last executing test programs:

34.947685643s ago: executing program 4 (id=4305):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x64, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x880}, 0x10)
socketpair(0x3, 0x5, 0x10, &(0x7f0000000440))
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_LIST(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r4, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44061}, 0x800)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@rose={'rose', 0x0}, 0x10)
write$tun(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d0020000010110000000000d6aea350ba0200c600000000ff0200000000000000000000000000014f1cbd8a91b5a7749fb5c04e20001090"], 0x4a)

34.452815959s ago: executing program 4 (id=4314):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='xprt_reserve\x00', r0}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
socket$unix(0x1, 0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {&(0x7f0000000740)=""/236, 0xec}], 0x2}, 0x3}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010a00"/20, @ANYRES32=0x0, @ANYBLOB="1000100000000000280012800b0001006d616373656300001800028005000300100000000c0004"], 0x48}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000040000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf0fb04e500b0c0502df9de9ca3c00cb9a323d9b401bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9226e3550ee5520211d9370175fba303f003073afd1ec9f7c6133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80eff7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc0584b8e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cd43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a2288ff000000000000002bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0160516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c2e88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497613174f76a656ba5bacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b200000000002ef507ec6fc7f5dc431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5fe535ead88d7acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8ae7e1c8b4b4106a381cb67fdb86def4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61a73a758543651b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3c99e3f1310d41ab328c1f351b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000fd267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9741fd788fb6260ec043c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e0a12f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a845e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d04d3fed3c087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980dc58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7000000000000000000d43d07d546acb7009c0c4f6e57b8577d2113bfca1939b9bf757265e175c1863a7c8d7640675830dc11d5d59546daf2385a7074f770c8333b21e2fb660141bc4f1ed45f703da6ac2557ab6952fd0c300000000000000000005b44bff4e3966fdfc9b720412bec09936b08e440c774e2224f2d338fab2acc5014f74e420988486de2ace27ce59379378ca34eeedbd9a323a889f295e5d3bae64fc48ba194fc70973b39525123668e6a0be1e732aa5e2a0d4373a0b76d84f018d45bdf6f12d6d5d23a0331c3ae5e99a2bcdb52386135ea15890007e1cba5e52a04971139272012ae5542ba109a9d2f49963a195e2fdffe6bdce6fa78ab2ded1ff74f9e54f1b82da2d444f9727be708710b90a872282f4dce55468a681e"], &(0x7f0000000340)='GPL\x00'}, 0x94)

34.299025353s ago: executing program 2 (id=4316):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x20008885)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

34.276287198s ago: executing program 1 (id=4317):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000310001072abd70000000000003"], 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x810}, 0x40000)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$llc(0xffffffffffffffff, &(0x7f0000000340)="5455116b7cfe46195ecc20207e53653855cc317dcbe04046087c90900cd455330000000046be7645894872d37d75da7f2b5e873eb0deb6dff2a98100000000000000030000970ba65001b7048d93fda1ef42d59296dfcf959eaba27b9ea5da5dc050e746287fb3690100000000000000ef463e1c685b9b163602eabad6e0bc2143b43fdebf63b1e265e9c52f515a5b9e93207b54173251f5871f6b5a051e7f2693a9ce0269706c109085200f3d5b7f4447e544ebf22de0e3b2a6aa9d265215c6a55f3c360986dd00cfacc2fea753ecd4c0f5d5962634c42b65edd3dd0f4589fb828c9bd4796c404b5809e8d03319b3f156497eb1192a9f9c9497859799edef526aa92cd5616f8e8042a4977c0278d405d67894f5adc1dc96821e9cb34edefff41adf8774366e08f4b74c", 0x12a, 0x0, 0x0, 0x0)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @in6={0xa, 0x4e20, 0x0, @loopback, 0x3}]}, &(0x7f0000000180)=0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r3, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r5 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000001640)={&(0x7f0000000040)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x43}, @multicast1}}}], 0x20}, 0x20002800)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x1, 0x4, 0x2, @vifc_lcl_addr=@loopback, @remote}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)

