Call Trace:
[   67.418818][ T5314]  <TASK>
[   67.421772][ T5314]  dump_stack_lvl+0x241/0x360
[   67.426495][ T5314]  ? __pfx_dump_stack_lvl+0x10/0x10
[   67.431726][ T5314]  ? __pfx__printk+0x10/0x10
[   67.436351][ T5314]  ? __pfx_lock_release+0x10/0x10
[   67.441415][ T5314]  should_fail_ex+0x3b0/0x4e0
[   67.446126][ T5314]  _copy_from_user+0x2f/0xe0
[   67.450742][ T5314]  copy_msghdr_from_user+0xae/0x680
[   67.455969][ T5314]  ? __pfx___might_resched+0x10/0x10
[   67.461283][ T5314]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   67.467127][ T5314]  ? __might_fault+0xaa/0x120
[   67.471828][ T5314]  __sys_sendmmsg+0x374/0x740
[   67.476536][ T5314]  ? __pfx___sys_sendmmsg+0x10/0x10
[   67.481799][ T5314]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   67.487722][ T5314]  ? ksys_write+0x23e/0x2c0
[   67.492258][ T5314]  ? __pfx_lock_release+0x10/0x10
[   67.497315][ T5314]  ? vfs_write+0x7c4/0xc90
[   67.501756][ T5314]  ? __mutex_unlock_slowpath+0x21d/0x750
[   67.507388][ T5314]  ? __pfx_vfs_write+0x10/0x10
[   67.512163][ T5314]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   67.518136][ T5314]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   67.524460][ T5314]  ? do_syscall_64+0x100/0x230
[   67.529225][ T5314]  __x64_sys_sendmmsg+0xa0/0xb0
[   67.534181][ T5314]  do_syscall_64+0xf3/0x230
[   67.538684][ T5314]  ? clear_bhb_loop+0x35/0x90
[   67.543368][ T5314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.549271][ T5314] RIP: 0033:0x7fcc6b575bd9
[   67.553698][ T5314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.573391][ T5314] RSP: 002b:00007fcc6c2ca048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   67.581802][ T5314] RAX: ffffffffffffffda RBX: 00007fcc6b703f60 RCX: 00007fcc6b575bd9
[   67.589765][ T5314] RDX: 000000000000fdef RSI: 00000000200020c0 RDI: 0000000000000004
[   67.597727][ T5314] RBP: 00007fcc6c2ca0a0 R08: 0000000000000000 R09: 0000000000000000
[   67.605695][ T5314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.613664][ T5314] R13: 000000000000000b R14: 00007fcc6b703f60 R15: 00007ffc3bf6c3e8
[   67.621649][ T5314]  </TASK>
[   67.746073][ T5323] Zero length message leads to an empty skb
[   67.796388][ T5325] Cannot find add_set index 0 as target
[   67.848970][ T5323] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.859260][ T5323] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.966874][ T5331] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   68.012691][ T5333] netlink: 68 bytes leftover after parsing attributes in process `syz.3.59'.
[   68.096063][ T5337] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.60'.
[   68.108767][ T5333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.59'.
[   68.120404][ T5337] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[   68.140165][ T5337] xt_TCPMSS: Only works on TCP SYN packets
[   68.146559][ T5337] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.191319][ T5139] IPVS: starting estimator thread 0...
[   68.300521][ T5340] IPVS: using max 16 ests per chain, 38400 per kthread
[   69.294333][ T5396] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   69.305041][ T5394] vlan2: entered promiscuous mode
[   69.321032][ T5399] netlink: 'syz.1.80': attribute type 29 has an invalid length.
[   69.342846][ T5399] netlink: 'syz.1.80': attribute type 29 has an invalid length.
[   69.353614][ T5399] netlink: 'syz.1.80': attribute type 29 has an invalid length.
[   69.441345][ T5403] netlink: 4 bytes leftover after parsing attributes in process `syz.0.81'.
[   69.458495][ T5406] xt_CT: You must specify a L4 protocol and not use inversions on it
[   69.464739][ T5406] netlink: 'syz.1.82': attribute type 7 has an invalid length.
[   69.584375][ T5414] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.598987][ T5414] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.666959][ T5415] netlink: 40 bytes leftover after parsing attributes in process `syz.0.85'.
[   69.686384][ T5424] netlink: 40 bytes leftover after parsing attributes in process `syz.1.89'.
[   69.701390][ T5424] ipvlan1: entered promiscuous mode
[   69.706950][ T5424] ipvlan1: entered allmulticast mode
[   69.712766][ T5424] veth0_vlan: entered allmulticast mode
[   69.726204][ T5424] bridge0: port 3(ipvlan1) entered blocking state
[   69.734132][ T5424] bridge0: port 3(ipvlan1) entered disabled state
[   69.747630][ T5424] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[   69.764611][ T5426] netlink: 12 bytes leftover after parsing attributes in process `syz.1.89'.
[   69.779270][ T5426] netlink: 20 bytes leftover after parsing attributes in process `syz.1.89'.
[   70.072598][ T5440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.91'.
[   70.081572][ T5440] netlink: 68 bytes leftover after parsing attributes in process `syz.0.91'.
[   71.889094][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[   71.895517][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[   77.410843][ T5466] netlink: 24 bytes leftover after parsing attributes in process `syz.4.101'.
[   77.577612][ T5474] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   77.783472][ T5486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   77.983875][ T5498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.112'.
[   78.004422][ T5498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.112'.
[   78.004588][ T5500] netlink: 20 bytes leftover after parsing attributes in process `syz.1.113'.
[   78.079089][ T5504] openvswitch: netlink: Port 8336768 exceeds max allowable 65535
[   78.103379][ T5506] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.189461][ T5511] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.259975][ T5514] validate_nla: 4 callbacks suppressed
[   78.259994][ T5514] netlink: 'syz.4.119': attribute type 1 has an invalid length.
[   78.273483][ T5514] netlink: 157116 bytes leftover after parsing attributes in process `syz.4.119'.
[   78.711654][ T5532] sch_tbf: burst 88 is lower than device netdevsim0 mtu (1514) !
[   78.755695][ T5534] sctp: [Deprecated]: syz.4.128 (pid 5534) Use of int in maxseg socket option.
[   78.755695][ T5534] Use struct sctp_assoc_value instead
[   79.387635][ T5576] netlink: 19 bytes leftover after parsing attributes in process `syz.4.142'.
[   79.436940][ T5578] netlink: 32 bytes leftover after parsing attributes in process `syz.3.144'.
[   79.657737][ T5589] IPVS: Scheduler module ip_vs_sip not found
[   79.668943][ T5596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.149'.
[   79.677298][ T5597] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   79.797045][ T5601] netlink: 12 bytes leftover after parsing attributes in process `syz.0.151'.
[   79.854831][ T5613] dccp_v6_rcv: dropped packet with invalid checksum
[   80.325890][ T5634] netlink: 'syz.3.159': attribute type 21 has an invalid length.
[   80.343650][ T5634] netlink: 156 bytes leftover after parsing attributes in process `syz.3.159'.
[   80.490954][ T5640] netlink: 'syz.0.163': attribute type 10 has an invalid length.
[   80.516911][ T5640] team0: Port device netdevsim0 added
[   80.538974][ T5640] netlink: 'syz.0.163': attribute type 10 has an invalid length.
[   80.612742][ T5646] netlink: 'syz.0.165': attribute type 2 has an invalid length.
[   80.830433][ T5657] netlink: 'syz.0.171': attribute type 30 has an invalid length.
[   80.868681][ T5661] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[   80.974198][ T5664] erspan0: entered promiscuous mode
[   81.012161][ T5664] batadv_slave_0: entered promiscuous mode
[   81.026145][ T5664] hsr1: entered promiscuous mode
[   81.039776][ T5664] hsr1: entered allmulticast mode
[   81.059195][ T5664] erspan0: entered allmulticast mode
[   81.065280][ T5664] batadv_slave_0: entered allmulticast mode
[   81.217688][ T5685] dummy0: entered promiscuous mode
[   81.232789][ T5677] syzkaller1: entered promiscuous mode
[   81.238768][ T5677] syzkaller1: entered allmulticast mode
[   81.252262][ T5687] batman_adv: batadv0: adding TT local entry 4a:c8:93:55:00:00 to non-existent VLAN 2358
[   81.271565][ T5684] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   81.294670][ T5685] dummy0: left promiscuous mode
[   81.516492][ T5697] netlink: 'syz.1.186': attribute type 10 has an invalid length.
[   81.527419][ T5702] netlink: 'syz.4.188': attribute type 3 has an invalid length.
[   81.556563][ T5697] geneve0: entered promiscuous mode
[   81.616836][ T5704] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.651600][ T5705] IPv6: sit1: Disabled Multicast RS
[   81.911896][ T5724] netlink: 'syz.1.194': attribute type 1 has an invalid length.
[   81.941333][ T5724] xt_TCPMSS: Only works on TCP SYN packets
[   82.122765][   T45] cfg80211: failed to load regulatory.db
[   82.519041][ T5745] netlink: 'syz.4.202': attribute type 11 has an invalid length.
[   82.553680][ T5745] netlink: 'syz.4.202': attribute type 11 has an invalid length.
[   82.573903][ T5745] debugfs: Directory 'netdev:' with parent 'phy11' already present!
[   82.763750][ T5755] __nla_validate_parse: 13 callbacks suppressed
[   82.763769][ T5755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.207'.
[   83.060942][ T5762] netlink: 2060 bytes leftover after parsing attributes in process `syz.1.210'.
[   83.079495][ T5763] netlink: 44 bytes leftover after parsing attributes in process `syz.3.209'.
[   83.079966][ T5762] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.210'.
[   83.366131][ T5771] syzkaller0: entered promiscuous mode
[   83.373196][ T5771] syzkaller0: entered allmulticast mode
[   84.574842][ T5764] netlink: 84 bytes leftover after parsing attributes in process `syz.3.209'.
[   84.591424][ T5782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.211'.
[   84.782882][ T5802] netlink: 104 bytes leftover after parsing attributes in process `syz.4.218'.
[   85.211233][ T5824] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   85.407989][ T5834] netlink: 277 bytes leftover after parsing attributes in process `syz.4.231'.
[   85.428355][ T5832] netlink: 202920 bytes leftover after parsing attributes in process `syz.0.230'.
[   85.596377][ T5840] netlink: 44 bytes leftover after parsing attributes in process `syz.4.233'.
