last executing test programs:

1m9.783109128s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

56.556845416s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

43.636977139s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

29.944990144s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

17.327862621s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

9.077008065s ago: executing program 2 (id=2517):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0xdc, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xac, 0x2, {{0x8, 0x99, 0x755}, [@TCA_NETEM_CORR={0x10, 0x1, {0x0, 0x10}}, @TCA_NETEM_RATE64={0xc, 0x8, 0x1db3d9d0d3c583fc}, @TCA_NETEM_REORDER={0xc}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x3, 0x3, 0xffff, 0x2, 0x0, 0x306e}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x6, 0x24000000}}, @TCA_NETEM_REORDER={0xc, 0x3, {0xff, 0xfffffffe}}, @TCA_NETEM_RATE={0x14, 0x6, {0xffff8001, 0x7, 0xfffffff8, 0xc2a}}, @TCA_NETEM_CORR={0x10, 0x1, {0xff, 0x1, 0x2}}]}}}]}, 0xdc}, 0x1, 0x0, 0x0, 0x14}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2a, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x0, 0xa}}}, 0x24}}, 0x0) (fail_nth: 4)

8.525065012s ago: executing program 2 (id=2521):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x900}, [@call={0x85, 0x0, 0x0, 0x75}]}, &(0x7f00000001c0)='GPL\x00', 0x4}, 0x90)

8.390149588s ago: executing program 2 (id=2525):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0xfe}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB='7'], 0x0}, 0x90)
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'veth0_macvtap\x00', @random='\x00\x00\x00 \x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x89f1, &(0x7f0000000900)={'ip6tnl0\x00', @random="0c0000201800"})

8.147150029s ago: executing program 2 (id=2528):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB="0017"], 0xc8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x3, 0x7, 0x201}, 0x14}}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4)
unshare(0x22020400)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x40286608, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r6=>0x0})
getsockopt$IP6T_SO_GET_ENTRIES(r5, 0x29, 0x41, &(0x7f0000000440)=ANY=[@ANYBLOB="6e61740000000000000000000000000000000000000000000000000000000000c4fdf9e1a21d695759e28d709713cbbd5ac2ac379e0fc15688ebd3fbf9de7b580811b254c7a44fe6173c64de87aade90a8822075c1589224e4d44eaeada79ffe08d7c1517554dda76cf2abf7470e96cab9365bf9be50acecc301f2ea840ca1d2dc3a54e21516cac1f35a60fd4d0b18730ce30699cdb98d6246763a9ca1cf49546fe8801357663e4a053d451fb303d764dc3971205660cd09190333622643edc6a643f57f43eea751e00a8bc71c3d4b91ec35b8090501303f5fa2"], &(0x7f0000000240)=0xe8)
clock_gettime(0x0, &(0x7f0000000300)={<r7=>0x0, <r8=>0x0})
sendmsg$can_bcm(r5, &(0x7f0000000400)={&(0x7f00000002c0)={0x1d, r6}, 0x10, &(0x7f00000003c0)={&(0x7f0000000340)={0x4, 0x0, 0x4, {0x77359400}, {r7, r8/1000+60000}, {}, 0x1, @canfd={{0x4, 0x1, 0x0, 0x1}, 0x21, 0x3, 0x0, 0x0, "1c6a8b6cfefcaf6278f22132a715e65e6d2232b7fd9a1035fc99a2b8f732155d9ff4fe0acf80cac673d75d4653d83c751ce1bb29b5d8eae989711039eaccab12"}}, 0x80}, 0x1, 0x0, 0x0, 0x8844}, 0x4040080)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r9, &(0x7f0000000000), 0x180000)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r5, r9}, 0xc)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x7, 0x0, 0x8, 0x1}, 0x48)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x570, @private2}}, [0x5, 0x9, 0x100000000, 0x8001, 0x8, 0x3, 0x6, 0x1, 0x7fffffff, 0x6, 0x4, 0xa808, 0x3, 0x72, 0xffffffffffffffff]}, &(0x7f0000000540)=0x100)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r10}, &(0x7f0000000040)=0x18, &(0x7f0000000140)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff02c}, {0x6}]}, 0x10)

7.193422825s ago: executing program 2 (id=2535):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg1\x00', <r2=>0x0})
r3 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c)
r4 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r4, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c)
sendto$inet6(r4, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)
recvfrom(r3, &(0x7f0000000040)=""/180, 0xb4, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r6, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="200025bd7000fedbdf255300000008000300", @ANYRES32=r10, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00=\x00\x00\x00'], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)={0x104, r5, 0x405, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}, @WGDEVICE_A_PEERS={0xbc, 0x8, 0x0, 0x1, [{0x68, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac4"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @local}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @local}}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6}]}, 0x104}}, 0x0)
getsockopt$rose(r0, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

5.686371595s ago: executing program 2 (id=2541):
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket(0x1d, 0x2, 0x6)
socket$caif_stream(0x25, 0x1, 0x0)
pipe(&(0x7f0000000100))
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x403, 0x10000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}}, 0x0)

5.24372623s ago: executing program 3 (id=2546):
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6a, 0x0, 0x0, 0x20000071)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r4, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_CONFIG(r5, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4011}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
ppoll(&(0x7f0000000480)=[{r1}, {r0}, {r5}], 0x3, &(0x7f0000000100)={0x77359400}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="44000000100001040000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002c0002000000080004"], 0x44}}, 0x0)
sendmsg$xdp(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[{}, {&(0x7f0000000040)="73f5e489cd", 0x5}, {&(0x7f0000000140)="7749d738ace072d2ce81808cb3d9f88d12ea62a41dd983a515b3de2cd40b753c91d1a36a7c0ed3c6b839f25b9ca4a3679ab34dbcfcbb34b1e44124cdc0ab8873c6e6f202173d34ad0b724d99f13bbde69f42b4628c2174a3422762fba940b569d0fab7d96bbf7f0731a245dc", 0x6c}, {&(0x7f00000000c0)="aa569dea65648c51fdbe9285de3e6a9f9cc5b43014fcbd71cd356e0fa86d120d0a1af458b4ce8ef93aa3949a4f008ff03a22a1e93b8e5e407aa0843c", 0x3c}, {&(0x7f00000001c0)="e3daa5adaab9a3dd465612721d1ea9ba4f5abbbf2c0225366a605d9bb0db09187b609149b374d28c7d4241d1ee67a252e0689e1f6997c7079a4e2e9c73b701a4b3dd60021300ce763088c4d5903833e39177ad8ada0c5371b39677fb25fb9ff5bbb7f3c28961d3d4f9b52d800cff98e7c59087cd9a61d02676929d1af3af16714886088a4a7933eeb10b6fc5569b749e6626d4dcf150b693b20553733884f9b353776a8e66e11128d6dc7b94c354f363931247a122aad1cd9495d1623e13dfc031d5c64cf2b9", 0xc6}], 0x5, 0x0, 0x0, 0x4000804}, 0x5)

4.896167607s ago: executing program 1 (id=2550):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="9700000000000000620a00000000000007000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x23)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x28, 0x5, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000008200000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x62b}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x41, &(0x7f0000000000)=0xff, 0x4)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000090000000e0001006e65744a657673696d0000000f0002"], 0x44}}, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r3, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000280)=""/252, 0xfc}], 0x1}}], 0x1, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000880)={'syztnl0\x00', <r7=>0x0, 0x700, 0x1, 0x3ff, 0xeff, {{0x16, 0x4, 0x1, 0x9, 0x58, 0x65, 0x0, 0x6, 0x29, 0x0, @multicast2, @local, {[@lsrr={0x83, 0x7, 0x44, [@dev={0xac, 0x14, 0x14, 0x18}]}, @generic={0x41, 0x5, "2ee394"}, @noop, @timestamp_addr={0x44, 0x34, 0x79, 0x1, 0x5, [{@local}, {@loopback, 0x9}, {@empty, 0x4000000}, {@loopback, 0x5}, {@multicast1, 0x2100}, {@private=0xa010102, 0x8}]}]}}}}})
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000004c0)=0xffffffffffffffff, 0x4)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={0x0, 0x7f, 0x10}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="2110ef1c", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000000850000008600000018130000", @ANYRES32=r4, @ANYBLOB="000000000000000054b7300001000000"], &(0x7f0000000380)='GPL\x00', 0x1000000, 0x0, 0x0, 0x41100, 0x42, '\x00', r7, 0x0, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000500)={0x3, 0xf, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000580)=[r9], &(0x7f00000005c0)=[{0x3, 0x3, 0xb, 0x7}, {0x0, 0x3, 0x1, 0x8}, {0x1, 0x4, 0x9, 0xa}, {0x3, 0x2, 0x1, 0x1}], 0x10, 0x5462}, 0x90)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)

4.234539031s ago: executing program 3 (id=2553):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg1\x00', <r2=>0x0})
r3 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c)
r4 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r4, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c)
sendto$inet6(r4, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)
recvfrom(r3, &(0x7f0000000040)=""/180, 0xb4, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r6, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="200025bd7000fedbdf255300000008000300", @ANYRES32=r10, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00=\x00\x00\x00'], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)={0x104, r5, 0x405, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}, @WGDEVICE_A_PEERS={0xbc, 0x8, 0x0, 0x1, [{0x68, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac4"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @local}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @local}}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6}]}, 0x104}}, 0x0)
getsockopt$rose(r0, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

3.964950653s ago: executing program 0 (id=2554):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)={0x54, r1, 0x1, 0x0, 0x0, {{0x3b, 0x0, 0xfffc}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, @val={0x8c, 0x18, {0x0, "dca68d1e5324", @long="9c487c76d3df5768f36e2daec67caf34"}}}}]}, 0x54}}, 0x0)

3.910856091s ago: executing program 4 (id=922):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x2, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000001208400000000000000a500ffffffffff8095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x93, &(0x7f0000002000)=""/147}, 0x90)

2.213565351s ago: executing program 0 (id=2555):
r0 = socket$inet(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x8100}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}, @TCA_RATE={0x6}]}, 0x4c}}, 0x0)

2.21028168s ago: executing program 1 (id=2556):
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {}, {}, {0x6, 0x0, 0x9}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @remote={0xac, 0x3}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x4}]}, 0x68}}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'virt_wifi0\x00', @random="0200002000"})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=r4, @ANYBLOB="00b47e9a34"], 0x9)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r4, 0x7f}, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))

2.201466591s ago: executing program 3 (id=2557):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
syz_genetlink_get_family_id$devlink(0x0, r0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0xe5c}, {&(0x7f00000003c0)=""/248, 0xf0}], 0x4, 0x0, 0x353}}], 0x400000000000010, 0x0, 0x0)

1.924920903s ago: executing program 0 (id=2558):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)='o', 0x1}], 0x1}}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB='\x00'], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x38, r2, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x2}]}]}]}, 0x38}}, 0x0)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000f000000240007800800020001"], 0x38}}, 0x0)

1.924363329s ago: executing program 1 (id=2559):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x80001, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x5, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
pipe(&(0x7f0000000100))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r5=>0x0})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x60, 0x10, 0x609, 0x0, 0x11000000, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r5}, @IFLA_ADDRESS={0xa, 0x1, @dev}, @IFLA_MTU={0x8}]}, 0x60}}, 0x0)

1.92387174s ago: executing program 3 (id=2560):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8"], 0x0}, 0x90)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300741300000800c400"], 0x30}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4, <r5=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}]}, &(0x7f0000000600)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}]}, &(0x7f0000000600)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000d00000095"], &(0x7f0000000700)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r7, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a85009a10d943a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x14, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x64) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r7, 0xe0, &(0x7f0000000600)={0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a85009a10d943a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x14, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x64)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000780)={r8}, 0x4)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)={@map=0x1, r9, 0x2f, 0x0, 0xffffffffffffffff, @prog_id}, 0x20)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000080)={@map=0x1, r9, 0x2f, 0x0, 0xffffffffffffffff, @prog_fd=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0}, 0x0) (async)
sendmsg$nl_xfrm(r6, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0}, 0x0)
r10 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r6, 0x89f0, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000180)={'tunl0\x00', <r11=>0x0, 0x7, 0x80, 0x6, 0xffff, {{0x26, 0x4, 0x1, 0x6, 0x98, 0x64, 0x0, 0x2d, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, {[@cipso={0x86, 0x52, 0x1, [{0x1, 0x9, "c087a17e47f319"}, {0x1, 0x10, "60b84f7a0bcccf66a7b18fb7053e"}, {0x7, 0xb, "bd70d36e98629b2763"}, {0x7, 0x7, "8e16f30401"}, {0x1, 0xd, "fc28ec18513e56d4aa00ed"}, {0x759e47f508277e6f, 0x9, "ab5ebb4bfb1bbe"}, {0x2, 0xb, "188240124bb90259f5"}]}, @rr={0x7, 0x17, 0x2c, [@multicast1, @private=0xa010101, @broadcast, @loopback, @dev={0xac, 0x14, 0x14, 0x43}]}, @end, @rr={0x7, 0x17, 0x6e, [@dev={0xac, 0x14, 0x14, 0xa}, @rand_addr=0x64010102, @remote, @rand_addr=0x64010101, @multicast2]}]}}}}})
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@ipv6_getroute={0x38, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca}, [@RTA_IIF={0x8, 0x3, r11}, @RTA_GATEWAY={0x14, 0x5, @private2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x8080) (async)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@ipv6_getroute={0x38, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca}, [@RTA_IIF={0x8, 0x3, r11}, @RTA_GATEWAY={0x14, 0x5, @private2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004}, 0x8080)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r12}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r12}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1.61704836s ago: executing program 0 (id=2561):
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0xf0ff, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xfffff7e8, 0x0, 0x0, 0x0, 0x2}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)
r1 = socket$tipc(0x1e, 0x0, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r1, 0x10f, 0x86)
bpf$ITER_CREATE(0x21, 0x0, 0x0)