34.155781554s ago: executing program 2 (id=4318):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1f0, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0x1b8, 0x2, [@TCA_ROUTE4_ACT={0x1b4, 0x6, [@m_vlan={0x84, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x45, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b410352"}, {0xc}, {0xc}}}, @m_bpf={0x12c, 0xa, 0x0, 0x0, {{0x8}, {0x4c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x3, 0x0, 0x1, 0x9}]}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x3, 0x5, 0x7f}, {0x4, 0x0, 0xe7}, {0x3373, 0x7, 0x5, 0xe786f6ae}, {0x2, 0x1c, 0xb0, 0x20000000}]}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x8}]}, {0xba, 0x6, "8eb55930760aaf0b59772c5971036fba8994239acc2d66a896c98c740ca7d203000000000000002a326cef7c8ba136d0bce7d5be2f44c0f7df2af8b58cd15301925bdef87ac2e982db6d48439b06b9d7e9e88cb4d0262a5d0900461c33b2f76470602416519436d7f6f3d3dec1bf02a5ce6e83f8664d689fd77f1519cfac04b8ebd7ea20e82977ee8d8e46d44e8f8c8485af903929b1f3288322548d9e6a92389a03899eaaba97faeef8863180bc96804713e41b3d6d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x4004}, 0x20008885)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b000000000000", 0x10, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

34.141992178s ago: executing program 4 (id=4319):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = socket$igmp6(0xa, 0x3, 0x2)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000006, 0x42073, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001100)=@newqdisc={0x4a4, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xb}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x474, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2}}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x64, 0x2, 0x3, 0x17, 0xd, 0x8, 0x1}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x2}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_STAB={0x104, 0x2, "efdd44a72552107695b924ad07818eaccac4c8414f092860704582f2da2ea1f55bda60e7999dd1f15236c6c5cbddd543f90d38a4fecc3df5da0e21fa328e9f50f54383587837e08ea625eb65de53db7d6d5610744bf2fb8fe9691adce728c5ac13d25277b3981d9b603a5f8349e9e0210b7f6c0a74e8828fd5044531863568e5b9aaa72eb3eeb0fc99ded8dfc0816291f31189e419c3463a6062dce3738b95b0283f5db1fb9c80a70590712862a0b7962a104469341edaa57ef2fdecc6d62254222585cb5354f9e7bd81711a7406f36897bf46e3a3f93b697b60b65260abee138cc94fdd65cc0a83e1fc15211f6fc4fe98f54fc932d603aae891beb687c168a4"}, @TCA_CHOKE_STAB={0x104, 0x2, "dc542b4e237011fb38ddb228806571a8633206e26df63a43bbc516382325dedd79c1cf0a26379dfaf72cb5ab9ab7efe16f312ee9ab598d1ac0d7903ac69c51f1b6842ebecf00dec5deff737b59f0c1f0b57cc6c2b7b8c5b2c527aafa57222f4bd2355ccab39fa20d4033b6b687491532080101805feb9c6fa8a56a77186efcb394ce1a1cd7f2130835e3bf9e3ac25d0a102a808be13beb51f37da6d10046f131834545ee5013f43e41e91eb18a12c28540ab4106286e0f7568f6a9cd0c0da51df08e42848096b25d455ebec9adfd6e493d8c9725bc2d49bbbae0a5375b359f91d9dad20ed109ffbc52469cffd2cf5df7773f7a4c72ae167485315c326281efc4"}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "a2a88faa7ec665a571a9ad3d1f9512e3c591df4a4554c6c2e2cc6cb4d9aee4579684743ad4888f1522a47ddaff3d4f9450d288e8559bc4f795aa0d1bc74d926038adb808cba6e90535b2eb8ba3e8ff927207d17a86b10d604e77a459df67e7f0c842d463ca5977b7e2eb55fbb9881d15633717817c735da52a1da7d64bb22e58550d8ee20883e41ec2f119a6a6364d68900c1cce4a3b3225a9ce9e1e00b444e9e7bcd10e1dec202ce7786aa7cf10d4dd6bbcee586d7903a6239ff90b49cd7fddb0c67ddab326cdb2d0fa48a783f691be9ebaa1243b21afd04a372650aa7eb46a2675cc67ae12d3b99c9acb4d9fb7c78081d269b443affd86eededd4867311221"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x3}}, @TCA_CHOKE_STAB={0x104, 0x2, "554b956aa3fcfbc4a187baf0437163b5d33108db016465f92a93480d2c246d90f03741da6ee916f7c9917dbd81da67d6150151679559af9402b932745d19fbfbd679c133c471d0045f5f95015c7590818bac85598b6a844cb2c2d277aaca9a88ee0e6a834ba02b4e549f11fb13e9fe33730c55997f2d3b7e6469210db81587fc522295f49a78f4e08ddfb0117e0000000000000158a3500cdc3e6725a79dcd3731c37083c3bbe73c43e7e2ea82c72986a1499c677c565ea1cfc874e7e978e4ebe8d338f0b37807d40333ee570133982998623ec809826f1009856a9d9d8e839c65d3ead78c6b3cb8f7beee8e59f19de93d06628a2cdfa4333d96882b96c36cc3"}]}}]}, 0x4a4}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r6=>0x0}, &(0x7f0000000080)=0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@remote, @in6=@mcast1, 0x4e22, 0x4a9, 0x4e21, 0x4, 0x2, 0x80, 0x0, 0x2b, r5, r6}, {0x8, 0x3, 0x1, 0x1, 0x8000000000000001, 0x40, 0x65, 0x978}, {0xffffffff, 0x0, 0x7, 0xffffffff}, 0x8d6a, 0x6e6bbd, 0x0, 0x1, 0x3, 0x3}, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfffffff8, 0xff}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x29}, 0x3500, 0x1, 0x2, 0x4, 0x7ff, 0x9, 0x7}}, 0xe8)
sendmmsg$sock(r1, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000b0a500007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r10)
sendmsg$NLBL_MGMT_C_ADDDEF(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r11, 0x1}, 0x14}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="c235535a17ac64791bbe00309033", 0x0, 0x7fffffff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffe24, &(0x7f0000000000)='/proc/3\x00\xff\xff\xffat\x00AE\xf44.\xab%j'}, 0x30)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0), 0x10)
shutdown(r1, 0x1)