[   86.124501][ T5850] netlink: 'syz.0.236': attribute type 1 has an invalid length.
[   86.808349][ T5865] TCP: MD5 Hash mismatch for [fe80::bb].0->[ff02::1].20002 [FR.]L3 index 0
[   86.988201][ T5874] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   87.893181][ T5909] __nla_validate_parse: 6 callbacks suppressed
[   87.893200][ T5909] netlink: 20 bytes leftover after parsing attributes in process `syz.2.258'.
[   87.911669][ T5909] netlink: 4 bytes leftover after parsing attributes in process `syz.2.258'.
[   87.923694][ T5909] netlink: 4 bytes leftover after parsing attributes in process `syz.2.258'.
[   88.063372][ T5917] netlink: 'syz.2.260': attribute type 4 has an invalid length.
[   88.074091][ T5917] netlink: 156 bytes leftover after parsing attributes in process `syz.2.260'.
[   88.094174][ T5918] netlink: 'syz.3.257': attribute type 1 has an invalid length.
[   88.151508][ T5918] netlink: 224 bytes leftover after parsing attributes in process `syz.3.257'.
[   88.184425][ T5918] netlink: 8 bytes leftover after parsing attributes in process `syz.3.257'.
[   88.292354][ T5928] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   88.293590][ T5899] netlink: 84 bytes leftover after parsing attributes in process `syz.4.254'.
[   88.717107][ T5946] netlink: 44 bytes leftover after parsing attributes in process `syz.1.266'.
[   89.068470][ T5946] netlink: 84 bytes leftover after parsing attributes in process `syz.1.266'.
[   89.128736][ T5960] netlink: 'syz.4.271': attribute type 2 has an invalid length.
[   89.348060][ T5965] Driver unsupported XDP return value 0 on prog  (id 134) dev N/A, expect packet loss!
[   89.541230][ T5986] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   89.668276][ T5991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   89.847049][ T5998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.281'.
[   90.063304][ T6017] dccp_invalid_packet: P.Data Offset(172) too large
[   90.293306][ T6030] veth1_macvtap: left promiscuous mode
[   90.306611][ T6029] netlink: 'syz.4.291': attribute type 3 has an invalid length.
[   91.207090][ T6057] netlink: 'syz.1.304': attribute type 1 has an invalid length.
[   91.221906][ T6068] netlink: 'syz.3.307': attribute type 10 has an invalid length.
[   91.244006][ T6068] team0: Device ipvlan1 failed to register rx_handler
[   91.335135][ T6070] syz.2.308 (6070) used greatest stack depth: 18656 bytes left
[   91.578795][ T6092] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.692647][ T6095] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.216304][ T6115] netlink: 'syz.3.324': attribute type 1 has an invalid length.
[   92.590223][ T6130] netlink: 'syz.0.327': attribute type 1 has an invalid length.
[   93.560933][ T6154] netlink: 'syz.4.338': attribute type 29 has an invalid length.
[   93.592772][ T6154] netlink: 'syz.4.338': attribute type 29 has an invalid length.
[   93.619905][ T6154] netlink: 'syz.4.338': attribute type 29 has an invalid length.
[   93.870114][ T6166] __nla_validate_parse: 16 callbacks suppressed
[   93.870134][ T6166] netlink: 8 bytes leftover after parsing attributes in process `syz.0.341'.
[   93.907619][ T6166] Bluetooth: MGMT ver 1.22
[   93.918887][ T6166] Bluetooth: hci3: invalid len left 7, exp >= 229
[   93.951508][ T6168] netlink: 120 bytes leftover after parsing attributes in process `syz.4.345'.
[   93.965546][ T6168] netlink: 36 bytes leftover after parsing attributes in process `syz.4.345'.
[   94.051238][ T6173] netlink: 44 bytes leftover after parsing attributes in process `syz.1.347'.
[   94.253594][ T6184] netlink: 232 bytes leftover after parsing attributes in process `syz.2.352'.
[   94.287650][ T6184] netlink: 72 bytes leftover after parsing attributes in process `syz.2.352'.
[   94.367293][ T6178] netlink: 84 bytes leftover after parsing attributes in process `syz.1.347'.
[   94.533019][ T6201] netlink: 'syz.2.356': attribute type 2 has an invalid length.
[   94.562017][ T6201] netlink: 'syz.2.356': attribute type 8 has an invalid length.
[   94.621386][ T6201] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[   94.647254][ T6201] netlink: 80 bytes leftover after parsing attributes in process `syz.2.356'.
[   94.684824][ T6206] vlan2: entered promiscuous mode
[   94.707188][ T6206] veth0: entered promiscuous mode
[   94.724780][ T6206] team0: Port device vlan2 added
[   95.060877][ T6227] netlink: 12 bytes leftover after parsing attributes in process `syz.3.365'.
[   95.666374][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.378'.
[   95.731722][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.268132][ T6296] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[   96.467892][ T6305] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   97.054299][ T6331] validate_nla: 4 callbacks suppressed
[   97.054319][ T6331] netlink: 'syz.3.397': attribute type 4 has an invalid length.
[   97.216809][ T6342] netlink: 'syz.0.402': attribute type 8 has an invalid length.
[   97.854452][ T6384] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.906166][ T6384] IPVS: Error joining to the multicast group
[   98.406042][ T6412] netlink: 'syz.4.425': attribute type 1 has an invalid length.
[   98.619125][ T6425] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[   98.898147][ T6444] __nla_validate_parse: 16 callbacks suppressed
[   98.898167][ T6444] netlink: 44 bytes leftover after parsing attributes in process `syz.1.436'.
[   98.986983][ T6452] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.439'.
[   99.030264][ T6452] netlink: 4580 bytes leftover after parsing attributes in process `syz.2.439'.
[   99.039485][ T6452] netlink: 485 bytes leftover after parsing attributes in process `syz.2.439'.
[   99.132261][ T6444] netlink: 84 bytes leftover after parsing attributes in process `syz.1.436'.
[   99.306765][ T6460] netlink: 'syz.4.442': attribute type 29 has an invalid length.
[   99.338851][ T6460] netlink: 'syz.4.442': attribute type 29 has an invalid length.
[   99.367430][ T6460] netlink: 'syz.4.442': attribute type 29 has an invalid length.
[   99.383504][ T6471] netlink: 'syz.2.447': attribute type 9 has an invalid length.
[   99.399185][ T6460] netlink: 'syz.4.442': attribute type 29 has an invalid length.
[   99.470007][ T6471] netlink: 'syz.2.447': attribute type 1 has an invalid length.
[   99.494690][ T6463] netlink: 256 bytes leftover after parsing attributes in process `syz.4.442'.
[   99.510970][ T6463] unsupported nlmsg_type 40
[   99.540859][ T6463] xt_l2tp: missing protocol rule (udp|l2tpip)
[   99.547253][ T6460] netlink: 'syz.4.442': attribute type 29 has an invalid length.
[   99.576529][ T6463] Bluetooth: hci3: unsupported parameter 64512
[   99.595655][ T6463] Bluetooth: hci3: invalid length 0, exp 2 for type 1
[   99.754056][ T6488] FAULT_INJECTION: forcing a failure.
[   99.754056][ T6488] name failslab, interval 1, probability 0, space 0, times 0
[   99.767278][ T6488] CPU: 1 PID: 6488 Comm: syz.4.455 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[   99.777294][ T6488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   99.787376][ T6488] Call Trace:
[   99.790801][ T6488]  <TASK>
[   99.793758][ T6488]  dump_stack_lvl+0x241/0x360
[   99.798479][ T6488]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.803807][ T6488]  ? __pfx__printk+0x10/0x10
[   99.808446][ T6488]  should_fail_ex+0x3b0/0x4e0
[   99.813162][ T6488]  ? __alloc_skb+0x1c3/0x440
[   99.817794][ T6488]  should_failslab+0x9/0x20
[   99.822337][ T6488]  kmem_cache_alloc_node_noprof+0x71/0x320
[   99.828204][ T6488]  __alloc_skb+0x1c3/0x440
[   99.832679][ T6488]  ? __pfx___alloc_skb+0x10/0x10
[   99.837651][ T6488]  ? do_raw_write_lock+0x148/0x4f0
[   99.842804][ T6488]  ? __lock_acquire+0x1ef0/0x1fd0
[   99.847866][ T6488]  __neigh_notify+0x81/0x140
[   99.852504][ T6488]  neigh_cleanup_and_release+0xb7/0x2a0
[   99.858109][ T6488]  neigh_remove_one+0x5cd/0x6e0
[   99.862986][ T6488]  ___neigh_create+0x43c/0x2470
[   99.867968][ T6488]  ip6_finish_output2+0x1629/0x1670
[   99.873225][ T6488]  ? ip6_mtu+0x81/0x3f0
[   99.877392][ T6488]  ? ip6_finish_output2+0x712/0x1670
[   99.882766][ T6488]  ? nf_hook+0x9e/0x450
[   99.887174][ T6488]  ? __ip6_local_out+0x7c1/0x800
[   99.892106][ T6488]  ? __pfx_ip6_finish_output2+0x10/0x10
[   99.897737][ T6488]  ? ip6_mtu+0x81/0x3f0
[   99.901896][ T6488]  ip6_finish_output+0x41e/0x810
[   99.906853][ T6488]  ip6_send_skb+0x112/0x230
[   99.911374][ T6488]  udp_v6_send_skb+0xcd5/0x1900
[   99.916349][ T6488]  udpv6_sendmsg+0x23b3/0x3270
[   99.921125][ T6488]  ? release_sock+0x30/0x1f0
[   99.925730][ T6488]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   99.931309][ T6488]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   99.936449][ T6488]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.942880][ T6488]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   99.950086][ T6488]  ? inet_send_prepare+0x1b7/0x260
[   99.955192][ T6488]  ? do_raw_spin_unlock+0x13c/0x8b0
[   99.960394][ T6488]  ? inet_send_prepare+0x1b7/0x260
[   99.965591][ T6488]  __sock_sendmsg+0xef/0x270
[   99.970193][ T6488]  ____sys_sendmsg+0x525/0x7d0
[   99.974968][ T6488]  ? __pfx_____sys_sendmsg+0x10/0x10
[   99.980283][ T6488]  __sys_sendmsg+0x2b0/0x3a0
[   99.984878][ T6488]  ? __pfx___sys_sendmsg+0x10/0x10
[   99.990018][ T6488]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.996362][ T6488]  ? rcu_is_watching+0x15/0xb0
[  100.001147][ T6488]  ? trace_sys_enter+0x1f/0xd0
[  100.006012][ T6488]  do_syscall_64+0xf3/0x230
[  100.010526][ T6488]  ? clear_bhb_loop+0x35/0x90
[  100.015203][ T6488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.021122][ T6488] RIP: 0033:0x7f8aec175bd9
[  100.026146][ T6488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.045763][ T6488] RSP: 002b:00007f8aecf04048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.054177][ T6488] RAX: ffffffffffffffda RBX: 00007f8aec303f60 RCX: 00007f8aec175bd9
[  100.062196][ T6488] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  100.070189][ T6488] RBP: 00007f8aecf040a0 R08: 0000000000000000 R09: 0000000000000000
[  100.078175][ T6488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.086166][ T6488] R13: 000000000000000b R14: 00007f8aec303f60 R15: 00007ffcc8d05728
[  100.094151][ T6488]  </TASK>
[  100.140007][ T6483] netlink: 40 bytes leftover after parsing attributes in process `syz.0.454'.