1.594288214s ago: executing program 1 (id=2562):
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6a, 0x0, 0x0, 0x20000071)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r4, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_CONFIG(r5, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4011}, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
ppoll(&(0x7f0000000480)=[{r1}, {r0}, {r5}], 0x3, &(0x7f0000000100)={0x77359400}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="44000000100001040000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002c0002000000080004"], 0x44}}, 0x0)
sendmsg$xdp(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[{}, {&(0x7f0000000040)="73f5e489cd", 0x5}, {&(0x7f0000000140)="7749d738ace072d2ce81808cb3d9f88d12ea62a41dd983a515b3de2cd40b753c91d1a36a7c0ed3c6b839f25b9ca4a3679ab34dbcfcbb34b1e44124cdc0ab8873c6e6f202173d34ad0b724d99f13bbde69f42b4628c2174a3422762fba940b569d0fab7d96bbf7f0731a245dc", 0x6c}, {&(0x7f00000000c0)="aa569dea65648c51fdbe9285de3e6a9f9cc5b43014fcbd71cd356e0fa86d120d0a1af458b4ce8ef93aa3949a4f008ff03a22a1e93b8e5e407aa0843c", 0x3c}, {&(0x7f00000001c0)="e3daa5adaab9a3dd465612721d1ea9ba4f5abbbf2c0225366a605d9bb0db09187b609149b374d28c7d4241d1ee67a252e0689e1f6997c7079a4e2e9c73b701a4b3dd60021300ce763088c4d5903833e39177ad8ada0c5371b39677fb25fb9ff5bbb7f3c28961d3d4f9b52d800cff98e7c59087cd9a61d02676929d1af3af16714886088a4a7933eeb10b6fc5569b749e6626d4dcf150b693b20553733884f9b353776a8e66e11128d6dc7b94c354f363931247a122aad1cd9495d1623e13dfc031d5c64cf2b9", 0xc6}], 0x5, 0x0, 0x0, 0x4000804}, 0x5)

1.574141298s ago: executing program 3 (id=2563):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0xa}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @local, @multicast1}, {0x8100, 0x6558, 0x18, 0x0, @wg=@data}}}}}}, 0x3e)

1.364848836s ago: executing program 0 (id=2564):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x1027, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x2}, @TCA_FQ_QUANTUM={0x8}]}}]}, 0x40}}, 0x0)

656.738142ms ago: executing program 1 (id=2565):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000af735e4f1f641c5100200008000300"/31, @ANYRES32=0x0, @ANYBLOB="0800050002000000"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@security={'security\x00', 0x4, 0x4, 0x3b8, 0xffffffff, 0xd0, 0x1a8, 0xd0, 0xffffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x7fffffe, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'bridge_slave_1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x3}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'geneve1\x00', 'macvlan0\x00'}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'syz0\x00'}}, @common=@ipv6header={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="20002cbd7000fbdbdf251d0000000c009900010000006100000008000300", @ANYRES32=0x0, @ANYBLOB="03000300", @ANYRES32=0x0, @ANYBLOB], 0x30}}, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x110) (async)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x110)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
connect$netrom(r3, &(0x7f0000000140)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose}, [@null, @default, @default, @default, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$igmp(0x2, 0x3, 0x2) (async)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x0, @link_local}, 0x4a, {}, 'lo\x00'})
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r8, 0x6b, 0x1, 0x0, 0x0) (async)
setsockopt$SO_J1939_FILTER(r8, 0x6b, 0x1, 0x0, 0x0)
gettid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000000000000000000d03000000000000000000000204000000000000000000000b020000000000000061"], 0x0, 0x52}, 0x20) (async)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000000000000000000d03000000000000000000000204000000000000000000000b020000000000000061"], 0x0, 0x52}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x0, 0xca8, 0x10001, 0x0, 0x1, 0x0, '\x00', 0x0, r9, 0x0, 0x5}, 0x48)
r10 = socket$netlink(0x10, 0x3, 0x0)
writev(r10, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) (async)
writev(r10, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10) (async)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
socket$igmp6(0xa, 0x3, 0x2) (async)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000000))

89.720599ms ago: executing program 3 (id=2566):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=@framed={{0x18, 0x0, 0x0, 0x0, 0x81ff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

871.06µs ago: executing program 0 (id=2567):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg1\x00', <r2=>0x0})
r3 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c)
r4 = socket$inet6(0xa, 0x802, 0x88)
setsockopt$inet6_udp_int(r4, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c)
sendto$inet6(r4, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)
recvfrom(r3, &(0x7f0000000040)=""/180, 0xb4, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r6, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="200025bd7000fedbdf255300000008000300", @ANYRES32=r10, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00=\x00\x00\x00'], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)={0x104, r5, 0x405, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}, @WGDEVICE_A_PEERS={0xbc, 0x8, 0x0, 0x1, [{0x68, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac4"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x0, @local}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @local}}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6}]}, 0x104}}, 0x0)
getsockopt$rose(r0, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

0s ago: executing program 1 (id=2568):
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {}, {}, {0x6, 0x0, 0x9}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @remote={0xac, 0x3}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x4}]}, 0x68}}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'virt_wifi0\x00', @random="0200002000"})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=r4, @ANYBLOB="00b47e9a34"], 0x9)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r4, 0x7f}, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))

kernel console output (not intermixed with test programs):