34.060345763s ago: executing program 3 (id=4320):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x8, &(0x7f0000006680)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback=0x33}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB='/\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00', @ANYRES32=r0], 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

34.041836932s ago: executing program 1 (id=4321):
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wpan0\x00'})
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r1, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000040)=@rose={'rose', 0x0}, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="09000004000006094000000a0000000000000000246d0635559e61ffb32ff39e15fa50a288d5ad4507f03491bd865ec2428a29b8f508616e956312a696e8dda7c91d26b8108fc420c0f926aa620680129abc7680349b08d56490086c25bfb6ced707c8e384fc508347808bda025e5324eee7cd761e741d05c7754cafd4", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd11=\x11\xc8\xdd\x15\xcc\xd2\xf1d\'%\x11c\x91l,'}, 0x30)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0), 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000080)=0x2e, 0x4)
sendmmsg$inet(r3, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)

33.940025904s ago: executing program 2 (id=4322):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x8, &(0x7f0000006680)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback=0x33}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB='/\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00', @ANYRES32=r0], 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000080)=@udp}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
accept4(r3, &(0x7f00000002c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, &(0x7f0000000540)=0x80, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45", 0xc8}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

33.713231147s ago: executing program 3 (id=4323):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$TCPDIAG_GETSOCK(r2, 0x0, 0x4)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

33.651347603s ago: executing program 3 (id=4324):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r2=>0x0})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00005d3000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000691000/0x4000)=nil, 0x4000, 0x3, 0x28011, r4, 0x0)
mmap(&(0x7f0000867000/0x2000)=nil, 0x2000, 0x0, 0x11, r4, 0x1000)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000497000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r5, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f00005d5000/0x2000)=nil, 0x2000, 0x3, 0x28011, r7, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000497000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r8, 0xb4807000)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x1, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, 0x49810, 0x3}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_BACKUP_PORT={0x8}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040485}, 0x4000000)

33.582514217s ago: executing program 2 (id=4325):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f38437", 0x7}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000580)=[{0x3, 0x2, {0x0, 0x1, 0x2}, {}, 0x2}, {0x2, 0x3, {0x2, 0xff, 0x2}, {0x2, 0x1, 0x1}, 0x1, 0x2}, {0x2, 0x2, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, 0x1, 0x2}, {0x1, 0x1, {0x0, 0x1, 0x1}, {0x2}, 0xfd, 0xfd}], 0x80)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

33.384074967s ago: executing program 0 (id=4326):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1fc, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0x1c4, 0x2, [@TCA_ROUTE4_ACT={0x1c0, 0x6, [@m_vlan={0x84, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x45, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b410352"}, {0xc}, {0xc}}}, @m_bpf={0x138, 0xa, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x3, 0x0, 0x1, 0x9}]}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x3, 0x5, 0x7f}, {0x4, 0x0, 0xe7}, {0x3373, 0x7, 0x5, 0xe786f6ae}, {0x2, 0x1c, 0xb0, 0x20000000}]}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x8}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x7, 0x3, 0x9, 0x8}]}]}, {0xba, 0x6, "8eb55930760aaf0b59772c5971036fba8994239acc2d66a896c98c740ca7d203000000000000002a326cef7c8ba136d0bce7d5be2f44c0f7df2af8b58cd15301925bdef87ac2e982db6d48439b06b9d7e9e88cb4d0262a5d0900461c33b2f76470602416519436d7f6f3d3dec1bf02a5ce6e83f8664d689fd77f1519cfac04b8ebd7ea20e82977ee8d8e46d44e8f8c8485af903929b1f3288322548d9e6a92389a03899eaaba97faeef8863180bc96804713e41b3d6d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x4004}, 0x20008885)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