[  100.348497][ T6511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.461'.
[  100.483733][ T6516] netlink: 44 bytes leftover after parsing attributes in process `syz.1.463'.
[  100.570881][ T6515] nbd: socks must be embedded in a SOCK_ITEM attr
[  100.927712][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  100.936245][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  100.946072][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  100.955794][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  100.980220][ T5092] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  100.987682][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.352599][ T1098] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.382794][ T6512] netlink: 84 bytes leftover after parsing attributes in process `syz.1.463'.
[  101.454710][ T6531] chnl_net:caif_netlink_parms(): no params data found
[  101.495471][ T1098] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.588158][ T1098] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.699376][ T1098] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.741693][ T6531] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.749030][ T6531] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.760023][ T6531] bridge_slave_0: entered allmulticast mode
[  101.769445][ T6531] bridge_slave_0: entered promiscuous mode
[  101.787861][ T6531] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.800100][ T6531] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.807600][ T6531] bridge_slave_1: entered allmulticast mode
[  101.817284][ T6531] bridge_slave_1: entered promiscuous mode
[  101.892277][ T6531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.911057][ T6531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.023319][ T6531] team0: Port device team_slave_0 added
[  102.048892][ T6531] team0: Port device team_slave_1 added
[  102.095961][ T1098] bridge_slave_1: left allmulticast mode
[  102.106984][ T1098] bridge_slave_1: left promiscuous mode
[  102.114768][ T1098] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.134343][ T1098] bridge_slave_0: left allmulticast mode
[  102.147732][ T1098] bridge_slave_0: left promiscuous mode
[  102.155007][ T1098] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.404727][ T1098] erspan0 (unregistering): left promiscuous mode
[  102.653960][ T1098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.666964][ T1098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.679417][ T1098] bond0 (unregistering): (slave team0): Releasing backup interface
[  102.698166][ T1098] bond0 (unregistering): Released all slaves
[  102.790172][ T6531] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.815947][ T6531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.848385][ T6531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.862189][ T6531] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.869159][ T6531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.898628][ T6531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.057702][ T6608] validate_nla: 2 callbacks suppressed
[  103.057722][ T6608] netlink: 'syz.1.490': attribute type 1 has an invalid length.
[  103.082785][ T5092] Bluetooth: hci0: command tx timeout
[  103.175955][ T6531] hsr_slave_0: entered promiscuous mode
[  103.183862][ T6531] hsr_slave_1: entered promiscuous mode
[  103.191947][ T6531] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.200202][ T6531] Cannot create hsr debugfs directory
[  103.246376][ T6617] FAULT_INJECTION: forcing a failure.
[  103.246376][ T6617] name failslab, interval 1, probability 0, space 0, times 0
[  103.269329][ T6617] CPU: 0 PID: 6617 Comm: syz.4.493 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  103.279366][ T6617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  103.289443][ T6617] Call Trace:
[  103.292730][ T6617]  <TASK>
[  103.295659][ T6617]  dump_stack_lvl+0x241/0x360
[  103.300353][ T6617]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.305553][ T6617]  ? __pfx__printk+0x10/0x10
[  103.310145][ T6617]  ? __pfx___might_resched+0x10/0x10
[  103.315433][ T6617]  should_fail_ex+0x3b0/0x4e0
[  103.320110][ T6617]  ? sctp_endpoint_new+0x11a/0xab0
[  103.325214][ T6617]  should_failslab+0x9/0x20
[  103.329716][ T6617]  kmalloc_trace_noprof+0x6c/0x2c0
[  103.334834][ T6617]  sctp_endpoint_new+0x11a/0xab0
[  103.339772][ T6617]  sctp_init_sock+0x998/0x1210
[  103.344538][ T6617]  sctp_v6_init_sock+0x16/0x70
[  103.349296][ T6617]  sctp_v6_create_accept_sk+0x409/0x5a0
[  103.354850][ T6617]  ? __pfx_sctp_v6_create_accept_sk+0x10/0x10
[  103.360919][ T6617]  sctp_accept+0x57b/0x7a0
[  103.365348][ T6617]  ? __pfx_sctp_accept+0x10/0x10
[  103.370287][ T6617]  ? __pfx_autoremove_wake_function+0x10/0x10
[  103.376353][ T6617]  ? __pfx_aa_sk_perm+0x10/0x10
[  103.381202][ T6617]  ? do_raw_spin_unlock+0x13c/0x8b0
[  103.386403][ T6617]  inet_accept+0xb3/0x150
[  103.390730][ T6617]  do_accept+0x4bf/0x6c0
[  103.394970][ T6617]  ? __pfx_do_accept+0x10/0x10
[  103.399743][ T6617]  __sys_accept4+0x11e/0x1c0
[  103.404338][ T6617]  ? __pfx___sys_accept4+0x10/0x10
[  103.409493][ T6617]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  103.415828][ T6617]  ? do_syscall_64+0x100/0x230
[  103.420597][ T6617]  __x64_sys_accept4+0x9a/0xb0
[  103.425357][ T6617]  do_syscall_64+0xf3/0x230
[  103.429861][ T6617]  ? clear_bhb_loop+0x35/0x90
[  103.434544][ T6617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.440436][ T6617] RIP: 0033:0x7f8aec175bd9
[  103.444845][ T6617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.464444][ T6617] RSP: 002b:00007f8aecee3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  103.472854][ T6617] RAX: ffffffffffffffda RBX: 00007f8aec304038 RCX: 00007f8aec175bd9
[  103.480819][ T6617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  103.488834][ T6617] RBP: 00007f8aecee30a0 R08: 0000000000000000 R09: 0000000000000000
[  103.496809][ T6617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.504776][ T6617] R13: 000000000000006e R14: 00007f8aec304038 R15: 00007ffcc8d05728
[  103.512768][ T6617]  </TASK>
[  103.568454][ T6621] netlink: 'syz.2.495': attribute type 1 has an invalid length.
[  103.693504][ T1098] batadv_slave_0: left promiscuous mode
[  103.710032][ T1098] hsr_slave_0: left promiscuous mode
[  103.736232][ T1098] hsr_slave_1: left promiscuous mode
[  103.757368][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.770552][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.782047][ T1098] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.789785][ T1098] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.816730][ T1098] veth0: left promiscuous mode
[  103.822567][ T1098] veth1_macvtap: left promiscuous mode
[  103.828804][ T1098] veth0_macvtap: left promiscuous mode
[  103.836275][ T1098] veth1_vlan: left promiscuous mode
[  103.842119][ T1098] veth0_vlan: left promiscuous mode
[  103.997534][ T1098] team0 (unregistering): Port device vlan2 removed
[  104.468838][ T1098] team0 (unregistering): Port device team_slave_1 removed
[  104.506451][ T1098] team0 (unregistering): Port device team_slave_0 removed
[  104.997590][ T6640] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  105.082881][ T6653] netlink: 'syz.1.502': attribute type 10 has an invalid length.
[  105.087757][ T6656] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  105.134404][ T6653] team0: Port device dummy0 added
[  105.159909][ T5092] Bluetooth: hci0: command tx timeout
[  105.415007][ T6666] __nla_validate_parse: 5 callbacks suppressed
[  105.415027][ T6666] netlink: 12 bytes leftover after parsing attributes in process `syz.1.507'.
[  105.429413][ T6675] ieee802154 phy1 wpan1: encryption failed: -90
[  105.444769][ T6666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.507'.
[  105.529894][ T6672] netlink: 8 bytes leftover after parsing attributes in process `syz.4.510'.
[  105.538578][ T6684] netlink: 104 bytes leftover after parsing attributes in process `syz.0.514'.
[  105.566103][ T6678] netlink: 'syz.4.510': attribute type 10 has an invalid length.
[  105.608859][ T6678] bond0: (slave netdevsim0): Enslaving as an active interface with a down link
[  105.822869][ T6696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.519'.
[  105.947387][ T6702] team0: entered promiscuous mode
[  105.964147][ T6702] team_slave_0: entered promiscuous mode
[  105.980703][ T6702] team_slave_1: entered promiscuous mode
[  106.027379][ T6707] netlink: 28 bytes leftover after parsing attributes in process `syz.0.524'.
[  106.030260][ T6696] team_slave_0: entered allmulticast mode
[  106.088289][ T6696] team0: Port device team_slave_0 removed
[  106.095006][ T6705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.523'.
[  106.132449][ T6695] team0: left promiscuous mode
[  106.138588][ T6695] team_slave_1: left promiscuous mode
[  106.318867][ T6531] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  106.357139][ T6531] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.379127][ T6531] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.406405][ T6531] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  106.424902][ T6728] tipc: Started in network mode
[  106.434271][ T6728] tipc: Node identity aaaaaaaaaa41, cluster identity 4711
[  106.446200][ T6728] tipc: Enabled bearer <eth:geneve1>, priority 10
[  106.755773][ T6531] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.834917][ T6531] 8021q: adding VLAN 0 to HW filter on device team0
[  106.852441][ T6750] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  106.880026][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.887397][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.922402][ T6750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'.
[  106.941698][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.948930][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.968443][ T6750] batadv_slave_0: entered allmulticast mode
[  107.134798][ T6766] netlink: 'syz.4.543': attribute type 11 has an invalid length.
[  107.247351][ T5092] Bluetooth: hci0: command tx timeout
[  107.308652][ T6777] netlink: 'syz.2.548': attribute type 1 has an invalid length.
