last executing test programs:

1m54.561338216s ago: executing program 3 (id=1325):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000180)=0x1, 0x4) (async)
getsockopt$inet6_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000040)) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000d6090000000000000063019800000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

1m54.477197776s ago: executing program 3 (id=1328):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r3, 0x0, 0x7e, 0xdf, &(0x7f00000000c0)="f311cb958119c24bf41d20164c17efb564fe74499ea8851249db153d3e4ec9ec8af56c83556d08ff46753479adf4449ccacfdf93d46cfa4303a3fdea0956ef5508e8ae07c655388490adff4c1d06b01cb85914dd6a648e2c1b4686f20c9da0813a323c22394353ae27ed0b53738f28f6078ae2ea524ec28f88a442a48061", &(0x7f0000000380)=""/223, 0x4, 0x0, 0x0, 0xe6, &(0x7f0000000180), &(0x7f0000000480)="6fdd36da607061f934a4032ab4fc47269a794b6517d0886eadd0a3aa2689b6007c0694b14f77fdfd9e5ba28494b2aeac70332bddb7d2140f92294b3adb2d9b64cab9c5336567ec874fb951b2039e4bef24bf501be9ee1b5db10412d2640e2658be9ede1dae9ef385e1bf123402e315e9d27f965681fc7bc21dfd688e2562ef523e4f13dedfe364b494cd7f2c2730150c23da9a7f9f9f13ab9c85e2fb3eeacab88827a8dbb46dd27d3121369e333791449c0c06826698adf87e1961fd9afab56f63627a5bb5120014df5597fd3169788f1817c2990f8576f3ac31cfc1ac3639832d19decfb18e", 0x6}, 0x50)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000140)={0x38, r2, 0x8d61ddcfedb48df, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x8001}]}]}, 0x38}}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x80000}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x8, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket(0x28, 0x1, 0x0)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r6, &(0x7f0000000080), 0x12)
close(r6)
getsockname$packet(r5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4)

1m54.33582444s ago: executing program 3 (id=1332):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x9) (async)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) (async)
getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, 0x0, &(0x7f0000000480))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x800)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xb, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYBLOB='\a'], 0x10) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r5}, 0x20)
sendmmsg$inet6(r5, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000180), 0x1}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000009c0)='.', 0xc400}], 0x7}}], 0x44, 0x0)
accept4(r2, 0x0, 0x0, 0x80000)

1m54.061234012s ago: executing program 3 (id=1337):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c000000130001c3000000000000000100000800", @ANYRES32=r1, @ANYBLOB="0000d400000000000a0001"], 0x2c}}, 0x0)

1m53.981545817s ago: executing program 3 (id=1339):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xffe, &(0x7f0000000580)={&(0x7f0000001680)=ANY=[@ANYBLOB="580100001000030400"/20, @ANYRES32=0x0, @ANYBLOB="15020000000000003001128009000100766c616e000000002001028006000100000000001c0004800c00010032d10000ffff00000c000100ae0200009e000000700004800c00010009000000010000e29b5d2a0008000000010100000c000100f8ffffff080000000c00010006000000040000000c00010007000000010000800c00010005000000060000000c00010001000000000000000c000100910a00000d0000000c0001000e00000032000000880003800c002100060000000c0000000c00010003000000400000000c00010004000000ffffffff0c00010002000000110000000c00010001000000020000000c0001000b000000270000000c000100ffff00005f0200000c000100ffffffff030000000c00010001000000030000000c00010000000000018000000c000100090000000900000008000500", @ANYRES8=r0], 0x158}, 0x1, 0xba01}, 0x44)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m53.846645933s ago: executing program 3 (id=1342):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="6961ed1753d8efc342ea850d5ad8109bdab73846d8d75acb9e5f1f154abe4955503d4526601b3327d5e6c812f2de1722143b737d9d7e1c9fdf7f01a17108c7b5b4d7a78bf67bc2afbad59580531ab5dbd2abf57d782f5f0b2c8f8b1f5a", 0x5d}, {&(0x7f0000000300)="8c4088b97d6617d315bc12c3ab6b6db57c61768250b496bd87e807b6af308d3baf919797610daa8171eeafd5de25d4e91d31427435e05a3c763a4ec7cb9466b0df", 0x41}], 0x2}, 0x4048001)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc)
setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x2, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=@newsa={0x14c, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in6=@local}, {@in6=@private1, 0x0, 0x33}, @in6=@local, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x5c, 0x14, {{'cmac(aes)\x00'}, 0x80, 0x0, "3509fe8fd57fd44aa5074c50bc700e53"}}]}, 0x14c}}, 0x0)
socket$key(0xf, 0x3, 0x2) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'}) (async)
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="6961ed1753d8efc342ea850d5ad8109bdab73846d8d75acb9e5f1f154abe4955503d4526601b3327d5e6c812f2de1722143b737d9d7e1c9fdf7f01a17108c7b5b4d7a78bf67bc2afbad59580531ab5dbd2abf57d782f5f0b2c8f8b1f5a", 0x5d}, {&(0x7f0000000300)="8c4088b97d6617d315bc12c3ab6b6db57c61768250b496bd87e807b6af308d3baf919797610daa8171eeafd5de25d4e91d31427435e05a3c763a4ec7cb9466b0df", 0x41}], 0x2}, 0x4048001) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0xcc) (async)
setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x2, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10) (async)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r5, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) (async)
accept4(r5, 0x0, 0x0, 0x0) (async)
sendmmsg$alg(r6, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r6) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=@newsa={0x14c, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in6=@local}, {@in6=@private1, 0x0, 0x33}, @in6=@local, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x5c, 0x14, {{'cmac(aes)\x00'}, 0x80, 0x0, "3509fe8fd57fd44aa5074c50bc700e53"}}]}, 0x14c}}, 0x0) (async)

1m38.095151571s ago: executing program 32 (id=1342):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="6961ed1753d8efc342ea850d5ad8109bdab73846d8d75acb9e5f1f154abe4955503d4526601b3327d5e6c812f2de1722143b737d9d7e1c9fdf7f01a17108c7b5b4d7a78bf67bc2afbad59580531ab5dbd2abf57d782f5f0b2c8f8b1f5a", 0x5d}, {&(0x7f0000000300)="8c4088b97d6617d315bc12c3ab6b6db57c61768250b496bd87e807b6af308d3baf919797610daa8171eeafd5de25d4e91d31427435e05a3c763a4ec7cb9466b0df", 0x41}], 0x2}, 0x4048001)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc)
setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x2, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=@newsa={0x14c, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in6=@local}, {@in6=@private1, 0x0, 0x33}, @in6=@local, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x5c, 0x14, {{'cmac(aes)\x00'}, 0x80, 0x0, "3509fe8fd57fd44aa5074c50bc700e53"}}]}, 0x14c}}, 0x0)
socket$key(0xf, 0x3, 0x2) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'}) (async)
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="6961ed1753d8efc342ea850d5ad8109bdab73846d8d75acb9e5f1f154abe4955503d4526601b3327d5e6c812f2de1722143b737d9d7e1c9fdf7f01a17108c7b5b4d7a78bf67bc2afbad59580531ab5dbd2abf57d782f5f0b2c8f8b1f5a", 0x5d}, {&(0x7f0000000300)="8c4088b97d6617d315bc12c3ab6b6db57c61768250b496bd87e807b6af308d3baf919797610daa8171eeafd5de25d4e91d31427435e05a3c763a4ec7cb9466b0df", 0x41}], 0x2}, 0x4048001) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0xcc) (async)
setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x2, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10) (async)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r5, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) (async)
accept4(r5, 0x0, 0x0, 0x0) (async)
sendmmsg$alg(r6, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r6) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=@newsa={0x14c, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in6=@local}, {@in6=@private1, 0x0, 0x33}, @in6=@local, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x5c, 0x14, {{'cmac(aes)\x00'}, 0x80, 0x0, "3509fe8fd57fd44aa5074c50bc700e53"}}]}, 0x14c}}, 0x0) (async)

1m6.714231143s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

54.910697822s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

40.90987504s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

31.516925958s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

21.174190919s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

10.498387579s ago: executing program 2 (id=391):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x28}}, 0x0) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xe80, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

2.368115539s ago: executing program 1 (id=2464):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x4004000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040), 0x6)
bind$bt_hci(r4, &(0x7f0000000400)={0x1f, 0xffffffffffffffff}, 0x6)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r6 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r7=>0x0})
socket$packet(0x11, 0x2, 0x300)
r8 = accept(0xffffffffffffffff, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f0000000100)=0x80)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r8, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="20002bbd7000dd2503001e00004965778699414b42"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000140), r9)
sendmsg$NET_DM_CMD_STOP(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r10, 0x1, 0x70bd2c, 0x25dfdbff, {}, [""]}, 0x14}}, 0x800)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), r9)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r9, &(0x7f00000005c0)={&(0x7f00000004c0), 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r11, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000011)
sendmsg$NET_DM_CMD_STOP(r9, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x14, r10, 0x20, 0x70bd29, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040000}, 0x40)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000007c0)={0x3c, r5, 0xb97534d5fe9704cf, 0x0, 0xfffffff9, {{0x12}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x63d2, 0x73}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}]}, 0x3c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.986391586s ago: executing program 0 (id=2469):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000640)={0x1, &(0x7f0000000680)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xf, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x40}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x4c, 0x14, {0xfffffff0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)

1.878048276s ago: executing program 0 (id=2473):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x30, 0x10, 0x200, 0x0, 0x0, {}, [@IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x5ad35}, @IFLA_MASTER={0x8, 0x3}]}, 0x30}}, 0x0)

1.709096161s ago: executing program 4 (id=2474):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000000)='./file0\x00', 0x0, 0x8, r1}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b80)=@mangle={'mangle\x00', 0x8, 0x6, 0x610, 0x420, 0x330, 0x330, 0x0, 0x0, 0x540, 0x540, 0x540, 0x540, 0x540, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@dev, @private2, [], [], 'pimreg0\x00', 'nicvf0\x00'}, 0x0, 0x138, 0x160, 0x0, {0x5002}, [@common=@unspec=@addrtype1={{0x28}, {0x40, 0x40, 0x2}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_bridge\x00', {}, 'gretap0\x00', {}, 0x0, 0x10}}]}, @common=@unspec=@CLASSIFY={0x28}}, {{@ipv6={@local, @rand_addr=' \x01\x00', [], [0x0, 0x0, 0x0, 0xff], 'veth1_to_batadv\x00', 'dvmrp1\x00'}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@inet=@dccp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@dev, @ipv4=@loopback, 0x0, 0x16}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@eui64={{0x28}}]}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6cb)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
ioctl$sock_inet_SIOCGIFADDR(r5, 0x8915, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {}, {0xa, 0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4, 0x20}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000e500000000000000808500000053000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0xfffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.652995415s ago: executing program 0 (id=2475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r2, 0x11c, 0x4, &(0x7f0000000100)=""/146, &(0x7f00000001c0)=0x28) (async)
getsockopt$inet6_mptcp_buf(r2, 0x11c, 0x4, &(0x7f0000000100)=""/146, &(0x7f00000001c0)=0x28)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="3ce500001b5cf0d43e780dd90ec6595e7aea86c7ff4745681b0c51fedee7ba7b3be8a55f0012643d789155ac5a6ab340c437d2247009f4cfc71eb4f2c16625fa99", @ANYRES16=r1, @ANYBLOB="010000000000000000003400000008007300000000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x3c}}, 0x0)

1.55229003s ago: executing program 0 (id=2476):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001200970c25bd70000200000007000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000040034"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000004e00010000006ed06dbb2f8b58e9"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r2 = accept$netrom(0xffffffffffffffff, &(0x7f0000000100)={{0x3, @default}, [@rose, @rose, @rose, @null, @remote, @bcast, @null, @null]}, &(0x7f0000000040)=0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f00"], 0x48) (rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd7000040000008900000008000300", @ANYRES32=r5, @ANYBLOB="18001d801400008006000500ca00000005000c0000007800"], 0x34}, 0x1, 0x0, 0x0, 0x4804}, 0x80)
getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000000180)=0x5, &(0x7f00000001c0)=0x4)

1.288726788s ago: executing program 5 (id=2477):
getsockopt$SO_J1939_ERRQUEUE(0xffffffffffffffff, 0x6b, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r2=>0x0})
r3 = accept4$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x7d26f0c85e2d1b95)
getsockname$packet(r3, &(0x7f0000000140), &(0x7f0000000200)=0x14)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000001800)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r5)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r5, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001240)={&(0x7f00000011c0)={0x5c, 0x4, 0x8, 0x404, 0x0, 0x0, {0x7, 0x0, 0x4}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x805}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000084)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007050000080013002d15010000000000950017b8000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee6fe5fbf500000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f19de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03cc86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40446d7074be86a912a5ac00f7ffffffffffffff000000000000c1eb2d91fb79ea00000000000000bb0d0000000000000000001fe4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b00631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809f905f12f6106f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3f00004d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad0fceee5f339550130a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3116dbc7e2bf2402275fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d644b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7db0825e9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f3b563ab9000000ff000000000077a99fb5b0a43749ca477c9c7ca20bd428d8f77bb920ad0db4c1da671bfad7f109b776476a54939e621232cd115ba9f37057ad891fea2353f3ad9c042c64a5ecf80f4e4cf927ae39347c22822375c26edf2754695c16780429e03759691adb63553e9c4561528ded5f35bb20e98b2e6d01dbfcde82608359c50881324524db0dbe21efba4f0fc338f4b0b11cb028d1063b3bacaab92fb7f9d2971440f873ec261d54c1570adef8004c91896fcd74c9e03dfd9a781210c0346ed1b02a44c64adad8a3f238a8ddf7207c45057c02e922b942f15ddcfbfb00"/1752], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000004feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030200000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a28"], &(0x7f00000001c0)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x9}, 0x10}, 0x94)

1.287589028s ago: executing program 1 (id=2478):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$netlink(r0, 0x10e, 0xb, &(0x7f0000000240)=""/110, &(0x7f00000000c0)=0x6e)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"], 0x0}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0904000000000000000002000000540004802c0001800e000100696d6d656469617465000000180002800c00028005000100c4000000080001400000000924000180090001006d6574610000000014000280080002400000000808000140f6ffff0f0900010073797a30000000000900020073797a320000000020000000080a05000000000000000000020000000900010073797a300000"], 0xc8}}, 0x0)
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x44000)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r7)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r7)
recvmmsg(r7, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000001a80)=""/207, 0xcf}, {&(0x7f00000019c0)=""/175, 0xaf}], 0x3}, 0x7}, {{0x0, 0x0, 0x0}, 0xfc}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000004ac0)=""/4087, 0xff7}, {&(0x7f0000000440)=""/227, 0xe3}, {&(0x7f0000000780)=""/118, 0x76}, {&(0x7f0000001b80)=""/4111, 0x100f}, {&(0x7f0000000240)=""/163, 0xa3}], 0x5}, 0x88a}, {{0x0, 0x0, 0x0}, 0x80000003}], 0x5, 0x40018042, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @multicast2}, 0x2, 0x0, 0x3}}, 0x26)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x30, r8, 0x1, 0x3, 0x0, {{0xa}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_IDX={0x5}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x48881}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.117166932s ago: executing program 4 (id=2479):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000240)=0x8000, 0x4)
ioctl$int_in(r1, 0x5421, &(0x7f0000000340)=0xfff)
connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000280)=0xfffffffe, 0x15)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xe, 0x0, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x6, &(0x7f0000000180)="10000000000000000100000024000000", 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

1.077965845s ago: executing program 1 (id=2480):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="180800000000000000000000000000008710000003000000180000000000000000000000000000009400000000000000750a00000000000095"], &(0x7f0000000040)='GPL\x00'}, 0x90)
r0 = socket(0x2a, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x9, 0x10001, 0x9, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r1, &(0x7f00000003c0), &(0x7f00000000c0)=""/109}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000ac0)={r1, &(0x7f0000000980), &(0x7f00000009c0)=@tcp6, 0x1}, 0x20)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
recvmmsg(r0, &(0x7f0000002e40)=[{{&(0x7f0000000080)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000100)=""/11, 0xb}, {&(0x7f0000000140)=""/98, 0x62}, {&(0x7f00000001c0)=""/110, 0x6e}], 0x4, &(0x7f0000000280)=""/72, 0x48}, 0x7}, {{&(0x7f0000000300)=@sco={0x1f, @none}, 0x80, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=""/56, 0x38}, {&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000005c0)=""/202, 0xca}, {&(0x7f0000000400)=""/1, 0x1}, {&(0x7f00000006c0)=""/174, 0xae}, {&(0x7f0000000780)=""/168, 0xa8}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000001840)=""/254, 0xfe}, {&(0x7f0000001940)=""/244, 0xf4}, {&(0x7f0000001a40)=""/100, 0x64}], 0xa, &(0x7f0000001b80)=""/4096, 0x1000}}, {{0x0, 0x0, &(0x7f0000002dc0)=[{&(0x7f0000002b80)=""/150, 0x96}, {&(0x7f0000002c40)=""/126, 0x7e}, {&(0x7f0000002cc0)=""/255, 0xff}], 0x3, &(0x7f0000002e00)=""/29, 0x1d}, 0x1f}], 0x3, 0x2000, &(0x7f0000002f00))
accept$packet(r0, &(0x7f0000002f40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002f80)=0x14)