33.179263116s ago: executing program 0 (id=4327):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002380)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xc, 0x8}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x10}, {0x0, 0xfff1}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x4041080) (fail_nth: 1)

33.174698082s ago: executing program 1 (id=4328):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'nr0\x00', 0xe43986f95b0e4309}) (async)
ioctl$TUNGETSNDBUF(r0, 0x400454dc, 0x0) (async)
r1 = socket$inet(0x2, 0x3, 0x14) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000100000000000000000000000000000f0000009500000000000000e7e49cb79d606d1a0dad0d6c0a33a540e75c6c0271c1ecd2e171d4b722709070af21c6b9f4888e29e021565fa6bc6c9bff4ff159434c3dea73df32a2a757d2a69e4b1a74440ff2d693971773090f87fb04df4258c1012cf2fe659e47c3726519f8da3a6a8b35cc4bb325906246d29d245164e24443824305a75b472d06cf36b2fe3aed16d8a389929982edeefa3c76e36e604c82d97b792a424a863015a2c73db75d8420467963ea3e02438d742dda6a234f519a4d506ca48a4c0afe4e3dcb36d185cf00de97a514d110fa3148ba59487de454333b69d00321c45c9efc0f55c1e853de3501e4bbd017c807e6d7466649c8b3a457163b6879d0d0acc176ca88b0f43c75a01fad273624b60129f8d5a5ebf8797a24f552c200ab210c61c8c21fcefdca5b8dac71cc0685bf2b257e28"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='rxrpc_rx_rwind_change\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x2, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000002100)="0800a9fc0da6b30a", 0x8}], 0x1, &(0x7f0000001d00)=ANY=[@ANYBLOB="18000000000000000000000007000000890704ac1414aa0011000000000000000000000001"], 0x30}, 0x4040810)
setsockopt$MRT_DEL_VIF(r1, 0x0, 0xcb, 0x0, 0x0) (async)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000080)=0x4)

33.047218941s ago: executing program 2 (id=4329):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
unshare(0x68040200)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfd}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=@newtfilter={0x4c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c8d0}, 0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xb, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
mmap(&(0x7f0000feb000/0x14000)=nil, 0x14000, 0x3000004, 0x40010, r5, 0x3f38e000)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x40, 0x5d, 0x2, 0x190b87f7}, {0x6, 0x0, 0x6, 0x1}]}, 0x10)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000140)="24000000010006", 0x7)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r3)
r9 = socket(0x848000000015, 0x805, 0x0)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x3ff}, 0x1c)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x1c, r8, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000}, 0x0)
connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$sock(r7, &(0x7f0000000500), 0x0, 0x40440d4)
shutdown(r7, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kyber_adjust\x00', 0xffffffffffffffff, 0x0, 0x81}, 0x18)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r10, 0x84, 0xc, &(0x7f0000000100), 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r10, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @remote}], 0x10)

32.954606544s ago: executing program 3 (id=4330):
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='freezer.state\x00', 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x3d, 0x0, 0x1, 0x20}, {0x6, 0x0, 0x0, 0x41}]})

32.588459835s ago: executing program 0 (id=4331):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000310001072abd70000000000003"], 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x810}, 0x40000)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$llc(0xffffffffffffffff, &(0x7f0000000340)="5455116b7cfe46195ecc20207e53653855cc317dcbe04046087c90900cd455330000000046be7645894872d37d75da7f2b5e873eb0deb6dff2a98100000000000000030000970ba65001b7048d93fda1ef42d59296dfcf959eaba27b9ea5da5dc050e746287fb3690100000000000000ef463e1c685b9b163602eabad6e0bc2143b43fdebf63b1e265e9c52f515a5b9e93207b54173251f5871f6b5a051e7f2693a9ce0269706c109085200f3d5b7f4447e544ebf22de0e3b2a6aa9d265215c6a55f3c360986dd00cfacc2fea753ecd4c0f5d5962634c42b65edd3dd0f4589fb828c9bd4796c404b5809e8d03319b3f156497eb1192a9f9c9497859799edef526aa92cd5616f8e8042a4977c0278d405d67894f5adc1dc96821e9cb34edefff41adf8774366e08f4b74c", 0x12a, 0x0, 0x0, 0x0)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @in6={0xa, 0x4e20, 0x0, @loopback, 0x3}]}, &(0x7f0000000180)=0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r3, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r5 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000001640)={&(0x7f0000000040)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x43}, @multicast1}}}], 0x20}, 0x20002800)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x1, 0x4, 0x2, @vifc_lcl_addr=@loopback, @remote}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)