[  107.327493][ T6777] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.548'.
[  107.356501][ T6777] netlink: 'syz.2.548': attribute type 1 has an invalid length.
[  107.378748][ T6777] netlink: 12 bytes leftover after parsing attributes in process `syz.2.548'.
[  107.425892][ T6787] netlink: 'syz.1.550': attribute type 2 has an invalid length.
[  107.467148][ T6531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.561734][ T5143] tipc: Node number set to 15444650
[  107.656616][ T6531] veth0_vlan: entered promiscuous mode
[  107.687074][ T6531] veth1_vlan: entered promiscuous mode
[  107.753210][ T6531] veth0_macvtap: entered promiscuous mode
[  107.768390][ T6531] veth1_macvtap: entered promiscuous mode
[  107.806555][ T6797] netlink: 'syz.2.555': attribute type 3 has an invalid length.
[  107.813427][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.828938][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.829637][ T6797] netlink: 'syz.2.555': attribute type 1 has an invalid length.
[  107.844381][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.857917][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.876405][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.888112][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.904091][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.918353][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.936691][ T6531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.970117][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.989690][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.008786][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.027169][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.037821][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.059827][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.070135][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.093731][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.109409][ T6531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.142847][ T6531] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.185227][ T6531] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.198378][ T6531] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.207488][ T6531] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.479280][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.489948][ T6826] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  108.505962][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.547632][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.563687][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.731613][ T6844] vxcan0: entered promiscuous mode
[  108.752780][ T6844] vlan2: entered allmulticast mode
[  108.763029][ T6844] vxcan0: entered allmulticast mode
[  108.791122][ T6849] 8021q: adding VLAN 0 to HW filter on device batadv1
[  108.792367][ T6836] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  108.799877][ T6849] team0: Port device batadv1 added
[  108.842154][ T6836] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  108.948763][ T5142] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.967835][ T5096] IPVS: starting estimator thread 0...
[  109.061164][ T6861] IPVS: using max 17 ests per chain, 40800 per kthread
[  109.331256][ T5092] Bluetooth: hci0: command tx timeout
[  109.502251][ T6896] xfrm1: entered promiscuous mode
[  109.507489][ T6896] xfrm1: entered allmulticast mode
[  109.513241][ T6895] netlink: 'syz.0.585': attribute type 10 has an invalid length.
[  109.809496][ T6910] netlink: 'syz.3.592': attribute type 8 has an invalid length.
[  110.276382][ T6937] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  110.684319][ T6961] __nla_validate_parse: 13 callbacks suppressed
[  110.684339][ T6961] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.609'.
[  110.744633][ T6959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.611'.
[  111.006377][ T6985] team0: Device macvtap2 is already an upper device of the team interface
[  111.304560][ T7005] tc_dump_action: action bad kind
[  111.398855][ T7015] netlink: 'syz.0.633': attribute type 3 has an invalid length.
[  111.444318][ T7007] netlink: 'syz.4.629': attribute type 2 has an invalid length.
[  111.773565][ T7039] netlink: 'syz.0.645': attribute type 5 has an invalid length.
[  111.846650][ T7042] ipvlan0: entered promiscuous mode
[  111.863041][ T7041] ipvlan0: left promiscuous mode
[  111.951455][ T7052] netlink: 'syz.1.650': attribute type 39 has an invalid length.
[  111.993485][ T7054] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  112.272406][ T7074] ip6gretap0: entered promiscuous mode
[  112.298956][ T7074] ip6gretap0: left promiscuous mode
[  112.349431][ T7078] netlink: 256 bytes leftover after parsing attributes in process `syz.0.655'.
[  112.504863][ T7084] netlink: 20 bytes leftover after parsing attributes in process `syz.4.660'.
[  112.626005][ T7094] netlink: 100 bytes leftover after parsing attributes in process `syz.2.663'.
[  112.712834][ T7098] netlink: 20 bytes leftover after parsing attributes in process `syz.0.666'.
[  112.720396][ T7099] netlink: 56 bytes leftover after parsing attributes in process `syz.1.665'.
[  112.821089][ T7103] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  112.843621][ T7105] netlink: 'syz.1.670': attribute type 4 has an invalid length.
[  112.868321][ T7105] netlink: 17 bytes leftover after parsing attributes in process `syz.1.670'.
[  113.229859][ T7119] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  113.546537][ T7158] dccp_invalid_packet: invalid packet type
[  114.193101][ T7190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.699'.
[  114.205432][ T7192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.218189][ T7198] netlink: 124 bytes leftover after parsing attributes in process `syz.4.700'.
[  114.235151][ T7190] vlan2: entered promiscuous mode
[  114.245259][ T7190] syz_tun: entered promiscuous mode
[  115.707651][ T7285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  115.983448][ T7284] __nla_validate_parse: 3 callbacks suppressed
[  115.983468][ T7284] netlink: 76 bytes leftover after parsing attributes in process `syz.4.731'.
[  116.222849][ T7284] netlink: 8 bytes leftover after parsing attributes in process `syz.4.731'.
[  116.396848][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.4.735'.
[  116.491293][ T7316] netlink: 4 bytes leftover after parsing attributes in process `syz.4.735'.
[  116.652892][ T7326] netlink: 'syz.4.742': attribute type 13 has an invalid length.
[  116.677648][ T7328] netlink: 'syz.2.739': attribute type 10 has an invalid length.
[  116.701166][ T7328] team0: Device ipvlan1 is up. Set it down before adding it as a team port
[  116.738446][ T7328] netlink: 4 bytes leftover after parsing attributes in process `syz.2.739'.
[  116.767042][ T7330] sctp: [Deprecated]: syz.0.744 (pid 7330) Use of int in max_burst socket option.
[  116.767042][ T7330] Use struct sctp_assoc_value instead
[  116.890989][ T7338] netlink: 'syz.3.748': attribute type 11 has an invalid length.
[  117.000413][ T5104] Bluetooth: hci0: command 0x0405 tx timeout
[  117.039981][ T7347] netlink: 'syz.1.750': attribute type 10 has an invalid length.
[  117.235062][ T7362] xt_TCPMSS: Only works on TCP SYN packets
[  117.466946][ T7371] sctp: [Deprecated]: syz.3.759 (pid 7371) Use of int in max_burst socket option.
[  117.466946][ T7371] Use struct sctp_assoc_value instead
[  117.743930][ T7394] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.767'.
[  117.755777][ T7394] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  118.012275][ T7405] xt_ecn: cannot match TCP bits for non-tcp packets
[  118.095419][ T7415] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  118.665789][ T7448] netlink: 232 bytes leftover after parsing attributes in process `syz.0.785'.
[  118.679354][ T7448] netlink: 72 bytes leftover after parsing attributes in process `syz.0.785'.
[  118.835197][ T7458] netlink: 12 bytes leftover after parsing attributes in process `syz.0.789'.
[  118.862175][ T7457] netlink: 12 bytes leftover after parsing attributes in process `syz.0.789'.
[  118.931407][ T7464] netlink: 'syz.4.791': attribute type 1 has an invalid length.
[  119.025133][ T7468] netlink: 'syz.4.793': attribute type 2 has an invalid length.
[  119.038854][ T7468] netlink: 'syz.4.793': attribute type 8 has an invalid length.
[  119.047644][ T7468] netlink: 'syz.4.793': attribute type 1 has an invalid length.
[  119.062999][ T7468] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.107229][ T7474] Cannot find del_set index 3 as target
[  119.137577][ T7476] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  120.431349][ T7527] tap0: tun_chr_ioctl cmd 37730
[  120.644982][ T7535] syzkaller0: entered promiscuous mode
[  120.654819][ T7535] syzkaller0: entered allmulticast mode
[  121.102820][ T7540] __nla_validate_parse: 6 callbacks suppressed
[  121.102843][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.823'.
[  121.127645][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.2.823'.
[  123.750262][ T7549] netlink: 'syz.0.825': attribute type 4 has an invalid length.
[  123.785403][ T7551] netlink: 'syz.0.825': attribute type 4 has an invalid length.
[  123.829747][ T7559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.829'.
[  123.892380][ T7560] bond2 (unregistering): Released all slaves
[  124.099016][ T7576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.834'.
[  124.277081][ T7591] netlink: 40 bytes leftover after parsing attributes in process `syz.0.841'.
[  124.297643][ T7592] netlink: 76 bytes leftover after parsing attributes in process `syz.3.840'.
[  124.320832][ T7591] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.374509][ T7592] ���: entered promiscuous mode
[  124.573101][ T7608] netlink: 4 bytes leftover after parsing attributes in process `syz.4.848'.
[  124.611803][ T7611] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.847'.
[  124.632798][ T7613] veth1_virt_wifi: entered promiscuous mode
[  124.641821][ T7612] veth1_virt_wifi: left promiscuous mode
[  124.879360][ T7628] netlink: 'syz.4.857': attribute type 10 has an invalid length.
[  124.904325][ T7628] bond0: (slave netdevsim0): Releasing backup interface
[  124.924251][ T7628] team0: Port device netdevsim0 added
[  124.931876][ T7631] netlink: 'syz.4.857': attribute type 10 has an invalid length.
[  124.998253][ T7631] team0: Port device netdevsim0 removed
[  125.023535][ T7631] bond0: (slave netdevsim0): Enslaving as an active interface with a down link
[  125.137303][ T7637] netlink: 12 bytes leftover after parsing attributes in process `syz.3.860'.
[  125.147139][ T7643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.862'.
[  125.501831][ T7671] netlink: 'syz.3.872': attribute type 1 has an invalid length.
[  125.556133][ T7674] netlink: 'syz.3.872': attribute type 1 has an invalid length.
[  125.836582][ T7681] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  126.328616][ T7718] syzkaller0: entered promiscuous mode
[  126.334697][ T7718] syzkaller0: entered allmulticast mode
[  126.585362][ T7733] netlink: 'syz.3.895': attribute type 10 has an invalid length.
[  126.598730][ T7726] geneve3: entered promiscuous mode
[  126.604566][ T7726] geneve3: entered allmulticast mode
[  126.703919][ T7735] __nla_validate_parse: 3 callbacks suppressed
[  126.703939][ T7735] netlink: 4 bytes leftover after parsing attributes in process `syz.0.896'.