957.944785ms ago: executing program 4 (id=2481):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x200000e, 0x1010, r0, 0x4000)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00U\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32, @ANYBLOB="050001"], 0x38}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000001fc0)={0x0, 0x0, 0x5}, 0xc)
setsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f0000001240)={@empty}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000000)=0x4)
unshare(0x600)
r4 = socket(0x1e, 0x805, 0x0)
connect$tipc(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000004c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x55}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$IP_SET_OP_GET_FNAME(r6, 0x1, 0x53, &(0x7f00000000c0)={0x8, 0x7, 0x0, 'syz0\x00'}, &(0x7f0000000100)=0x2c)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="300000001800010000000000000000000a000000000000000000000014000500fe8000001e0000000000f6ffffff0000"], 0x30}}, 0x0)

881.176616ms ago: executing program 1 (id=2482):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000010000000100000000050000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000200000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap(&(0x7f0000fa3000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a090400000000000000000200000038000480340001800a0001006c696d6974000000240002800c000140000000000000000908000540000000000c00024000000005000000000900010073797a30000000000900020073797a32"], 0x8c}, 0x1, 0x0, 0x0, 0x4085}, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

880.53931ms ago: executing program 5 (id=2483):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@gettclass={0x24, 0x2a, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xd, 0x9}, {0xfff1, 0x9}, {0xfff3}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})

821.446456ms ago: executing program 0 (id=2484):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa1000000000000b702000008000000b70300004000000085000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa1000000000000b702000008000000b70300004000000085000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000001300010027bd70000000000007000000", @ANYRES32=r3, @ANYBLOB="a2100400884101000c001a800800058004000780"], 0x2c}}, 0x0)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r1, 0x65, 0x5, &(0x7f0000000100)=0x1, 0x4) (async)
setsockopt$CAN_RAW_FD_FRAMES(r1, 0x65, 0x5, &(0x7f0000000100)=0x1, 0x4)

777.978422ms ago: executing program 1 (id=2485):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000800)={0xf, 0x2, 0x1, 0x590}, 0x10)
sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)

758.126847ms ago: executing program 4 (id=2486):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@ccm_128={{0x303}, "17015173c0a344a2", "c8441b7e436be5eaf06dea5a3a468dd8", "62307b1f", "c9da2f25a4516abb"}, 0x28)
sendmsg$inet(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000006c0)="6e37cff5b582e082d58cb23de3c19dc4971d9b59ddb52ae25a3ca48e8d5284721b4b722d1fd011fc3144e4ceb18b0af41f2235dd63e4ea3b360b32b5b8970a4f3ec7af16abe2cffb7c8fc61602244f3fbfe8c0f9e097c9ca57622caa6f8b9b22b3ab2a392b86171cd2494cc0373ba1d5a8019a571a77bead9da4ef83a4ef1d629d7037d68a8e7a4c39c9652184b0e9dd1f464abc43b88f8af084c33a9d087c7c34919c68f4cad786c37d3a47fe30e1508685ac378db47d739ad3fe928896c7c3005fc36b1b1fbd832467998ae759e500eb25fcb7834ff0bfd10ac29211a5b811025d94fab03058eb8e5795f620541962645704a0711f5c07590a8147b26f587664ca8fa600000000000000097dfd744bb5e5f55b680037db307675ff2c516eaa0aed46b66488af78975e47fdea85971751ff043cf6d3e29f8203433a651e46e72eb07a0791c8918ad6029168158bdfd4e2aa21d6bb1806cf6289a8d07d1cc0b641cbac67cf7897318b425f705aa5a0482eef331e36ec1c647712056d8a64e10bb9913a0cbc90ff73849b3b5f47d1c5", 0x18f}, {&(0x7f0000000340)="5fdbd61342a1560054f74cee82024cacdf79b6be94f99a7aea5b7678644cc1ef33880d4a59cad1fd0852b05064b02335eb6064c24f1ad325e0325bc473c3aeaf6709e5227bca1f7ba283d381d4f64e34fa77c5cac5d0bcf72850aaa9ea7f9144a008ae41f51262011dd0a3eb6eaf00da010b18a79f6917d0c25efbf1c56feb59cbf4683c026aa7aa1d65bea9ba31000000", 0x91}, {&(0x7f0000000940)="1165b65dc1f84146f03562d6913624a2b6d8ec92d3b85d62c12f159214de3618d4dc028c1b6992dc66459f58c8b8b56fe04e31cdde47a1821cf3bddee1076115f9afb5391f0f33219347a02ffb4109374ae3528f700cf1963b704fd24e27b70dd82d3ef5fd0d6c7e9512db1aff64b84d0fe3cce36da98fcc74949374701d31a1418b3fb186b4fc5f661870be567805e16f89688c5b75b19b2081c8026c57eb5eefe65efbb7e34c39a7651531bd31e4bcb66636f5412f2f97dd0f6eba05988d5dbfef41b1382b757fa76544722e48cfb226168a09933e5851fcf209063fdb938b7d7351e7f065d41ec4fa4090a59490776f19d579833473c5faaf30c40d0000000000000000", 0x105}, {&(0x7f0000000500)="0f1d547dfd011eee5ee96e9f1947841b6080ffadffd0f2ba53588a463cb08890097ea28302b894feb895cebb0e72a94c681955c3a39a1e5ebde1638c8f408cbb197ede5a6779e4732b685db9abb1184d1e4bf53bb5eafcc7d265002aeead4852d157cfb83a10f4d80f000000000000a7f702c9424df1ffbd0387c5e7777aa1bf37cbffb95d0daf", 0x87}, {&(0x7f0000000d40)="7a60507430110d45fba18e434184c81c9a10404af273af02537863cd4f9b455ba771ca5222198ae07333ef0d2beff796d017427138340fc2b1528610600c9b212beee90a7941df2f1ec90efc69156c30892b39b7b43f9ddf11e5949fede6ff979b7825229a356cc43023e2eb30577ca2725e6c1ce2e4557d4150336ac279203360ee37b013478d551d95f67dce3d0fa468aed602dc9f641bbacbeac908a860f4d02f22946a5a51f0bd6896b5fb16e75d3437356e3e8307aad07b767649101165270eb5c85ef394c82bc6cd3d2c5954f370361578736b68b2d8d89106b8798d0c28ddc5073e684f7eac3b", 0xea}], 0x5}, 0x0)

705.08614ms ago: executing program 5 (id=2487):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f00000001c0)='GPL\x00', 0xfffffff9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0xc, 0x3, 'netdevsim0\x00'}]}]}], {0x14}}, 0xa4}}, 0x0) (fail_nth: 10)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f00000002c0)={{0x6, @rose}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
r4 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$bt_hci(r4, 0x0, 0x2, &(0x7f0000000440)=""/197, &(0x7f0000000280)=0xc5)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000380)={r4, 0xffffffffffffffff, 0x3, 0x56})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x12, 0x9, 0x8, 0x22}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r5, @ANYRES32=r1, @ANYBLOB="05"], 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000a40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map=r5, r6, 0x4}, 0x10)
socket(0x1, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f72024fc60", 0x14}], 0x1}, 0x0)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000005c0)={r7})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x9, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}}, 0x0)

666.393853ms ago: executing program 0 (id=2488):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0xe, &(0x7f00000000c0)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @generic={0x9, 0x2, 0x4, 0x5, 0x1}], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0xf}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="e8000000010901040000000000530000000000000900010073797a31000000000900010073797a310000000008000340000000000c0004800800014000000000100002000c00028007000100000000000800054000000000840002001400018008000100ffffffff08000200ac1e000114000180080001000a01010008000200ffffffff06000340000300000c0002"], 0xe8}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r3, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
syz_80211_join_ibss(&(0x7f0000000280)='wlan0\x00', &(0x7f0000000340)=@random='\r', 0x1, 0x0)

640.672022ms ago: executing program 1 (id=2489):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e)
writev(r0, &(0x7f0000019880)=[{&(0x7f0000000400)="fb", 0xffffff5c}, {&(0x7f00000197c0)="1902eb02d5e5f29e59e1a7caec33eb76d2430da474d87e367f6598d026438b65eda8341073b6752abdcee080c8e1e876b25227c37d7dd79886ce33f13e857c8eda1cecf6ac36c03dbf54e3cb5136da5a33fee76fb3113f8b6700e9e5fc006b8eed665fed48738d59395ad07438c3610ae3976aac75caf2facafa21c25be3c2", 0x7f}], 0x2)
socket(0x10, 0x803, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x79}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)

636.313932ms ago: executing program 4 (id=2490):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1c00761bc11ee1ed0cbc8481c21cd6527400002d00210000000000000000000400008008000c0006"], 0x1c}], 0x1, 0x0, 0x0, 0x2}, 0x40005)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'bond0\x00', &(0x7f0000000000)=@ethtool_coalesce={0x26}})
r3 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r3, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000040)=[{{0x4, 0x1, 0x1, 0x1}, {0x2, 0x1, 0x1}}, {{0x4, 0x0, 0x0, 0x1}, {0x1}}], 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0xffffffffffffffff, 0x1, 0x10}, 0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000140)={'team0\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x97, 0x97, 0x6, [@func={0x1, 0x0, 0x0, 0xc, 0x2}, @datasec={0x2, 0x8, 0x0, 0xf, 0x3, [{0x2, 0x8, 0x4}, {0x2, 0x10, 0x7}, {0x5, 0x1, 0x8893}, {0x2, 0x8001, 0x1}, {0x3, 0xfffffffb, 0x5}, {0x5, 0x8, 0x5}, {0x1, 0x1, 0x5}, {0x3, 0x87a, 0xfffffbff}], "40a76c"}, @var={0x1, 0x0, 0x0, 0xe, 0x4, 0x2}, @type_tag={0x9, 0x0, 0x0, 0x12, 0x1}]}, {0x0, [0x0, 0x30, 0x5f, 0x2e]}}, &(0x7f0000000240)=""/211, 0xb6, 0xd3, 0x1, 0x80000000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x2, 0x94, 0x1, 0x6, 0x800, r5, 0xd921, '\x00', r6, r7, 0x3, 0x4}, 0x50)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000002280)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9000911", 0x19}, {&(0x7f0000000580)="09c69e16e1536fcff84a6c972f929bd77111f8ed22e8b95278dba0549bed73bf9af7deee6b05e3387473ff33a3d8ee54eb11c998162b0b8d119a92c3cacb1a1c09f53a4e83f225b21c5dd5d80fb25e56d1c3ee59a6dd92a6f9732af2246319860e92f23b33ad89b7a5a66bbf85c869329799", 0x72}], 0x2)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'macvlan0\x00', 0x4010})

225.251053ms ago: executing program 5 (id=2491):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000040), 0x4)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x0, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x25, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}}, 0x9c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'syztnl2\x00', &(0x7f0000000140)={'syztnl2\x00', <r4=>0x0, 0x7, 0x80, 0x6, 0xffff0000, {{0x11, 0x4, 0x0, 0x3b, 0x44, 0x68, 0x0, 0x86, 0x29, 0x0, @local, @rand_addr=0x64010102, {[@ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x20, 0xfa, 0x0, 0x3, [0x7, 0x93, 0x5, 0x9, 0x4, 0x3, 0xa]}, @timestamp_prespec={0x44, 0xc, 0x5a, 0x3, 0x8, [{@local, 0x1}]}]}}}}})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@bridge_newneigh={0x2c, 0x1c, 0x800, 0x70bd26, 0x25dfdbff, {0xa, 0x0, 0x0, r4, 0x2, 0xa7, 0x5}, [@NDA_VNI={0x8, 0x7, 0x5}, @NDA_MASTER={0x8, 0x9, 0xb}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4e802}, 0x0)

218.201179ms ago: executing program 5 (id=2492):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x6, 0x5, 0xffffffff)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x10001}, 0x1c)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r4, @ANYBLOB="059900f3ffffff111800128008000100677470000c000280050005"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
sendto$packet(r0, &(0x7f0000000740)='\x00', 0x1, 0x4c0c0, &(0x7f0000000300)={0x11, 0x86dd, r4}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)

86.460323ms ago: executing program 5 (id=2493):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@ipv6_newnexthop={0x24, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ENCAP_TYPE={0x6}]}, 0x24}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='qdisc_enqueue\x00', r2}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
socket$caif_stream(0x25, 0x1, 0x5)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000002380)=[{{&(0x7f0000000080)={0x2, 0x4e24, @remote}, 0x10, 0x0}}, {{&(0x7f0000001940)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000002580)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8d0}}], 0x18}}], 0x2, 0x4800)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32=r6, @ANYBLOB="200001"], 0x38}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000840)=ANY=[@ANYBLOB="18020000000000800000000000000000850000004100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="030500000304073aad21b2800b0001006970766c616e00000400000000000000", @ANYRES32=r7, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x20004800}, 0x0)

0s ago: executing program 4 (id=2494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
r2 = socket(0x10, 0x3, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x70, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x2, 0x9}, {}, {0x2, 0xb}}, [@TCA_RATE={0x6, 0x5, {0x2, 0x83}}, @filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x15, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x810}, 0x404c0c0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, r5, 0x7, 0x0, 0x80, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x20}}, 0x20040804) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1b}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xdc}}]}, &(0x7f0000000040)='GPL\x00', 0x7fffffff, 0x13, &(0x7f0000000180)=""/19, 0x41100, 0xa, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000200)={0x4, 0xb, 0xfffffff9, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000240)=[r0, r0], &(0x7f0000000300)=[{0x3, 0x2, 0x8, 0x2}, {0x3, 0x3, 0x3, 0x9}], 0x10, 0x7}, 0x94)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0) (async)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r7, 0x0, 0x81, 0x0, 0x0) (async)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r8, 0x0, 0xca, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@rand_addr=0xc0586300, @private=0xffffffff}, 0x10) (async)
close(r6) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r9 = socket$inet6(0xa, 0x1, 0x8010800000000084)
sendmmsg$inet6(r9, &(0x7f0000000640)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0, 0x400}, 0x1c, &(0x7f0000000600)}}], 0x1, 0x4008040)

kernel console output (not intermixed with test programs):