32.526265597s ago: executing program 4 (id=4332):
r0 = socket$inet(0x2, 0x80001, 0x84)
r1 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r1, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
listen(r1, 0x3)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000580)=[@in={0x2, 0x4e20, @private=0xa010101}, @in6={0xa, 0x4e22, 0x0, @local, 0x1}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e24, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xa}, @in6={0xa, 0x4e24, 0x5, @mcast1, 0x3}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xd}}, @in6={0xa, 0x4e21, 0x7, @remote, 0x7ff}, @in6={0xa, 0x4e23, 0x906, @rand_addr=' \x01\x00', 0x5}, @in6={0xa, 0x4e24, 0xfffffffb, @private0, 0x1}, @in6={0xa, 0x4e22, 0x800, @mcast1, 0x5}], 0xf4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0xfffffffffffffcfa, 0x2, "547d9ed0effe82c024750032ea49f09c72384049bcc87e42ca7e2c78d6a85178e447e32b5f4e4fabff6fb16a40901dc4221e42eb745b6332c476d0c3aefed8dc95af179570cf8cc43bc29eb93c6e78f5e1153d3d7c1542f77dc4b29877e2002685e850f2969cf2164fbf8db7e1713786899d2a8ab03ca5accb2e9b50e1fb7a4e3681b35f0f68461daa4f4e1583b9a02195dee35ae7c8bca085399157d5f30c2ec691c39267b2655c782b363a11645a0c78a39fab8c0ce69f11f2db45ee16e2975a80664f687d01bd7444244a25bdb9ec5b0fa8b1afc0254ddbca2e22ca1b189502b74d7ec4665c23804df713183d428f50a0d64e31e110c707eb3fe69f437992"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0xffffffff, 0x401, 0xffff, 0x2, 0xc, 0xe, 0x24}}]}}]}, 0x14c}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
bind$inet(r0, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
listen(r0, 0x3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r4)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)={0x20, r5, 0x1b09, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x20000000)
close(0x4)
r6 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r6, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0xb, 0x3, 0x3, 0x4, 0x0, 0x70bd26, 0x25dfdbfe, [@sadb_x_sa2={0x2, 0x13, 0x2, 0x0, 0x0, 0x70bd2b}]}, 0x20}}, 0x40014)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0)
sendmsg$AUDIT_USER_TTY(r2, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x98, 0x464, 0x4, 0x70bd26, 0x25dfdbfc, "45b07fae7f859c6e383cde8b03aee8bb498f108cb433642c92dce6fc580c1b699106c58df6f4da4e99065e0d07958d6e055926f91006fd1b52c04aea7bd33fc6730dee6d433f7dbda87a625ff550859109b0a218663d9813cbaa4dd086bc233a25ae7687510a4f0cc92af4cd6e2c217de474daa6adb00abeb84441058cfb66984f51ce198b9b5da4", ["", ""]}, 0x98}, 0x1, 0x0, 0x0, 0x200000c0}, 0x8001)
socket$inet_mptcp(0x2, 0x1, 0x106)

32.402254493s ago: executing program 1 (id=4333):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x0, 0x1c}, 0x28)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a31000000000800054000000002090002"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

32.30867077s ago: executing program 0 (id=4334):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

32.278484089s ago: executing program 4 (id=4335):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

32.250513222s ago: executing program 3 (id=4336):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b000000", @ANYRES32=r2, @ANYBLOB="08002600ad16000040003300"], 0x68}}, 0x0)

32.167629204s ago: executing program 1 (id=4337):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1fc, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xd}, {0x0, 0xffea}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_route={{0xa}, {0x1c4, 0x2, [@TCA_ROUTE4_ACT={0x1c0, 0x6, [@m_vlan={0x84, 0x6, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1b6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x45, 0x6, "657c8f856bb2bb5d377d3e798375b1d28aa9ff79c5750c001846426a94e358dab26224b357e0bd9c9b84cfee21ec99f48cf585ab10ae01a9ffc67e6ad19b410352"}, {0xc}, {0xc}}}, @m_bpf={0x138, 0xa, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x3, 0x0, 0x1, 0x9}]}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x3, 0x5, 0x7f}, {0x4, 0x0, 0xe7}, {0x3373, 0x7, 0x5, 0xe786f6ae}, {0x2, 0x1c, 0xb0, 0x20000000}]}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x8}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x7, 0x3, 0x9, 0x8}]}]}, {0xba, 0x6, "8eb55930760aaf0b59772c5971036fba8994239acc2d66a896c98c740ca7d203000000000000002a326cef7c8ba136d0bce7d5be2f44c0f7df2af8b58cd15301925bdef87ac2e982db6d48439b06b9d7e9e88cb4d0262a5d0900461c33b2f76470602416519436d7f6f3d3dec1bf02a5ce6e83f8664d689fd77f1519cfac04b8ebd7ea20e82977ee8d8e46d44e8f8c8485af903929b1f3288322548d9e6a92389a03899eaaba97faeef8863180bc96804713e41b3d6d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x4004}, 0x20008885)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