 243.610419][T10782] netlink: 'syz.3.1680': attribute type 5 has an invalid length.
[  243.699343][T10784] FAULT_INJECTION: forcing a failure.
[  243.699343][T10784] name failslab, interval 1, probability 0, space 0, times 0
[  243.726440][T10784] CPU: 0 PID: 10784 Comm: syz.3.1681 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  243.736665][T10784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  243.746876][T10784] Call Trace:
[  243.750168][T10784]  <TASK>
[  243.753111][T10784]  dump_stack_lvl+0x241/0x360
[  243.757805][T10784]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.763116][T10784]  ? __pfx__printk+0x10/0x10
[  243.767804][T10784]  ? __pfx___might_resched+0x10/0x10
[  243.773117][T10784]  should_fail_ex+0x3b0/0x4e0
[  243.777815][T10784]  ? sock_kmalloc+0xd7/0x160
[  243.782420][T10784]  should_failslab+0x9/0x20
[  243.786941][T10784]  __kmalloc_noprof+0xd8/0x400
[  243.791735][T10784]  ? __might_fault+0xaa/0x120
[  243.796508][T10784]  sock_kmalloc+0xd7/0x160
[  243.800945][T10784]  ____sys_sendmsg+0x216/0x7d0
[  243.805734][T10784]  ? __pfx_____sys_sendmsg+0x10/0x10
[  243.811049][T10784]  __sys_sendmsg+0x2b0/0x3a0
[  243.815659][T10784]  ? __pfx___sys_sendmsg+0x10/0x10
[  243.820781][T10784]  ? vfs_write+0x7c4/0xc90
[  243.825241][T10784]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  243.831579][T10784]  ? do_syscall_64+0x100/0x230
[  243.836375][T10784]  ? do_syscall_64+0xb6/0x230
[  243.841187][T10784]  do_syscall_64+0xf3/0x230
[  243.845732][T10784]  ? clear_bhb_loop+0x35/0x90
[  243.850538][T10784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.856468][T10784] RIP: 0033:0x7fc78f175bd9
[  243.860904][T10784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.880553][T10784] RSP: 002b:00007fc78ffe9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  243.889009][T10784] RAX: ffffffffffffffda RBX: 00007fc78f303f60 RCX: 00007fc78f175bd9
[  243.896991][T10784] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  243.904972][T10784] RBP: 00007fc78ffe90a0 R08: 0000000000000000 R09: 0000000000000000
[  243.912951][T10784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.920933][T10784] R13: 000000000000000b R14: 00007fc78f303f60 R15: 00007ffc897d6098
[  243.928927][T10784]  </TASK>
[  244.559600][T10617] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  244.600662][T10617] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  244.626376][ T5114] Bluetooth: hci2: command tx timeout
[  244.675070][T10617] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  244.740907][T10617] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  244.772576][T10813] netlink: 'syz.2.1693': attribute type 33 has an invalid length.
[  244.802175][T10813] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1693'.
[  244.905384][T10823] xt_TCPMSS: Only works on TCP SYN packets
[  245.136196][T10831] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1696'.
[  245.155964][T10831] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1696'.
[  245.344456][T10617] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.401260][T10617] 8021q: adding VLAN 0 to HW filter on device team0
[  245.462754][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.470011][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.527001][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.534243][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.948828][T10869] FAULT_INJECTION: forcing a failure.
[  245.948828][T10869] name failslab, interval 1, probability 0, space 0, times 0
[  246.001648][T10869] CPU: 0 PID: 10869 Comm: syz.0.1706 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  246.011875][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  246.021968][T10869] Call Trace:
[  246.025277][T10869]  <TASK>
[  246.028232][T10869]  dump_stack_lvl+0x241/0x360
[  246.032954][T10869]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.038190][T10869]  ? __pfx__printk+0x10/0x10
[  246.042833][T10869]  should_fail_ex+0x3b0/0x4e0
[  246.047563][T10869]  ? __alloc_skb+0x1c3/0x440
[  246.052203][T10869]  should_failslab+0x9/0x20
[  246.056755][T10869]  kmem_cache_alloc_node_noprof+0x71/0x320
[  246.062605][T10869]  ? br_get_link_af_size_filtered+0xdb/0xd30
[  246.068616][T10869]  __alloc_skb+0x1c3/0x440
[  246.073056][T10869]  ? __pfx___alloc_skb+0x10/0x10
[  246.078006][T10869]  ? if_nlmsg_size+0x744/0x7a0
[  246.082814][T10869]  ? if_nlmsg_size+0x53a/0x7a0
[  246.087605][T10869]  rtmsg_ifinfo_build_skb+0x84/0x260
[  246.092905][T10869]  ? in6_dev_get+0x22a/0x290
[  246.097537][T10869]  ? notifier_call_chain+0x162/0x3e0
[  246.102857][T10869]  rtmsg_ifinfo+0x91/0x1b0
[  246.107354][T10869]  netdev_state_change+0x139/0x1a0
[  246.112487][T10869]  ? __pfx_netdev_state_change+0x10/0x10
[  246.118138][T10869]  ? __nla_parse+0x40/0x60
[  246.122568][T10869]  do_setlink+0x3e3/0x41f0
[  246.127005][T10869]  ? __pfx_nsim_set_vf_vlan+0x10/0x10
[  246.132398][T10869]  ? __pfx_do_setlink+0x10/0x10
[  246.137286][T10869]  ? __nla_validate_parse+0x26ce/0x3090
[  246.142841][T10869]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  246.148225][T10869]  ? rtnl_newlink+0xf2/0x20a0
[  246.152960][T10869]  ? validate_linkmsg+0x71e/0x900
[  246.158001][T10869]  rtnl_newlink+0x180d/0x20a0
[  246.162705][T10869]  ? rtnl_newlink+0x511/0x20a0
[  246.167493][T10869]  ? __pfx_rtnl_newlink+0x10/0x10
[  246.172530][T10869]  ? __pfx___mutex_trylock_common+0x10/0x10
[  246.178442][T10869]  ? rcu_is_watching+0x15/0xb0
[  246.183222][T10869]  ? trace_contention_end+0x3c/0x120
[  246.188521][T10869]  ? __mutex_lock+0x2ef/0xd70
[  246.193220][T10869]  ? __pfx_lock_release+0x10/0x10
[  246.198268][T10869]  ? __pfx_rtnl_newlink+0x10/0x10
[  246.203305][T10869]  rtnetlink_rcv_msg+0x89b/0x1180
[  246.208341][T10869]  ? rtnetlink_rcv_msg+0x208/0x1180
[  246.213551][T10869]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  246.219028][T10869]  ? __local_bh_enable_ip+0x168/0x200
[  246.224405][T10869]  ? lockdep_hardirqs_on+0x99/0x150
[  246.229625][T10869]  ? __local_bh_enable_ip+0x168/0x200
[  246.235002][T10869]  ? dev_hard_start_xmit+0x773/0x7e0
[  246.240301][T10869]  ? __dev_queue_xmit+0x2da/0x3e90
[  246.245432][T10869]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  246.251170][T10869]  ? __dev_queue_xmit+0x2da/0x3e90
[  246.256304][T10869]  ? __dev_queue_xmit+0x1763/0x3e90
[  246.261531][T10869]  ? kasan_save_track+0x51/0x80
[  246.266400][T10869]  ? do_syscall_64+0xf3/0x230
[  246.271092][T10869]  ? __dev_queue_xmit+0x2da/0x3e90
[  246.276225][T10869]  ? __pfx___dev_queue_xmit+0x10/0x10
[  246.281625][T10869]  ? ref_tracker_free+0x643/0x7e0
[  246.286682][T10869]  netlink_rcv_skb+0x1e3/0x430
[  246.291461][T10869]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  246.296929][T10869]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  246.302244][T10869]  ? netlink_deliver_tap+0x2e/0x1b0
[  246.307461][T10869]  netlink_unicast+0x7f0/0x990
[  246.312239][T10869]  ? __pfx_netlink_unicast+0x10/0x10
[  246.317547][T10869]  ? __virt_addr_valid+0x183/0x520
[  246.322675][T10869]  ? __check_object_size+0x49c/0x900
[  246.327975][T10869]  ? bpf_lsm_netlink_send+0x9/0x10
[  246.333101][T10869]  netlink_sendmsg+0x8e4/0xcb0
[  246.337887][T10869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.343197][T10869]  ? __import_iovec+0x536/0x820
[  246.348054][T10869]  ? aa_sock_msg_perm+0x91/0x160
[  246.353008][T10869]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  246.358300][T10869]  ? security_socket_sendmsg+0x87/0xb0
[  246.363775][T10869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.369069][T10869]  __sock_sendmsg+0x221/0x270
[  246.373764][T10869]  ____sys_sendmsg+0x525/0x7d0
[  246.378552][T10869]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.383862][T10869]  __sys_sendmsg+0x2b0/0x3a0
[  246.388469][T10869]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.393618][T10869]  ? bpf_trace_run2+0x1fc/0x540
[  246.398479][T10869]  ? bpf_trace_run2+0x36e/0x540
[  246.403352][T10869]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.409701][T10869]  ? rcu_is_watching+0x15/0xb0
[  246.414473][T10869]  ? trace_sys_enter+0x1f/0xd0
[  246.419250][T10869]  do_syscall_64+0xf3/0x230
[  246.423759][T10869]  ? clear_bhb_loop+0x35/0x90
[  246.428457][T10869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.434356][T10869] RIP: 0033:0x7f4360575bd9
[  246.438783][T10869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.458419][T10869] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.466847][T10869] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  246.474844][T10869] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  246.482907][T10869] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  246.490882][T10869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.498855][T10869] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  246.506851][T10869]  </TASK>
[  246.530038][T10869] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  246.709199][ T5114] Bluetooth: hci2: command tx timeout
[  246.785053][T10885] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1712'.
[  246.962117][T10617] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.136335][T10897] xt_TCPMSS: Only works on TCP SYN packets
[  247.803772][T10617] veth0_vlan: entered promiscuous mode
[  247.889075][T10617] veth1_vlan: entered promiscuous mode
[  247.939443][T10939] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1727'.
[  247.992341][T10617] veth0_macvtap: entered promiscuous mode
[  248.030327][T10617] veth1_macvtap: entered promiscuous mode
[  248.113838][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.160074][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.193370][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.226548][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.269632][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.305109][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.333154][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.354296][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.386086][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.412869][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.447565][T10617] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.509117][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.563629][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.606905][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.631554][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.673183][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.686164][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.698047][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.712590][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.723011][T10617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.734691][T10617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.749469][T10617] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.764297][T10965] dummy0: Device is already in use.
[  248.802019][T10617] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.830201][T10617] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.855907][T10617] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.864667][T10617] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.187775][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.222638][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.297280][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.313991][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.503999][T10998] dummy0: Device is already in use.
[  249.697946][T11009] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1753'.
[  250.143180][T11035] xt_TCPMSS: Only works on TCP SYN packets
[  250.284328][T11039] netlink: 3056 bytes leftover after parsing attributes in process `syz.3.1764'.
[  250.294918][T11039] netlink: 'syz.3.1764': attribute type 1 has an invalid length.
[  250.304662][T11039] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.1764'.
[  250.564059][ T1108] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.606392][T11048] netlink: 'syz.3.1769': attribute type 1 has an invalid length.
[  250.919168][ T1108] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.084433][ T1108] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.143530][ T1108] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.265435][ T1108] bridge_slave_1: left allmulticast mode
[  251.275421][ T1108] bridge_slave_1: left promiscuous mode
[  251.284637][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.294642][ T1108] bridge_slave_0: left allmulticast mode
[  251.301001][ T1108] bridge_slave_0: left promiscuous mode
[  251.307812][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.535982][T11058] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.687127][T11063] netlink: set zone limit has 4 unknown bytes
[  251.691363][T11064] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1774'.
[  251.735487][T11064] openvswitch: netlink: Multiple metadata blocks provided
[  251.974584][ T5105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  251.986886][ T5105] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  252.006272][ T5105] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  252.024458][ T5105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  252.038301][ T5105] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  252.051929][ T5105] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  252.163260][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.180269][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.193042][ T1108] bond0 (unregistering): Released all slaves
[  252.209785][T11062] netlink: 666 bytes leftover after parsing attributes in process `syz.1.1775'.
[  252.219669][T11066] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1775'.
[  252.234907][T11066] xfrm1: entered promiscuous mode
[  252.266271][T11066] xfrm1: entered allmulticast mode
[  252.278365][T11068] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1777'.
[  252.481749][T11079] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1780'.
[  252.505015][T11079] netlink: 'syz.0.1780': attribute type 13 has an invalid length.
[  252.771052][ T1108] hsr_slave_0: left promiscuous mode
[  252.784327][ T1108] hsr_slave_1: left promiscuous mode
[  252.802698][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.825567][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.834586][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.858565][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.932616][ T1108] veth1_macvtap: left promiscuous mode
[  252.938977][ T1108] veth0_macvtap: left promiscuous mode
[  252.944790][ T1108] veth1_vlan: left promiscuous mode
[  252.951353][ T1108] veth0_vlan: left promiscuous mode
[  253.492746][ T1108] team0 (unregistering): Port device team_slave_1 removed
[  253.551078][ T1108] team0 (unregistering): Port device team_slave_0 removed
[  253.971159][T11098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1787'.
[  254.009929][T11099] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1787'.
[  254.058561][T11100] vlan3: entered promiscuous mode
[  254.063733][T11100] bridge4: entered promiscuous mode
[  254.145924][ T5105] Bluetooth: hci2: command tx timeout
[  254.292641][T11110] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1791'.
[  254.511692][T11122] x_tables: duplicate underflow at hook 1
[  254.571263][T11070] chnl_net:caif_netlink_parms(): no params data found
[  254.868904][T11070] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.877241][T11070] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.889530][T11070] bridge_slave_0: entered allmulticast mode
[  254.916836][T11070] bridge_slave_0: entered promiscuous mode
[  254.934754][T11070] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.943927][T11070] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.952435][T11070] bridge_slave_1: entered allmulticast mode
[  254.960795][T11070] bridge_slave_1: entered promiscuous mode
[  254.998852][T11135] 8021q: adding VLAN 0 to HW filter on device batadv1
[  255.023055][T11135] bond0: (slave batadv1): Enslaving as an active interface with an up link
[  255.055539][T11137] team0: entered promiscuous mode
[  255.065470][T11137] team_slave_1: entered promiscuous mode
[  255.076485][T11137] bond0: entered promiscuous mode
[  255.085417][T11137] bond_slave_0: entered promiscuous mode
[  255.096065][T11137] bond_slave_1: entered promiscuous mode
[  255.116290][T11137] batadv1: entered promiscuous mode
[  255.149001][T11145] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  255.161458][T11136] team0: left promiscuous mode
[  255.168628][T11136] team_slave_1: left promiscuous mode
[  255.179712][T11136] bond0: left promiscuous mode
[  255.198122][T11136] bond_slave_0: left promiscuous mode
[  255.204010][T11136] bond_slave_1: left promiscuous mode
[  255.210535][T11136] batadv1: left promiscuous mode
[  255.225567][T11070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  255.240554][T11070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  255.363180][T11070] team0: Port device team_slave_0 added
[  255.391753][T11070] team0: Port device team_slave_1 added
[  255.453749][T11153] atomic_op ffff88802d20b998 conn xmit_atomic 0000000000000000
[  255.493587][T11070] batman_adv: batadv0: Adding interface: batadv_slave_0
[  255.511334][T11070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.539289][T11070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  255.563796][T11070] batman_adv: batadv0: Adding interface: batadv_slave_1
[  255.572169][T11070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.627457][T11070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.648419][T11153] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  255.669364][T11159] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1804'.
[  255.766046][T11163] bridge0: port 3(vlan4) entered blocking state
[  255.773070][T11163] bridge0: port 3(vlan4) entered disabled state
[  255.786412][T11163] vlan4: entered allmulticast mode
[  255.799364][T11170] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1810'.
[  255.806742][T11163] vlan4: entered promiscuous mode
[  255.845499][T11170] Êü: entered promiscuous mode
[  256.032884][T11070] hsr_slave_0: entered promiscuous mode
[  256.083692][ T1251] ieee802154 phy0 wpan0: encryption failed: -22
[  256.091251][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  256.093605][T11070] hsr_slave_1: entered promiscuous mode
[  256.196165][T11070] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  256.203804][T11070] Cannot create hsr debugfs directory
[  256.226625][ T5105] Bluetooth: hci2: command tx timeout
[  256.275447][T11191] syz.2.1818[11191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.275914][T11191] syz.2.1818[11191] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.499712][T11203] netlink: 'syz.3.1826': attribute type 29 has an invalid length.