dn't open port 1
[  225.683943][T10981] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1649'.
[  225.696391][T10895] chnl_net:caif_netlink_parms(): no params data found
[  225.708892][T10947] RDS/IB: syz2: added
[  225.713287][T10947] smc: adding ib device syz2 with port count 1
[  225.734990][T10947] smc:    ib device syz2 port 1 has pnetid 
[  225.763136][ T5911] vxcan1 speed is unknown, defaulting to 1000
[  225.771078][T10947] vxcan1 speed is unknown, defaulting to 1000
[  226.178064][T10895] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.210781][T10895] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.233186][T10895] bridge_slave_0: entered allmulticast mode
[  226.253312][T10895] bridge_slave_0: entered promiscuous mode
[  226.265252][T10895] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.272412][T10895] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.279855][T10895] bridge_slave_1: entered allmulticast mode
[  226.303810][T10895] bridge_slave_1: entered promiscuous mode
[  226.318966][T11007] netlink: 'syz.1.1656': attribute type 39 has an invalid length.
[  226.554164][T10895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  226.563714][T10947] vxcan1 speed is unknown, defaulting to 1000
[  226.590166][T10895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  226.611733][T11014] netlink: 'syz.0.1659': attribute type 5 has an invalid length.
[  226.655376][T11016] netlink: 'syz.5.1660': attribute type 7 has an invalid length.
[  226.727970][T10895] team0: Port device team_slave_0 added
[  226.749038][T10895] team0: Port device team_slave_1 added
[  226.857105][T10895] batman_adv: batadv0: Adding interface: batadv_slave_0
[  226.864110][T10895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.896861][T10895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  226.910604][T10895] batman_adv: batadv0: Adding interface: batadv_slave_1
[  226.919882][T10895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.971227][T10895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.033270][T11027] netlink: 'syz.5.1665': attribute type 5 has an invalid length.
[  227.212061][T10947] vxcan1 speed is unknown, defaulting to 1000
[  227.226500][ T5832] Bluetooth: hci3: command tx timeout
[  227.240955][T10895] hsr_slave_0: entered promiscuous mode
[  227.248436][T10895] hsr_slave_1: entered promiscuous mode
[  227.259212][T10895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  227.269359][T10895] Cannot create hsr debugfs directory
[  227.560092][T11044] bridge: RTM_NEWNEIGH with invalid ether address
[  227.594202][T11050] netlink: 'syz.0.1675': attribute type 10 has an invalid length.
[  227.780753][T11059] wg1: entered promiscuous mode
[  227.836599][T10947] vxcan1 speed is unknown, defaulting to 1000
[  228.386895][T10947] vxcan1 speed is unknown, defaulting to 1000
[  228.771106][T10947] vxcan1 speed is unknown, defaulting to 1000
[  229.295432][ T5832] Bluetooth: hci3: command tx timeout
[  229.372500][T11112] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1692'.
[  229.532791][T11120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1691'.
[  229.554791][T10895] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  229.608302][T10895] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  229.641415][T10895] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  229.659859][T10895] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  229.828341][T10895] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.851816][T11141] Cannot find del_set index 128 as target
[  229.867713][T10895] 8021q: adding VLAN 0 to HW filter on device team0
[  229.883330][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.890571][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.928953][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.936189][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.389423][T10895] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.393489][T11169] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1705'.
[  230.695389][T11169] bond0 (unregistering): Released all slaves
[  230.905985][T11187] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1710'.
[  230.946385][T10895] veth0_vlan: entered promiscuous mode
[  230.997116][T10895] veth1_vlan: entered promiscuous mode
[  231.116228][T10895] veth0_macvtap: entered promiscuous mode
[  231.144731][T11193] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1711'.
[  231.170851][T10895] veth1_macvtap: entered promiscuous mode
[  231.376444][ T5832] Bluetooth: hci3: command tx timeout
[  231.427113][T10895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.463281][T10895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  231.514914][T10895] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.529652][T10895] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.551788][T11221] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1721'.
[  231.553402][T10895] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.569990][T10895] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.609219][T11222] tipc: Resetting bearer <eth:macvlan1>
[  231.749199][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.759006][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.841847][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.859591][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.131253][T11245] netlink: 'syz.1.1729': attribute type 10 has an invalid length.
[  232.201808][T11245] veth0_vlan: left promiscuous mode
[  232.210023][T11245] veth0_vlan: entered promiscuous mode
[  232.263465][T11245] team0: Device veth0_vlan failed to register rx_handler
[  232.730381][T11271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1737'.
[  232.900609][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.971969][T11284] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1741'.
[  233.169203][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.510649][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.559865][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.649736][   T49] bridge_slave_1: left allmulticast mode
[  233.655593][   T49] bridge_slave_1: left promiscuous mode
[  233.661367][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.671362][   T49] bridge_slave_0: left allmulticast mode
[  233.677462][   T49] bridge_slave_0: left promiscuous mode
[  233.683155][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.982038][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.992626][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.003062][   T49] bond0 (unregistering): Released all slaves
[  234.400771][T11291] netlink: 'syz.0.1744': attribute type 10 has an invalid length.
[  234.458790][   T49] hsr_slave_0: left promiscuous mode
[  234.492327][   T49] hsr_slave_1: left promiscuous mode
[  234.512823][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.548008][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.570689][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.587593][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.653197][   T49] veth1_macvtap: left promiscuous mode
[  234.671952][   T49] veth0_macvtap: left promiscuous mode
[  234.684372][   T49] veth1_vlan: left promiscuous mode
[  234.699175][   T49] veth0_vlan: left promiscuous mode
[  234.875167][T11315] netlink: 300 bytes leftover after parsing attributes in process `syz.1.1752'.
[  234.989864][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  234.999457][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  235.008078][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  235.020917][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  235.043541][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  235.382762][   T49] team0 (unregistering): Port device team_slave_1 removed
[  235.427689][   T49] team0 (unregistering): Port device team_slave_0 removed
[  235.811050][T11291] veth0_vlan: left promiscuous mode
[  235.819781][T11291] veth0_vlan: entered promiscuous mode
[  235.829560][T11291] team0: Device veth0_vlan failed to register rx_handler
[  235.941999][T11316] vxcan1 speed is unknown, defaulting to 1000
[  236.062777][T11329] gtp0: entered promiscuous mode
[  236.081923][T11329] gtp0: entered allmulticast mode
[  236.090575][T11332] netlink: 212404 bytes leftover after parsing attributes in process `syz.4.1756'.
[  236.115279][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1754'.
[  236.173203][T11336] netlink: 'syz.1.1758': attribute type 5 has an invalid length.
[  236.396829][T11342] netlink: 'syz.0.1761': attribute type 5 has an invalid length.
[  236.420696][T11343] netlink: 'syz.4.1759': attribute type 13 has an invalid length.
[  236.463079][T11343] netlink: 'syz.4.1759': attribute type 58 has an invalid length.
[  236.524668][T11343] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1759'.
[  236.551266][T11345] netlink: 'syz.1.1762': attribute type 1 has an invalid length.
[  236.653443][T11353] netlink: 'syz.1.1762': attribute type 1 has an invalid length.
[  236.744562][T11353] netlink: 'syz.1.1762': attribute type 2 has an invalid length.
[  236.791917][T11355] vcan0: tx drop: invalid da for name 0x0000000000000002
[  237.003540][T11316] chnl_net:caif_netlink_parms(): no params data found
[  237.028259][T11362] netlink: 'syz.5.1765': attribute type 10 has an invalid length.
[  237.059869][T11362] veth0_vlan: entered allmulticast mode
[  237.105864][T11362] veth0_vlan: left promiscuous mode
[  237.133773][T11362] veth0_vlan: entered promiscuous mode
[  237.134790][   T51] Bluetooth: hci3: command tx timeout
[  237.161348][T11362] team0: Device veth0_vlan failed to register rx_handler
[  237.264156][T11370] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  237.323625][T11372] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 19999 - 0
[  237.357815][T11378] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1770'.
[  237.376131][T11372] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 19999 - 0
[  237.385633][T11372] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 19999 - 0
[  237.443035][T11372] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 19999 - 0
[  237.454164][T11372] geneve3: entered promiscuous mode
[  237.466134][T11372] geneve3: entered allmulticast mode
[  237.577689][T11316] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.588905][T11316] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.596883][T11316] bridge_slave_0: entered allmulticast mode
[  237.605728][T11316] bridge_slave_0: entered promiscuous mode
[  237.615869][T11316] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.623542][T11316] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.631059][T11316] bridge_slave_1: entered allmulticast mode
[  237.639541][T11316] bridge_slave_1: entered promiscuous mode
[  237.727467][T11387] bridge_slave_0: entered promiscuous mode
[  237.833741][T11316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.880160][T11316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.963854][T11316] team0: Port device team_slave_0 added
[  237.989799][T11316] team0: Port device team_slave_1 added
[  238.051691][T11404] netlink: 'syz.0.1776': attribute type 1 has an invalid length.
[  238.083072][T11406] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1777'.
[  238.092129][T11404] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.092147][T11404] IPv6: NLM_F_CREATE should be set when creating new route
[  238.092753][T11404] netlink: 'syz.0.1776': attribute type 1 has an invalid length.
[  238.104831][T11406] tipc: Started in network mode
[  238.107655][T11404] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.119543][T11406] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  238.143993][T11406] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  238.153678][T11406] tipc: Enabled bearer <udp:syz1>, priority 10
[  238.161235][T11316] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.171203][T11316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.202339][T11316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.214979][T11377] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  238.265840][T11316] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.305054][T11316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.347607][T11377] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  238.382287][T11417] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1778'.
[  238.411470][T11316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.586378][T11428] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1780'.
[  238.621235][T11316] hsr_slave_0: entered promiscuous mode
[  238.640502][T11316] hsr_slave_1: entered promiscuous mode
[  238.653779][T11316] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.668693][T11316] Cannot create hsr debugfs directory
[  238.846053][T11434] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1782'.
[  238.855471][T11434] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1782'.
[  239.092217][T11453] netlink: 'syz.5.1787': attribute type 6 has an invalid length.
[  239.127509][T11457] sch_fq: defrate 0 ignored.
[  239.220152][   T51] Bluetooth: hci3: command tx timeout
[  239.275674][ T5944] tipc: Node number set to 1
[  239.471422][T11480] netlink: 'syz.5.1796': attribute type 5 has an invalid length.
[  239.741212][T11316] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  239.763620][T11316] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  239.809946][T11316] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  239.835097][T11316] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  239.970908][T11511] siw: device registration error -23
[  240.069912][T11316] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.118902][T11316] 8021q: adding VLAN 0 to HW filter on device team0
[  240.139815][ T1012] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.147029][ T1012] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.188851][T11517] xt_l2tp: unknown flags: 18
[  240.211593][T11517] x_tables: unsorted entry at hook 3
[  240.218998][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.226210][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.671976][T11533] __nla_validate_parse: 1 callbacks suppressed
[  240.671994][T11533] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1813'.
[  240.760498][T11316] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.800221][T11316] veth0_vlan: entered promiscuous mode
[  240.817722][T11316] veth1_vlan: entered promiscuous mode
[  240.845260][T11316] veth0_macvtap: entered promiscuous mode
[  240.856076][T11316] veth1_macvtap: entered promiscuous mode
[  240.874124][T11316] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.890293][T11316] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.904135][T11316] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.912905][T11316] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.923318][T11316] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.932158][T11316] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.992499][ T7900] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.001788][ T7900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.023753][ T7900] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.032586][ T7900] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.268754][T11537] 8021q: VLANs not supported on ip6_vti0
[  241.412133][T11548] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1819'.
[  241.530663][T11554] netlink: 'syz.1.1822': attribute type 1 has an invalid length.
[  241.547524][T11554] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1822'.
[  241.557189][T11554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1822'.
[  241.575677][T11557] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1821'.
[  241.710829][T11563] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1823'.
[  241.723719][T11563] netlink: 'syz.1.1823': attribute type 10 has an invalid length.
[  241.758222][T11565] netlink: 'syz.1.1823': attribute type 10 has an invalid length.
[  241.772073][T11563] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1823'.
[  241.816416][T11565] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1823'.
[  241.972453][T11563] team0: Port device geneve0 added
[  241.988942][T11565] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  242.385446][T11592] netlink: 'syz.4.1833': attribute type 1 has an invalid length.
[  242.440961][T11592] 8021q: adding VLAN 0 to HW filter on device bond2
[  242.450387][T11592] bond0: (slave bond2): making interface the new active one
[  242.458812][T11592] bond0: (slave bond2): Enslaving as an active interface with an up link
[  242.593969][ T1012] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.679769][T11598] tipc: Resetting bearer <eth:macvlan1>
[  242.700354][T11598] team0: Port device geneve0 removed
[  243.643234][ T1012] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.156402][ T1012] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.348843][ T1012] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.446972][T11631] FAULT_INJECTION: forcing a failure.
[  244.446972][T11631] name failslab, interval 1, probability 0, space 0, times 0
[  244.483851][T11631] CPU: 1 UID: 0 PID: 11631 Comm: syz.5.1842 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  244.483874][T11631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.483895][T11631] Call Trace:
[  244.483902][T11631]  <TASK>
[  244.483910][T11631]  dump_stack_lvl+0x189/0x250
[  244.483941][T11631]  ? __pfx____ratelimit+0x10/0x10
[  244.483966][T11631]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.483990][T11631]  ? __pfx__printk+0x10/0x10
[  244.484014][T11631]  ? __pfx___might_resched+0x10/0x10
[  244.484038][T11631]  ? fs_reclaim_acquire+0x7d/0x100
[  244.484063][T11631]  should_fail_ex+0x414/0x560
[  244.484089][T11631]  should_failslab+0xa8/0x100
[  244.484109][T11631]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  244.484127][T11631]  ? __alloc_skb+0x112/0x2d0
[  244.484150][T11631]  __alloc_skb+0x112/0x2d0
[  244.484173][T11631]  netlink_ack+0x146/0xa50
[  244.484190][T11631]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.484206][T11631]  ? ref_tracker_free+0x63a/0x7d0
[  244.484226][T11631]  ? __copy_skb_header+0xa7/0x550
[  244.484249][T11631]  ? __pfx_ref_tracker_free+0x10/0x10
[  244.484270][T11631]  ? __skb_clone+0x63/0x7a0
[  244.484297][T11631]  netlink_rcv_skb+0x28c/0x470
[  244.484317][T11631]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.484336][T11631]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  244.484368][T11631]  ? netlink_deliver_tap+0x2e/0x1b0
[  244.484390][T11631]  ? netlink_deliver_tap+0x2e/0x1b0
[  244.484411][T11631]  netlink_unicast+0x75b/0x8d0
[  244.484435][T11631]  netlink_sendmsg+0x805/0xb30
[  244.484462][T11631]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.484484][T11631]  ? aa_sock_msg_perm+0x94/0x160
[  244.484515][T11631]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  244.484535][T11631]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.484553][T11631]  __sock_sendmsg+0x21c/0x270
[  244.484580][T11631]  ____sys_sendmsg+0x505/0x830
[  244.484605][T11631]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.484635][T11631]  ? import_iovec+0x74/0xa0
[  244.484655][T11631]  ___sys_sendmsg+0x21f/0x2a0
[  244.484678][T11631]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.484733][T11631]  ? __fget_files+0x2a/0x420
[  244.484750][T11631]  ? __fget_files+0x3a0/0x420
[  244.484779][T11631]  __x64_sys_sendmsg+0x19b/0x260
[  244.484802][T11631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  244.484832][T11631]  ? __pfx_ksys_write+0x10/0x10
[  244.484846][T11631]  ? rcu_is_watching+0x15/0xb0
[  244.484875][T11631]  ? do_syscall_64+0xbe/0x3b0
[  244.484895][T11631]  do_syscall_64+0xfa/0x3b0
[  244.484909][T11631]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.484932][T11631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.484949][T11631]  ? clear_bhb_loop+0x60/0xb0
[  244.484969][T11631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.484986][T11631] RIP: 0033:0x7f1c4ab8e929
[  244.485002][T11631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.485017][T11631] RSP: 002b:00007f1c4b9a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.485036][T11631] RAX: ffffffffffffffda RBX: 00007f1c4adb5fa0 RCX: 00007f1c4ab8e929
[  244.485049][T11631] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  244.485061][T11631] RBP: 00007f1c4b9a8090 R08: 0000000000000000 R09: 0000000000000000
[  244.485072][T11631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.485082][T11631] R13: 0000000000000000 R14: 00007f1c4adb5fa0 R15: 00007ffc676d73f8
[  244.485111][T11631]  </TASK>