[  126.722604][ T7739] openvswitch: netlink: Port 8336768 exceeds max allowable 65535
[  126.760181][ T7741] tipc: Started in network mode
[  126.770350][ T7741] tipc: Node identity 7efed50b2bfa, cluster identity 4711
[  126.784528][ T7741] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  126.811191][ T7741] tipc: Resetting bearer <eth:syzkaller0>
[  126.826527][ T7740] tipc: Disabling bearer <eth:syzkaller0>
[  127.096695][ T7752] nbd: socks must be embedded in a SOCK_ITEM attr
[  127.320480][ T5104] Bluetooth: hci0: command 0x0405 tx timeout
[  127.548099][ T7780] netlink: 56 bytes leftover after parsing attributes in process `syz.2.913'.
[  127.583678][ T7777] netlink: 24 bytes leftover after parsing attributes in process `syz.1.908'.
[  127.825698][ T7795] netlink: 16 bytes leftover after parsing attributes in process `syz.3.918'.
[  127.845431][ T7795] netlink: 16 bytes leftover after parsing attributes in process `syz.3.918'.
[  128.024062][ T7803] team0: entered promiscuous mode
[  128.049839][ T7803] team_slave_0: entered promiscuous mode
[  128.079947][ T7803] team_slave_1: entered promiscuous mode
[  128.099379][ T7803] dummy0: entered promiscuous mode
[  128.114187][ T7803] team0: left promiscuous mode
[  128.127945][ T7803] team_slave_0: left promiscuous mode
[  128.134410][ T7803] team_slave_1: left promiscuous mode
[  128.143274][ T7803] dummy0: left promiscuous mode
[  128.167553][ T7802] netlink: 20 bytes leftover after parsing attributes in process `syz.2.919'.
[  128.218915][ T7818] sctp: [Deprecated]: syz.0.921 (pid 7818) Use of struct sctp_assoc_value in delayed_ack socket option.
[  128.218915][ T7818] Use struct sctp_sack_info instead
[  128.339864][ T7824] netlink: 72 bytes leftover after parsing attributes in process `syz.4.923'.
[  128.552614][ T7834] IPVS: Scheduler module ip_vs_sip not found
[  128.629256][ T7843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.929'.
[  128.687774][ T7848] netlink: 'syz.3.930': attribute type 3 has an invalid length.
[  128.705467][ T7848] netlink: 127504 bytes leftover after parsing attributes in process `syz.3.930'.
[  128.745866][ T7849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.864686][ T7858] netlink: 40 bytes leftover after parsing attributes in process `syz.3.935'.
[  128.885398][ T7856] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  129.154266][ T7867] IPVS: Scheduler module ip_vs_sip not found
[  129.324651][ T7875] netlink: 'syz.3.941': attribute type 32 has an invalid length.
[  129.466101][ T7885] netlink: 'syz.3.947': attribute type 2 has an invalid length.
[  129.531639][ T7892] netlink: 'syz.1.948': attribute type 1 has an invalid length.
[  129.599334][ T7895] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.615774][ T7895] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.658856][ T7899] IPVS: Scheduler module ip_vs_sip not found
[  129.708702][ T7901] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.716953][ T7901] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.740196][ T7901] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  129.774691][ T7907] team0: entered promiscuous mode
[  129.784473][ T7907] team_slave_0: entered promiscuous mode
[  129.798288][ T7907] team_slave_1: entered promiscuous mode
[  129.845968][ T7907] team_slave_0: entered allmulticast mode
[  129.863273][ T7907] team0: Port device team_slave_0 removed
[  129.887014][ T7906] team0: left promiscuous mode
[  129.903733][ T7906] team_slave_1: left promiscuous mode
[  129.991457][ T7912] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  130.026142][ T7917] workqueue: name exceeds WQ_NAME_LEN. Truncating to: C|+i!�3�rU&6 b�Oo� '�1©
[  130.086609][ T7917] netlink: 'syz.0.959': attribute type 10 has an invalid length.
[  130.138229][ T7917] team0: Cannot enslave team device to itself
[  130.283905][ T7932] netlink: 'syz.2.963': attribute type 29 has an invalid length.
[  130.325829][ T7932] netlink: 'syz.2.963': attribute type 29 has an invalid length.
[  130.342322][ T7932] netlink: 'syz.2.963': attribute type 29 has an invalid length.
[  130.350451][ T7935] xt_bpf: check failed: parse error
[  130.494209][ T7937] IPVS: Scheduler module ip_vs_sip not found
[  130.724397][ T7943] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.302480][ T7978] syzkaller0: entered promiscuous mode
[  131.320557][ T7978] syzkaller0: entered allmulticast mode
[  131.752042][ T7997] sctp: [Deprecated]: syz.3.987 (pid 7997) Use of struct sctp_assoc_value in delayed_ack socket option.
[  131.752042][ T7997] Use struct sctp_sack_info instead
[  131.932963][ T7999] batman_adv: batadv0: adding TT local entry 4a:c8:93:50:00:00 to non-existent VLAN 2358
[  133.037513][ T7992] team0: entered promiscuous mode
[  133.046906][ T7992] team_slave_0: entered promiscuous mode
[  133.052943][ T7992] team_slave_1: entered promiscuous mode
[  133.058851][ T7992] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  133.066722][ T7992] team0: left promiscuous mode
[  133.074979][ T7992] team_slave_0: left promiscuous mode
[  133.089756][ T7992] team_slave_1: left promiscuous mode
[  133.095534][ T7992] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  133.111067][ T7995] team_slave_0: entered promiscuous mode
[  133.116911][ T7995] team_slave_0: entered allmulticast mode
[  133.135676][ T8009] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  133.145797][ T7995] team0: Port device team_slave_0 removed
[  133.191167][ T8011] __nla_validate_parse: 6 callbacks suppressed
[  133.191187][ T8011] netlink: 4272 bytes leftover after parsing attributes in process `syz.2.993'.
[  133.326318][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  133.612993][ T8041] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1005'.
[  133.645767][ T8043] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1002'.
[  133.663319][ T8046] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1005'.
[  133.785769][ T8041] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1005'.
[  133.788000][ T8044] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1003'.
[  133.807396][ T8044] 0�: renamed from hsr0 (while UP)
[  133.817053][ T8044] 0�: entered allmulticast mode
[  133.848683][ T8044] hsr_slave_0: entered allmulticast mode
[  133.855643][ T8044] hsr_slave_1: entered allmulticast mode
[  133.863153][ T8044] A link change request failed with some changes committed already. Interface 
70� may have been left with an inconsistent configuration, please check.
[  134.004215][ T8051] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1002'.
[  134.020392][ T8041] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1005'.
[  134.773609][ T8090] tipc: Started in network mode
[  134.796122][ T8090] tipc: Node identity 1, cluster identity 4711
[  134.813010][ T8090] tipc: Node number set to 1
[  134.825263][ T8090] tipc: Cannot configure node identity twice
[  135.512609][ T8123] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  135.883769][ T8139] pim6reg1: entered promiscuous mode
[  135.889155][ T8139] pim6reg1: entered allmulticast mode
[  136.119906][ T8146] bridge0: entered promiscuous mode
[  136.130577][ T8146] bridge0: entered allmulticast mode
[  136.272596][ T8150] netlink: 'syz.1.1038': attribute type 4 has an invalid length.
[  136.430114][ T8160] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  136.946353][ T8066] syz.0.1008: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  136.988136][ T8066] CPU: 0 PID: 8066 Comm: syz.0.1008 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  136.998672][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  137.008832][ T8066] Call Trace:
[  137.012131][ T8066]  <TASK>
[  137.015080][ T8066]  dump_stack_lvl+0x241/0x360
[  137.019794][ T8066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.025036][ T8066]  ? __pfx__printk+0x10/0x10
[  137.029670][ T8066]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  137.036124][ T8066]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  137.042672][ T8066]  warn_alloc+0x278/0x410
[  137.047057][ T8066]  ? __pfx_warn_alloc+0x10/0x10
[  137.051959][ T8066]  ? translate_table+0x174/0x2330
[  137.057023][ T8066]  ? __get_vm_area_node+0x23d/0x270
[  137.062527][ T8066]  __vmalloc_node_range_noprof+0x69f/0x1460
[  137.068483][ T8066]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  137.074855][ T8066]  ? rcu_is_watching+0x15/0xb0
[  137.079662][ T8066]  ? trace_kmalloc+0x1f/0xd0
[  137.084302][ T8066]  ? __kmalloc_node_noprof+0x247/0x440
[  137.089795][ T8066]  ? kvmalloc_node_noprof+0x72/0x190
[  137.095128][ T8066]  kvmalloc_node_noprof+0x142/0x190
[  137.100369][ T8066]  ? translate_table+0x174/0x2330
[  137.105430][ T8066]  translate_table+0x174/0x2330
[  137.110441][ T8066]  ? __pfx_translate_table+0x10/0x10
[  137.115769][ T8066]  ? __might_fault+0xaa/0x120
[  137.120670][ T8066]  ? __pfx_lock_release+0x10/0x10
[  137.125734][ T8066]  ? __might_fault+0xaa/0x120
[  137.130438][ T8066]  ? __might_fault+0xc6/0x120
[  137.135151][ T8066]  ? _copy_from_user+0xa6/0xe0
[  137.139945][ T8066]  ? copy_from_sockptr_offset+0x6b/0xb0
[  137.145535][ T8066]  do_ip6t_set_ctl+0xe4c/0x1270
[  137.150419][ T8066]  ? __pfx___might_resched+0x10/0x10
[  137.155737][ T8066]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  137.161065][ T8066]  ? __pfx_lock_release+0x10/0x10
[  137.166139][ T8066]  ? __mutex_unlock_slowpath+0x21d/0x750
[  137.171824][ T8066]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.177867][ T8066]  nf_setsockopt+0x295/0x2c0
[  137.182516][ T8066]  rawv6_setsockopt+0x327/0x740
[  137.187495][ T8066]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  137.192909][ T8066]  ? aa_sock_opt_perm+0x79/0x120
[  137.197890][ T8066]  ? sock_common_setsockopt+0x37/0xc0
[  137.203300][ T8066]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  137.209236][ T8066]  do_sock_setsockopt+0x3af/0x720
[  137.214314][ T8066]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  137.219892][ T8066]  ? __fget_files+0x29/0x470
[  137.224522][ T8066]  ? __fget_files+0x3f6/0x470
[  137.229334][ T8066]  __sys_setsockopt+0x1ae/0x250
[  137.234228][ T8066]  __x64_sys_setsockopt+0xb5/0xd0
[  137.239294][ T8066]  do_syscall_64+0xf3/0x230
[  137.243845][ T8066]  ? clear_bhb_loop+0x35/0x90