[  256.839895][T11214] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.847688][T11214] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.867340][T11214] bridge0: entered allmulticast mode
[  256.904204][T11215] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.911473][T11215] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.919053][T11215] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.926310][T11215] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.968330][T11215] bridge0: entered promiscuous mode
[  257.129167][T11233] netlink: 9412 bytes leftover after parsing attributes in process `syz.1.1836'.
[  257.144569][T11233] syz.1.1836 (11233) used obsolete PPPIOCDETACH ioctl
[  257.145326][T11236] netlink: 'syz.3.1837': attribute type 4 has an invalid length.
[  257.344226][T11240] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1838'.
[  257.372320][T11070] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  257.404914][T11070] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  257.430308][T11070] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  257.448755][T11070] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  257.591030][T11070] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.627981][T11070] 8021q: adding VLAN 0 to HW filter on device team0
[  257.643552][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.650761][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.673547][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.680762][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.125346][T11263] FAULT_INJECTION: forcing a failure.
[  258.125346][T11263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.189403][T11263] CPU: 1 PID: 11263 Comm: syz.3.1845 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  258.199624][T11263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  258.209714][T11263] Call Trace:
[  258.213808][T11263]  <TASK>
[  258.216770][T11263]  dump_stack_lvl+0x241/0x360
[  258.221494][T11263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.226741][T11263]  ? __pfx__printk+0x10/0x10
[  258.231370][T11263]  ? __pfx_lock_release+0x10/0x10
[  258.236430][T11263]  ? __lock_acquire+0x1346/0x1fd0
[  258.241503][T11263]  should_fail_ex+0x3b0/0x4e0
[  258.246241][T11263]  _copy_from_user+0x2f/0xe0
[  258.250868][T11263]  kstrtouint_from_user+0xc6/0x190
[  258.256031][T11263]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  258.261797][T11263]  ? __pfx_lock_acquire+0x10/0x10
[  258.266873][T11263]  proc_fail_nth_write+0xaa/0x2d0
[  258.271934][T11263]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  258.277868][T11263]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  258.283546][T11263]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  258.289227][T11263]  vfs_write+0x2a2/0xc90
[  258.293539][T11263]  ? __pfx_vfs_write+0x10/0x10
[  258.298352][T11263]  ? __fget_files+0x29/0x470
[  258.302988][T11263]  ? __fget_files+0x3f6/0x470
[  258.307722][T11263]  ksys_write+0x1a0/0x2c0
[  258.312098][T11263]  ? __pfx_ksys_write+0x10/0x10
[  258.316991][T11263]  ? do_syscall_64+0x100/0x230
[  258.321797][T11263]  ? do_syscall_64+0xb6/0x230
[  258.326529][T11263]  do_syscall_64+0xf3/0x230
[  258.331081][T11263]  ? clear_bhb_loop+0x35/0x90
[  258.335805][T11263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.341749][T11263] RIP: 0033:0x7fc78f17475f
[  258.346201][T11263] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  258.365865][T11263] RSP: 002b:00007fc78ffe9040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  258.374417][T11263] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc78f17475f
[  258.382396][T11263] RDX: 0000000000000001 RSI: 00007fc78ffe90b0 RDI: 0000000000000005
[  258.390391][T11263] RBP: 00007fc78ffe90a0 R08: 0000000000000000 R09: 0000000000000000
[  258.398403][T11263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  258.406405][T11263] R13: 000000000000000b R14: 00007fc78f303f60 R15: 00007ffc897d6098
[  258.414446][T11263]  </TASK>
[  258.422480][ T5105] Bluetooth: hci2: command tx timeout
[  258.464173][T11070] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.893981][T11299] FAULT_INJECTION: forcing a failure.
[  258.893981][T11299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.955917][T11299] CPU: 0 PID: 11299 Comm: syz.0.1855 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  258.966132][T11299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  258.976218][T11299] Call Trace:
[  258.979535][T11299]  <TASK>
[  258.982492][T11299]  dump_stack_lvl+0x241/0x360
[  258.987210][T11299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.992457][T11299]  ? __pfx__printk+0x10/0x10
[  258.997086][T11299]  ? __pfx_lock_release+0x10/0x10
[  258.999296][T11070] veth0_vlan: entered promiscuous mode
[  259.002121][T11299]  ? vfs_write+0x7c4/0xc90
[  259.002160][T11299]  should_fail_ex+0x3b0/0x4e0
[  259.016744][T11299]  _copy_from_user+0x2f/0xe0
[  259.021377][T11299]  __sys_bpf+0x1a4/0x810
[  259.025682][T11299]  ? __pfx___sys_bpf+0x10/0x10
[  259.030504][T11299]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  259.036532][T11299]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.042910][T11299]  ? do_syscall_64+0x100/0x230
[  259.043369][T11070] veth1_vlan: entered promiscuous mode
[  259.047694][T11299]  __x64_sys_bpf+0x7c/0x90
[  259.047735][T11299]  do_syscall_64+0xf3/0x230
[  259.047760][T11299]  ? clear_bhb_loop+0x35/0x90
[  259.066868][T11299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.072802][T11299] RIP: 0033:0x7f4360575bd9
[  259.077254][T11299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.096897][T11299] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  259.103491][T11070] veth0_macvtap: entered promiscuous mode
[  259.105329][T11299] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  259.105351][T11299] RDX: 0000000000000090 RSI: 0000000020000480 RDI: 0000000000000005
[  259.105368][T11299] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  259.105384][T11299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.122892][T11070] veth1_macvtap: entered promiscuous mode
[  259.127025][T11299] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  259.127065][T11299]  </TASK>
[  259.273232][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.299840][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.321131][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.332395][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.344740][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.355891][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.370136][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.386603][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.400005][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.411050][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.437536][T11070] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.460764][T11310] xt_ecn: cannot match TCP bits for non-tcp packets
[  259.499449][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.531485][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.553699][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.576996][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.598469][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.623512][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.654057][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.665063][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.693228][T11070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.714369][T11070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.746987][T11070] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.780193][T11070] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.804784][T11070] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.835164][T11070] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.870970][T11070] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.965223][T11332] netlink: 'syz.2.1865': attribute type 3 has an invalid length.
[  260.082205][T11337] netlink: 'syz.0.1868': attribute type 7 has an invalid length.
[  260.101411][T11337] netlink: 'syz.0.1868': attribute type 39 has an invalid length.
[  260.179421][T11343] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1870'.
[  260.190990][T11341] netlink: 'syz.0.1868': attribute type 7 has an invalid length.
[  260.200367][T11341] netlink: 'syz.0.1868': attribute type 39 has an invalid length.
[  260.215126][ T5484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.249217][ T5484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.271360][T11345] erspan0: entered promiscuous mode
[  260.298658][T11345] erspan0: left promiscuous mode
[  260.439529][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.458651][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.466449][ T5105] Bluetooth: hci2: command tx timeout
[  260.631036][T11361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1877'.
[  260.771471][T11359] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1876'.
[  260.845308][T11371] pim6reg: entered allmulticast mode
[  260.864527][T11371] pim6reg: left allmulticast mode
[  260.919843][T11374] Cannot find add_set index 0 as target
[  260.926596][T11373] Cannot find add_set index 0 as target
[  260.933799][T11375] netlink: 'syz.3.1880': attribute type 3 has an invalid length.
[  260.943643][T11373] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1881'.
[  261.077446][T11379] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1883'.
[  261.196902][T11385] FAULT_INJECTION: forcing a failure.
[  261.196902][T11385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.226181][T11385] CPU: 0 PID: 11385 Comm: syz.3.1886 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  261.236386][T11385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  261.246445][T11385] Call Trace:
[  261.249726][T11385]  <TASK>
[  261.252661][T11385]  dump_stack_lvl+0x241/0x360
[  261.257356][T11385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.262560][T11385]  ? __pfx__printk+0x10/0x10
[  261.267160][T11385]  ? __pfx_lock_release+0x10/0x10
[  261.272217][T11385]  should_fail_ex+0x3b0/0x4e0
[  261.276913][T11385]  _copy_from_user+0x2f/0xe0
[  261.281508][T11385]  ip6gre_tunnel_siocdevprivate+0x62c/0x1460
[  261.287524][T11385]  ? __mutex_trylock_common+0x183/0x2e0
[  261.293099][T11385]  ? __pfx_ip6gre_tunnel_siocdevprivate+0x10/0x10
[  261.299559][T11385]  ? full_name_hash+0x93/0xe0
[  261.304274][T11385]  dev_ifsioc+0xaec/0xe70
[  261.308621][T11385]  ? __pfx_dev_ifsioc+0x10/0x10
[  261.313493][T11385]  ? dev_load+0x21/0x1f0
[  261.317752][T11385]  dev_ioctl+0x881/0x1340
[  261.322099][T11385]  sock_ioctl+0x7f2/0x8e0
[  261.326438][T11385]  ? __pfx_sock_ioctl+0x10/0x10
[  261.331296][T11385]  ? __fget_files+0x3f6/0x470
[  261.335982][T11385]  ? __fget_files+0x29/0x470
[  261.340593][T11385]  ? bpf_lsm_file_ioctl+0x9/0x10
[  261.345534][T11385]  ? security_file_ioctl+0x87/0xb0
[  261.350653][T11385]  ? __pfx_sock_ioctl+0x10/0x10
[  261.355508][T11385]  __se_sys_ioctl+0xfc/0x170
[  261.360114][T11385]  do_syscall_64+0xf3/0x230
[  261.364626][T11385]  ? clear_bhb_loop+0x35/0x90
[  261.369310][T11385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.375208][T11385] RIP: 0033:0x7fc78f175bd9
[  261.379629][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.399247][T11385] RSP: 002b:00007fc78ffe9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.407675][T11385] RAX: ffffffffffffffda RBX: 00007fc78f303f60 RCX: 00007fc78f175bd9
[  261.415658][T11385] RDX: 0000000020000140 RSI: 00000000000089f0 RDI: 0000000000000003
[  261.423632][T11385] RBP: 00007fc78ffe90a0 R08: 0000000000000000 R09: 0000000000000000
[  261.431610][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.439588][T11385] R13: 000000000000000b R14: 00007fc78f303f60 R15: 00007ffc897d6098
[  261.447605][T11385]  </TASK>
[  261.826690][T11401] netlink: 'syz.2.1894': attribute type 9 has an invalid length.
[  262.005118][T11417] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1895'.
[  262.046326][T11416] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  262.054447][T11416] macvtap2: entered allmulticast mode
[  262.067014][T11416] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  262.114342][T11418] batadv_slave_1: entered promiscuous mode
[  262.140971][T11418] vlan1: entered promiscuous mode
[  262.168322][T11415] vlan1: left promiscuous mode
[  262.173951][T11415] batadv_slave_1: left promiscuous mode
[  262.589908][T11429] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1904'.
[  262.601486][T11432] netlink: 1956 bytes leftover after parsing attributes in process `syz.2.1905'.
[  262.759018][T11440] netlink: 'syz.1.1908': attribute type 1 has an invalid length.
[  262.833773][T11446] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  262.864050][T11447] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.888348][T11447] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.895584][T11447] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.949788][T11446] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1907'.
[  262.963684][T11450] veth1_to_bridge: entered allmulticast mode
[  262.973173][T11448] veth1_to_bridge: left allmulticast mode
[  263.201834][T11465] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1914'.
[  263.309402][T11469] xt_CT: You must specify a L4 protocol and not use inversions on it
[  263.348381][T11469] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1918'.
[  263.389715][T11469] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1918'.
[  263.399588][T11469] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  263.579877][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.335570][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.509643][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.614355][T11488] syz.2.1925 uses old SIOCAX25GETINFO
[  264.767910][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.996508][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  265.006399][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  265.021247][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  265.037724][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  265.050620][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  265.058301][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  265.121980][   T11] bridge_slave_1: left allmulticast mode
[  265.151890][   T11] bridge_slave_1: left promiscuous mode
[  265.165778][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.191495][   T11] bridge_slave_0: left allmulticast mode
[  265.204409][   T11] bridge_slave_0: left promiscuous mode
[  265.236123][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.692394][T11534] xt_TPROXY: Can be used only with -p tcp or -p udp
[  266.117897][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.140789][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.170653][   T11] bond0 (unregistering): Released all slaves
[  266.178739][T11557] netlink: 'syz.1.1947': attribute type 1 has an invalid length.
[  266.198169][T11557] netlink: 'syz.1.1947': attribute type 3 has an invalid length.
[  266.222500][T11557] __nla_validate_parse: 1 callbacks suppressed
[  266.222522][T11557] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1947'.
[  266.254929][T11557] NCSI netlink: No device for ifindex 0
[  266.268168][T11559] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1949'.
[  266.380301][T11554] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1947'.
[  266.438891][T11554] nbd: must specify an index to disconnect
[  267.104489][   T11] hsr_slave_0: left promiscuous mode
[  267.110516][ T5105] Bluetooth: hci2: command tx timeout
[  267.118694][   T11] hsr_slave_1: left promiscuous mode
[  267.145107][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.165853][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.200752][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  267.213043][T11585] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1958'.
[  267.227492][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  267.319711][   T11] veth1_macvtap: left promiscuous mode
[  267.338890][   T11] veth0_macvtap: left promiscuous mode
[  267.358005][   T11] veth1_vlan: left promiscuous mode
[  267.377807][   T11] veth0_vlan: left promiscuous mode
[  268.036335][   T11] team0 (unregistering): Port device team_slave_1 removed
[  268.094588][   T11] team0 (unregistering): Port device team_slave_0 removed
[  268.566742][T11583] netlink: 664 bytes leftover after parsing attributes in process `syz.3.1956'.
[  268.664636][T11600] netlink: 'syz.1.1964': attribute type 1 has an invalid length.
[  268.672937][T11600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1964'.
[  268.727326][T11602] xt_CT: You must specify a L4 protocol and not use inversions on it
[  268.763477][T11602] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1965'.
[  268.838134][T11602] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1965'.
[  268.857709][T11602] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  268.954048][T11507] chnl_net:caif_netlink_parms(): no params data found
[  269.165232][T11620] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1969'.
[  269.177871][T11620] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1969'.
[  269.194188][ T5105] Bluetooth: hci2: command tx timeout
[  269.272212][T11507] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.293038][T11507] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.304708][T11507] bridge_slave_0: entered allmulticast mode
[  269.315004][T11507] bridge_slave_0: entered promiscuous mode
[  269.332600][T11507] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.346436][T11507] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.353913][T11507] bridge_slave_1: entered allmulticast mode
[  269.369432][T11507] bridge_slave_1: entered promiscuous mode
[  269.482679][T11507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.511493][T11507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.521088][T11634] IPVS: length: 96 != 8
[  269.604686][T11507] team0: Port device team_slave_0 added
[  269.625548][T11507] team0: Port device team_slave_1 added
[  269.723844][T11507] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.737525][T11507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.764324][T11507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.846613][T11507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.862699][T11507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.892700][T11507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.999145][T11507] hsr_slave_0: entered promiscuous mode
[  270.018429][T11507] hsr_slave_1: entered promiscuous mode
[  270.035901][T11507] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  270.053753][T11507] Cannot create hsr debugfs directory