[  244.957978][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  244.990625][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  245.003420][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  245.012220][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  245.020883][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  245.074776][ T1012] bridge_slave_1: left allmulticast mode
[  245.080482][ T1012] bridge_slave_1: left promiscuous mode
[  245.104750][ T1012] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.137123][ T1012] bridge_slave_0: left allmulticast mode
[  245.156998][ T1012] bridge_slave_0: left promiscuous mode
[  245.163733][ T1012] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.177555][T11646] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1848'.
[  245.289808][T11656] FAULT_INJECTION: forcing a failure.
[  245.289808][T11656] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.332641][T11656] CPU: 1 UID: 0 PID: 11656 Comm: syz.5.1851 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  245.332669][T11656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  245.332679][T11656] Call Trace:
[  245.332686][T11656]  <TASK>
[  245.332694][T11656]  dump_stack_lvl+0x189/0x250
[  245.332723][T11656]  ? __pfx____ratelimit+0x10/0x10
[  245.332747][T11656]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.332768][T11656]  ? __pfx__printk+0x10/0x10
[  245.332784][T11656]  ? __might_fault+0xb0/0x130
[  245.332811][T11656]  should_fail_ex+0x414/0x560
[  245.332836][T11656]  _copy_from_iter+0x1db/0x16f0
[  245.332869][T11656]  ? __pfx__copy_from_iter+0x10/0x10
[  245.332894][T11656]  ? __build_skb_around+0x257/0x3e0
[  245.332918][T11656]  ? netlink_sendmsg+0x642/0xb30
[  245.332935][T11656]  ? skb_put+0x11b/0x210
[  245.332957][T11656]  netlink_sendmsg+0x6b2/0xb30
[  245.332983][T11656]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.333002][T11656]  ? aa_sock_msg_perm+0x94/0x160
[  245.333024][T11656]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  245.333042][T11656]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.333062][T11656]  __sock_sendmsg+0x21c/0x270
[  245.333089][T11656]  ____sys_sendmsg+0x505/0x830
[  245.333114][T11656]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.333140][T11656]  ? import_iovec+0x74/0xa0
[  245.333157][T11656]  ___sys_sendmsg+0x21f/0x2a0
[  245.333176][T11656]  ? __pfx____sys_sendmsg+0x10/0x10
[  245.333225][T11656]  ? __fget_files+0x2a/0x420
[  245.333241][T11656]  ? __fget_files+0x3a0/0x420
[  245.333267][T11656]  __x64_sys_sendmsg+0x19b/0x260
[  245.333289][T11656]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  245.333319][T11656]  ? __pfx_ksys_write+0x10/0x10
[  245.333333][T11656]  ? rcu_is_watching+0x15/0xb0
[  245.333360][T11656]  ? do_syscall_64+0xbe/0x3b0
[  245.333377][T11656]  do_syscall_64+0xfa/0x3b0
[  245.333390][T11656]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.333413][T11656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.333430][T11656]  ? clear_bhb_loop+0x60/0xb0
[  245.333449][T11656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.333465][T11656] RIP: 0033:0x7f1c4ab8e929
[  245.333481][T11656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.333505][T11656] RSP: 002b:00007f1c4b9a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.333523][T11656] RAX: ffffffffffffffda RBX: 00007f1c4adb5fa0 RCX: 00007f1c4ab8e929
[  245.333535][T11656] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  245.333546][T11656] RBP: 00007f1c4b9a8090 R08: 0000000000000000 R09: 0000000000000000
[  245.333557][T11656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.333571][T11656] R13: 0000000000000000 R14: 00007f1c4adb5fa0 R15: 00007ffc676d73f8
[  245.333599][T11656]  </TASK>
[  246.030308][ T1012] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  246.041337][ T1012] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  246.051478][ T1012] bond0 (unregistering): Released all slaves
[  246.082571][T11635] vxcan1 speed is unknown, defaulting to 1000
[  246.265358][T11676] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1856'.
[  246.602727][T11687] x_tables: duplicate underflow at hook 2
[  246.639218][T11687] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1861'.
[  246.786505][T11702] ip6t_srh: unknown srh match flags  4001
[  246.815153][T11702] netlink: 'syz.5.1864': attribute type 1 has an invalid length.
[  246.850280][T11702] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1864'.
[  246.961098][T11707] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1866'.
[  246.996890][T11707] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1866'.
[  247.097255][T11714] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1867'.
[  247.134643][ T5832] Bluetooth: hci3: command tx timeout
[  247.246654][ T1012] hsr_slave_0: left promiscuous mode
[  247.255404][ T1012] hsr_slave_1: left promiscuous mode
[  247.261516][ T1012] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  247.270674][ T1012] batman_adv: batadv0: Removing interface: batadv_slave_0
[  247.283843][ T1012] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  247.300562][ T1012] batman_adv: batadv0: Removing interface: batadv_slave_1
[  247.324945][T11727] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1872'.
[  247.341392][ T1012] veth1_macvtap: left promiscuous mode
[  247.350158][ T1012] veth0_macvtap: left promiscuous mode
[  247.356532][ T1012] veth1_vlan: left promiscuous mode
[  247.362013][ T1012] veth0_vlan: left promiscuous mode
[  247.678589][T11736] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1873'.
[  247.833205][ T1012] team0 (unregistering): Port device team_slave_1 removed
[  247.881321][ T1012] team0 (unregistering): Port device team_slave_0 removed
[  248.411588][T11635] chnl_net:caif_netlink_parms(): no params data found
[  248.529952][T11746] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1877'.
[  248.722008][T11757] netlink: 'syz.5.1879': attribute type 6 has an invalid length.
[  248.854292][T11635] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.866576][T11635] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.873906][T11635] bridge_slave_0: entered allmulticast mode
[  248.883483][T11635] bridge_slave_0: entered promiscuous mode
[  248.908039][T11635] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.915376][T11635] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.922630][T11635] bridge_slave_1: entered allmulticast mode
[  248.956140][T11635] bridge_slave_1: entered promiscuous mode
[  249.023245][T11767] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.1882'.
[  249.038231][T11767] netlink: zone id is out of range
[  249.043514][T11767] netlink: get zone limit has 8 unknown bytes
[  249.079350][T11635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  249.127339][T11635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  249.219553][ T5832] Bluetooth: hci3: command tx timeout
[  249.268895][T11774] bond0: (slave bond2): Releasing backup interface
[  249.333264][T11635] team0: Port device team_slave_0 added
[  249.356034][ T5911] vxcan1 speed is unknown, defaulting to 1000
[  249.381864][T11635] team0: Port device team_slave_1 added
[  249.585338][T11797] netlink: 'syz.4.1893': attribute type 7 has an invalid length.
[  249.622486][T11635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.633817][T11635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.674285][T11635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.712389][T11635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.743433][T11635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.775440][T11635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.839589][T11810] netlink: zone id is out of range
[  249.859719][T11810] netlink: get zone limit has 8 unknown bytes
[  249.887793][T11809] Bluetooth: MGMT ver 1.23
[  249.972435][T11635] hsr_slave_0: entered promiscuous mode
[  249.995597][T11635] hsr_slave_1: entered promiscuous mode
[  250.001971][T11635] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  250.011030][T11635] Cannot create hsr debugfs directory
[  250.101359][T11825] netlink: 'syz.5.1902': attribute type 10 has an invalid length.
[  250.101981][T11826] FAULT_INJECTION: forcing a failure.
[  250.101981][T11826] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.128080][T11826] CPU: 0 UID: 0 PID: 11826 Comm: syz.1.1900 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  250.128108][T11826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.128119][T11826] Call Trace:
[  250.128128][T11826]  <TASK>
[  250.128137][T11826]  dump_stack_lvl+0x189/0x250
[  250.128174][T11826]  ? __pfx____ratelimit+0x10/0x10
[  250.128199][T11826]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.128223][T11826]  ? __pfx__printk+0x10/0x10
[  250.128243][T11826]  ? __might_fault+0xb0/0x130
[  250.128270][T11826]  should_fail_ex+0x414/0x560
[  250.128296][T11826]  _copy_from_iter+0x1db/0x16f0
[  250.128325][T11826]  ? rcu_is_watching+0x15/0xb0
[  250.128352][T11826]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  250.128372][T11826]  ? __pfx__copy_from_iter+0x10/0x10
[  250.128397][T11826]  ? __build_skb_around+0x257/0x3e0
[  250.128421][T11826]  ? netlink_sendmsg+0x642/0xb30
[  250.128440][T11826]  ? skb_put+0x11b/0x210
[  250.128463][T11826]  netlink_sendmsg+0x6b2/0xb30
[  250.128492][T11826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.128515][T11826]  ? aa_sock_msg_perm+0x94/0x160
[  250.128540][T11826]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  250.128560][T11826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.128582][T11826]  __sock_sendmsg+0x21c/0x270
[  250.128610][T11826]  ____sys_sendmsg+0x505/0x830
[  250.128636][T11826]  ? __pfx_____sys_sendmsg+0x10/0x10
[  250.128666][T11826]  ? import_iovec+0x74/0xa0
[  250.128687][T11826]  ___sys_sendmsg+0x21f/0x2a0
[  250.128711][T11826]  ? __pfx____sys_sendmsg+0x10/0x10
[  250.128768][T11826]  ? __fget_files+0x2a/0x420
[  250.128787][T11826]  ? __fget_files+0x3a0/0x420
[  250.128816][T11826]  __x64_sys_sendmsg+0x19b/0x260
[  250.128841][T11826]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  250.128872][T11826]  ? __pfx_ksys_write+0x10/0x10
[  250.128894][T11826]  ? do_syscall_64+0xbe/0x3b0
[  250.128914][T11826]  do_syscall_64+0xfa/0x3b0
[  250.128930][T11826]  ? lockdep_hardirqs_on+0x9c/0x150
[  250.128953][T11826]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.128971][T11826]  ? clear_bhb_loop+0x60/0xb0
[  250.128992][T11826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.129010][T11826] RIP: 0033:0x7fea1838e929
[  250.129027][T11826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.129043][T11826] RSP: 002b:00007fea1922e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  250.129061][T11826] RAX: ffffffffffffffda RBX: 00007fea185b6080 RCX: 00007fea1838e929
[  250.129096][T11826] RDX: 0000000020000000 RSI: 0000200000000c80 RDI: 0000000000000004
[  250.129107][T11826] RBP: 00007fea1922e090 R08: 0000000000000000 R09: 0000000000000000
[  250.129119][T11826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.129128][T11826] R13: 0000000000000001 R14: 00007fea185b6080 R15: 00007ffd1732b508
[  250.129161][T11826]  </TASK>
[  250.432694][T11825] veth0_vlan: left promiscuous mode
[  250.442853][T11825] veth0_vlan: entered promiscuous mode
[  250.455774][T11825] team0: Device veth0_vlan failed to register rx_handler
[  250.536434][T11832] netlink: 'syz.1.1904': attribute type 11 has an invalid length.
[  250.818192][T11849] netlink: 'syz.4.1909': attribute type 11 has an invalid length.
[  250.951047][T11857] netlink: 'syz.4.1912': attribute type 83 has an invalid length.
[  251.104048][T11868] x_tables: unsorted entry at hook 2
[  251.294637][ T5832] Bluetooth: hci3: command tx timeout
[  251.395815][T11635] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  251.419153][T11635] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  251.440687][T11635] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  251.458433][T11635] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  251.635806][T11635] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.667659][T11635] 8021q: adding VLAN 0 to HW filter on device team0
[  251.688300][ T7900] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.695494][ T7900] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.719372][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.726579][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.105027][T11919] sctp: [Deprecated]: syz.1.1931 (pid 11919) Use of struct sctp_assoc_value in delayed_ack socket option.
[  252.105027][T11919] Use struct sctp_sack_info instead
[  252.129628][T11921] sctp: [Deprecated]: syz.1.1931 (pid 11921) Use of struct sctp_assoc_value in delayed_ack socket option.
[  252.129628][T11921] Use struct sctp_sack_info instead
[  252.230190][T11635] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.275818][T11920] netlink: 'syz.5.1932': attribute type 2 has an invalid length.
[  252.283625][T11920] __nla_validate_parse: 4 callbacks suppressed
[  252.283649][T11920] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1932'.
[  252.333126][T11635] veth0_vlan: entered promiscuous mode
[  252.382532][T11635] veth1_vlan: entered promiscuous mode
[  252.432890][T11635] veth0_macvtap: entered promiscuous mode
[  252.453136][T11635] veth1_macvtap: entered promiscuous mode
[  252.521115][T11635] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.567897][T11635] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.601055][T11635] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.619165][T11934] netlink: 'syz.0.1937': attribute type 1 has an invalid length.
[  252.629460][T11934] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1937'.
[  252.635877][T11635] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.644267][T11934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1937'.
[  252.662624][T11635] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.672620][T11635] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.712775][T11936] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1938'.
[  252.842571][T11940] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1939'.
[  252.871731][ T6361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.888922][ T6361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.965672][ T7900] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.999339][ T7900] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.509428][T11976] bridge0: entered allmulticast mode
[  253.519794][T11976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1950'.
[  253.573112][T11976] bridge0 (unregistering): left allmulticast mode
[  253.802338][T11979] vxcan1 speed is unknown, defaulting to 1000
[  253.943328][T11990] netlink: 'syz.4.1955': attribute type 15 has an invalid length.
[  254.036128][T11994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1956'.
[  254.534717][T12011] netlink: 'syz.0.1962': attribute type 1 has an invalid length.
[  254.854562][ T6361] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.863348][ T6361] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.001088][ T6361] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.312071][ T6361] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.363327][T12032] FAULT_INJECTION: forcing a failure.
[  256.363327][T12032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.394824][T12032] CPU: 0 UID: 0 PID: 12032 Comm: syz.5.1968 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  256.394851][T12032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  256.394862][T12032] Call Trace:
[  256.394870][T12032]  <TASK>
[  256.394878][T12032]  dump_stack_lvl+0x189/0x250
[  256.394917][T12032]  ? __pfx____ratelimit+0x10/0x10
[  256.394941][T12032]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.394965][T12032]  ? __pfx__printk+0x10/0x10
[  256.394995][T12032]  should_fail_ex+0x414/0x560
[  256.395018][T12032]  _copy_to_user+0x31/0xb0
[  256.395035][T12032]  simple_read_from_buffer+0xe1/0x170
[  256.395057][T12032]  proc_fail_nth_read+0x1df/0x250
[  256.395079][T12032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  256.395101][T12032]  ? rw_verify_area+0x258/0x650
[  256.395123][T12032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  256.395142][T12032]  vfs_read+0x200/0x980
[  256.395172][T12032]  ? __pfx___mutex_lock+0x10/0x10
[  256.395197][T12032]  ? __pfx_vfs_read+0x10/0x10
[  256.395222][T12032]  ? __fget_files+0x2a/0x420
[  256.395247][T12032]  ? __fget_files+0x3a0/0x420
[  256.395265][T12032]  ? __fget_files+0x2a/0x420
[  256.395293][T12032]  ksys_read+0x145/0x250
[  256.395321][T12032]  ? __pfx_ksys_read+0x10/0x10
[  256.395343][T12032]  ? rcu_is_watching+0x15/0xb0
[  256.395373][T12032]  ? do_syscall_64+0xbe/0x3b0
[  256.395393][T12032]  do_syscall_64+0xfa/0x3b0
[  256.395409][T12032]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.395432][T12032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.395451][T12032]  ? clear_bhb_loop+0x60/0xb0
[  256.395473][T12032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.395491][T12032] RIP: 0033:0x7f1c4ab8d33c
[  256.395509][T12032] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  256.395524][T12032] RSP: 002b:00007f1c4b987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  256.395543][T12032] RAX: ffffffffffffffda RBX: 00007f1c4adb6080 RCX: 00007f1c4ab8d33c
[  256.395557][T12032] RDX: 000000000000000f RSI: 00007f1c4b9870a0 RDI: 0000000000000003
[  256.395568][T12032] RBP: 00007f1c4b987090 R08: 0000000000000000 R09: 0000000000000000
[  256.395580][T12032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.395592][T12032] R13: 0000000000000001 R14: 00007f1c4adb6080 R15: 00007ffc676d73f8
[  256.395621][T12032]  </TASK>
[  256.769069][ T6361] bridge_slave_1: left allmulticast mode
[  256.775128][ T6361] bridge_slave_1: left promiscuous mode
[  256.780929][ T6361] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.842810][ T6361] bridge_slave_0: left allmulticast mode
[  256.848642][ T6361] bridge_slave_0: left promiscuous mode
[  256.854459][ T6361] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.913625][T12049] netlink: 'syz.4.1971': attribute type 23 has an invalid length.
[  256.927483][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  256.934675][T12044] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  256.940861][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  256.953134][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  256.962921][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  257.026057][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  257.051112][T12056] xt_CT: You must specify a L4 protocol and not use inversions on it
[  257.528847][ T6361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.539999][ T6361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.550344][ T6361] bond0 (unregistering): Released all slaves
[  257.596491][T12057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1973'.
[  257.606054][T12057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1973'.
[  257.622189][T12057] netlink: 'syz.1.1973': attribute type 3 has an invalid length.
[  257.882654][T12052] vxcan1 speed is unknown, defaulting to 1000
[  258.213369][T12090] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  258.248024][T12092] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  258.455534][T12091] veth1_vlan: mtu greater than device maximum
[  258.838404][T12120] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1990'.
[  258.859525][T12120] netlink: 'syz.5.1990': attribute type 1 has an invalid length.
[  259.057411][   T51] Bluetooth: hci3: command tx timeout
[  260.143527][ T6361] hsr_slave_0: left promiscuous mode
[  260.149597][ T6361] hsr_slave_1: left promiscuous mode
[  260.157224][ T6361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.174573][ T6361] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.185101][ T6361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.192558][ T6361] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.223368][ T6361] veth1_macvtap: left promiscuous mode
[  260.228188][T12128] netlink: 'syz.4.1991': attribute type 1 has an invalid length.
[  260.230276][ T6361] veth0_macvtap: left promiscuous mode
[  260.242881][T12128] netlink: 'syz.4.1991': attribute type 4 has an invalid length.
[  260.242881][ T6361] veth1_vlan: left promiscuous mode
[  260.242999][ T6361] veth0_vlan: left promiscuous mode
[  260.262349][T12128] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1991'.
[  260.330890][T12132] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1992'.
[  260.714511][ T6361] team0 (unregistering): Port device team_slave_1 removed
[  260.756881][ T6361] team0 (unregistering): Port device team_slave_0 removed
[  261.140739][   T51] Bluetooth: hci3: command tx timeout