[  137.248564][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.254496][ T8066] RIP: 0033:0x7fd7bed75bd9
[  137.258937][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.278654][ T8066] RSP: 002b:00007fd7bfbb2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  137.287107][ T8066] RAX: ffffffffffffffda RBX: 00007fd7bef03f60 RCX: 00007fd7bed75bd9
[  137.295113][ T8066] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  137.303211][ T8066] RBP: 00007fd7bede4e60 R08: 00000000000003d0 R09: 0000000000000000
[  137.311218][ T8066] R10: 0000000020000d40 R11: 0000000000000246 R12: 0000000000000000
[  137.316827][ T8189] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.319196][ T8066] R13: 000000000000004d R14: 00007fd7bef03f60 R15: 00007ffc26d99c28
[  137.319232][ T8066]  </TASK>
[  137.328486][ T8066] Mem-Info:
[  137.343690][ T8066] active_anon:2598 inactive_anon:0 isolated_anon:0
[  137.343690][ T8066]  active_file:1433 inactive_file:38159 isolated_file:0
[  137.343690][ T8066]  unevictable:768 dirty:128 writeback:0
[  137.343690][ T8066]  slab_reclaimable:9139 slab_unreclaimable:98642
[  137.343690][ T8066]  mapped:13035 shmem:1251 pagetables:594
[  137.343690][ T8066]  sec_pagetables:0 bounce:0
[  137.343690][ T8066]  kernel_misc_reclaimable:0
[  137.343690][ T8066]  free:1386955 free_pcp:505 free_cma:0
[  137.426740][ T8066] Node 0 active_anon:10432kB inactive_anon:0kB active_file:5732kB inactive_file:152560kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52136kB dirty:508kB writeback:0kB shmem:3468kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9856kB pagetables:2224kB sec_pagetables:0kB all_unreclaimable? no
[  137.479886][ T8066] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  137.543113][ T8066] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  137.606008][ T8066] lowmem_reserve[]: 0 2571 2571 0 0
[  137.628972][ T8066] Node 0 DMA32 free:1585332kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:10384kB inactive_anon:0kB active_file:5732kB inactive_file:152248kB unevictable:1536kB writepending:508kB present:3129332kB managed:2659880kB mlocked:0kB bounce:0kB free_pcp:2360kB local_pcp:1748kB free_cma:0kB
[  137.660581][ T8066] lowmem_reserve[]: 0 0 0 0 0
[  137.666174][ T8066] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  137.730452][ T8066] lowmem_reserve[]: 0 0 0 0 0
[  137.735265][ T8066] Node 1 Normal free:3947528kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  137.764214][ T8066] lowmem_reserve[]: 0 0 0 0 0
[  137.768985][ T8066] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  137.792545][ T8066] Node 0 DMA32: 2*4kB (UE) 45*8kB (ME) 136*16kB (UME) 116*32kB (UME) 66*64kB (UME) 28*128kB (ME) 62*256kB (UM) 36*512kB (UME) 17*1024kB (UM) 10*2048kB (UME) 366*4096kB (UM) = 1585392kB
[  137.841231][ T8066] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  137.869637][ T8066] Node 1 Normal: 2*4kB (UM) 4*8kB (UM) 6*16kB (UM) 8*32kB (UM) 8*64kB (U) 5*128kB (U) 4*256kB (UM) 5*512kB (UM) 2*1024kB (U) 2*2048kB (U) 961*4096kB (M) = 3947528kB
[  137.900669][ T8066] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  137.932018][ T8066] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  137.955994][ T8066] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  137.973446][ T8066] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  137.974717][ T8232] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1073'.
[  137.987998][ T8066] 40843 total pagecache pages
[  138.005385][ T8066] 0 pages in swap cache
[  138.010362][ T8066] Free swap  = 124996kB
[  138.037790][ T8066] Total swap = 124996kB
[  138.049710][ T8066] 2097051 pages RAM
[  138.060701][ T8066] 0 pages HighMem/MovableOnly
[  138.067115][ T8066] 400871 pages reserved
[  138.081064][ T8066] 0 pages cma reserved
[  138.934056][ T8285] lo: entered allmulticast mode
[  139.871034][ T8321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1107'.
[  141.028058][ T8415] syz.2.1142[8415] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.032744][ T8415] syz.2.1142[8415] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.218625][ T8475] netlink: 'syz.2.1171': attribute type 10 has an invalid length.
[  142.254640][ T8475] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1171'.
[  142.386750][ T8475] veth0_vlan: left promiscuous mode
[  142.425602][ T8475] veth0_vlan: entered promiscuous mode
[  142.476555][ T8475] team0: Device veth0_vlan failed to register rx_handler
[  142.600673][ T8475] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  143.431744][ T8537] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1200'.
[  143.734034][ T8555] netlink: 'syz.1.1208': attribute type 33 has an invalid length.
[  143.746616][ T8555] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1208'.
[  143.760583][ T8558] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1206'.
[  143.905420][ T8558] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1206'.
[  144.534406][ T8591] netlink: 'syz.1.1223': attribute type 33 has an invalid length.
[  144.569594][ T8591] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1223'.
[  145.246395][ T8632] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1239'.
[  145.276348][ T8633] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1237'.
[  145.504946][ T8633] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1237'.
[  145.531864][ T8645] tun0: tun_chr_ioctl cmd 2148553947
[  145.537402][ T8636] tun0: tun_chr_ioctl cmd 2148553947
[  145.570942][ T8652] netlink: 'syz.1.1247': attribute type 4 has an invalid length.
[  145.585871][ T8652] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1247'.
[  145.873643][ T8670] netlink: 'syz.3.1252': attribute type 2 has an invalid length.
[  146.073570][ T8682] netlink: 'syz.2.1256': attribute type 10 has an invalid length.
[  146.104765][ T8682] geneve0: entered promiscuous mode
[  146.273166][ T8695] netlink: 'syz.2.1260': attribute type 2 has an invalid length.
[  146.307234][ T8695] netlink: 'syz.2.1260': attribute type 1 has an invalid length.
[  146.890605][ T8724] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1271'.
[  146.919092][ T8725] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1272'.
[  147.015532][ T8735] xt_l2tp: missing protocol rule (udp|l2tpip)
[  147.253707][ T8747] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1277'.
[  147.310002][ T8750] syzkaller1: entered promiscuous mode
[  147.319872][ T8750] syzkaller1: entered allmulticast mode
[  147.438895][ T8741] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1277'.
[  148.099711][ T8771] xt_CT: No such helper "snmp_trap"
[  148.125705][ T8774] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1287'.
[  148.260379][ T8774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1287'.
[  148.340603][ T8789] netlink: 'syz.2.1292': attribute type 11 has an invalid length.
[  148.387821][ T8789] netlink: 'syz.2.1292': attribute type 11 has an invalid length.
[  148.407189][ T8789] debugfs: Directory 'netdev:' with parent 'phy7' already present!
[  148.539030][ T8803] netlink: 'syz.3.1296': attribute type 2 has an invalid length.
[  148.661252][ T8815] netlink: 'syz.4.1301': attribute type 1 has an invalid length.
[  149.106326][ T8836] atomic_op ffff88802c305998 conn xmit_atomic 0000000000000000
[  149.478164][ T8855] netlink: 'syz.2.1317': attribute type 8 has an invalid length.
[  149.648026][ T8854] netlink: 'syz.2.1317': attribute type 8 has an invalid length.
[  150.448970][ T8910] __nla_validate_parse: 12 callbacks suppressed
[  150.448989][ T8910] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1333'.
[  150.681331][ T8929] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1337'.
[  150.931838][ T8935] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1341'.
[  151.255426][ T8951] netlink: 'syz.1.1346': attribute type 21 has an invalid length.
[  151.424296][ T8956] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1350'.
[  151.463088][ T8956] FAULT_INJECTION: forcing a failure.
[  151.463088][ T8956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.478892][ T8921] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1337'.
[  151.498750][ T8956] CPU: 1 PID: 8956 Comm: syz.1.1350 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  151.508905][ T8956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  151.518961][ T8956] Call Trace:
[  151.522237][ T8956]  <TASK>
[  151.525162][ T8956]  dump_stack_lvl+0x241/0x360
[  151.529853][ T8956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.535054][ T8956]  ? __pfx__printk+0x10/0x10
[  151.539669][ T8956]  ? snprintf+0xda/0x120
[  151.543919][ T8956]  should_fail_ex+0x3b0/0x4e0
[  151.548636][ T8956]  _copy_to_user+0x2f/0xb0
[  151.553052][ T8956]  simple_read_from_buffer+0xca/0x150
[  151.558426][ T8956]  proc_fail_nth_read+0x1e9/0x250
[  151.563534][ T8956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.569080][ T8956]  ? rw_verify_area+0x520/0x6b0
[  151.573929][ T8956]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.579474][ T8956]  vfs_read+0x204/0xbc0
[  151.583631][ T8956]  ? __pfx_lock_release+0x10/0x10
[  151.588656][ T8956]  ? __pfx_vfs_read+0x10/0x10
[  151.593333][ T8956]  ? __fget_files+0x29/0x470
[  151.597920][ T8956]  ? __fget_files+0x3f6/0x470
[  151.602604][ T8956]  ksys_read+0x1a0/0x2c0
[  151.606853][ T8956]  ? __pfx_ksys_read+0x10/0x10
[  151.611659][ T8956]  ? do_syscall_64+0x100/0x230
[  151.616428][ T8956]  ? do_syscall_64+0xb6/0x230
[  151.621106][ T8956]  do_syscall_64+0xf3/0x230
[  151.625611][ T8956]  ? clear_bhb_loop+0x35/0x90
[  151.630289][ T8956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.636191][ T8956] RIP: 0033:0x7ff70d3746bc
[  151.640629][ T8956] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  151.660243][ T8956] RSP: 002b:00007ff70e0fa040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.668658][ T8956] RAX: ffffffffffffffda RBX: 00007ff70d504038 RCX: 00007ff70d3746bc
[  151.676623][ T8956] RDX: 000000000000000f RSI: 00007ff70e0fa0b0 RDI: 0000000000000007
[  151.684588][ T8956] RBP: 00007ff70e0fa0a0 R08: 0000000000000000 R09: 0000000000000000
[  151.692572][ T8956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.700538][ T8956] R13: 000000000000006e R14: 00007ff70d504038 R15: 00007ffe459a4dd8
[  151.708521][ T8956]  </TASK>
[  152.171074][ T8977] netlink: 'syz.3.1356': attribute type 4 has an invalid length.