[  270.280024][T11654] netlink: set zone limit has 4 unknown bytes
[  270.500059][T11663] veth0_macvtap: left promiscuous mode
[  271.070646][T11507] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  271.092832][T11507] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  271.095062][T11690] FAULT_INJECTION: forcing a failure.
[  271.095062][T11690] name failslab, interval 1, probability 0, space 0, times 0
[  271.121812][T11690] CPU: 0 PID: 11690 Comm: syz.0.1994 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  271.132124][T11690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  271.132606][T11507] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  271.142188][T11690] Call Trace:
[  271.142203][T11690]  <TASK>
[  271.142215][T11690]  dump_stack_lvl+0x241/0x360
[  271.142248][T11690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.165074][T11690]  ? __pfx__printk+0x10/0x10
[  271.169739][T11690]  ? __pfx___might_resched+0x10/0x10
[  271.175085][T11690]  should_fail_ex+0x3b0/0x4e0
[  271.179823][T11690]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  271.185583][T11690]  should_failslab+0x9/0x20
[  271.190133][T11690]  __kmalloc_noprof+0xd8/0x400
[  271.194934][T11690]  ? kfree+0x4e/0x360
[  271.198972][T11690]  tomoyo_realpath_from_path+0xcf/0x5e0
[  271.204580][T11690]  tomoyo_path_number_perm+0x23a/0x880
[  271.210095][T11690]  ? tomoyo_path_number_perm+0x208/0x880
[  271.215775][T11690]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  271.221858][T11690]  ? __fget_files+0x29/0x470
[  271.226501][T11690]  ? __fget_files+0x3f6/0x470
[  271.231225][T11690]  ? __fget_files+0x29/0x470
[  271.235869][T11690]  security_file_ioctl+0x75/0xb0
[  271.239748][T11698] IPVS: length: 96 != 8
[  271.240835][T11690]  __se_sys_ioctl+0x47/0x170
[  271.240873][T11690]  do_syscall_64+0xf3/0x230
[  271.240901][T11690]  ? clear_bhb_loop+0x35/0x90
[  271.249451][T11698] __nla_validate_parse: 5 callbacks suppressed
[  271.249471][T11698] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1996'.
[  271.249851][T11690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.249885][T11690] RIP: 0033:0x7f4360575bd9
[  271.284437][T11690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.304074][T11690] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  271.312498][T11690] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  271.320489][T11690] RDX: 0000000020000240 RSI: 00000000000089f1 RDI: 0000000000000003
[  271.328496][T11690] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  271.336499][T11690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.344502][T11690] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  271.352529][T11690]  </TASK>
[  271.358291][ T5105] Bluetooth: hci2: command tx timeout
[  271.370430][T11507] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  271.376059][T11690] ERROR: Out of memory at tomoyo_realpath_from_path.
[  271.460547][T11701] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1997'.
[  271.686227][T11507] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.714062][T11708] xt_ecn: cannot match TCP bits for non-tcp packets
[  271.730294][T11507] 8021q: adding VLAN 0 to HW filter on device team0
[  271.769825][ T5212] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.777093][ T5212] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.893848][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.901098][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.050944][T11507] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  272.094027][T11718] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2002'.
[  272.325501][T11723] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2003'.
[  272.504607][T11507] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.785504][T11744] netlink: 'syz.0.2010': attribute type 1 has an invalid length.
[  272.793368][T11744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2010'.
[  273.153800][T11507] veth0_vlan: entered promiscuous mode
[  273.208209][T11507] veth1_vlan: entered promiscuous mode
[  273.325217][T11507] veth0_macvtap: entered promiscuous mode
[  273.338460][T11761] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  273.360279][T11507] veth1_macvtap: entered promiscuous mode
[  273.391764][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.406065][T11765] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2016'.
[  273.415432][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.425887][ T5105] Bluetooth: hci2: command tx timeout
[  273.434780][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.452894][T11769] netlink: 144276 bytes leftover after parsing attributes in process `syz.1.2017'.
[  273.464629][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.485671][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.507325][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.527142][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.542305][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.552861][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.563474][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.583135][T11507] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.617867][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.643696][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.653913][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.705865][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.745895][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.768646][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.797772][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.818920][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.836278][T11507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.863071][T11507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.898882][T11507] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.923915][T11507] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.965983][T11507] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.981627][T11507] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.996468][T11507] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.010735][T11781] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2022'.
[  274.064681][T11790] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2026'.
[  274.107062][T11793] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2026'.
[  274.287342][T11803] netlink: 'syz.1.2030': attribute type 2 has an invalid length.
[  274.296288][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.305926][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.307371][T11803] netlink: 'syz.1.2030': attribute type 1 has an invalid length.
[  274.359580][T11803] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  274.367592][T11803] IPv6: NLM_F_CREATE should be set when creating new route
[  274.375002][T11803] IPv6: NLM_F_CREATE should be set when creating new route
[  274.382315][T11803] IPv6: NLM_F_CREATE should be set when creating new route
[  274.446504][ T5484] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.485434][ T5484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.840303][T11820] netlink: 'syz.2.2037': attribute type 3 has an invalid length.
[  275.131944][T11835] netlink: 'syz.0.2044': attribute type 2 has an invalid length.
[  275.152510][T11835] netlink: 'syz.0.2044': attribute type 1 has an invalid length.
[  275.184534][T11835] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  275.191899][T11835] IPv6: NLM_F_CREATE should be set when creating new route
[  275.199242][T11835] IPv6: NLM_F_CREATE should be set when creating new route
[  275.206546][T11835] IPv6: NLM_F_CREATE should be set when creating new route
[  275.838685][T11862] tipc: Cannot configure node identity twice
[  275.991964][T11866] syzkaller1: entered promiscuous mode
[  276.000334][T11866] syzkaller1: entered allmulticast mode
[  276.009746][T11866] syzkaller1: left promiscuous mode
[  276.019292][T11866] syzkaller1: left allmulticast mode
[  276.330961][T11884] x_tables: duplicate underflow at hook 4
[  276.406762][T11888] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  276.446541][T11890] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.477876][T11890] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.548274][T11892] IPVS: persistence engine module ip_vs_pe_X not found
[  276.718014][ T5484] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.732553][T11901] netlink: 'syz.2.2066': attribute type 2 has an invalid length.
[  276.790607][T11896] ɶƣ0GC¦: entered promiscuous mode
[  276.799837][T11903] netlink: 'syz.0.2068': attribute type 2 has an invalid length.
[  276.818122][T11899] __nla_validate_parse: 13 callbacks suppressed
[  276.818141][T11899] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2068'.
[  276.872075][T11903] netlink: 'syz.0.2068': attribute type 1 has an invalid length.
[  276.911829][T11903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2068'.
[  276.934699][T11899] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2068'.
[  276.944731][T11899] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2068'.
[  276.975404][T11906] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  277.186221][ T5114] Bluetooth: hci0: command 0x0c1a tx timeout
[  277.186790][ T5105] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  277.518357][ T5484] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.577692][ T5484] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.662856][ T5484] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.800830][ T5484] bridge_slave_1: left allmulticast mode
[  277.813224][ T5484] bridge_slave_1: left promiscuous mode
[  277.819934][ T5484] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.830645][ T5484] bridge_slave_0: left allmulticast mode
[  277.836750][ T5484] bridge_slave_0: left promiscuous mode
[  277.842507][ T5484] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.362456][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  278.372402][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  278.381352][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  278.393897][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  278.402630][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  278.411008][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  278.547983][ T5484] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.561783][ T5484] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.574460][ T5484] bond0 (unregistering): Released all slaves
[  278.597864][T11925] netlink: 'syz.3.2075': attribute type 4 has an invalid length.
[  278.810387][T11934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2076'.
[  279.396691][ T5484] hsr_slave_0: left promiscuous mode
[  279.404184][ T5484] hsr_slave_1: left promiscuous mode
[  279.414066][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  279.429345][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.448738][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  279.467738][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.502482][ T5484] veth1_macvtap: left promiscuous mode
[  279.516079][ T5484] veth0_macvtap: left promiscuous mode
[  279.528782][ T5484] veth1_vlan: left promiscuous mode
[  279.541592][ T5484] veth0_vlan: left promiscuous mode
[  280.465987][ T5105] Bluetooth: hci2: command tx timeout
[  280.708575][ T5484] team0 (unregistering): Port device team_slave_1 removed
[  280.755213][ T5484] team0 (unregistering): Port device team_slave_0 removed
[  281.634759][T11999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2098'.
[  281.643566][T11926] chnl_net:caif_netlink_parms(): no params data found
[  281.970862][T12013] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2103'.
[  282.254191][T12005] sock: sock_timestamping_bind_phc: sock not bind to device
[  282.541535][T11926] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.549697][T11926] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.555879][ T5105] Bluetooth: hci2: command tx timeout
[  282.561498][T11926] bridge_slave_0: entered allmulticast mode
[  282.577733][T11926] bridge_slave_0: entered promiscuous mode
[  282.589613][T11926] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.596978][T11926] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.604720][T11926] bridge_slave_1: entered allmulticast mode
[  282.612446][T11926] bridge_slave_1: entered promiscuous mode
[  282.736309][T11926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.786657][T11926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.863016][T12037] FAULT_INJECTION: forcing a failure.
[  282.863016][T12037] name failslab, interval 1, probability 0, space 0, times 0
[  282.876564][T12037] CPU: 1 PID: 12037 Comm: syz.0.2112 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  282.886769][T12037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  282.896857][T12037] Call Trace:
[  282.900157][T12037]  <TASK>
[  282.903110][T12037]  dump_stack_lvl+0x241/0x360
[  282.907828][T12037]  ? __pfx_dump_stack_lvl+0x10/0x10
[  282.913065][T12037]  ? __pfx__printk+0x10/0x10
[  282.917696][T12037]  ? __pfx___might_resched+0x10/0x10
[  282.923027][T12037]  should_fail_ex+0x3b0/0x4e0
[  282.927759][T12037]  ? netlbl_mgmt_add_common+0x90d/0x1320
[  282.933430][T12037]  should_failslab+0x9/0x20
[  282.937970][T12037]  kmalloc_trace_noprof+0x6c/0x2c0
[  282.943118][T12037]  ? nla_strscpy+0x113/0x180
[  282.947726][T12037]  netlbl_mgmt_add_common+0x90d/0x1320
[  282.953238][T12037]  netlbl_mgmt_add+0x312/0x3a0
[  282.958022][T12037]  ? __nla_parse+0x40/0x60
[  282.962451][T12037]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  282.967752][T12037]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  282.974108][T12037]  genl_rcv_msg+0xb14/0xec0
[  282.978626][T12037]  ? mark_lock+0x9a/0x350
[  282.982977][T12037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  282.988143][T12037]  ? __pfx_lock_acquire+0x10/0x10
[  282.993191][T12037]  ? __pfx_netlbl_mgmt_add+0x10/0x10
[  282.998512][T12037]  ? __pfx___might_resched+0x10/0x10
[  283.003828][T12037]  netlink_rcv_skb+0x1e3/0x430
[  283.008613][T12037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.013677][T12037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  283.019025][T12037]  genl_rcv+0x28/0x40
[  283.023039][T12037]  netlink_unicast+0x7f0/0x990
[  283.027835][T12037]  ? __pfx_netlink_unicast+0x10/0x10
[  283.033137][T12037]  ? __virt_addr_valid+0x183/0x520
[  283.038297][T12037]  ? __check_object_size+0x49c/0x900
[  283.043617][T12037]  ? bpf_lsm_netlink_send+0x9/0x10
[  283.048752][T12037]  netlink_sendmsg+0x8e4/0xcb0
[  283.053545][T12037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.058849][T12037]  ? __import_iovec+0x536/0x820
[  283.063713][T12037]  ? aa_sock_msg_perm+0x91/0x160
[  283.068672][T12037]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  283.073963][T12037]  ? security_socket_sendmsg+0x87/0xb0
[  283.079438][T12037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.084736][T12037]  __sock_sendmsg+0x221/0x270
[  283.089426][T12037]  ____sys_sendmsg+0x525/0x7d0
[  283.094212][T12037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  283.099542][T12037]  __sys_sendmsg+0x2b0/0x3a0
[  283.104154][T12037]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.109283][T12037]  ? vfs_write+0x7c4/0xc90
[  283.113747][T12037]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  283.120085][T12037]  ? do_syscall_64+0x100/0x230
[  283.124859][T12037]  ? do_syscall_64+0xb6/0x230
[  283.129547][T12037]  do_syscall_64+0xf3/0x230
[  283.134078][T12037]  ? clear_bhb_loop+0x35/0x90
[  283.138779][T12037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.144678][T12037] RIP: 0033:0x7f4360575bd9
[  283.149101][T12037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.168713][T12037] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.177138][T12037] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  283.185129][T12037] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000006
[  283.193104][T12037] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  283.201089][T12037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.209069][T12037] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  283.217064][T12037]  </TASK>
[  283.235373][T11926] team0: Port device team_slave_0 added
[  283.272035][T11926] team0: Port device team_slave_1 added
[  283.381174][T12043] xt_l2tp: missing protocol rule (udp|l2tpip)
[  283.421141][T11926] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.439216][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.474654][T11926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.511523][T11926] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.536094][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.572436][T11926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.711939][T12052] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2117'.
[  283.813083][T11926] hsr_slave_0: entered promiscuous mode
[  283.856657][T11926] hsr_slave_1: entered promiscuous mode
[  283.889099][T11926] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  283.923635][T11926] Cannot create hsr debugfs directory
[  284.221931][T12071] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2124'.
[  284.246590][T12071] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2124'.
[  284.256619][T12071] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2124'.
[  284.516144][T12081] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2129'.
[  284.527475][T12081] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  284.636346][ T5105] Bluetooth: hci2: command tx timeout
[  284.691949][T11926] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  284.720387][T11926] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  284.747285][T11926] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  284.767721][T12086] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2130'.
[  284.834612][T11926] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  284.970277][T11926] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.009333][T11926] 8021q: adding VLAN 0 to HW filter on device team0
[  285.049384][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.056614][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.077282][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.084458][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.105065][T12094] netlink: 201400 bytes leftover after parsing attributes in process `syz.2.2133'.
[  285.178010][T12096] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2134'.
[  285.222934][T12096] bridge_slave_1: left allmulticast mode
[  285.231395][T12096] bridge_slave_1: left promiscuous mode
[  285.238509][T12096] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.265203][T12096] bridge5: port 1(bridge_slave_1) entered blocking state