[  261.178183][T12120] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  261.721844][T12164] mac80211_hwsim hwsim32 wlan1: entered allmulticast mode
[  261.819161][T12052] chnl_net:caif_netlink_parms(): no params data found
[  261.861984][T12164] bridge_slave_0: left allmulticast mode
[  261.869214][T12164] bridge_slave_0: left promiscuous mode
[  261.878918][T12164] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.906953][T12164] bridge_slave_1: left allmulticast mode
[  261.912759][T12164] bridge_slave_1: left promiscuous mode
[  261.923695][T12176] netlink: 'syz.5.2001': attribute type 10 has an invalid length.
[  261.939712][T12164] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.953846][T12164] bond0: (slave bond_slave_0): Releasing backup interface
[  261.969135][T12164] bond0: (slave bond_slave_1): Releasing backup interface
[  261.987252][T12179] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2001'.
[  262.008835][T12164] team0: Port device team_slave_0 removed
[  262.032348][T12164] team0: Port device team_slave_1 removed
[  262.042470][T12164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.056026][T12164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.070274][T12164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.079478][T12164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.179621][T12176] mac80211_hwsim hwsim32 wlan1: left allmulticast mode
[  262.200562][T12176] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  262.628387][T12052] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.645219][T12052] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.662283][ T5931] hid-generic 0005:0B57:00AA.0001: collection stack underflow
[  262.662437][T12052] bridge_slave_0: entered allmulticast mode
[  262.679322][T12052] bridge_slave_0: entered promiscuous mode
[  262.686166][ T5931] hid-generic 0005:0B57:00AA.0001: item 0 0 0 12 parsing failed
[  262.695279][ T5931] hid-generic 0005:0B57:00AA.0001: probe with driver hid-generic failed with error -22
[  262.759373][T12212] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  262.810105][T12212] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  262.840355][T12212] gretap1: entered promiscuous mode
[  262.845850][T12212] gretap1: entered allmulticast mode
[  262.863128][T12225] netlink: 'syz.0.2017': attribute type 11 has an invalid length.
[  262.871829][T12052] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.883517][T12052] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.890785][T12225] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2017'.
[  262.904665][T12052] bridge_slave_1: entered allmulticast mode
[  262.918203][T12052] bridge_slave_1: entered promiscuous mode
[  263.022283][T12052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.040204][T12052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.122542][T12052] team0: Port device team_slave_0 added
[  263.134291][T12052] team0: Port device team_slave_1 added
[  263.199591][T12052] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.215763][T12052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.217881][   T51] Bluetooth: hci3: command tx timeout
[  263.254323][T12244] netlink: 'syz.5.2024': attribute type 10 has an invalid length.
[  263.263268][T12052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.287462][T12244] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  263.305127][T12052] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.312113][T12052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.361703][T12052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.483419][T12052] hsr_slave_0: entered promiscuous mode
[  263.501819][T12052] hsr_slave_1: entered promiscuous mode
[  263.516030][T12052] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  263.523636][T12052] Cannot create hsr debugfs directory
[  263.743960][T12259] xt_policy: neither incoming nor outgoing policy selected
[  263.834824][T12264] netlink: 192 bytes leftover after parsing attributes in process `syz.4.2032'.
[  263.908496][T12273] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2034'.
[  263.923761][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  263.953941][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  263.970079][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  263.991629][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.002333][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.010606][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.023643][T12277] siw: device registration error -23
[  264.087949][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.095956][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.107915][T12270] netlink: 'syz.1.2033': attribute type 3 has an invalid length.
[  264.307155][T12290] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2041'.
[  264.323338][T12290] netlink: zone id is out of range
[  264.343671][T12290] netlink: get zone limit has 8 unknown bytes
[  264.468890][T12292] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2042'.
[  264.478195][T12292] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2042'.
[  264.498729][T12298] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2044'.
[  264.539290][T12052] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  264.568299][T12052] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  264.598946][T12052] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  264.618451][T12052] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  264.728939][T12312] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2046'.
[  264.738238][T12312] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2046'.
[  264.759382][T12312] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2046'.
[  264.938352][T12052] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.981497][T12324] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  265.003190][T12327] FAULT_INJECTION: forcing a failure.
[  265.003190][T12327] name failslab, interval 1, probability 0, space 0, times 0
[  265.024129][T12327] CPU: 0 UID: 0 PID: 12327 Comm: syz.1.2054 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  265.024159][T12327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  265.024170][T12327] Call Trace:
[  265.024178][T12327]  <TASK>
[  265.024187][T12327]  dump_stack_lvl+0x189/0x250
[  265.024217][T12327]  ? __pfx____ratelimit+0x10/0x10
[  265.024242][T12327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.024267][T12327]  ? __pfx__printk+0x10/0x10
[  265.024300][T12327]  ? __pfx___might_resched+0x10/0x10
[  265.024324][T12327]  ? fs_reclaim_acquire+0x7d/0x100
[  265.024349][T12327]  should_fail_ex+0x414/0x560
[  265.024375][T12327]  should_failslab+0xa8/0x100
[  265.024399][T12327]  __kmalloc_noprof+0xcb/0x4f0
[  265.024414][T12327]  ? kernfs_fop_write_iter+0x158/0x4f0
[  265.024442][T12327]  kernfs_fop_write_iter+0x158/0x4f0
[  265.024471][T12327]  vfs_write+0x54b/0xa90
[  265.024501][T12327]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  265.024526][T12327]  ? __pfx_vfs_write+0x10/0x10
[  265.024559][T12327]  ? __fget_files+0x2a/0x420
[  265.024588][T12327]  ksys_write+0x145/0x250
[  265.024607][T12327]  ? __pfx_ksys_write+0x10/0x10
[  265.024620][T12327]  ? rcu_is_watching+0x15/0xb0
[  265.024651][T12327]  ? do_syscall_64+0xbe/0x3b0
[  265.024671][T12327]  do_syscall_64+0xfa/0x3b0
[  265.024684][T12327]  ? lockdep_hardirqs_on+0x9c/0x150
[  265.024705][T12327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.024722][T12327]  ? clear_bhb_loop+0x60/0xb0
[  265.024744][T12327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.024761][T12327] RIP: 0033:0x7fea1838e929
[  265.024777][T12327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.024791][T12327] RSP: 002b:00007fea1924f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  265.024809][T12327] RAX: ffffffffffffffda RBX: 00007fea185b5fa0 RCX: 00007fea1838e929
[  265.024822][T12327] RDX: 0000000000000006 RSI: 0000200000000300 RDI: 0000000000000004
[  265.024832][T12327] RBP: 00007fea1924f090 R08: 0000000000000000 R09: 0000000000000000
[  265.024843][T12327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.024855][T12327] R13: 0000000000000000 R14: 00007fea185b5fa0 R15: 00007ffd1732b508
[  265.024885][T12327]  </TASK>
[  265.256306][T12052] 8021q: adding VLAN 0 to HW filter on device team0
[  265.271143][ T6361] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.278300][ T6361] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.301597][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.308844][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.324538][   T51] Bluetooth: hci3: command tx timeout
[  265.498892][T12325] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  265.569965][T12052] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  265.635574][T12339] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  266.059207][T12052] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.180499][T12052] veth0_vlan: entered promiscuous mode
[  266.231196][T12052] veth1_vlan: entered promiscuous mode
[  266.463825][T12052] veth0_macvtap: entered promiscuous mode
[  266.524442][T12052] veth1_macvtap: entered promiscuous mode
[  266.589099][T12052] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.626212][T12052] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.668054][T12052] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.730398][T12052] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.764612][T12052] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.793272][T12052] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.074141][T12412] xt_TCPMSS: Only works on TCP SYN packets
[  267.094927][ T6361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.110972][ T6361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.205283][T12415] batman_adv: batadv0: Adding interface: team0
[  267.212024][T12415] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.250668][T12415] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  267.271086][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.281563][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.007591][T12467] __nla_validate_parse: 2 callbacks suppressed
[  268.007609][T12467] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2095'.
[  268.110485][ T5889] IPVS: starting estimator thread 0...
[  268.128097][T12474] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2097'.
[  268.167859][T12477] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  268.218283][T12477] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  268.234544][T12475] IPVS: using max 35 ests per chain, 84000 per kthread
[  268.255332][T12482] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2100'.
[  268.261472][T12485] validate_nla: 62 callbacks suppressed
[  268.261492][T12485] netlink: 'syz.1.2101': attribute type 58 has an invalid length.
[  268.278207][T12486] netlink: 'syz.1.2101': attribute type 58 has an invalid length.
[  268.280974][T12482] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2100'.
[  268.294859][T12486] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2101'.
[  268.325009][T12485] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2101'.
[  268.499675][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.044019][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.118189][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.158198][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.256230][   T36] bridge_slave_1: left allmulticast mode
[  269.261901][   T36] bridge_slave_1: left promiscuous mode
[  269.268198][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.277477][   T36] bridge_slave_0: left allmulticast mode
[  269.283115][   T36] bridge_slave_0: left promiscuous mode
[  269.289181][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.599166][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.609827][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.620042][   T36] bond0 (unregistering): Released all slaves
[  269.957874][   T36] hsr_slave_0: left promiscuous mode
[  269.963732][   T36] hsr_slave_1: left promiscuous mode
[  269.986004][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  269.993473][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.025664][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.033140][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.114687][   T36] veth1_macvtap: left promiscuous mode
[  270.124104][   T36] veth0_macvtap: left promiscuous mode
[  270.144790][   T36] veth1_vlan: left promiscuous mode
[  270.150332][   T36] veth0_vlan: left promiscuous mode
[  270.691879][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  270.702864][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  270.714838][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  270.725672][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  270.737871][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  270.989805][   T36] team0 (unregistering): Port device team_slave_1 removed
[  271.037314][   T36] team0 (unregistering): Port device team_slave_0 removed
[  271.420324][T12500] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  271.470276][T12504] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  271.635993][T12518] vxcan1 speed is unknown, defaulting to 1000
[  271.645829][T12523] netlink: 'syz.1.2109': attribute type 1 has an invalid length.
[  271.736430][T12523] 8021q: adding VLAN 0 to HW filter on device bond4
[  271.789902][T12533] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2111'.
[  271.813400][T12523] bond4: (slave veth1): Enslaving as an active interface with a down link
[  271.890378][T12534] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  271.936239][T12533] vlan2: entered allmulticast mode
[  271.941582][T12533] gretap0: entered allmulticast mode
[  271.993817][T12523] vlan4: entered allmulticast mode
[  272.005516][T12523] veth1: entered allmulticast mode
[  272.012421][T12523] bond4: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  272.032504][T12536] netlink: 'syz.0.2112': attribute type 11 has an invalid length.
[  272.389809][T12561] batman_adv: batadv0: Removing interface: team0
[  272.432330][T12561] bond4: (slave veth0_to_bond): Releasing active interface
[  272.473492][T12561] tipc: Resetting bearer <eth:macvlan1>
[  272.495313][T12564] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2119'.
[  272.553618][T12561] bond4: (slave veth1): Releasing active interface
[  272.617106][T12572] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  272.670053][T12579] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2124'.
[  272.900461][ T5832] Bluetooth: hci3: command tx timeout
[  272.937513][T12588] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2127'.
[  272.968865][T12518] chnl_net:caif_netlink_parms(): no params data found
[  273.137506][T12598] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2128'.
[  273.178185][T12518] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.214649][T12518] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.226770][T12518] bridge_slave_0: entered allmulticast mode
[  273.251601][T12518] bridge_slave_0: entered promiscuous mode
[  273.273500][T12518] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.284380][T12518] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.296788][T12518] bridge_slave_1: entered allmulticast mode
[  273.304876][T12518] bridge_slave_1: entered promiscuous mode
[  273.406753][T12518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  273.438571][T12518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  273.476313][T12614] netlink: 'syz.1.2135': attribute type 1 has an invalid length.
[  273.521871][T12618] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2136'.
[  273.545607][T12614] 8021q: adding VLAN 0 to HW filter on device bond5
[  273.576018][T12614] bond5: (slave gretap2): making interface the new active one
[  273.597540][T12614] bond5: (slave gretap2): Enslaving as an active interface with an up link
[  273.618609][T12518] team0: Port device team_slave_0 added
[  273.638990][T12518] team0: Port device team_slave_1 added
[  273.641266][T12623] netlink: 'syz.0.2138': attribute type 10 has an invalid length.
[  273.661831][T12614] syz.1.2135 (12614) used greatest stack depth: 19816 bytes left
[  273.682971][T12622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2137'.
[  273.724080][T12518] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.733491][T12518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.759617][T12518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.772713][T12625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2139'.
[  273.807680][T12518] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.834732][T12518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.865044][T12518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.932509][T12518] hsr_slave_0: entered promiscuous mode
[  273.951963][T12518] hsr_slave_1: entered promiscuous mode
[  273.959202][T12518] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  273.984578][T12518] Cannot create hsr debugfs directory
[  274.076654][T12640] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  274.423514][T12654] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2148'.
[  274.494951][T12658] netlink: 'syz.1.2150': attribute type 5 has an invalid length.
[  274.705467][T12665] 8021q: VLANs not supported on ip6_vti0
[  274.863388][T12518] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  274.883698][T12518] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  274.895254][T12518] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  274.913923][T12518] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  274.985202][ T5832] Bluetooth: hci3: command tx timeout
[  275.110457][T12518] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.186899][T12695] netlink: 'syz.5.2163': attribute type 10 has an invalid length.
[  275.203986][T12518] 8021q: adding VLAN 0 to HW filter on device team0
[  275.249498][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.256706][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.312621][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.319884][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.643429][T12518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  275.687085][T12518] veth0_vlan: entered promiscuous mode
[  275.700107][T12518] veth1_vlan: entered promiscuous mode
[  275.728701][T12518] veth0_macvtap: entered promiscuous mode
[  275.740315][T12518] veth1_macvtap: entered promiscuous mode
[  275.760027][T12518] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.775247][T12518] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.789043][T12518] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.798548][T12518] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.807295][T12518] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.818259][T12518] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.880012][ T4779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.895162][ T4779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.919043][ T4779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.927832][ T4779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.530484][T12714] netlink: 'syz.0.2166': attribute type 83 has an invalid length.
[  276.662837][T12730] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2170'.
[  276.828385][T12745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2174'.
[  277.024006][T12759] netlink: 'syz.4.2180': attribute type 5 has an invalid length.
[  277.047365][T12759] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2180'.
[  277.047569][T12757] bond0: (slave netdevsim0): Releasing backup interface
[  277.065553][T12763] netlink: 'syz.0.2182': attribute type 1 has an invalid length.
[  277.079298][T12757] bond0: (slave wlan1): Releasing backup interface
[  277.212141][T12771] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2183'.
[  277.344093][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.663368][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.050324][T12781] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2186'.
[  279.244076][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.459641][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.568773][T12807] delete_channel: no stack
[  279.597936][T12807] xt_CT: You must specify a L4 protocol and not use inversions on it
[  279.645210][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  279.662702][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  279.674574][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  279.686482][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  279.709779][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  279.812368][   T36] bridge_slave_1: left allmulticast mode