32.01043581s ago: executing program 0 (id=4338):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@bridge_newvlan={0x7c, 0x70, 0x1, 0x70bd2c, 0x25dfdbfc, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x13, 0x2}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x7e, 0x3}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xa}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0x9}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5, 0x3, 0x1}}, @BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x5}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0x5}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x7}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20040485}, 0x4000000)

31.960528343s ago: executing program 3 (id=4339):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704", 0x8}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000580)=[{0x3, 0x2, {0x0, 0x1, 0x2}, {}, 0x2}, {0x2, 0x3, {0x2, 0xff, 0x2}, {0x2, 0x1, 0x1}, 0x1, 0x2}, {0x2, 0x2, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, 0x1, 0x2}, {0x1, 0x1, {0x0, 0x1, 0x1}, {0x2}, 0xfd, 0xfd}], 0x80)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

31.960059213s ago: executing program 4 (id=4340):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40480d5)
socket$kcm(0x2, 0xa, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x400, 0xff, 0x630, 0x243, 0x2, 0x2, 0x9, 0xfb33}, 0x0, 0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={[0x5]}, 0x8})
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000001fc0)=""/4098, 0x1002}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000880)=""/204, 0xcc}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
socket$inet(0x2, 0x2, 0xfffffffc)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$inet(0x2, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept(r5, &(0x7f0000000180)=@nl=@unspec, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)

31.854470214s ago: executing program 0 (id=4341):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9", 0x8)
r1 = accept(r0, 0x0, 0x0)
sendmsg$SOCK_DESTROY(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x15, 0x2, 0x70bd2b, 0x25dfdc00, {0x23, 0x7}}, 0x14}}, 0x80)
recvmmsg$unix(r1, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/207, 0xcf}], 0x1}}], 0x1, 0x20c0, 0x0)

31.82929304s ago: executing program 2 (id=4342):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000040)={'gretap0\x00', <r0=>0x0, 0x8, 0x20, 0x5, 0xffffffff, {{0x1a, 0x4, 0x0, 0x22, 0x68, 0x65, 0x0, 0x1, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @local, {[@timestamp={0x44, 0x10, 0xa9, 0x0, 0x3, [0x8, 0x10001, 0x6]}, @timestamp={0x44, 0x18, 0x13, 0x0, 0x9, [0x0, 0x2, 0xfba, 0x101, 0x1]}, @timestamp_addr={0x44, 0x24, 0xb, 0x1, 0x9, [{@rand_addr=0x64010100, 0x800}, {@local, 0x2}, {@local, 0x2}, {@dev={0xac, 0x14, 0x14, 0x3e}, 0xffffff31}]}, @lsrr={0x83, 0x7, 0x46, [@multicast2]}, @end]}}}}})
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000140), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x1, 0x3, 0x7, 0x20004, 0xffffffffffffffff, 0x800, '\x00', r0, r1, 0x3, 0x0, 0x4}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)=@l2tp={0x2, 0x0, @private=0xa010100}, 0x80, 0x0}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x73, 0xfffff034}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0x110, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x90)

31.827899254s ago: executing program 1 (id=4343):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
close(r0) (fail_nth: 1)

492.089349ms ago: executing program 32 (id=4341):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9", 0x8)
r1 = accept(r0, 0x0, 0x0)
sendmsg$SOCK_DESTROY(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x15, 0x2, 0x70bd2b, 0x25dfdc00, {0x23, 0x7}}, 0x14}}, 0x80)
recvmmsg$unix(r1, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/207, 0xcf}], 0x1}}], 0x1, 0x20c0, 0x0)

410.686038ms ago: executing program 33 (id=4343):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
close(r0) (fail_nth: 1)