[  285.284008][T12096] bridge5: port 1(bridge_slave_1) entered disabled state
[  285.294321][T12096] bridge_slave_1: entered allmulticast mode
[  285.314788][T12096] bridge_slave_1: entered promiscuous mode
[  285.335459][T12096] bridge5: port 1(bridge_slave_1) entered blocking state
[  285.342781][T12096] bridge5: port 1(bridge_slave_1) entered forwarding state
[  285.527295][T11926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  285.841430][T12122] netlink: 'syz.0.2141': attribute type 1 has an invalid length.
[  285.878518][T12121] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  286.104610][T11926] veth0_vlan: entered promiscuous mode
[  286.147315][T11926] veth1_vlan: entered promiscuous mode
[  286.244564][T12136] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[  286.253429][T11926] veth0_macvtap: entered promiscuous mode
[  286.279394][T11926] veth1_macvtap: entered promiscuous mode
[  286.345845][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.365883][T12139] netlink: 'syz.0.2148': attribute type 8 has an invalid length.
[  286.380934][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.392370][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.404056][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.423150][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.444401][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.448776][T12143] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2149'.
[  286.472160][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.495007][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.515513][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.538545][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.562904][T11926] batman_adv: batadv0: Interface activated: batadv_slave_0
[  286.662249][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.701344][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.718327][ T5105] Bluetooth: hci2: command tx timeout
[  286.721928][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.744708][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.754868][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.765481][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.775809][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.798733][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.813787][T11926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.833890][T11926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.848599][T11926] batman_adv: batadv0: Interface activated: batadv_slave_1
[  286.860448][T12149] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  286.886296][T12149] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  286.991110][T11926] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.001353][T11926] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.010669][T11926] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.024126][T11926] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.072502][T12158] batadv0: Device is already in use.
[  287.319080][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.325521][T12147] sock: sock_timestamping_bind_phc: sock not bind to device
[  287.347473][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.463251][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.492813][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.624062][T12170] __nla_validate_parse: 1 callbacks suppressed
[  287.624085][T12170] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2158'.
[  287.650381][T12171] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2159'.
[  288.062566][T12180] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2161'.
[  288.133302][T12183] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2162'.
[  288.277862][T12189] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.2164'.
[  288.433921][T12197] netlink: 'syz.3.2167': attribute type 1 has an invalid length.
[  288.509280][T12203] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2168'.
[  288.681571][T12215] syzkaller1: entered promiscuous mode
[  288.703109][T12215] syzkaller1: entered allmulticast mode
[  288.739370][T12197] bond1: (slave vcan0): The slave device specified does not support setting the MAC address
[  288.752443][T12197] bond1: (slave vcan0): Setting fail_over_mac to active for active-backup mode
[  288.769660][T12197] bond1: (slave vcan0): making interface the new active one
[  288.778595][T12197] bond1: (slave vcan0): Enslaving as an active interface with an up link
[  288.789538][T12219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.858835][T12221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.867839][ T5114] Bluetooth: hci3: command 0x0406 tx timeout
[  289.034995][T12229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2176'.
[  289.057445][T12230] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2175'.
[  289.288539][T12237] unsupported nlmsg_type 40
[  289.621359][   T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.639454][   T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.705206][   T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.870815][   T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.256539][   T51] bridge_slave_1: left allmulticast mode
[  291.280818][   T51] bridge_slave_1: left promiscuous mode
[  291.293264][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.338215][T12267] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.2191'.
[  291.357939][   T51] bridge_slave_0: left allmulticast mode
[  291.363651][   T51] bridge_slave_0: left promiscuous mode
[  291.400388][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.410992][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  291.419790][T12271] ipt_ECN: cannot use operation on non-tcp rule
[  291.430746][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  291.437835][T12272] ipt_ECN: cannot use operation on non-tcp rule
[  291.447689][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  291.457070][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  291.468473][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  291.476372][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  291.542748][T12272] netlink: 'syz.3.2192': attribute type 3 has an invalid length.
[  291.880632][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.894247][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.922066][   T51] bond0 (unregistering): Released all slaves
[  291.940689][T12275] openvswitch: ɶƣ0GC¦: Dropping previously announced user features
[  292.517370][   T51] hsr_slave_0: left promiscuous mode
[  292.541390][   T51] hsr_slave_1: left promiscuous mode
[  292.563023][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.581312][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  292.599850][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.629559][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.696862][   T51] veth1_macvtap: left promiscuous mode
[  292.706764][   T51] veth0_macvtap: left promiscuous mode
[  292.712465][   T51] veth1_vlan: left promiscuous mode
[  292.740091][   T51] veth0_vlan: left promiscuous mode
[  293.507751][ T5105] Bluetooth: hci2: command tx timeout
[  293.985847][T12350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2223'.
[  294.148283][   T51] team0 (unregistering): Port device team_slave_1 removed
[  294.266977][   T51] team0 (unregistering): Port device team_slave_0 removed
[  294.958407][T12367] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2228'.
[  294.969376][T12367] openvswitch: netlink: Multiple metadata blocks provided
[  295.024956][T12375] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2230'.
[  295.231094][T12382] netlink: 4272 bytes leftover after parsing attributes in process `syz.1.2233'.
[  295.265558][T12270] chnl_net:caif_netlink_parms(): no params data found
[  295.365243][T12386] netlink: 'syz.3.2234': attribute type 1 has an invalid length.
[  295.396903][T12386] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2234'.
[  295.586999][ T5105] Bluetooth: hci2: command tx timeout
[  295.619202][T12270] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.648323][T12270] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.664249][T12270] bridge_slave_0: entered allmulticast mode
[  295.674373][T12409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2240'.
[  295.683880][T12409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2240'.
[  295.698078][T12270] bridge_slave_0: entered promiscuous mode
[  295.720930][T12270] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.734488][T12270] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.744863][T12270] bridge_slave_1: entered allmulticast mode
[  295.777337][T12270] bridge_slave_1: entered promiscuous mode
[  295.887586][T12270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.940131][T12270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.006046][T12416] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2242'.
[  296.021091][T12416] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2242'.
[  296.059430][T12270] team0: Port device team_slave_0 added
[  296.086945][T12270] team0: Port device team_slave_1 added
[  296.203951][T12270] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.222879][T12270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.252010][T12270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.265488][T12422] team0: entered promiscuous mode
[  296.275577][T12422] team_slave_1: entered promiscuous mode
[  296.283771][T12422] bond0: entered promiscuous mode
[  296.292514][T12422] bond_slave_0: entered promiscuous mode
[  296.304819][T12422] bond_slave_1: entered promiscuous mode
[  296.313386][T12422] batadv1: entered promiscuous mode
[  296.320706][T12270] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.341421][T12270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.411760][T12270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.454399][T12420] team0: left promiscuous mode
[  296.459426][T12420] team_slave_1: left promiscuous mode
[  296.465166][T12420] bond0: left promiscuous mode
[  296.505713][T12420] bond_slave_0: left promiscuous mode
[  296.511368][T12420] bond_slave_1: left promiscuous mode
[  296.537690][T12420] batadv1: left promiscuous mode
[  296.568237][T12433] team0: Device macvtap1 is already an upper device of the team interface
[  296.659236][T12439] xt_time: invalid argument - start or stop time greater than 23:59:59
[  296.674773][T12440] xt_time: invalid argument - start or stop time greater than 23:59:59
[  296.841721][T12270] hsr_slave_0: entered promiscuous mode
[  296.890129][T12270] hsr_slave_1: entered promiscuous mode
[  296.917288][T12270] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.946099][T12270] Cannot create hsr debugfs directory
[  296.965141][T12458] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2255'.
[  296.988738][T12455] netlink: 'syz.1.2253': attribute type 1 has an invalid length.
[  297.549473][T12481] netlink: 'syz.3.2265': attribute type 13 has an invalid length.
[  297.670973][ T5105] Bluetooth: hci2: command tx timeout
[  298.161753][T12270] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  298.192941][T12270] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  298.268705][T12270] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  298.314124][T12270] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  298.759349][T12270] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.833724][T12270] 8021q: adding VLAN 0 to HW filter on device team0
[  298.910815][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.918173][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.961088][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.968332][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.200557][T12554] __nla_validate_parse: 3 callbacks suppressed
[  299.200579][T12554] netlink: 2060 bytes leftover after parsing attributes in process `syz.1.2287'.
[  299.247416][T12554] netlink: 'syz.1.2287': attribute type 1 has an invalid length.
[  299.269292][T12554] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.2287'.
[  299.282039][T12556] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2288'.
[  299.628238][T12270] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.765677][ T5105] Bluetooth: hci2: command tx timeout
[  299.967916][T12596] x_tables: duplicate underflow at hook 1
[  300.160085][T12592] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2298'.
[  300.352570][T12270] veth0_vlan: entered promiscuous mode
[  300.400571][T12270] veth1_vlan: entered promiscuous mode
[  300.563378][T12270] veth0_macvtap: entered promiscuous mode
[  300.645634][T12270] veth1_macvtap: entered promiscuous mode
[  300.732527][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.788750][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.827213][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.844310][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.857087][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.878811][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.895462][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.907274][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.929384][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.940693][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.981329][T12270] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.019969][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.056128][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.085099][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.110372][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.137918][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.162291][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.175203][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.198449][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.224211][T12270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.242744][T12270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.255148][T12270] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.272494][T12270] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.298560][T12270] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.318556][T12270] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.343138][T12270] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.365189][T12657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2315'.
[  301.629395][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.672567][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.761563][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.800208][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.967023][T12675] IPVS: Error connecting to the multicast addr
[  302.265520][T12685] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2319'.
[  303.430926][ T1108] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.985480][ T1108] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.066554][ T1108] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.126157][ T1108] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.233752][ T1108] bridge_slave_1: left allmulticast mode
[  304.239566][ T1108] bridge_slave_1: left promiscuous mode
[  304.245379][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.259370][ T1108] bridge_slave_0: left allmulticast mode
[  304.265134][ T1108] bridge_slave_0: left promiscuous mode
[  304.271390][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.889605][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.922581][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.937483][ T1108] bond0 (unregistering): Released all slaves
[  305.147893][T12766] FAULT_INJECTION: forcing a failure.
[  305.147893][T12766] name failslab, interval 1, probability 0, space 0, times 0
[  305.165137][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  305.187502][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  305.205155][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  305.222436][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  305.234161][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  305.238528][T12766] CPU: 1 PID: 12766 Comm: syz.0.2348 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  305.251306][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  305.261393][T12766] Call Trace:
[  305.264706][T12766]  <TASK>
[  305.267667][T12766]  dump_stack_lvl+0x241/0x360
[  305.272399][T12766]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.277645][T12766]  ? __pfx__printk+0x10/0x10
[  305.282282][T12766]  ? __pfx___might_resched+0x10/0x10
[  305.287622][T12766]  ? validate_chain+0x11e/0x5900
[  305.292722][T12766]  should_fail_ex+0x3b0/0x4e0
[  305.297914][T12766]  should_failslab+0x9/0x20
[  305.302484][T12766]  kmalloc_node_trace_noprof+0x74/0x300
[  305.308078][T12766]  ? __get_vm_area_node+0x113/0x270
[  305.313331][T12766]  __get_vm_area_node+0x113/0x270
[  305.318405][T12766]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  305.324352][T12766]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.329938][T12766]  ? mark_lock+0x9a/0x350
[  305.334327][T12766]  ? aa_get_newest_label+0xff/0x6f0
[  305.339576][T12766]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  305.346059][T12766]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.351663][T12766]  __vmalloc_noprof+0x79/0x90
[  305.356365][T12766]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.361926][T12766]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.367398][T12766]  ? bpf_prog_alloc+0x28/0x1b0
[  305.372197][T12766]  bpf_prog_alloc+0x3a/0x1b0
[  305.376799][T12766]  bpf_prog_load+0x7f7/0x20f0
[  305.381514][T12766]  ? __pfx_bpf_prog_load+0x10/0x10
[  305.386661][T12766]  ? __pfx___might_resched+0x10/0x10
[  305.391978][T12766]  ? __might_fault+0xc6/0x120
[  305.396667][T12766]  ? bpf_lsm_bpf+0x9/0x10
[  305.401012][T12766]  ? security_bpf+0x87/0xb0
[  305.405547][T12766]  __sys_bpf+0x4ee/0x810
[  305.409860][T12766]  ? __pfx___sys_bpf+0x10/0x10
[  305.414678][T12766]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  305.420685][T12766]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  305.427037][T12766]  ? do_syscall_64+0x100/0x230
[  305.431817][T12766]  __x64_sys_bpf+0x7c/0x90
[  305.436253][T12766]  do_syscall_64+0xf3/0x230
[  305.440792][T12766]  ? clear_bhb_loop+0x35/0x90
[  305.445504][T12766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.451410][T12766] RIP: 0033:0x7f4360575bd9
[  305.455832][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.475454][T12766] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  305.483900][T12766] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  305.491882][T12766] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  305.499861][T12766] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  305.507850][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.515835][T12766] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  305.523849][T12766]  </TASK>