[  279.822002][   T36] bridge_slave_1: left promiscuous mode
[  279.834850][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.840479][T12825] netlink: 'syz.0.2200': attribute type 1 has an invalid length.
[  279.855523][   T36] bridge_slave_0: left allmulticast mode
[  279.861274][   T36] bridge_slave_0: left promiscuous mode
[  279.867347][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.906406][T12828] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2200'.
[  280.322833][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  280.333623][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  280.348885][   T36] bond0 (unregistering): Released all slaves
[  280.361830][T12815] vxcan1 speed is unknown, defaulting to 1000
[  280.361885][T12821] netlink: 'syz.4.2199': attribute type 5 has an invalid length.
[  280.948153][T12853] IPv6: sit1: Disabled Multicast RS
[  280.981306][T12853] sit1: entered allmulticast mode
[  281.457812][   T36] hsr_slave_0: left promiscuous mode
[  281.465894][   T36] hsr_slave_1: left promiscuous mode
[  281.472039][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.495692][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.519141][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.527268][T12883] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  281.537183][T12872] xt_CT: No such helper "syz0"
[  281.537315][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.580079][   T36] veth1_macvtap: left promiscuous mode
[  281.588350][   T36] veth0_macvtap: left promiscuous mode
[  281.594134][   T36] veth1_vlan: left promiscuous mode
[  281.602034][   T36] veth0_vlan: left promiscuous mode
[  281.644692][T12887] netlink: 'syz.1.2217': attribute type 5 has an invalid length.
[  281.774808][   T51] Bluetooth: hci3: command tx timeout
[  281.948051][T12889] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2218'.
[  281.958249][T12889] netlink: zone id is out of range
[  281.963530][T12889] netlink: get zone limit has 8 unknown bytes
[  282.028567][T12891] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2219'.
[  282.250004][   T36] team0 (unregistering): Port device team_slave_1 removed
[  282.293453][   T36] team0 (unregistering): Port device team_slave_0 removed
[  282.829104][T12898] IPVS: ovf: UDP 224.0.0.2:20004 - no destination available
[  282.842574][T12898] netlink: 596 bytes leftover after parsing attributes in process `syz.0.2220'.
[  282.930257][T12815] chnl_net:caif_netlink_parms(): no params data found
[  283.433473][T12815] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.461257][T12815] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.479156][T12815] bridge_slave_0: entered allmulticast mode
[  283.487928][T12815] bridge_slave_0: entered promiscuous mode
[  283.496793][T12815] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.504037][T12815] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.511417][T12815] bridge_slave_1: entered allmulticast mode
[  283.519317][T12815] bridge_slave_1: entered promiscuous mode
[  283.619535][T12937] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2232'.
[  283.663383][T12815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  283.709861][T12942] netlink: 'syz.4.2233': attribute type 6 has an invalid length.
[  283.725678][T12815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.833280][T12815] team0: Port device team_slave_0 added
[  283.859297][T12815] team0: Port device team_slave_1 added
[  283.859813][   T51] Bluetooth: hci3: command tx timeout
[  283.924979][T12946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2234'.
[  283.936937][T12947] netlink: 'syz.0.2235': attribute type 1 has an invalid length.
[  283.995452][T12947] 8021q: adding VLAN 0 to HW filter on device bond4
[  284.011316][T12815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.018848][T12815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.045155][T12815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.059231][T12815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.068527][T12815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.095187][T12815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.151095][T12950] ip6erspan0: entered promiscuous mode
[  284.181309][T12955] netlink: 'syz.4.2237': attribute type 4 has an invalid length.
[  284.185701][T12950] bond4: (slave ip6erspan0): making interface the new active one
[  284.209089][T12950] bond4: (slave ip6erspan0): Enslaving as an active interface with an up link
[  284.286027][T12815] hsr_slave_0: entered promiscuous mode
[  284.292830][T12815] hsr_slave_1: entered promiscuous mode
[  284.326035][T12815] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.333649][T12815] Cannot create hsr debugfs directory
[  284.344563][T12950] syz.0.2235 (12950) used greatest stack depth: 19768 bytes left
[  284.468706][T12962] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  284.568648][T12969] netlink: 'syz.5.2244': attribute type 5 has an invalid length.
[  284.589760][T12970] 8021q: adding VLAN 0 to HW filter on device team0
[  284.599304][T12970] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  284.702883][T12978] netlink: 'syz.5.2247': attribute type 10 has an invalid length.
[  284.911624][T12988] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2251'.
[  284.941584][T12991] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  285.016412][T12996] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (222)
[  285.153757][T13006] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2259'.
[  285.184699][T13008] netlink: 'syz.1.2257': attribute type 5 has an invalid length.
[  285.204232][ T5944] IPVS: starting estimator thread 0...
[  285.219587][T13002] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  285.314631][T13009] IPVS: using max 29 ests per chain, 69600 per kthread
[  285.324684][T13012] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  285.331955][T13012] IPv6: NLM_F_CREATE should be set when creating new route
[  285.339225][T13012] IPv6: NLM_F_CREATE should be set when creating new route
[  285.433497][T12815] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  285.473677][T12815] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  285.493160][T12815] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  285.509449][T13021] netlink: 'syz.5.2263': attribute type 23 has an invalid length.
[  285.522049][T12815] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  285.580881][T13029] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2266'.
[  285.595620][T13029] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2266'.
[  285.748682][T13039] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2268'.
[  285.762512][T12815] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.807485][T12815] 8021q: adding VLAN 0 to HW filter on device team0
[  285.833465][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.840732][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.861060][ T7900] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.868309][ T7900] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.888829][T13044] netlink: 'syz.4.2270': attribute type 5 has an invalid length.
[  285.934582][   T51] Bluetooth: hci3: command tx timeout
[  286.373751][T12815] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.440906][T12815] veth0_vlan: entered promiscuous mode
[  286.479808][T12815] veth1_vlan: entered promiscuous mode
[  286.551948][T12815] veth0_macvtap: entered promiscuous mode
[  286.577352][T12815] veth1_macvtap: entered promiscuous mode
[  286.601624][T12815] batman_adv: batadv0: Interface activated: batadv_slave_0
[  286.637738][T12815] batman_adv: batadv0: Interface activated: batadv_slave_1
[  286.662196][T12815] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  286.673184][T12815] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  286.683505][T12815] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  286.694790][T12815] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.793821][ T6361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.813841][ T6361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.851695][ T7900] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.864025][ T7900] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.180606][T13098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2287'.
[  287.309354][T13106] netlink: 'syz.0.2288': attribute type 2 has an invalid length.
[  287.548690][T13116] netlink: 'syz.4.2292': attribute type 1 has an invalid length.
[  287.558134][T13116] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2292'.
[  287.562586][T13118] netlink: 'syz.1.2293': attribute type 10 has an invalid length.
[  287.671716][T13128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2296'.
[  288.102728][ T4779] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.140590][T13151] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  288.149101][T13151] syzkaller0: entered promiscuous mode
[  288.156569][T13151] syzkaller0: entered allmulticast mode
[  288.178469][T13151] tipc: Resetting bearer <eth:syzkaller0>
[  288.191360][T13151] bond0: Device is already in use.
[  288.205116][T13151] tipc: Resetting bearer <eth:syzkaller0>
[  288.240154][T13151] tipc: Disabling bearer <eth:syzkaller0>
[  289.361325][ T4779] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.621780][ T4779] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.668904][ T4779] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.751574][ T4779] bridge_slave_1: left allmulticast mode
[  289.757572][ T4779] bridge_slave_1: left promiscuous mode
[  289.763268][ T4779] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.772207][ T4779] bridge_slave_0: left allmulticast mode
[  289.778416][ T4779] bridge_slave_0: left promiscuous mode
[  289.784102][ T4779] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.261992][T13173] netlink: 'syz.5.2310': attribute type 5 has an invalid length.
[  290.481777][T13181] netlink: 'syz.4.2312': attribute type 5 has an invalid length.
[  290.495122][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  290.499897][T13185] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2313'.
[  290.512492][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  290.527409][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  290.552665][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  290.561005][ T4779] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  290.575903][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  290.594337][ T4779] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  290.606843][ T4779] bond0 (unregistering): Released all slaves
[  290.689804][T13183] vxcan1 speed is unknown, defaulting to 1000
[  290.785994][T13188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2314'.
[  290.813851][T13193] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2316'.
[  290.832662][T13192] netlink: 14 bytes leftover after parsing attributes in process `syz.5.2315'.
[  290.842536][T13188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2314'.
[  290.879261][T13193] vlan3: entered promiscuous mode
[  290.884368][T13193] bridge0: entered promiscuous mode
[  290.926158][T13192] hsr_slave_0: left promiscuous mode
[  290.947794][T13192] hsr_slave_1: left promiscuous mode
[  291.254874][T13212] netlink: 'syz.4.2322': attribute type 5 has an invalid length.
[  291.751023][T13230] netlink: 'syz.4.2326': attribute type 5 has an invalid length.
[  291.777049][ T4779] hsr_slave_0: left promiscuous mode
[  291.794521][ T4779] hsr_slave_1: left promiscuous mode
[  291.809112][ T4779] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  291.830252][ T4779] batman_adv: batadv0: Removing interface: batadv_slave_0
[  291.850372][ T4779] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  291.874584][ T4779] batman_adv: batadv0: Removing interface: batadv_slave_1
[  291.930168][ T4779] veth1_macvtap: left promiscuous mode
[  291.947216][ T4779] veth0_macvtap: left promiscuous mode
[  291.963823][ T4779] veth1_vlan: left promiscuous mode
[  291.973715][ T4779] veth0_vlan: left promiscuous mode
[  292.532897][ T4779] team0 (unregistering): Port device team_slave_1 removed
[  292.576226][ T4779] team0 (unregistering): Port device team_slave_0 removed
[  292.661389][   T51] Bluetooth: hci3: command tx timeout
[  293.016935][T13238] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  293.043655][T13183] chnl_net:caif_netlink_parms(): no params data found
[  293.237013][T13255] netlink: 'syz.5.2334': attribute type 12 has an invalid length.
[  293.245255][T13255] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2334'.
[  293.413335][T13183] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.437228][T13183] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.452577][T13183] bridge_slave_0: entered allmulticast mode
[  293.480863][T13183] bridge_slave_0: entered promiscuous mode
[  293.507487][T13183] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.539038][T13183] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.549236][T13183] bridge_slave_1: entered allmulticast mode
[  293.563620][T13183] bridge_slave_1: entered promiscuous mode
[  293.698535][T13183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.728972][T13183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.800806][T13287] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2342'.
[  293.840002][T13183] team0: Port device team_slave_0 added
[  293.866281][T13183] team0: Port device team_slave_1 added
[  293.986781][T13183] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.993769][T13183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.044706][T13183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.070185][T13301] tipc: Disabling bearer <udp:syz1>
[  294.082697][T13183] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.113599][T13183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.132713][T13303] xt_CT: No such helper "snmp"
[  294.176627][T13183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.347170][T13183] hsr_slave_0: entered promiscuous mode
[  294.358228][T13183] hsr_slave_1: entered promiscuous mode
[  294.628672][T13327] warn_alloc: 1 callbacks suppressed
[  294.628690][T13327] syz.5.2356: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  294.677865][T13327] CPU: 0 UID: 0 PID: 13327 Comm: syz.5.2356 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  294.677895][T13327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.677907][T13327] Call Trace:
[  294.677916][T13327]  <TASK>
[  294.677926][T13327]  dump_stack_lvl+0x189/0x250
[  294.677960][T13327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.677986][T13327]  ? __pfx__printk+0x10/0x10
[  294.678005][T13327]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  294.678024][T13327]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  294.678046][T13327]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  294.678068][T13327]  warn_alloc+0x214/0x310
[  294.678099][T13327]  ? stack_depot_save_flags+0x40/0x900
[  294.678126][T13327]  ? __pfx_warn_alloc+0x10/0x10
[  294.678149][T13327]  ? kasan_save_track+0x4f/0x80
[  294.678175][T13327]  ? xskq_create+0x56/0x170
[  294.678198][T13327]  ? xsk_init_queue+0xb0/0x110
[  294.678218][T13327]  ? xsk_setsockopt+0x43f/0x710
[  294.678239][T13327]  ? do_sock_setsockopt+0x257/0x3e0
[  294.678256][T13327]  ? __x64_sys_setsockopt+0x18b/0x220
[  294.678275][T13327]  ? do_syscall_64+0xfa/0x3b0
[  294.678290][T13327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.678315][T13327]  __vmalloc_node_range_noprof+0x125/0x12f0
[  294.678367][T13327]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  294.678394][T13327]  ? __kasan_kmalloc+0x93/0xb0
[  294.678415][T13327]  vmalloc_user_noprof+0xad/0xf0
[  294.678436][T13327]  ? xskq_create+0xbf/0x170
[  294.678463][T13327]  xskq_create+0xbf/0x170
[  294.678492][T13327]  xsk_init_queue+0xb0/0x110
[  294.678519][T13327]  xsk_setsockopt+0x43f/0x710
[  294.678546][T13327]  ? __pfx_xsk_setsockopt+0x10/0x10
[  294.678569][T13327]  ? __lock_acquire+0xab9/0xd20
[  294.678604][T13327]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  294.678627][T13327]  ? __pfx_xsk_setsockopt+0x10/0x10
[  294.678652][T13327]  do_sock_setsockopt+0x257/0x3e0
[  294.678677][T13327]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  294.678708][T13327]  ? __fget_files+0x2a/0x420
[  294.678738][T13327]  __x64_sys_setsockopt+0x18b/0x220
[  294.678765][T13327]  do_syscall_64+0xfa/0x3b0
[  294.678780][T13327]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.678805][T13327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.678823][T13327]  ? clear_bhb_loop+0x60/0xb0
[  294.678846][T13327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.678864][T13327] RIP: 0033:0x7f1c4ab8e929
[  294.678882][T13327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.678899][T13327] RSP: 002b:00007f1c4b9a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  294.678920][T13327] RAX: ffffffffffffffda RBX: 00007f1c4adb5fa0 RCX: 00007f1c4ab8e929
[  294.678934][T13327] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000007
[  294.678946][T13327] RBP: 00007f1c4ac10b39 R08: 0000000000000004 R09: 0000000000000000
[  294.678958][T13327] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  294.678971][T13327] R13: 0000000000000000 R14: 00007f1c4adb5fa0 R15: 00007ffc676d73f8
[  294.679003][T13327]  </TASK>
[  294.683292][T13327] Mem-Info:
[  294.744634][   T51] Bluetooth: hci3: command tx timeout
[  294.768328][T13327] active_anon:7163 inactive_anon:0 isolated_anon:0
[  294.768328][T13327]  active_file:1547 inactive_file:39945 isolated_file:0
[  294.768328][T13327]  unevictable:768 dirty:90 writeback:0
[  294.768328][T13327]  slab_reclaimable:11182 slab_unreclaimable:105679
[  294.768328][T13327]  mapped:36909 shmem:3937 pagetables:1119
[  294.768328][T13327]  sec_pagetables:0 bounce:0
[  294.768328][T13327]  kernel_misc_reclaimable:0
[  294.768328][T13327]  free:1313822 free_pcp:11353 free_cma:0
[  295.051677][T13327] Node 0 active_anon:30072kB inactive_anon:0kB active_file:6188kB inactive_file:159584kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:141404kB dirty:396kB writeback:0kB shmem:15308kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12580kB pagetables:4424kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  295.109411][T13327] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  295.208309][T13327] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  295.254264][T13327] lowmem_reserve[]: 0 2500 2502 2502 2502
[  295.256037][T13346] netlink: 'syz.4.2361': attribute type 11 has an invalid length.
[  295.260259][T13327] Node 0 DMA32 free:1341280kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18724kB inactive_anon:0kB active_file:6188kB inactive_file:157756kB unevictable:1536kB writepending:392kB present:3129332kB managed:2561004kB mlocked:0kB bounce:0kB free_pcp:35400kB local_pcp:14292kB free_cma:0kB
[  295.301203][T13327] lowmem_reserve[]: 0 0 1 1 1
[  295.301552][T13344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2360'.
[  295.307172][T13327] Node 0 
[  295.321327][T13346] netlink: 'syz.4.2361': attribute type 4 has an invalid length.
[  295.347690][T13346] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2361'.
[  295.364607][T13327] Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1828kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  295.440502][T13327] lowmem_reserve[]: 0 0 0 0 0
[  295.450751][T13327] Node 1 Normal free:3897736kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20132kB local_pcp:9700kB free_cma:0kB
[  295.497608][T13327] lowmem_reserve[]: 0 0 0 0 0
[  295.498395][T13351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2364'.
[  295.508550][T13327] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  295.537175][T13327] Node 0 DMA32: 2*4kB (UE) 265*8kB (ME) 213*16kB (UME) 283*32kB (UME) 66*64kB (UME) 44*128kB (UM) 15*256kB (UME) 8*512kB (UM) 8*1024kB (UM) 5*2048kB (ME) 315*4096kB (UM) = 1341056kB
[  295.561194][T13327] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  295.573938][T13327] Node 1 Normal: 230*4kB (UE) 66*8kB (UME) 46*16kB (UME) 134*32kB (UME) 29*64kB (UME) 8*128kB (UME) 5*256kB (UM) 4*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 947*4096kB (M) = 3897736kB
[  295.626790][T13327] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  295.648993][T13354] DRBG: could not allocate digest TFM handle: hmac(sha384)
[  295.661511][T13327] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  295.673858][T13362] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2365'.