287.779241ms ago: executing program 34 (id=4342):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000040)={'gretap0\x00', <r0=>0x0, 0x8, 0x20, 0x5, 0xffffffff, {{0x1a, 0x4, 0x0, 0x22, 0x68, 0x65, 0x0, 0x1, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @local, {[@timestamp={0x44, 0x10, 0xa9, 0x0, 0x3, [0x8, 0x10001, 0x6]}, @timestamp={0x44, 0x18, 0x13, 0x0, 0x9, [0x0, 0x2, 0xfba, 0x101, 0x1]}, @timestamp_addr={0x44, 0x24, 0xb, 0x1, 0x9, [{@rand_addr=0x64010100, 0x800}, {@local, 0x2}, {@local, 0x2}, {@dev={0xac, 0x14, 0x14, 0x3e}, 0xffffff31}]}, @lsrr={0x83, 0x7, 0x46, [@multicast2]}, @end]}}}}})
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000140), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x1, 0x3, 0x7, 0x20004, 0xffffffffffffffff, 0x800, '\x00', r0, r1, 0x3, 0x0, 0x4}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)=@l2tp={0x2, 0x0, @private=0xa010100}, 0x80, 0x0}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x73, 0xfffff034}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0x110, 0x71, 0x10, 0x1a}}, &(0x7f0000000480)='syzkaller\x00', 0x5}, 0x90)

144.411001ms ago: executing program 35 (id=4339):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704", 0x8}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000580)=[{0x3, 0x2, {0x0, 0x1, 0x2}, {}, 0x2}, {0x2, 0x3, {0x2, 0xff, 0x2}, {0x2, 0x1, 0x1}, 0x1, 0x2}, {0x2, 0x2, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, 0x1, 0x2}, {0x1, 0x1, {0x0, 0x1, 0x1}, {0x2}, 0xfd, 0xfd}], 0x80)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

0s ago: executing program 36 (id=4340):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40480d5)
socket$kcm(0x2, 0xa, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x400, 0xff, 0x630, 0x243, 0x2, 0x2, 0x9, 0xfb33}, 0x0, 0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={[0x5]}, 0x8})
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000001fc0)=""/4098, 0x1002}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000880)=""/204, 0xcc}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
socket$inet(0x2, 0x2, 0xfffffffc)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$inet(0x2, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept(r5, &(0x7f0000000180)=@nl=@unspec, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)

kernel console output (not intermixed with test programs):