[  305.534985][T12775] netlink: 'syz.3.2350': attribute type 11 has an invalid length.
[  305.561637][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  305.604207][T12766] syz.0.2348: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  305.621729][T12766] CPU: 0 PID: 12766 Comm: syz.0.2348 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  305.632011][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  305.642072][T12766] Call Trace:
[  305.645374][T12766]  <TASK>
[  305.648308][T12766]  dump_stack_lvl+0x241/0x360
[  305.652999][T12766]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.658204][T12766]  ? __pfx__printk+0x10/0x10
[  305.662847][T12766]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  305.669314][T12766]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  305.675836][T12766]  warn_alloc+0x278/0x410
[  305.680180][T12766]  ? __pfx_warn_alloc+0x10/0x10
[  305.685036][T12766]  ? __get_vm_area_node+0x113/0x270
[  305.690239][T12766]  ? __get_vm_area_node+0x261/0x270
[  305.695441][T12766]  __vmalloc_node_range_noprof+0x3e0/0x1460
[  305.701358][T12766]  ? mark_lock+0x9a/0x350
[  305.705717][T12766]  ? aa_get_newest_label+0xff/0x6f0
[  305.710930][T12766]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  305.717280][T12766]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.722827][T12766]  __vmalloc_noprof+0x79/0x90
[  305.727503][T12766]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.733098][T12766]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  305.738503][T12766]  ? bpf_prog_alloc+0x28/0x1b0
[  305.743266][T12766]  bpf_prog_alloc+0x3a/0x1b0
[  305.747876][T12766]  bpf_prog_load+0x7f7/0x20f0
[  305.752614][T12766]  ? __pfx_bpf_prog_load+0x10/0x10
[  305.757730][T12766]  ? __pfx___might_resched+0x10/0x10
[  305.763029][T12766]  ? __might_fault+0xc6/0x120
[  305.767718][T12766]  ? bpf_lsm_bpf+0x9/0x10
[  305.772048][T12766]  ? security_bpf+0x87/0xb0
[  305.776564][T12766]  __sys_bpf+0x4ee/0x810
[  305.780815][T12766]  ? __pfx___sys_bpf+0x10/0x10
[  305.785641][T12766]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  305.791640][T12766]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  305.797971][T12766]  ? do_syscall_64+0x100/0x230
[  305.802736][T12766]  __x64_sys_bpf+0x7c/0x90
[  305.807159][T12766]  do_syscall_64+0xf3/0x230
[  305.811659][T12766]  ? clear_bhb_loop+0x35/0x90
[  305.816346][T12766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.822239][T12766] RIP: 0033:0x7f4360575bd9
[  305.826668][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.846351][T12766] RSP: 002b:00007f4361338048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  305.854784][T12766] RAX: ffffffffffffffda RBX: 00007f4360703f60 RCX: 00007f4360575bd9
[  305.862763][T12766] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  305.870747][T12766] RBP: 00007f43613380a0 R08: 0000000000000000 R09: 0000000000000000
[  305.878739][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.886713][T12766] R13: 000000000000000b R14: 00007f4360703f60 R15: 00007ffef25c79c8
[  305.894717][T12766]  </TASK>
[  305.904313][T12766] Mem-Info:
[  305.909756][T12766] active_anon:4109 inactive_anon:0 isolated_anon:0
[  305.909756][T12766]  active_file:1429 inactive_file:38256 isolated_file:0
[  305.909756][T12766]  unevictable:768 dirty:182 writeback:0
[  305.909756][T12766]  slab_reclaimable:9504 slab_unreclaimable:103812
[  305.909756][T12766]  mapped:13263 shmem:1257 pagetables:700
[  305.909756][T12766]  sec_pagetables:0 bounce:0
[  305.909756][T12766]  kernel_misc_reclaimable:0
[  305.909756][T12766]  free:1397750 free_pcp:2350 free_cma:0
[  305.983614][T12766] Node 0 active_anon:16436kB inactive_anon:0kB active_file:5716kB inactive_file:152952kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:53052kB dirty:724kB writeback:0kB shmem:3492kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10732kB pagetables:2800kB sec_pagetables:0kB all_unreclaimable? no
[  306.027307][T12766] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  306.088945][T12766] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  306.141412][T12782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2352'.
[  306.216463][T12766] lowmem_reserve[]: 0 2571 2571 0 0
[  306.223131][T12766] Node 0 DMA32 free:1622704kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:16388kB inactive_anon:0kB active_file:5716kB inactive_file:152648kB unevictable:1536kB writepending:720kB present:3129332kB managed:2659868kB mlocked:0kB bounce:0kB free_pcp:11584kB local_pcp:10020kB free_cma:0kB
[  306.265670][T12766] lowmem_reserve[]: 0 0 0 0 0
[  306.274217][T12766] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:304kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  306.321133][T12766] lowmem_reserve[]: 0 0 0 0 0
[  306.331149][T12766] Node 1 Normal free:3951684kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  306.371604][T12766] lowmem_reserve[]: 0 0 0 0 0
[  306.377498][T12789] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2355'.
[  306.380882][T12766] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  306.419149][T12766] Node 0 DMA32: 93*4kB (M) 150*8kB (UME) 78*16kB (UME) 56*32kB (UM) 54*64kB (UME) 65*128kB (UME) 26*256kB (UM) 16*512kB (UM) 6*1024kB (UM) 5*2048kB (UME) 387*4096kB (M) = 1632772kB
[  306.455341][T12766] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  306.468257][T12766] Node 1 Normal: 3*4kB (UM) 1*8kB (M) 9*16kB (UM) 5*32kB (UM) 8*64kB (U) 2*128kB (U) 6*256kB (UM) 5*512kB (UM) 2*1024kB (U) 2*2048kB (U) 962*4096kB (M) = 3951684kB
[  306.490494][T12766] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  306.501668][T12766] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  306.511644][T12766] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  306.527254][T12766] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  306.536678][T12766] 40931 total pagecache pages
[  306.541389][T12766] 0 pages in swap cache
[  306.545568][T12766] Free swap  = 124996kB
[  306.551157][T12766] Total swap = 124996kB
[  306.555344][T12766] 2097051 pages RAM
[  306.559317][T12766] 0 pages HighMem/MovableOnly
[  306.564027][T12766] 400874 pages reserved
[  306.568781][T12766] 0 pages cma reserved
[  306.771182][ T1108] hsr_slave_0: left promiscuous mode
[  306.802882][ T1108] hsr_slave_1: left promiscuous mode
[  306.982506][T12814] netlink: set zone limit has 4 unknown bytes
[  307.038993][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  307.062639][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0
[  307.081369][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  307.104891][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1
[  307.175135][ T1108] veth1_macvtap: left promiscuous mode
[  307.181631][ T1108] veth0_macvtap: left promiscuous mode
[  307.189687][ T1108] veth1_vlan: left promiscuous mode
[  307.202590][ T1108] veth0_vlan: left promiscuous mode
[  307.666509][ T5105] Bluetooth: hci2: command tx timeout
[  307.847574][ T1108] team0 (unregistering): Port device team_slave_1 removed
[  307.893895][ T1108] team0 (unregistering): Port device team_slave_0 removed
[  308.422499][T12812] sit0: entered promiscuous mode
[  308.467319][T12812] netlink: 'syz.2.2360': attribute type 1 has an invalid length.
[  308.510950][T12812] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2360'.
[  308.689543][T12833] xt_CT: You must specify a L4 protocol and not use inversions on it
[  308.729229][T12833] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  308.750583][T12765] chnl_net:caif_netlink_parms(): no params data found
[  309.031968][T12851] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2371'.
[  309.070897][T12765] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.086880][T12765] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.104002][T12765] bridge_slave_0: entered allmulticast mode
[  309.127681][T12765] bridge_slave_0: entered promiscuous mode
[  309.127773][T12856] sctp: [Deprecated]: syz.3.2374 (pid 12856) Use of int in max_burst socket option deprecated.
[  309.127773][T12856] Use struct sctp_assoc_value instead
[  309.152765][T12765] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.160774][T12765] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.168466][T12765] bridge_slave_1: entered allmulticast mode
[  309.177031][T12765] bridge_slave_1: entered promiscuous mode
[  309.249213][T12765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.278269][T12765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.369768][T12765] team0: Port device team_slave_0 added
[  309.381443][T12765] team0: Port device team_slave_1 added
[  309.438152][T12765] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.445503][T12765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.473754][T12765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.487738][T12765] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.494967][T12765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.545131][T12765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.660981][T12765] hsr_slave_0: entered promiscuous mode
[  309.672231][T12765] hsr_slave_1: entered promiscuous mode
[  309.680744][T12765] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  309.690821][T12765] Cannot create hsr debugfs directory
[  309.714084][T12869] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2378'.
[  309.737953][T12869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2378'.
[  309.753516][T12869] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  309.767349][ T5105] Bluetooth: hci2: command tx timeout
[  309.781112][T12869] macsec2: entered promiscuous mode
[  309.790708][T12869] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  310.023329][T12874] netlink: 'syz.0.2380': attribute type 3 has an invalid length.
[  310.038947][T12874] netlink: 'syz.0.2380': attribute type 11 has an invalid length.
[  310.048275][T12874] netlink: 128512 bytes leftover after parsing attributes in process `syz.0.2380'.
[  310.662576][T12907] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2392'.
[  310.671888][T12907] 0ªX¹¦D: renamed from gretap0 (while UP)
[  310.681853][T12907] 0ªX¹¦D: entered allmulticast mode
[  310.689694][T12907] A link change request failed with some changes committed already. Interface 
10ªX¹¦D may have been left with an inconsistent configuration, please check.
[  310.753832][T12765] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  310.787438][T12765] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  310.819727][T12765] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  310.844856][T12765] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  310.933653][T12917] netlink: 'syz.2.2394': attribute type 3 has an invalid length.
[  310.955755][T12917] netlink: 'syz.2.2394': attribute type 11 has an invalid length.
[  310.963940][T12917] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.2394'.
[  311.048791][T12765] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.104668][T12765] 8021q: adding VLAN 0 to HW filter on device team0
[  311.164875][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.172132][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.195028][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.202291][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  311.529095][T12940] netlink: 'syz.0.2402': attribute type 13 has an invalid length.
[  311.577501][T12940] netlink: 'syz.0.2402': attribute type 13 has an invalid length.
[  311.780721][T12954] xt_CT: You must specify a L4 protocol and not use inversions on it
[  311.817077][T12765] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.826042][ T5105] Bluetooth: hci2: command tx timeout
[  311.867042][T12954] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  312.479907][T12977] netlink: 'syz.1.2413': attribute type 1 has an invalid length.
[  312.534169][T12765] veth0_vlan: entered promiscuous mode
[  312.606068][T12765] veth1_vlan: entered promiscuous mode
[  312.703398][T12765] veth0_macvtap: entered promiscuous mode
[  312.757762][T12765] veth1_macvtap: entered promiscuous mode
[  312.818294][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.847385][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.869117][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.891920][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.932234][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.970937][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.983031][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.001087][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.026663][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.048338][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.077812][T12765] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.130266][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.169332][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.184513][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.225731][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.261312][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.270164][T13010] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2424'.
[  313.280309][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.302613][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.315824][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.327836][T12765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.338923][T12765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.366829][T12765] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.397072][T12765] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.428242][T12765] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.438339][T12765] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.447816][T12765] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.682228][ T5484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.709027][ T5484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.785297][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.796163][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.906109][ T5105] Bluetooth: hci2: command tx timeout
[  314.324026][T13049] sctp: [Deprecated]: syz.0.2437 (pid 13049) Use of int in maxseg socket option.
[  314.324026][T13049] Use struct sctp_assoc_value instead
[  314.344438][T13047] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2439'.
[  314.642479][T13055] Cannot find del_set index 0 as target
[  314.983765][T13068] sctp: [Deprecated]: syz.3.2447 (pid 13068) Use of int in max_burst socket option deprecated.
[  314.983765][T13068] Use struct sctp_assoc_value instead
[  315.117678][T13071] Bluetooth: MGMT ver 1.22
[  315.599483][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.627025][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.652646][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.696899][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.729165][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.761827][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.794863][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2453'.
[  315.828233][T13089] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2454'.
[  316.043306][ T5484] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.599999][ T5484] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.675354][ T5484] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.744728][ T5484] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.884839][ T5484] bridge_slave_1: left allmulticast mode
[  316.892534][ T5484] bridge_slave_1: left promiscuous mode
[  316.899062][ T5484] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.909269][ T5484] bridge_slave_0: left allmulticast mode
[  316.914932][ T5484] bridge_slave_0: left promiscuous mode
[  316.921212][ T5484] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.304718][ T5484] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  317.318402][ T5484] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  317.329942][ T5484] bond0 (unregistering): Released all slaves
[  317.473324][T13095] pim6reg1: entered promiscuous mode
[  317.495883][T13095] pim6reg1: entered allmulticast mode
[  317.510075][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  317.559451][T13095] x_tables: unsorted entry at hook 3
[  317.930675][ T5114] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  317.942744][ T5114] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  317.952435][ T5114] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  317.961457][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  317.970985][ T5114] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  317.979521][ T5114] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  318.179653][ T5484] hsr_slave_0: left promiscuous mode
[  318.201100][ T5484] hsr_slave_1: left promiscuous mode
[  318.217118][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.235830][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_0
[  318.251937][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.269727][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_1
[  318.329819][ T5484] veth1_macvtap: left promiscuous mode
[  318.343472][ T5484] veth0_macvtap: left promiscuous mode
[  318.357250][ T5484] veth1_vlan: left promiscuous mode
[  318.369598][ T5484] veth0_vlan: left promiscuous mode
[  319.405501][ T5484] team0 (unregistering): Port device team_slave_1 removed
[  319.500897][ T5484] team0 (unregistering): Port device team_slave_0 removed
[  320.011681][T13132] __nla_validate_parse: 27 callbacks suppressed
[  320.011709][T13132] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2468'.
[  320.068110][ T5114] Bluetooth: hci2: command tx timeout
[  320.239607][T13148] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2473'.
[  320.495035][T13164] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  320.801023][T13115] chnl_net:caif_netlink_parms(): no params data found
[  321.021377][T13115] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.032295][T13115] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.041266][T13115] bridge_slave_0: entered allmulticast mode
[  321.049837][T13115] bridge_slave_0: entered promiscuous mode
[  321.059662][T13115] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.067059][T13115] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.074296][T13115] bridge_slave_1: entered allmulticast mode
[  321.081925][T13115] bridge_slave_1: entered promiscuous mode
[  321.216480][T13115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.234096][T13115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.388814][T13115] team0: Port device team_slave_0 added
[  321.442949][T13115] team0: Port device team_slave_1 added