[  295.688944][T13327] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  295.702343][T13327] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  295.730291][T13327] 42874 total pagecache pages
[  295.736402][T13327] 0 pages in swap cache
[  295.740866][T13327] Free swap  = 124996kB
[  295.748762][T13327] Total swap = 124996kB
[  295.753200][T13327] 2097051 pages RAM
[  295.790980][T13365] netlink: 'syz.0.2366': attribute type 1 has an invalid length.
[  295.791571][T13327] 0 pages HighMem/MovableOnly
[  295.804254][T13363] netlink: 'syz.4.2365': attribute type 3 has an invalid length.
[  295.809083][T13327] 424694 pages reserved
[  295.816370][T13327] 0 pages cma reserved
[  295.819511][T13363] netlink: 'syz.4.2365': attribute type 3 has an invalid length.
[  295.879140][T13365] 8021q: adding VLAN 0 to HW filter on device bond6
[  295.917472][T13183] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  295.948996][T13367] 8021q: adding VLAN 0 to HW filter on device bond6
[  295.956272][T13367] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[  295.986304][T13367] bond6: (slave vxcan3): Error -95 calling set_mac_address
[  296.010109][T13369] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  296.030621][T13365] gretap2: entered promiscuous mode
[  296.038673][T13365] bond6: (slave gretap2): making interface the new active one
[  296.055717][T13365] bond6: (slave gretap2): Enslaving as an active interface with an up link
[  296.088587][T13183] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  296.124630][T13370] macvlan2: entered promiscuous mode
[  296.130001][T13370] macvlan2: entered allmulticast mode
[  296.145452][T13370] bond6: entered promiscuous mode
[  296.152736][T13370] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  296.172516][T13370] bond6: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2
[  296.208338][T13370] bond6: left promiscuous mode
[  296.270000][T13183] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  296.290301][T13183] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  296.593417][T13183] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.662771][T13183] 8021q: adding VLAN 0 to HW filter on device team0
[  296.718587][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.725841][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.779702][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.786935][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.821314][   T51] Bluetooth: hci3: command tx timeout
[  296.863808][T13407] netlink: 'syz.5.2375': attribute type 1 has an invalid length.
[  296.876536][T13407] netlink: 'syz.5.2375': attribute type 2 has an invalid length.
[  296.928667][T13412] netlink: 'syz.0.2376': attribute type 15 has an invalid length.
[  297.030273][T13414] (unnamed net_device) (uninitialized): peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms
[  297.123970][T13414] bond3: entered promiscuous mode
[  297.129611][T13414] bond3: entered allmulticast mode
[  297.143120][T13424] netlink: 'syz.0.2381': attribute type 7 has an invalid length.
[  297.151876][T13424] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2381'.
[  297.164653][T13414] 8021q: adding VLAN 0 to HW filter on device bond3
[  297.193168][T13424] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2381'.
[  297.282861][T13430] netlink: 'syz.4.2382': attribute type 15 has an invalid length.
[  297.290703][T13183] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.367032][T13432] netlink: 'syz.0.2383': attribute type 5 has an invalid length.
[  297.387094][T13183] veth0_vlan: entered promiscuous mode
[  297.407027][T13183] veth1_vlan: entered promiscuous mode
[  297.462290][T13183] veth0_macvtap: entered promiscuous mode
[  297.483524][T13183] veth1_macvtap: entered promiscuous mode
[  297.515984][T13437] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  297.542317][T13183] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.562085][T13183] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.578314][T13183] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.595299][T13183] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.604225][T13183] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.613516][T13183] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.792351][ T4779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.813550][ T4779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.891767][ T4779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.918313][ T4779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.449076][T13467] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  298.651443][T13483] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  298.691662][T13482] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2402'.
[  298.972819][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.397337][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.263112][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.329497][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.439169][   T49] bridge_slave_1: left allmulticast mode
[  300.447677][   T49] bridge_slave_1: left promiscuous mode
[  300.453467][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.462528][   T49] bridge_slave_0: left allmulticast mode
[  300.468645][   T49] bridge_slave_0: left promiscuous mode
[  300.474320][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.786793][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.799452][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.810045][   T49] bond0 (unregistering): Released all slaves
[  300.885372][T13491] validate_nla: 2 callbacks suppressed
[  300.885391][T13491] netlink: 'syz.4.2408': attribute type 5 has an invalid length.
[  300.955753][T13491] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2408'.
[  300.968282][T13495] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2406'.
[  301.183755][T13506] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2411'.
[  301.211817][T13506] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2411'.
[  301.365959][T13509] FAULT_INJECTION: forcing a failure.
[  301.365959][T13509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.389684][T13509] CPU: 0 UID: 0 PID: 13509 Comm: syz.0.2413 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  301.389711][T13509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.389722][T13509] Call Trace:
[  301.389730][T13509]  <TASK>
[  301.389739][T13509]  dump_stack_lvl+0x189/0x250
[  301.389768][T13509]  ? __pfx____ratelimit+0x10/0x10
[  301.389792][T13509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.389817][T13509]  ? __pfx__printk+0x10/0x10
[  301.389847][T13509]  should_fail_ex+0x414/0x560
[  301.389872][T13509]  _copy_to_user+0x31/0xb0
[  301.389890][T13509]  simple_read_from_buffer+0xe1/0x170
[  301.389913][T13509]  proc_fail_nth_read+0x1df/0x250
[  301.389936][T13509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.389960][T13509]  ? rw_verify_area+0x258/0x650
[  301.389982][T13509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.390001][T13509]  vfs_read+0x200/0x980
[  301.390029][T13509]  ? __pfx___mutex_lock+0x10/0x10
[  301.390052][T13509]  ? __pfx_vfs_read+0x10/0x10
[  301.390076][T13509]  ? __fget_files+0x2a/0x420
[  301.390099][T13509]  ? __fget_files+0x3a0/0x420
[  301.390115][T13509]  ? __fget_files+0x2a/0x420
[  301.390141][T13509]  ksys_read+0x145/0x250
[  301.390168][T13509]  ? __pfx_ksys_read+0x10/0x10
[  301.390190][T13509]  ? rcu_is_watching+0x15/0xb0
[  301.390220][T13509]  ? do_syscall_64+0xbe/0x3b0
[  301.390240][T13509]  do_syscall_64+0xfa/0x3b0
[  301.390254][T13509]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.390276][T13509]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.390294][T13509]  ? clear_bhb_loop+0x60/0xb0
[  301.390315][T13509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.390330][T13509] RIP: 0033:0x7faca6d8d33c
[  301.390345][T13509] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  301.390368][T13509] RSP: 002b:00007faca7cd6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  301.390389][T13509] RAX: ffffffffffffffda RBX: 00007faca6fb5fa0 RCX: 00007faca6d8d33c
[  301.390403][T13509] RDX: 000000000000000f RSI: 00007faca7cd60a0 RDI: 0000000000000003
[  301.390414][T13509] RBP: 00007faca7cd6090 R08: 0000000000000000 R09: 0000000000000000
[  301.390426][T13509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.390438][T13509] R13: 0000000000000000 R14: 00007faca6fb5fa0 R15: 00007ffdd4562878
[  301.390468][T13509]  </TASK>
[  301.666380][T13514] netlink: 'syz.4.2412': attribute type 1 has an invalid length.
[  301.674821][T13516] siw: device registration error -23
[  301.707582][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  301.725285][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  301.733632][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  301.747980][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  301.757345][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  301.866036][T13522] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  301.886515][T13511] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2412'.
[  301.957959][T13530] netlink: 'syz.1.2418': attribute type 5 has an invalid length.
[  302.027449][T13525] gtp0: entered promiscuous mode
[  302.032727][T13525] gtp0: entered allmulticast mode
[  302.134669][   T49] hsr_slave_0: left promiscuous mode
[  302.149499][   T49] hsr_slave_1: left promiscuous mode
[  302.155922][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.163793][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  302.179022][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.188011][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  302.189331][T13536] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2421'.
[  302.222772][   T49] veth1_macvtap: left promiscuous mode
[  302.232393][   T49] veth0_macvtap: left promiscuous mode
[  302.238433][   T49] veth1_vlan: left promiscuous mode
[  302.243994][   T49] veth0_vlan: left promiscuous mode
[  302.918917][   T49] team0 (unregistering): Port device team_slave_1 removed
[  302.959613][   T49] team0 (unregistering): Port device team_slave_0 removed
[  303.410899][T13512] vxcan1 speed is unknown, defaulting to 1000
[  303.521091][T13563] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2424'.
[  303.586685][T13565] FAULT_INJECTION: forcing a failure.
[  303.586685][T13565] name failslab, interval 1, probability 0, space 0, times 0
[  303.632210][T13565] CPU: 0 UID: 0 PID: 13565 Comm: syz.4.2425 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  303.632238][T13565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  303.632251][T13565] Call Trace:
[  303.632259][T13565]  <TASK>
[  303.632268][T13565]  dump_stack_lvl+0x189/0x250
[  303.632298][T13565]  ? __pfx____ratelimit+0x10/0x10
[  303.632324][T13565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.632355][T13565]  ? __pfx__printk+0x10/0x10
[  303.632382][T13565]  ? ref_tracker_alloc+0x318/0x460
[  303.632407][T13565]  should_fail_ex+0x414/0x560
[  303.632439][T13565]  should_failslab+0xa8/0x100
[  303.632460][T13565]  kmem_cache_alloc_noprof+0x73/0x3c0
[  303.632486][T13565]  ? skb_clone+0x212/0x3a0
[  303.632513][T13565]  skb_clone+0x212/0x3a0
[  303.632539][T13565]  __netlink_deliver_tap+0x404/0x850
[  303.632572][T13565]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.632594][T13565]  netlink_deliver_tap+0x19c/0x1b0
[  303.632615][T13565]  netlink_unicast+0x72f/0x8d0
[  303.632646][T13565]  netlink_sendmsg+0x805/0xb30
[  303.632675][T13565]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.632699][T13565]  ? aa_sock_msg_perm+0x94/0x160
[  303.632723][T13565]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  303.632745][T13565]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.632766][T13565]  __sock_sendmsg+0x21c/0x270
[  303.632794][T13565]  ____sys_sendmsg+0x505/0x830
[  303.632821][T13565]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.632852][T13565]  ? import_iovec+0x74/0xa0
[  303.632874][T13565]  ___sys_sendmsg+0x21f/0x2a0
[  303.632898][T13565]  ? __pfx____sys_sendmsg+0x10/0x10
[  303.632957][T13565]  ? __fget_files+0x2a/0x420
[  303.632976][T13565]  ? __fget_files+0x3a0/0x420
[  303.633005][T13565]  __x64_sys_sendmsg+0x19b/0x260
[  303.633029][T13565]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  303.633061][T13565]  ? __pfx_ksys_write+0x10/0x10
[  303.633075][T13565]  ? rcu_is_watching+0x15/0xb0
[  303.633106][T13565]  ? do_syscall_64+0xbe/0x3b0
[  303.633126][T13565]  do_syscall_64+0xfa/0x3b0
[  303.633141][T13565]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.633176][T13565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.633194][T13565]  ? clear_bhb_loop+0x60/0xb0
[  303.633215][T13565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.633233][T13565] RIP: 0033:0x7fdf4558e929
[  303.633250][T13565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.633266][T13565] RSP: 002b:00007fdf433f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.633286][T13565] RAX: ffffffffffffffda RBX: 00007fdf457b5fa0 RCX: 00007fdf4558e929
[  303.633300][T13565] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  303.633312][T13565] RBP: 00007fdf433f6090 R08: 0000000000000000 R09: 0000000000000000
[  303.633323][T13565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.633334][T13565] R13: 0000000000000000 R14: 00007fdf457b5fa0 R15: 00007ffda0a41aa8
[  303.633365][T13565]  </TASK>
[  303.633470][T13565] netlink: 'syz.4.2425': attribute type 15 has an invalid length.
[  303.854751][ T5832] Bluetooth: hci3: command tx timeout
[  304.283789][T13582] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  304.594303][T13512] chnl_net:caif_netlink_parms(): no params data found
[  304.799081][T13617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2436'.
[  305.027999][T13628] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2437'.
[  305.042870][T13512] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.050765][T13512] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.059561][T13512] bridge_slave_0: entered allmulticast mode
[  305.072591][T13512] bridge_slave_0: entered promiscuous mode
[  305.109410][T13512] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.134786][T13512] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.172159][T13512] bridge_slave_1: entered allmulticast mode
[  305.180497][T13512] bridge_slave_1: entered promiscuous mode
[  305.364091][T13512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  305.373805][T13648] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2442'.
[  305.398028][T13512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  305.527362][T13512] team0: Port device team_slave_0 added
[  305.567114][T13512] team0: Port device team_slave_1 added
[  305.629034][T13651] netlink: 'syz.0.2443': attribute type 5 has an invalid length.
[  305.706437][T13512] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.723711][T13512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.770053][T13512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.821017][T13512] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.828311][T13512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.843093][T13677] netlink: 'syz.1.2450': attribute type 1 has an invalid length.
[  305.894873][T13512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.965231][T13688] __nla_validate_parse: 3 callbacks suppressed
[  305.965260][T13688] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2452'.
[  305.969269][T13677] 8021q: adding VLAN 0 to HW filter on device bond7
[  305.981813][T13688] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2452'.
[  306.015280][ T5832] Bluetooth: hci3: command tx timeout
[  306.049944][T13687] ip6erspan0: entered promiscuous mode
[  306.087950][T13687] bond7: (slave ip6erspan0): making interface the new active one
[  306.110094][T13687] bond7: (slave ip6erspan0): Enslaving as an active interface with an up link
[  306.133845][T13696] netlink: 'syz.4.2455': attribute type 1 has an invalid length.
[  306.173102][T13696] netlink: 220 bytes leftover after parsing attributes in process `syz.4.2455'.
[  306.187623][T13696] netlink: 'syz.4.2455': attribute type 1 has an invalid length.
[  306.228603][T13512] hsr_slave_0: entered promiscuous mode
[  306.246522][T13512] hsr_slave_1: entered promiscuous mode
[  306.302146][T13704] FAULT_INJECTION: forcing a failure.
[  306.302146][T13704] name failslab, interval 1, probability 0, space 0, times 0
[  306.334628][T13704] CPU: 0 UID: 0 PID: 13704 Comm: syz.0.2458 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  306.334657][T13704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.334668][T13704] Call Trace:
[  306.334676][T13704]  <TASK>
[  306.334685][T13704]  dump_stack_lvl+0x189/0x250
[  306.334715][T13704]  ? __pfx____ratelimit+0x10/0x10
[  306.334740][T13704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.334766][T13704]  ? __pfx__printk+0x10/0x10
[  306.334791][T13704]  ? __pfx___might_resched+0x10/0x10
[  306.334816][T13704]  ? fs_reclaim_acquire+0x7d/0x100
[  306.334841][T13704]  should_fail_ex+0x414/0x560
[  306.334869][T13704]  should_failslab+0xa8/0x100
[  306.334890][T13704]  __kmalloc_cache_noprof+0x70/0x3d0
[  306.334907][T13704]  ? nfnetlink_rcv+0xeff/0x2520
[  306.334936][T13704]  nfnetlink_rcv+0xeff/0x2520
[  306.334992][T13704]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  306.335034][T13704]  ? ref_tracker_free+0x63a/0x7d0
[  306.335094][T13704]  ? __netlink_deliver_tap+0x807/0x850
[  306.335124][T13704]  ? netlink_deliver_tap+0x2e/0x1b0
[  306.335143][T13704]  ? netlink_deliver_tap+0x2e/0x1b0
[  306.335169][T13704]  netlink_unicast+0x75b/0x8d0
[  306.335199][T13704]  netlink_sendmsg+0x805/0xb30
[  306.335229][T13704]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.335253][T13704]  ? aa_sock_msg_perm+0x94/0x160
[  306.335276][T13704]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  306.335298][T13704]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.335319][T13704]  __sock_sendmsg+0x21c/0x270
[  306.335348][T13704]  ____sys_sendmsg+0x505/0x830
[  306.335375][T13704]  ? __pfx_____sys_sendmsg+0x10/0x10
[  306.335407][T13704]  ? import_iovec+0x74/0xa0
[  306.335429][T13704]  ___sys_sendmsg+0x21f/0x2a0
[  306.335452][T13704]  ? __pfx____sys_sendmsg+0x10/0x10
[  306.335511][T13704]  ? __fget_files+0x2a/0x420
[  306.335528][T13704]  ? __fget_files+0x3a0/0x420
[  306.335558][T13704]  __x64_sys_sendmsg+0x19b/0x260
[  306.335583][T13704]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  306.335615][T13704]  ? __pfx_ksys_write+0x10/0x10
[  306.335630][T13704]  ? rcu_is_watching+0x15/0xb0
[  306.335662][T13704]  ? do_syscall_64+0xbe/0x3b0
[  306.335683][T13704]  do_syscall_64+0xfa/0x3b0
[  306.335698][T13704]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.335722][T13704]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.335740][T13704]  ? clear_bhb_loop+0x60/0xb0
[  306.335762][T13704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.335780][T13704] RIP: 0033:0x7faca6d8e929
[  306.335797][T13704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.335812][T13704] RSP: 002b:00007faca7cd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  306.335832][T13704] RAX: ffffffffffffffda RBX: 00007faca6fb5fa0 RCX: 00007faca6d8e929
[  306.335846][T13704] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000004
[  306.335858][T13704] RBP: 00007faca7cd6090 R08: 0000000000000000 R09: 0000000000000000
[  306.335870][T13704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.335882][T13704] R13: 0000000000000000 R14: 00007faca6fb5fa0 R15: 00007ffdd4562878
[  306.335912][T13704]  </TASK>
[  306.759356][T13713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  306.816696][T13712] syzkaller0: entered promiscuous mode
[  306.828719][T13712] syzkaller0: entered allmulticast mode
[  306.923902][T13712] tipc: Resetting bearer <eth:syzkaller0>
[  306.956113][T13712] tipc: Disabling bearer <eth:syzkaller0>
[  307.131964][T13732] netlink: 'syz.4.2466': attribute type 5 has an invalid length.
[  307.309005][T13745] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.336856][T13745] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.353305][T13745] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.393225][T13747] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.406780][T13747] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.421522][T13747] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2471'.
[  307.424922][T13750] FAULT_INJECTION: forcing a failure.
[  307.424922][T13750] name failslab, interval 1, probability 0, space 0, times 0
[  307.498258][T13750] CPU: 1 UID: 0 PID: 13750 Comm: syz.5.2472 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  307.498286][T13750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.498298][T13750] Call Trace:
[  307.498306][T13750]  <TASK>
[  307.498315][T13750]  dump_stack_lvl+0x189/0x250
[  307.498346][T13750]  ? __pfx____ratelimit+0x10/0x10
[  307.498371][T13750]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.498397][T13750]  ? __pfx__printk+0x10/0x10
[  307.498424][T13750]  ? __pfx___might_resched+0x10/0x10
[  307.498448][T13750]  ? fs_reclaim_acquire+0x7d/0x100
[  307.498474][T13750]  should_fail_ex+0x414/0x560
[  307.498502][T13750]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  307.498526][T13750]  should_failslab+0xa8/0x100
[  307.498548][T13750]  __kvmalloc_node_noprof+0x161/0x5f0
[  307.498568][T13750]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  307.498597][T13750]  rhashtable_init_noprof+0x4ee/0xbb0
[  307.498629][T13750]  rhltable_init_noprof+0x1e/0x60
[  307.498654][T13750]  nf_tables_newtable+0x68f/0x1890
[  307.498699][T13750]  nfnetlink_rcv+0x1132/0x2520
[  307.498759][T13750]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  307.498802][T13750]  ? ref_tracker_free+0x63a/0x7d0
[  307.498858][T13750]  ? __netlink_deliver_tap+0x807/0x850
[  307.498889][T13750]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.498908][T13750]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.498932][T13750]  netlink_unicast+0x75b/0x8d0
[  307.498962][T13750]  netlink_sendmsg+0x805/0xb30
[  307.498993][T13750]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.499017][T13750]  ? aa_sock_msg_perm+0x94/0x160
[  307.499042][T13750]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.499064][T13750]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.499085][T13750]  __sock_sendmsg+0x21c/0x270
[  307.499114][T13750]  ____sys_sendmsg+0x505/0x830
[  307.499151][T13750]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.499183][T13750]  ? import_iovec+0x74/0xa0
[  307.499205][T13750]  ___sys_sendmsg+0x21f/0x2a0
[  307.499229][T13750]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.499291][T13750]  ? __fget_files+0x2a/0x420
[  307.499310][T13750]  ? __fget_files+0x3a0/0x420
[  307.499341][T13750]  __x64_sys_sendmsg+0x19b/0x260
[  307.499366][T13750]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.499399][T13750]  ? __pfx_ksys_write+0x10/0x10
[  307.499423][T13750]  ? do_syscall_64+0xbe/0x3b0
[  307.499444][T13750]  do_syscall_64+0xfa/0x3b0
[  307.499459][T13750]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.499483][T13750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.499503][T13750]  ? clear_bhb_loop+0x60/0xb0
[  307.499525][T13750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.499544][T13750] RIP: 0033:0x7f1c4ab8e929
[  307.499561][T13750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.499577][T13750] RSP: 002b:00007f1c4b9a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.499598][T13750] RAX: ffffffffffffffda RBX: 00007f1c4adb5fa0 RCX: 00007f1c4ab8e929
[  307.499612][T13750] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000004
[  307.499624][T13750] RBP: 00007f1c4b9a8090 R08: 0000000000000000 R09: 0000000000000000
[  307.499636][T13750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.499647][T13750] R13: 0000000000000000 R14: 00007f1c4adb5fa0 R15: 00007ffc676d73f8
[  307.499678][T13750]  </TASK>
[  307.499743][T13750] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2472'.
[  307.605927][T13757] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  308.099779][ T5832] Bluetooth: hci3: command tx timeout
[  308.428643][T13512] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  308.468109][T13512] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  308.507804][T13512] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  308.566635][T13512] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  308.573529][T13802] FAULT_INJECTION: forcing a failure.
[  308.573529][T13802] name failslab, interval 1, probability 0, space 0, times 0
[  308.606435][T13802] CPU: 0 UID: 0 PID: 13802 Comm: syz.5.2487 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  308.606464][T13802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  308.606477][T13802] Call Trace:
[  308.606485][T13802]  <TASK>
[  308.606494][T13802]  dump_stack_lvl+0x189/0x250
[  308.606524][T13802]  ? __pfx____ratelimit+0x10/0x10
[  308.606550][T13802]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.606575][T13802]  ? __pfx__printk+0x10/0x10
[  308.606597][T13802]  ? __pfx___might_resched+0x10/0x10
[  308.606623][T13802]  ? fs_reclaim_acquire+0x7d/0x100
[  308.606648][T13802]  should_fail_ex+0x414/0x560
[  308.606676][T13802]  should_failslab+0xa8/0x100
[  308.606697][T13802]  __kmalloc_cache_noprof+0x70/0x3d0
[  308.606715][T13802]  ? nft_trans_table_add+0x56/0x430
[  308.606744][T13802]  nft_trans_table_add+0x56/0x430
[  308.606773][T13802]  nf_tables_newtable+0xce3/0x1890
[  308.606816][T13802]  nfnetlink_rcv+0x1132/0x2520
[  308.606880][T13802]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  308.606920][T13802]  ? ref_tracker_free+0x63a/0x7d0
[  308.606974][T13802]  ? __netlink_deliver_tap+0x807/0x850
[  308.607004][T13802]  ? netlink_deliver_tap+0x2e/0x1b0
[  308.607023][T13802]  ? netlink_deliver_tap+0x2e/0x1b0
[  308.607049][T13802]  netlink_unicast+0x75b/0x8d0
[  308.607078][T13802]  netlink_sendmsg+0x805/0xb30
[  308.607108][T13802]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.607131][T13802]  ? aa_sock_msg_perm+0x94/0x160
[  308.607155][T13802]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  308.607176][T13802]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.607197][T13802]  __sock_sendmsg+0x21c/0x270
[  308.607226][T13802]  ____sys_sendmsg+0x505/0x830
[  308.607253][T13802]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.607285][T13802]  ? import_iovec+0x74/0xa0
[  308.607307][T13802]  ___sys_sendmsg+0x21f/0x2a0
[  308.607331][T13802]  ? __pfx____sys_sendmsg+0x10/0x10
[  308.607391][T13802]  ? __fget_files+0x2a/0x420
[  308.607409][T13802]  ? __fget_files+0x3a0/0x420
[  308.607440][T13802]  __x64_sys_sendmsg+0x19b/0x260
[  308.607464][T13802]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  308.607495][T13802]  ? __pfx_ksys_write+0x10/0x10
[  308.607511][T13802]  ? rcu_is_watching+0x15/0xb0
[  308.607542][T13802]  ? do_syscall_64+0xbe/0x3b0
[  308.607563][T13802]  do_syscall_64+0xfa/0x3b0
[  308.607578][T13802]  ? lockdep_hardirqs_on+0x9c/0x150
[  308.607601][T13802]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.607620][T13802]  ? clear_bhb_loop+0x60/0xb0
[  308.607642][T13802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.607659][T13802] RIP: 0033:0x7f1c4ab8e929
[  308.607675][T13802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.607691][T13802] RSP: 002b:00007f1c4b9a8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.607710][T13802] RAX: ffffffffffffffda RBX: 00007f1c4adb5fa0 RCX: 00007f1c4ab8e929
[  308.607724][T13802] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000004
[  308.607736][T13802] RBP: 00007f1c4b9a8090 R08: 0000000000000000 R09: 0000000000000000
[  308.607748][T13802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  308.607759][T13802] R13: 0000000000000000 R14: 00007f1c4adb5fa0 R15: 00007ffc676d73f8
[  308.607789][T13802]  </TASK>
[  309.000888][T13809] netlink: 'syz.0.2488': attribute type 1 has an invalid length.
[  309.032444][T13809] netlink: 'syz.0.2488': attribute type 1 has an invalid length.
[  309.069599][T13809] netlink: 'syz.0.2488': attribute type 2 has an invalid length.
[  309.099689][T13822] gtp0: entered promiscuous mode
[  309.182759][T13512] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.202356][T13512] 8021q: adding VLAN 0 to HW filter on device team0
[  309.257810][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.271560][ T4779] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.278743][ T4779] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.284728][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.301045][ T4779] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.308243][ T4779] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.342223][T13830] dvmrp0: entered allmulticast mode
[  309.348631][ T2150] ------------[ cut here ]------------
[  309.354523][ T2150] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  309.365213][ T2150] WARNING: CPU: 1 PID: 2150 at net/mac80211/rate.c:403 __rate_control_send_low+0x5df/0x820
[  309.375275][ T2150] Modules linked in:
[  309.379492][ T2150] CPU: 1 UID: 0 PID: 2150 Comm: kworker/1:2 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  309.391618][ T2150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.401722][ T2150] Workqueue: mld mld_ifc_work
[  309.406443][ T2150] RIP: 0010:__rate_control_send_low+0x5df/0x820
[  309.412706][ T2150] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 a0 7b ae 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 52 18 a6 f6 90 <0f> 0b 90 90 e9 73 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  309.432383][ T2150] RSP: 0018:ffffc900065e6498 EFLAGS: 00010246
[  309.438511][ T2150] RAX: 4a1ad0a32fc90100 RBX: 000000000000000c RCX: ffff888029e8da00
[  309.446548][ T2150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  309.454585][ T2150] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  309.462587][ T2150] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff88805934e168
[  309.470627][ T2150] R13: 0000000000000000 R14: ffff88807aa10e40 R15: ffff88807aa130d8
[  309.478665][ T2150] FS:  0000000000000000(0000) GS:ffff888125d50000(0000) knlGS:0000000000000000
[  309.487764][ T2150] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  309.494377][ T2150] CR2: 0000000000000000 CR3: 000000000df38000 CR4: 00000000003526f0
[  309.502422][ T2150] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  309.510476][ T2150] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  309.518520][ T2150] Call Trace:
[  309.521824][ T2150]  <TASK>
[  309.524834][ T2150]  rate_control_send_low+0x194/0x7a0
[  309.530157][ T2150]  rate_control_get_rate+0x20b/0x5d0
[  309.535521][ T2150]  ieee80211_tx_h_rate_ctrl+0xb32/0x1780
[  309.541182][ T2150]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  309.547290][ T2150]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  309.553538][ T2150]  invoke_tx_handlers_late+0xb6/0x1820
[  309.559044][ T2150]  ? ieee80211_tx_h_select_key+0xc72/0x1900
[  309.564973][ T2150]  ieee80211_tx_dequeue+0x3068/0x4340
[  309.570375][ T2150]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  309.576132][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  309.581539][ T2150]  ieee80211_handle_wake_tx_queue+0x125/0x2a0
[  309.587629][ T2150]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  309.594219][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  309.599617][ T2150]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  309.605381][ T2150]  ? do_raw_spin_unlock+0x122/0x240
[  309.610595][ T2150]  ieee80211_queue_skb+0x19e5/0x2180
[  309.615971][ T2150]  ieee80211_tx+0x297/0x420
[  309.620501][ T2150]  ? __pfx_ieee80211_tx+0x10/0x10
[  309.625556][ T2150]  ? ieee80211_xmit+0x315/0x400
[  309.630399][ T2150]  __ieee80211_subif_start_xmit+0xc49/0x1500
[  309.636436][ T2150]  ? __ieee80211_subif_start_xmit+0x2a6/0x1500
[  309.642604][ T2150]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  309.649057][ T2150]  ? skb_network_protocol+0x508/0x760
[  309.654471][ T2150]  ? ieee80211_multicast_to_unicast+0x19c/0x320
[  309.660740][ T2150]  ieee80211_subif_start_xmit+0xe0/0x510
[  309.666416][ T2150]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  309.672655][ T2150]  ? __lock_acquire+0xab9/0xd20
[  309.677542][ T2150]  dev_hard_start_xmit+0x2d7/0x830
[  309.682660][ T2150]  __dev_queue_xmit+0x1adf/0x3a70
[  309.687732][ T2150]  ? register_lock_class+0x51/0x320
[  309.692952][ T2150]  ? __dev_queue_xmit+0x27e/0x3a70
[  309.698103][ T2150]  ? __pfx___dev_queue_xmit+0x10/0x10
[  309.703471][ T2150]  ? read_seqbegin+0x122/0x250
[  309.708262][ T2150]  ? neigh_resolve_output+0x438/0x750
[  309.713627][ T2150]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.718853][ T2150]  ? read_seqbegin+0x1ac/0x250
[  309.723611][ T2150]  ? __pfx_read_seqbegin+0x10/0x10
[  309.728748][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  309.734123][ T2150]  ? eth_header+0x11b/0x200
[  309.738674][ T2150]  ? __asan_memcpy+0x40/0x70
[  309.743277][ T2150]  ip6_finish_output2+0x11fe/0x16a0
[  309.748506][ T2150]  ? ip6_finish_output2+0x701/0x16a0
[  309.753790][ T2150]  ? __pfx_ip6_finish_output2+0x10/0x10
[  309.759364][ T2150]  ? ip6_mtu+0x7d/0x3f0
[  309.763516][ T2150]  ? ip6_mtu+0x7d/0x3f0
[  309.767697][ T2150]  ip6_finish_output+0x234/0x7d0
[  309.772636][ T2150]  NF_HOOK+0x9e/0x380
[  309.776645][ T2150]  ? NF_HOOK+0x101/0x380
[  309.780882][ T2150]  ? __pfx_NF_HOOK+0x10/0x10
[  309.785517][ T2150]  ? __pfx_dst_output+0x10/0x10
[  309.790378][ T2150]  ? icmp6_dst_alloc+0x3a5/0x420
[  309.795360][ T2150]  ? icmp6_dst_alloc+0x3a5/0x420
[  309.800315][ T2150]  mld_sendpack+0x800/0xd80
[  309.804907][ T2150]  ? mld_sendpack+0x1de/0xd80
[  309.809596][ T2150]  ? __pfx_mld_sendpack+0x10/0x10
[  309.814687][ T2150]  mld_ifc_work+0x835/0xde0
[  309.819202][ T2150]  ? _raw_spin_unlock_irq+0x23/0x50
[  309.824493][ T2150]  ? process_scheduled_works+0x9ef/0x17b0
[  309.830234][ T2150]  process_scheduled_works+0xae1/0x17b0
[  309.835828][ T2150]  ? __pfx_process_scheduled_works+0x10/0x10
[  309.841876][ T2150]  worker_thread+0x8a0/0xda0
[  309.846516][ T2150]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  309.852874][ T2150]  ? __kthread_parkme+0x7b/0x200
[  309.857841][ T2150]  kthread+0x70e/0x8a0
[  309.861909][ T2150]  ? __pfx_worker_thread+0x10/0x10
[  309.867054][ T2150]  ? __pfx_kthread+0x10/0x10
[  309.871642][ T2150]  ? _raw_spin_unlock_irq+0x23/0x50
[  309.876890][ T2150]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.882110][ T2150]  ? __pfx_kthread+0x10/0x10
[  309.886731][ T2150]  ret_from_fork+0x3fc/0x770
[  309.891321][ T2150]  ? __pfx_ret_from_fork+0x10/0x10
[  309.896483][ T2150]  ? __switch_to_asm+0x39/0x70
[  309.901254][ T2150]  ? __switch_to_asm+0x33/0x70
[  309.906066][ T2150]  ? __pfx_kthread+0x10/0x10
[  309.910697][ T2150]  ret_from_fork_asm+0x1a/0x30
[  309.915536][ T2150]  </TASK>
[  309.918572][ T2150] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  309.925888][ T2150] CPU: 1 UID: 0 PID: 2150 Comm: kworker/1:2 Not tainted 6.16.0-rc3-syzkaller-00131-g72fb83735c71 #0 PREEMPT(full) 
[  309.937955][ T2150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.948003][ T2150] Workqueue: mld mld_ifc_work
[  309.952677][ T2150] Call Trace:
[  309.955945][ T2150]  <TASK>
[  309.958873][ T2150]  dump_stack_lvl+0x99/0x250
[  309.963458][ T2150]  ? __asan_memcpy+0x40/0x70
[  309.968037][ T2150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.973258][ T2150]  ? __pfx__printk+0x10/0x10
[  309.977870][ T2150]  panic+0x2db/0x790
[  309.981788][ T2150]  ? __pfx_panic+0x10/0x10
[  309.986211][ T2150]  ? ret_from_fork_asm+0x1a/0x30
[  309.991144][ T2150]  __warn+0x31b/0x4b0
[  309.995143][ T2150]  ? __rate_control_send_low+0x5df/0x820
[  310.000809][ T2150]  ? __rate_control_send_low+0x5df/0x820
[  310.006439][ T2150]  report_bug+0x2be/0x4f0
[  310.010769][ T2150]  ? __rate_control_send_low+0x5df/0x820
[  310.016411][ T2150]  ? __rate_control_send_low+0x5df/0x820
[  310.022038][ T2150]  ? __rate_control_send_low+0x5e1/0x820
[  310.027678][ T2150]  handle_bug+0x84/0x160
[  310.031935][ T2150]  exc_invalid_op+0x1a/0x50
[  310.036431][ T2150]  asm_exc_invalid_op+0x1a/0x20
[  310.041296][ T2150] RIP: 0010:__rate_control_send_low+0x5df/0x820
[  310.047536][ T2150] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 a0 7b ae 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 52 18 a6 f6 90 <0f> 0b 90 90 e9 73 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  310.067162][ T2150] RSP: 0018:ffffc900065e6498 EFLAGS: 00010246
[  310.073233][ T2150] RAX: 4a1ad0a32fc90100 RBX: 000000000000000c RCX: ffff888029e8da00
[  310.081203][ T2150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  310.089170][ T2150] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  310.097137][ T2150] R10: dffffc0000000000 R11: fffffbfff1bfaa04 R12: ffff88805934e168
[  310.105102][ T2150] R13: 0000000000000000 R14: ffff88807aa10e40 R15: ffff88807aa130d8
[  310.113083][ T2150]  ? __rate_control_send_low+0x5de/0x820
[  310.118730][ T2150]  rate_control_send_low+0x194/0x7a0
[  310.124024][ T2150]  rate_control_get_rate+0x20b/0x5d0
[  310.129316][ T2150]  ieee80211_tx_h_rate_ctrl+0xb32/0x1780
[  310.134984][ T2150]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  310.141064][ T2150]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  310.147302][ T2150]  invoke_tx_handlers_late+0xb6/0x1820
[  310.152770][ T2150]  ? ieee80211_tx_h_select_key+0xc72/0x1900
[  310.158669][ T2150]  ieee80211_tx_dequeue+0x3068/0x4340
[  310.164085][ T2150]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  310.169806][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  310.175206][ T2150]  ieee80211_handle_wake_tx_queue+0x125/0x2a0
[  310.181275][ T2150]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  310.187876][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  310.193270][ T2150]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  310.199004][ T2150]  ? do_raw_spin_unlock+0x122/0x240
[  310.204207][ T2150]  ieee80211_queue_skb+0x19e5/0x2180
[  310.209520][ T2150]  ieee80211_tx+0x297/0x420
[  310.214022][ T2150]  ? __pfx_ieee80211_tx+0x10/0x10
[  310.219060][ T2150]  ? ieee80211_xmit+0x315/0x400
[  310.223908][ T2150]  __ieee80211_subif_start_xmit+0xc49/0x1500
[  310.229912][ T2150]  ? __ieee80211_subif_start_xmit+0x2a6/0x1500
[  310.236072][ T2150]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  310.242486][ T2150]  ? skb_network_protocol+0x508/0x760
[  310.247860][ T2150]  ? ieee80211_multicast_to_unicast+0x19c/0x320
[  310.254099][ T2150]  ieee80211_subif_start_xmit+0xe0/0x510
[  310.259731][ T2150]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  310.265989][ T2150]  ? __lock_acquire+0xab9/0xd20
[  310.270846][ T2150]  dev_hard_start_xmit+0x2d7/0x830
[  310.275978][ T2150]  __dev_queue_xmit+0x1adf/0x3a70
[  310.280999][ T2150]  ? register_lock_class+0x51/0x320
[  310.286202][ T2150]  ? __dev_queue_xmit+0x27e/0x3a70
[  310.291328][ T2150]  ? __pfx___dev_queue_xmit+0x10/0x10
[  310.296700][ T2150]  ? read_seqbegin+0x122/0x250
[  310.301456][ T2150]  ? neigh_resolve_output+0x438/0x750
[  310.306825][ T2150]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.312023][ T2150]  ? read_seqbegin+0x1ac/0x250
[  310.316789][ T2150]  ? __pfx_read_seqbegin+0x10/0x10
[  310.321888][ T2150]  ? __local_bh_enable_ip+0x12d/0x1c0
[  310.327260][ T2150]  ? eth_header+0x11b/0x200
[  310.331763][ T2150]  ? __asan_memcpy+0x40/0x70
[  310.336397][ T2150]  ip6_finish_output2+0x11fe/0x16a0
[  310.341615][ T2150]  ? ip6_finish_output2+0x701/0x16a0
[  310.346906][ T2150]  ? __pfx_ip6_finish_output2+0x10/0x10
[  310.352450][ T2150]  ? ip6_mtu+0x7d/0x3f0
[  310.356603][ T2150]  ? ip6_mtu+0x7d/0x3f0
[  310.360757][ T2150]  ip6_finish_output+0x234/0x7d0
[  310.365695][ T2150]  NF_HOOK+0x9e/0x380
[  310.369677][ T2150]  ? NF_HOOK+0x101/0x380
[  310.373914][ T2150]  ? __pfx_NF_HOOK+0x10/0x10
[  310.378507][ T2150]  ? __pfx_dst_output+0x10/0x10
[  310.383354][ T2150]  ? icmp6_dst_alloc+0x3a5/0x420
[  310.388292][ T2150]  ? icmp6_dst_alloc+0x3a5/0x420
[  310.393232][ T2150]  mld_sendpack+0x800/0xd80
[  310.397750][ T2150]  ? mld_sendpack+0x1de/0xd80
[  310.402426][ T2150]  ? __pfx_mld_sendpack+0x10/0x10
[  310.407470][ T2150]  mld_ifc_work+0x835/0xde0
[  310.411975][ T2150]  ? _raw_spin_unlock_irq+0x23/0x50
[  310.417171][ T2150]  ? process_scheduled_works+0x9ef/0x17b0
[  310.422900][ T2150]  process_scheduled_works+0xae1/0x17b0
[  310.428476][ T2150]  ? __pfx_process_scheduled_works+0x10/0x10
[  310.434474][ T2150]  worker_thread+0x8a0/0xda0
[  310.439071][ T2150]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  310.445403][ T2150]  ? __kthread_parkme+0x7b/0x200
[  310.450340][ T2150]  kthread+0x70e/0x8a0
[  310.454408][ T2150]  ? __pfx_worker_thread+0x10/0x10
[  310.459519][ T2150]  ? __pfx_kthread+0x10/0x10
[  310.464104][ T2150]  ? _raw_spin_unlock_irq+0x23/0x50
[  310.469302][ T2150]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.474500][ T2150]  ? __pfx_kthread+0x10/0x10
[  310.479094][ T2150]  ret_from_fork+0x3fc/0x770
[  310.483693][ T2150]  ? __pfx_ret_from_fork+0x10/0x10
[  310.488811][ T2150]  ? __switch_to_asm+0x39/0x70
[  310.493570][ T2150]  ? __switch_to_asm+0x33/0x70
[  310.498327][ T2150]  ? __pfx_kthread+0x10/0x10
[  310.502915][ T2150]  ret_from_fork_asm+0x1a/0x30
[  310.507695][ T2150]  </TASK>
[  310.510958][ T2150] Kernel Offset: disabled
[  310.515279][ T2150] Rebooting in 86400 seconds..