[  152.283589][ T8976] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1357'.
[  152.779100][ T9001] netlink: 'syz.3.1364': attribute type 8 has an invalid length.
[  152.956092][ T9017] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1368'.
[  153.100948][ T9026] smc: net device ip6_vti0 applied user defined pnetid SYZ0
[  153.165664][ T9032] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1375'.
[  153.373132][ T9046] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1379'.
[  153.565335][ T9051] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1381'.
[  153.573490][ T9054] netlink: 'syz.1.1382': attribute type 3 has an invalid length.
[  153.721728][ T9058] netlink: 'syz.1.1385': attribute type 10 has an invalid length.
[  153.754032][ T9057] netlink: 'syz.4.1383': attribute type 11 has an invalid length.
[  153.809725][ T9057] netem: change failed
[  153.834348][ T9066] netlink: 'syz.0.1386': attribute type 10 has an invalid length.
[  154.156691][ T9087] netlink: 'syz.4.1393': attribute type 6 has an invalid length.
[  154.176117][ T9086] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  154.263620][ T9091] IPVS: sync thread started: state = BACKUP, mcast_ifn = macsec0, syncid = 0, id = 0
[  154.263678][ T9081] IPVS: stopping backup sync thread 9091 ...
[  154.630866][ T5140] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.834407][ T9130] netlink: 'syz.2.1413': attribute type 1 has an invalid length.
[  155.229432][ T9152] netlink: 'syz.4.1422': attribute type 10 has an invalid length.
[  155.251845][ T9154] netlink: 'syz.1.1423': attribute type 9 has an invalid length.
[  155.262010][ T9152] team0: Port device dummy0 added
[  155.471107][ T9163] team_slave_0: left promiscuous mode
[  155.501537][ T9163] team_slave_0: left allmulticast mode
[  155.520380][ T9169] __nla_validate_parse: 8 callbacks suppressed
[  155.520399][ T9169] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1428'.
[  155.551431][ T9172] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1426'.
[  155.818677][ T9181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1431'.
[  155.858330][ T9181] 
[  155.860809][ T9181] ======================================================
[  155.867853][ T9181] WARNING: possible circular locking dependency detected
[  155.874881][ T9181] 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0 Not tainted
[  155.882081][ T9181] ------------------------------------------------------
[  155.889100][ T9181] syz.2.1431/9181 is trying to acquire lock:
[  155.895112][ T9181] ffff888011ec8218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#2){+...}-{2:2}, at: __dev_queue_xmit+0x22f5/0x3d30
[  155.907298][ T9181] 
[  155.907298][ T9181] but task is already holding lock:
[  155.914650][ T9181] ffff888063c5ecd8 (&qdisc_xmit_lock_key#3){+.-.}-{2:2}, at: sch_direct_xmit+0x1c4/0x5f0
[  155.924508][ T9181] 
[  155.924508][ T9181] which lock already depends on the new lock.
[  155.924508][ T9181] 
[  155.934912][ T9181] 
[  155.934912][ T9181] the existing dependency chain (in reverse order) is:
[  155.943927][ T9181] 
[  155.943927][ T9181] -> #1 (&qdisc_xmit_lock_key#3){+.-.}-{2:2}:
[  155.952190][ T9181]        lock_acquire+0x1ed/0x550
[  155.957216][ T9181]        _raw_spin_lock+0x2e/0x40
[  155.962330][ T9181]        sch_direct_xmit+0x1c4/0x5f0
[  155.967698][ T9181]        __dev_queue_xmit+0x1a24/0x3d30
[  155.973248][ T9181]        ip6_finish_output2+0xff8/0x1670
[  155.978879][ T9181]        ip6_finish_output+0x41e/0x810
[  155.984353][ T9181]        NF_HOOK+0x9e/0x430
[  155.988881][ T9181]        mld_sendpack+0x838/0xda0
[  155.993911][ T9181]        mld_ifc_work+0x7d6/0xd90
[  155.998937][ T9181]        process_scheduled_works+0xa2c/0x1830
[  156.005089][ T9181]        worker_thread+0x86d/0xd50
[  156.010199][ T9181]        kthread+0x2f0/0x390
[  156.014780][ T9181]        ret_from_fork+0x4b/0x80
[  156.019710][ T9181]        ret_from_fork_asm+0x1a/0x30
[  156.025019][ T9181] 
[  156.025019][ T9181] -> #0 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#2){+...}-{2:2}:
[  156.035373][ T9181]        validate_chain+0x18e0/0x5900
[  156.040751][ T9181]        __lock_acquire+0x1346/0x1fd0
[  156.046136][ T9181]        lock_acquire+0x1ed/0x550
[  156.051177][ T9181]        _raw_spin_lock+0x2e/0x40
[  156.056216][ T9181]        __dev_queue_xmit+0x22f5/0x3d30
[  156.061777][ T9181]        ip6_finish_output2+0xff8/0x1670
[  156.067418][ T9181]        ip6_finish_output+0x41e/0x810
[  156.072877][ T9181]        ndisc_send_skb+0xab0/0x1380
[  156.078177][ T9181]        ndisc_solicit+0x493/0x6a0
[  156.083464][ T9181]        __neigh_event_send+0xec8/0x15a0
[  156.089088][ T9181]        neigh_resolve_output+0x1b5/0x740
[  156.094800][ T9181]        ip6_finish_output2+0xff8/0x1670
[  156.100427][ T9181]        ip6_finish_output+0x41e/0x810
[  156.105881][ T9181]        ip6_send_skb+0x112/0x230
[  156.110922][ T9181]        icmp6_send+0x15fc/0x2070
[  156.115952][ T9181]        ip6_link_failure+0x3c/0x4f0
[  156.121235][ T9181]        ip_tunnel_xmit+0x164f/0x2940
[  156.126608][ T9181]        __gre_xmit+0x1cf/0x260
[  156.131449][ T9181]        erspan_xmit+0xaba/0x1310
[  156.136467][ T9181]        dev_hard_start_xmit+0x27a/0x7e0
[  156.142095][ T9181]        sch_direct_xmit+0x2b6/0x5f0
[  156.147376][ T9181]        __qdisc_run+0xbfd/0x2170
[  156.152400][ T9181]        __dev_queue_xmit+0x14f0/0x3d30
[  156.157940][ T9181]        ip6_finish_output2+0xff8/0x1670
[  156.163910][ T9181]        ip6_finish_output+0x41e/0x810
[  156.169365][ T9181]        rawv6_send_hdrinc+0xb79/0x1610
[  156.174961][ T9181]        rawv6_sendmsg+0x1962/0x23c0
[  156.180267][ T9181]        __sock_sendmsg+0x1a6/0x270
[  156.185467][ T9181]        ____sys_sendmsg+0x525/0x7d0
[  156.190767][ T9181]        __sys_sendmsg+0x2b0/0x3a0
[  156.196043][ T9181]        do_syscall_64+0xf3/0x230
[  156.201060][ T9181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.207475][ T9181] 
[  156.207475][ T9181] other info that might help us debug this:
[  156.207475][ T9181] 
[  156.217688][ T9181]  Possible unsafe locking scenario:
[  156.217688][ T9181] 
[  156.225320][ T9181]        CPU0                    CPU1
[  156.230691][ T9181]        ----                    ----
[  156.236041][ T9181]   lock(&qdisc_xmit_lock_key#3);
[  156.241082][ T9181]                                lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#2);
[  156.250906][ T9181]                                lock(&qdisc_xmit_lock_key#3);
[  156.258468][ T9181]   lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock#2);
[  156.265668][ T9181] 
[  156.265668][ T9181]  *** DEADLOCK ***
[  156.265668][ T9181] 
[  156.274182][ T9181] 10 locks held by syz.2.1431/9181:
[  156.279662][ T9181]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: rawv6_send_hdrinc+0x9df/0x1610
[  156.289431][ T9181]  #1: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: ip6_finish_output2+0x712/0x1670
[  156.299268][ T9181]  #2: ffffffff8e333f80 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d2/0x3d30
[  156.309191][ T9181]  #3: ffff888063c5ecd8 (&qdisc_xmit_lock_key#3){+.-.}-{2:2}, at: sch_direct_xmit+0x1c4/0x5f0
[  156.319460][ T9181]  #4: ffff88802aa381d8 (k-slock-AF_INET6){+.-.}-{2:2}, at: icmp6_send+0xc45/0x2070
[  156.328883][ T9181]  #5: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: icmp6_send+0xba4/0x2070
[  156.338034][ T9181]  #6: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: ip6_finish_output2+0x712/0x1670
[  156.347870][ T9181]  #7: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: ndisc_send_skb+0x572/0x1380
[  156.357540][ T9181]  #8: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: ip6_finish_output2+0x712/0x1670
[  156.367382][ T9181]  #9: ffffffff8e333f80 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d2/0x3d30
[  156.377478][ T9181] 
[  156.377478][ T9181] stack backtrace:
[  156.383442][ T9181] CPU: 0 PID: 9181 Comm: syz.2.1431 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  156.393497][ T9181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  156.403560][ T9181] Call Trace:
[  156.406869][ T9181]  <TASK>
[  156.409811][ T9181]  dump_stack_lvl+0x241/0x360