[  321.561933][T13115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.570618][T13115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.612275][T13115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.643083][T13203] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2489'.
[  321.671556][T13115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.694827][T13115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.734450][T13115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.137436][T13115] hsr_slave_0: entered promiscuous mode
[  322.145765][ T5114] Bluetooth: hci2: command tx timeout
[  322.154674][T13115] hsr_slave_1: entered promiscuous mode
[  322.176904][T13115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  322.200438][T13115] Cannot create hsr debugfs directory
[  322.228831][T13230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2497'.
[  322.686595][T13244] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  322.696648][T13244] macvtap1: entered allmulticast mode
[  322.708735][T13244] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  322.815895][T13248] netlink: 'syz.0.2503': attribute type 7 has an invalid length.
[  322.928520][T13254] netlink: 'syz.3.2504': attribute type 3 has an invalid length.
[  323.264001][T13260] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2507'.
[  323.691263][T13281] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2514'.
[  323.723143][T13281] netlink: 'syz.3.2514': attribute type 1 has an invalid length.
[  323.833421][T13285] 8021q: adding VLAN 0 to HW filter on device batadv2
[  323.849040][T13285] bond2: (slave batadv2): Enslaving as a backup interface with an up link
[  323.902355][T13115] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  323.930853][T13115] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  323.938995][T13287] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2515'.
[  323.952666][T13287] openvswitch: netlink: Geneve option length err (len 3060, max 255).
[  323.969335][T13115] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  324.002940][T13115] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  324.131012][T13293] FAULT_INJECTION: forcing a failure.
[  324.131012][T13293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.151294][T13293] CPU: 1 PID: 13293 Comm: syz.2.2517 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  324.161552][T13293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  324.171666][T13293] Call Trace:
[  324.174979][T13293]  <TASK>
[  324.177944][T13293]  dump_stack_lvl+0x241/0x360
[  324.182670][T13293]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.187906][T13293]  ? __pfx__printk+0x10/0x10
[  324.192538][T13293]  ? __pfx_lock_release+0x10/0x10
[  324.197614][T13293]  should_fail_ex+0x3b0/0x4e0
[  324.202341][T13293]  _copy_from_iter+0x1f6/0x1960
[  324.207232][T13293]  ? __virt_addr_valid+0x183/0x520
[  324.212386][T13293]  ? __pfx_lock_release+0x10/0x10
[  324.217450][T13293]  ? __alloc_skb+0x28f/0x440
[  324.222078][T13293]  ? __pfx__copy_from_iter+0x10/0x10
[  324.227401][T13293]  ? __virt_addr_valid+0x183/0x520
[  324.232552][T13293]  ? __virt_addr_valid+0x183/0x520
[  324.237704][T13293]  ? __virt_addr_valid+0x44e/0x520
[  324.242862][T13293]  ? __check_object_size+0x49c/0x900
[  324.248204][T13293]  netlink_sendmsg+0x73d/0xcb0
[  324.253022][T13293]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.258349][T13293]  ? __import_iovec+0x536/0x820
[  324.263238][T13293]  ? aa_sock_msg_perm+0x91/0x160
[  324.268203][T13293]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  324.273503][T13293]  ? security_socket_sendmsg+0x87/0xb0
[  324.278980][T13293]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.284277][T13293]  __sock_sendmsg+0x221/0x270
[  324.288975][T13293]  ____sys_sendmsg+0x525/0x7d0
[  324.293763][T13293]  ? __pfx_____sys_sendmsg+0x10/0x10
[  324.299078][T13293]  __sys_sendmsg+0x2b0/0x3a0
[  324.303683][T13293]  ? __pfx___sys_sendmsg+0x10/0x10
[  324.308810][T13293]  ? vfs_write+0x7c4/0xc90
[  324.313271][T13293]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  324.319606][T13293]  ? do_syscall_64+0x100/0x230
[  324.324383][T13293]  ? do_syscall_64+0xb6/0x230
[  324.329071][T13293]  do_syscall_64+0xf3/0x230
[  324.333579][T13293]  ? clear_bhb_loop+0x35/0x90
[  324.338267][T13293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.344167][T13293] RIP: 0033:0x7f483f575bd9
[  324.348587][T13293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.368204][T13293] RSP: 002b:00007f48402f5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  324.376632][T13293] RAX: ffffffffffffffda RBX: 00007f483f703f60 RCX: 00007f483f575bd9
[  324.384608][T13293] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  324.392582][T13293] RBP: 00007f48402f50a0 R08: 0000000000000000 R09: 0000000000000000
[  324.400556][T13293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.408530][T13293] R13: 000000000000004d R14: 00007f483f703f60 R15: 00007ffdc5712528
[  324.416525][T13293]  </TASK>
[  324.430329][ T5114] Bluetooth: hci2: command tx timeout
[  324.551289][T13115] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.614237][T13115] 8021q: adding VLAN 0 to HW filter on device team0
[  324.685642][ T5212] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.692817][ T5212] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.751163][ T5212] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.758392][ T5212] bridge0: port 2(bridge_slave_1) entered forwarding state
[  325.285932][T13330] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2531'.
[  325.368098][T13115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  325.960373][T13115] veth0_vlan: entered promiscuous mode
[  326.014146][T13115] veth1_vlan: entered promiscuous mode
[  326.114231][T13115] veth0_macvtap: entered promiscuous mode
[  326.124561][T13115] veth1_macvtap: entered promiscuous mode
[  326.154953][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.168540][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.178665][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.189842][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.200051][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.212068][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.224925][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.243772][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.253784][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  326.264535][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.279030][T13115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.328240][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.356235][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.377922][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.401237][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.426870][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.450283][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.466165][ T5114] Bluetooth: hci2: command tx timeout
[  326.482868][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.520627][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.554182][T13115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.568826][T13115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.581689][T13115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.643302][T13115] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.671067][T13115] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.696066][T13115] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.705169][T13115] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.111279][ T2406] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.148489][ T2406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.263077][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.292962][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.899231][ T5105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  328.910053][ T5105] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  328.918644][ T5105] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  328.952127][ T5105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  328.961094][ T5105] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  328.969253][ T5105] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  329.460723][ T5484] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.721217][T13409] chnl_net:caif_netlink_parms(): no params data found
[  329.832236][T13409] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.843593][T13409] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.851764][T13409] bridge_slave_0: entered allmulticast mode
[  329.860809][T13409] bridge_slave_0: entered promiscuous mode
[  329.900297][ T5484] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.933813][T13409] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.954606][T13409] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.968332][T13409] bridge_slave_1: entered allmulticast mode
[  329.991113][T13409] bridge_slave_1: entered promiscuous mode
[  330.054104][T13409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.067770][T13409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.117436][ T5484] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.151716][T13409] team0: Port device team_slave_0 added
[  330.160528][T13409] team0: Port device team_slave_1 added
[  330.200542][ T5484] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.236261][T13409] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.243258][T13409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.270477][T13409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.284601][T13409] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.292349][T13409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.320771][T13409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.401245][T13409] hsr_slave_0: entered promiscuous mode
[  330.411934][T13409] hsr_slave_1: entered promiscuous mode
[  330.418604][T13409] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.426673][T13409] Cannot create hsr debugfs directory
[  330.486798][ T5484] bridge_slave_1: left allmulticast mode
[  330.492513][ T5484] bridge_slave_1: left promiscuous mode
[  330.500840][ T5484] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.517250][ T5484] bridge_slave_0: left allmulticast mode
[  330.522938][ T5484] bridge_slave_0: left promiscuous mode
[  330.534018][ T5484] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.915367][ T5484] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.931646][ T5484] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.944269][ T5484] bond0 (unregistering): Released all slaves
[  331.026246][ T5114] Bluetooth: hci2: command tx timeout
[  331.380766][T13438] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2558'.
[  331.396880][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  331.407206][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  331.411072][T13438] tipc: Started in network mode
[  331.418857][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  331.429345][T13438] tipc: Node identity 1, cluster identity 4711
[  331.440184][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  331.446040][T13438] tipc: Node number set to 1
[  331.453368][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  331.461672][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  331.703880][T13445] netlink: 'syz.0.2561': attribute type 4 has an invalid length.
[  331.811747][ T5484] hsr_slave_0: left promiscuous mode
[  331.818637][ T5484] hsr_slave_1: left promiscuous mode
[  331.827815][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  331.835253][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_0
[  331.845397][ T5484] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  331.852907][ T5484] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.880544][ T5484] veth1_macvtap: left promiscuous mode
[  331.886164][ T5484] veth0_macvtap: left promiscuous mode
[  331.891851][ T5484] veth1_vlan: left promiscuous mode
[  331.897344][ T5484] veth0_vlan: left promiscuous mode
[  332.501009][ T5484] team0 (unregistering): Port device team_slave_1 removed
[  332.564233][T13459] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2565'.
[  332.594099][ T5484] team0 (unregistering): Port device team_slave_0 removed
[  333.106778][ T5114] Bluetooth: hci2: command tx timeout
[  333.153932][T13409] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  333.184759][T13409] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.202071][   T12] ------------[ cut here ]------------
[  333.208066][   T12] WARNING: CPU: 0 PID: 12 at net/wireless/sme.c:846 __cfg80211_connect_result+0x19ea/0x21d0
[  333.218739][   T12] Modules linked in:
[  333.222680][   T12] CPU: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  333.232911][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  333.243153][   T12] Workqueue: cfg80211 cfg80211_event_work
[  333.249015][   T12] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  333.255902][   T12] Code: a4 00 89 c3 31 ff 89 c6 e8 f3 20 b1 f6 85 db 74 29 e8 ba 4c 97 f6 84 c0 74 27 e8 a1 1c b1 f6 e9 84 00 00 00 e8 97 1c b1 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 81 1c b1 f6 eb
[  333.276505][   T12] RSP: 0018:ffffc900001179e0 EFLAGS: 00010293
[  333.282669][   T12] RAX: ffffffff8ae50a89 RBX: 0000000000000000 RCX: ffff8880172c5a00
[  333.291482][   T12] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  333.299559][   T12] RBP: ffffc90000117b00 R08: ffffffff8ae50659 R09: 1ffffffff25f78bd
[  333.307690][   T12] R10: dffffc0000000000 R11: fffffbfff25f78be R12: ffff88802ca53898
[  333.315824][   T12] R13: dffffc0000000000 R14: ffff88802ca53818 R15: ffff8880637fc000
[  333.323842][   T12] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  333.333181][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  333.339890][   T12] CR2: 00007f4360705a6c CR3: 0000000067218000 CR4: 00000000003506f0
[  333.348238][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  333.356433][   T12] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  333.364446][   T12] Call Trace:
[  333.367830][   T12]  <TASK>
[  333.370803][   T12]  ? __warn+0x163/0x4e0
[  333.375011][   T12]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  333.381779][   T12]  ? report_bug+0x2b3/0x500
[  333.387004][   T12]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  333.393140][   T12]  ? handle_bug+0x3e/0x70
[  333.397625][   T12]  ? exc_invalid_op+0x1a/0x50
[  333.402352][   T12]  ? asm_exc_invalid_op+0x1a/0x20
[  333.407513][   T12]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  333.413529][   T12]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  333.419611][   T12]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  333.425747][   T12]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  333.431961][   T12]  ? lockdep_hardirqs_on+0x99/0x150
[  333.437334][   T12]  cfg80211_process_wdev_events+0x356/0x510
[  333.443286][   T12]  cfg80211_process_rdev_events+0xac/0x110
[  333.449220][   T12]  ? process_scheduled_works+0x945/0x1830
[  333.454988][   T12]  cfg80211_event_work+0x2f/0x40
[  333.460057][   T12]  process_scheduled_works+0xa2c/0x1830
[  333.465744][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  333.471767][   T12]  ? assign_work+0x364/0x3d0
[  333.476491][   T12]  worker_thread+0x86d/0xd50
[  333.481735][   T12]  ? __kthread_parkme+0x169/0x1d0
[  333.487424][   T12]  ? __pfx_worker_thread+0x10/0x10
[  333.492585][   T12]  kthread+0x2f0/0x390
[  333.496816][   T12]  ? __pfx_worker_thread+0x10/0x10
[  333.501970][   T12]  ? __pfx_kthread+0x10/0x10
[  333.506736][   T12]  ret_from_fork+0x4b/0x80
[  333.511204][   T12]  ? __pfx_kthread+0x10/0x10
[  333.515917][   T12]  ret_from_fork_asm+0x1a/0x30
[  333.520754][   T12]  </TASK>
[  333.523818][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  333.531120][   T12] CPU: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  333.541214][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  333.551296][   T12] Workqueue: cfg80211 cfg80211_event_work
[  333.557071][   T12] Call Trace:
[  333.560373][   T12]  <TASK>
[  333.563326][   T12]  dump_stack_lvl+0x241/0x360
[  333.568042][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.573267][   T12]  ? __pfx__printk+0x10/0x10
[  333.577891][   T12]  ? vscnprintf+0x5d/0x90
[  333.582276][   T12]  panic+0x349/0x860
[  333.586207][   T12]  ? __warn+0x172/0x4e0
[  333.590407][   T12]  ? __pfx_panic+0x10/0x10
[  333.594865][   T12]  ? ret_from_fork_asm+0x1a/0x30
[  333.599850][   T12]  __warn+0x346/0x4e0
[  333.603869][   T12]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  333.609876][   T12]  report_bug+0x2b3/0x500
[  333.614238][   T12]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  333.620249][   T12]  handle_bug+0x3e/0x70
[  333.624438][   T12]  exc_invalid_op+0x1a/0x50
[  333.628962][   T12]  asm_exc_invalid_op+0x1a/0x20
[  333.633830][   T12] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  333.640435][   T12] Code: a4 00 89 c3 31 ff 89 c6 e8 f3 20 b1 f6 85 db 74 29 e8 ba 4c 97 f6 84 c0 74 27 e8 a1 1c b1 f6 e9 84 00 00 00 e8 97 1c b1 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 81 1c b1 f6 eb
[  333.660050][   T12] RSP: 0018:ffffc900001179e0 EFLAGS: 00010293
[  333.666126][   T12] RAX: ffffffff8ae50a89 RBX: 0000000000000000 RCX: ffff8880172c5a00
[  333.674100][   T12] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  333.682072][   T12] RBP: ffffc90000117b00 R08: ffffffff8ae50659 R09: 1ffffffff25f78bd
[  333.690059][   T12] R10: dffffc0000000000 R11: fffffbfff25f78be R12: ffff88802ca53898
[  333.698038][   T12] R13: dffffc0000000000 R14: ffff88802ca53818 R15: ffff8880637fc000
[  333.706026][   T12]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  333.712018][   T12]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  333.718048][   T12]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  333.724216][   T12]  ? lockdep_hardirqs_on+0x99/0x150
[  333.729431][   T12]  cfg80211_process_wdev_events+0x356/0x510
[  333.735338][   T12]  cfg80211_process_rdev_events+0xac/0x110
[  333.741170][   T12]  ? process_scheduled_works+0x945/0x1830
[  333.746897][   T12]  cfg80211_event_work+0x2f/0x40
[  333.751848][   T12]  process_scheduled_works+0xa2c/0x1830
[  333.757428][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  333.763433][   T12]  ? assign_work+0x364/0x3d0
[  333.768037][   T12]  worker_thread+0x86d/0xd50
[  333.772659][   T12]  ? __kthread_parkme+0x169/0x1d0
[  333.777695][   T12]  ? __pfx_worker_thread+0x10/0x10
[  333.782815][   T12]  kthread+0x2f0/0x390
[  333.786896][   T12]  ? __pfx_worker_thread+0x10/0x10
[  333.792012][   T12]  ? __pfx_kthread+0x10/0x10
[  333.796616][   T12]  ret_from_fork+0x4b/0x80
[  333.801043][   T12]  ? __pfx_kthread+0x10/0x10
[  333.805642][   T12]  ret_from_fork_asm+0x1a/0x30
[  333.810435][   T12]  </TASK>
[  333.813839][   T12] Kernel Offset: disabled
[  333.818275][   T12] Rebooting in 86400 seconds..