[  156.414588][ T9181]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.419877][ T9181]  ? print_circular_bug+0x130/0x1a0
[  156.425080][ T9181]  check_noncircular+0x36a/0x4a0
[  156.430020][ T9181]  ? __pfx_check_noncircular+0x10/0x10
[  156.435475][ T9181]  ? __bfs+0x368/0x6f0
[  156.439541][ T9181]  ? __pfx_usage_skip+0x10/0x10
[  156.444409][ T9181]  validate_chain+0x18e0/0x5900
[  156.449268][ T9181]  ? __pfx_validate_chain+0x10/0x10
[  156.454487][ T9181]  ? __pfx_validate_chain+0x10/0x10
[  156.459926][ T9181]  ? register_lock_class+0x102/0x980
[  156.465207][ T9181]  ? __pfx_register_lock_class+0x10/0x10
[  156.470846][ T9181]  ? mark_lock+0x9a/0x350
[  156.475172][ T9181]  __lock_acquire+0x1346/0x1fd0
[  156.480111][ T9181]  lock_acquire+0x1ed/0x550
[  156.484607][ T9181]  ? __dev_queue_xmit+0x22f5/0x3d30
[  156.489818][ T9181]  ? __pfx_lock_acquire+0x10/0x10
[  156.494834][ T9181]  ? __pfx_lock_acquire+0x10/0x10
[  156.499851][ T9181]  ? rcu_lockdep_current_cpu_online+0x37/0x120
[  156.506001][ T9181]  ? rcu_read_lock_bh_held+0x7e/0x120
[  156.511369][ T9181]  ? __pfx_rcu_read_lock_bh_held+0x10/0x10
[  156.517175][ T9181]  _raw_spin_lock+0x2e/0x40
[  156.521840][ T9181]  ? __dev_queue_xmit+0x22f5/0x3d30
[  156.527149][ T9181]  __dev_queue_xmit+0x22f5/0x3d30
[  156.532207][ T9181]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  156.538549][ T9181]  ? read_seqbegin+0x157/0x2b0
[  156.543311][ T9181]  ? __dev_queue_xmit+0x2d2/0x3d30
[  156.548422][ T9181]  ? read_seqbegin+0x208/0x2b0
[  156.553188][ T9181]  ? __pfx___dev_queue_xmit+0x10/0x10
[  156.558567][ T9181]  ? neigh_resolve_output+0x2e5/0x740
[  156.563942][ T9181]  ? eth_header+0x11c/0x1f0
[  156.568475][ T9181]  ? __asan_memcpy+0x40/0x70
[  156.573509][ T9181]  ? eth_header+0x11c/0x1f0
[  156.578010][ T9181]  ? __pfx_eth_header+0x10/0x10
[  156.582854][ T9181]  ? neigh_resolve_output+0x61f/0x740
[  156.588233][ T9181]  ip6_finish_output2+0xff8/0x1670
[  156.593355][ T9181]  ? ip6_finish_output2+0x712/0x1670
[  156.598641][ T9181]  ? nf_hook+0x9e/0x450
[  156.602794][ T9181]  ? __pfx_ip6_finish_output2+0x10/0x10
[  156.608342][ T9181]  ? ip6_mtu+0x81/0x3f0
[  156.612518][ T9181]  ip6_finish_output+0x41e/0x810
[  156.617502][ T9181]  ndisc_send_skb+0xab0/0x1380
[  156.622275][ T9181]  ? ndisc_send_skb+0x572/0x1380
[  156.627207][ T9181]  ? skb_clone+0x121/0x390
[  156.631624][ T9181]  ? __pfx_ndisc_send_skb+0x10/0x10
[  156.636836][ T9181]  ? __pfx_dst_output+0x10/0x10
[  156.641783][ T9181]  ? __asan_memcpy+0x40/0x70
[  156.646376][ T9181]  ? __pfx_ndisc_ns_create+0x10/0x10
[  156.651658][ T9181]  ndisc_solicit+0x493/0x6a0
[  156.656247][ T9181]  ? __pfx_ndisc_solicit+0x10/0x10
[  156.661360][ T9181]  ? __skb_clone+0x454/0x6c0
[  156.665954][ T9181]  ? __pfx_ndisc_solicit+0x10/0x10
[  156.671066][ T9181]  __neigh_event_send+0xec8/0x15a0
[  156.676186][ T9181]  neigh_resolve_output+0x1b5/0x740
[  156.681472][ T9181]  ? __ipv6_neigh_lookup_noref+0x533/0x730
[  156.687288][ T9181]  ip6_finish_output2+0xff8/0x1670
[  156.692398][ T9181]  ? ip6_finish_output2+0x712/0x1670
[  156.697673][ T9181]  ? nf_hook+0x9e/0x450
[  156.701824][ T9181]  ? __pfx_ip6_finish_output2+0x10/0x10
[  156.707629][ T9181]  ? ip6_mtu+0x81/0x3f0
[  156.711782][ T9181]  ip6_finish_output+0x41e/0x810
[  156.716837][ T9181]  ip6_send_skb+0x112/0x230
[  156.721354][ T9181]  ? icmp6_send+0xba4/0x2070
[  156.726035][ T9181]  icmp6_send+0x15fc/0x2070
[  156.730543][ T9181]  ? icmp6_send+0xba4/0x2070
[  156.735216][ T9181]  ? __pfx_icmp6_send+0x10/0x10
[  156.740320][ T9181]  ? inet6_set_link_af+0xc80/0xc80
[  156.745425][ T9181]  ? __pfx_lock_release+0x10/0x10
[  156.750449][ T9181]  ? ip6_neigh_lookup+0x44b/0x580
[  156.755473][ T9181]  ? __pfx_ip6_neigh_lookup+0x10/0x10
[  156.760849][ T9181]  ? do_syscall_64+0xf3/0x230
[  156.765529][ T9181]  ip6_link_failure+0x3c/0x4f0
[  156.770292][ T9181]  ? dst_link_failure+0x107/0x160
[  156.775343][ T9181]  ip_tunnel_xmit+0x164f/0x2940
[  156.780470][ T9181]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  156.785680][ T9181]  ? gre_build_header+0x341/0xb30
[  156.790702][ T9181]  ? skb_release_data+0x2b5/0x880
[  156.795726][ T9181]  ? __pfx_gre_build_header+0x10/0x10
[  156.801355][ T9181]  ? pskb_expand_head+0xc89/0x1390
[  156.806465][ T9181]  __gre_xmit+0x1cf/0x260
[  156.810796][ T9181]  ? __pfx___gre_xmit+0x10/0x10
[  156.815825][ T9181]  ? erspan_build_header+0x174/0x360
[  156.821111][ T9181]  erspan_xmit+0xaba/0x1310
[  156.825705][ T9181]  ? __pfx_erspan_xmit+0x10/0x10
[  156.830985][ T9181]  ? dev_queue_xmit_nit+0x2b/0xc10
[  156.836106][ T9181]  dev_hard_start_xmit+0x27a/0x7e0
[  156.841222][ T9181]  sch_direct_xmit+0x2b6/0x5f0
[  156.845986][ T9181]  ? __pfx_sch_direct_xmit+0x10/0x10
[  156.851359][ T9181]  __qdisc_run+0xbfd/0x2170
[  156.855856][ T9181]  ? do_raw_spin_lock+0x14f/0x370
[  156.860882][ T9181]  ? skbprio_enqueue+0x72f/0x1130
[  156.865996][ T9181]  __dev_queue_xmit+0x14f0/0x3d30
[  156.871037][ T9181]  ? read_seqbegin+0x157/0x2b0
[  156.875798][ T9181]  ? __dev_queue_xmit+0x2d2/0x3d30
[  156.880911][ T9181]  ? read_seqbegin+0x208/0x2b0
[  156.885705][ T9181]  ? __pfx___dev_queue_xmit+0x10/0x10
[  156.891181][ T9181]  ? neigh_resolve_output+0x2e5/0x740
[  156.896561][ T9181]  ? eth_header+0x11c/0x1f0
[  156.901148][ T9181]  ? __asan_memcpy+0x40/0x70
[  156.905735][ T9181]  ? eth_header+0x11c/0x1f0
[  156.910324][ T9181]  ? __pfx_eth_header+0x10/0x10
[  156.915252][ T9181]  ? neigh_resolve_output+0x61f/0x740
[  156.920628][ T9181]  ip6_finish_output2+0xff8/0x1670
[  156.925744][ T9181]  ? ip6_finish_output2+0x712/0x1670
[  156.931021][ T9181]  ? nf_hook+0x9e/0x450
[  156.935204][ T9181]  ? __pfx_ip6_finish_output2+0x10/0x10
[  156.940777][ T9181]  ? ip6_mtu+0x81/0x3f0
[  156.944949][ T9181]  ip6_finish_output+0x41e/0x810
[  156.949899][ T9181]  ? rawv6_send_hdrinc+0x9df/0x1610
[  156.955140][ T9181]  rawv6_send_hdrinc+0xb79/0x1610
[  156.960788][ T9181]  ? __pfx_rawv6_send_hdrinc+0x10/0x10
[  156.966254][ T9181]  ? ip6_dst_lookup_flow+0x13e/0x180
[  156.971622][ T9181]  ? __pfx_dst_output+0x10/0x10
[  156.976472][ T9181]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  156.982118][ T9181]  ? aa_label_sk_perm+0x4f0/0x6d0
[  156.987236][ T9181]  ? rawv6_sendmsg+0xef9/0x23c0
[  156.992129][ T9181]  rawv6_sendmsg+0x1962/0x23c0
[  156.996897][ T9181]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  157.002009][ T9181]  ? aa_sk_perm+0x967/0xab0
[  157.006520][ T9181]  ? inet_sendmsg+0x330/0x390
[  157.011214][ T9181]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  157.016600][ T9181]  ? security_socket_sendmsg+0x87/0xb0
[  157.022123][ T9181]  __sock_sendmsg+0x1a6/0x270
[  157.026808][ T9181]  ____sys_sendmsg+0x525/0x7d0
[  157.031580][ T9181]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.036867][ T9181]  __sys_sendmsg+0x2b0/0x3a0
[  157.041455][ T9181]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.046568][ T9181]  ? rawv6_setsockopt+0x432/0x740
[  157.051613][ T9181]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  157.057937][ T9181]  ? do_syscall_64+0x100/0x230
[  157.062703][ T9181]  ? do_syscall_64+0xb6/0x230
[  157.067394][ T9181]  do_syscall_64+0xf3/0x230
[  157.071968][ T9181]  ? clear_bhb_loop+0x35/0x90
[  157.076769][ T9181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.082678][ T9181] RIP: 0033:0x7f07c2d75bd9
[  157.087105][ T9181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.106720][ T9181] RSP: 002b:00007f07c3c33048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  157.115222][ T9181] RAX: ffffffffffffffda RBX: 00007f07c2f03f60 RCX: 00007f07c2d75bd9
[  157.123190][ T9181] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000a
[  157.131161][ T9181] RBP: 00007f07c2de4e60 R08: 0000000000000000 R09: 0000000000000000
[  157.139300][ T9181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.147352][ T9181] R13: 000000000000000b R14: 00007f07c2f03f60 R15: 00007ffc8ea2a428
[  157.155330][ T9181]  </TASK>
[  157.193149][ T9187] netlink: 'syz.0.1435': attribute type 10 has an invalid length.
[  157.200191][ T9181] syz.2.1431 (9181) used greatest stack depth: 17680 bytes left