imeout
[  325.098757][T14137] chnl_net:caif_netlink_parms(): no params data found
[  325.508669][T14137] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.516028][T14137] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.544391][T14137] bridge_slave_0: entered allmulticast mode
[  325.568769][T14137] bridge_slave_0: entered promiscuous mode
[  325.589511][T14137] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.603229][T14137] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.614334][T14137] bridge_slave_1: entered allmulticast mode
[  325.643613][T14137] bridge_slave_1: entered promiscuous mode
[  325.855503][T14137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.866728][ T5879] Bluetooth: hci2: command tx timeout
[  325.915662][T14137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.985484][T14226] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3224'.
[  326.031924][T14137] team0: Port device team_slave_0 added
[  326.071471][T14137] team0: Port device team_slave_1 added
[  326.210381][T14232] pimreg: entered allmulticast mode
[  326.218019][T14137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.225148][T14137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.301739][T14137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.333532][T14232] pimreg: left allmulticast mode
[  326.378159][T14137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.385246][T14137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.421080][T14137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.609369][T14137] hsr_slave_0: entered promiscuous mode
[  326.628658][T14137] hsr_slave_1: entered promiscuous mode
[  326.635655][T14137] debugfs: 'hsr0' already exists in 'hsr'
[  326.644397][T14137] Cannot create hsr debugfs directory
[  327.235705][T14137] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.364449][T14137] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.501038][T14137] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.660011][T14137] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.951097][ T5879] Bluetooth: hci2: command tx timeout
[  328.087082][T14301] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3258'.
[  328.108437][T14301] bridge_slave_1: left allmulticast mode
[  328.115807][T14301] bridge_slave_1: left promiscuous mode
[  328.122496][T14301] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.133168][T14301] bridge_slave_0: left allmulticast mode
[  328.139457][T14301] bridge_slave_0: left promiscuous mode
[  328.145212][T14301] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.212292][T14137] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  328.241688][T14137] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  328.294656][T14137] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  328.341509][T14137] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  328.644639][T14137] 8021q: adding VLAN 0 to HW filter on device bond0
[  328.753027][T14137] 8021q: adding VLAN 0 to HW filter on device team0
[  328.785307][ T6713] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.792699][ T6713] bridge0: port 1(bridge_slave_0) entered forwarding state
[  328.889730][ T6713] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.897026][ T6713] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.509573][T14137] 8021q: adding VLAN 0 to HW filter on device batadv0
[  329.626035][T14137] veth0_vlan: entered promiscuous mode
[  329.661947][T14137] veth1_vlan: entered promiscuous mode
[  329.741633][T14137] veth0_macvtap: entered promiscuous mode
[  329.774210][T14137] veth1_macvtap: entered promiscuous mode
[  329.829924][T14137] batman_adv: batadv0: Interface activated: batadv_slave_0
[  329.865278][T14137] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.903955][   T71] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.923308][   T71] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.964426][   T71] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.993859][   T71] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.026994][ T5879] Bluetooth: hci2: command tx timeout
[  330.438762][T14383] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3286'.
[  330.449857][T14383] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3286'.
[  330.453752][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.491296][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.582281][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.602632][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.174070][T14392] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  331.963716][T14419] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3299'.
[  331.978083][T14419] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3299'.
[  331.993568][T14421] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3300'.
[  332.003922][T14421] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3300'.
[  332.107380][ T5879] Bluetooth: hci2: command tx timeout
[  332.701908][T14443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3310'.
[  332.746764][T14443] bridge_slave_1: left allmulticast mode
[  332.779190][T14443] bridge_slave_1: left promiscuous mode
[  332.806159][T14443] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.880669][T14443] bridge_slave_0: left allmulticast mode
[  332.901376][T14446] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3313'.
[  332.902363][T14443] bridge_slave_0: left promiscuous mode
[  332.941804][T14443] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.951094][T14446] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3313'.
[  333.384049][T14455] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3316'.
[  333.410955][T14455] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3316'.
[  333.774723][ T5880] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  333.785965][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  333.803154][ T5880] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  333.813403][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  333.823850][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  334.256320][T14479] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3324'.
[  335.203812][T14510] pimreg: entered allmulticast mode
[  335.318097][T14510] pimreg: left allmulticast mode
[  335.668358][T14470] chnl_net:caif_netlink_parms(): no params data found
[  335.866859][ T5879] Bluetooth: hci3: command tx timeout
[  336.091499][T14470] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.116999][T14470] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.133556][T14470] bridge_slave_0: entered allmulticast mode
[  336.145116][T14470] bridge_slave_0: entered promiscuous mode
[  336.198416][T14470] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.205721][T14470] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.229939][T14470] bridge_slave_1: entered allmulticast mode
[  336.244584][T14470] bridge_slave_1: entered promiscuous mode
[  336.478754][T14470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.512125][T14470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.640159][T14470] team0: Port device team_slave_0 added
[  336.695681][T14470] team0: Port device team_slave_1 added
[  336.806177][T14470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.814435][T14470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.865612][T14470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.931201][T14470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.950481][T14470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.985687][T14470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.085298][T14551] syzkaller0: entered promiscuous mode
[  337.115875][T14551] syzkaller0: entered allmulticast mode
[  337.334698][T14470] hsr_slave_0: entered promiscuous mode
[  337.349375][T14470] hsr_slave_1: entered promiscuous mode
[  337.356073][T14470] debugfs: 'hsr0' already exists in 'hsr'
[  337.363727][T14470] Cannot create hsr debugfs directory
[  337.846963][T14571] __nla_validate_parse: 4 callbacks suppressed
[  337.846986][T14571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3361'.
[  337.976614][ T5879] Bluetooth: hci3: command tx timeout
[  338.004680][T14572] pimreg: entered allmulticast mode
[  338.165707][T14470] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.195431][T14470] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.307270][T14583] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3366'.
[  338.383586][T14470] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.394253][T14470] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.439075][T14587] syzkaller0: entered promiscuous mode
[  338.455677][T14587] syzkaller0: entered allmulticast mode
[  338.552993][T14470] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.579003][T14470] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.709628][T14470] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.723604][T14470] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.972676][T14606] netlink: 'syz.2.3374': attribute type 10 has an invalid length.
[  339.026096][T14606] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  339.118789][T14470] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  339.189201][T14470] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  339.189792][T14612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3377'.
[  339.224156][T14470] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  339.265004][T14612] bridge_slave_1: left allmulticast mode
[  339.272850][T14612] bridge_slave_1: left promiscuous mode
[  339.284546][T14612] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.310944][T14612] bridge_slave_0: left allmulticast mode
[  339.327068][T14612] bridge_slave_0: left promiscuous mode
[  339.334201][T14612] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.454590][T14470] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  339.663153][T14630] syzkaller0: entered promiscuous mode
[  339.674228][T14630] syzkaller0: entered allmulticast mode
[  339.983752][T14470] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.026640][ T5879] Bluetooth: hci3: command tx timeout
[  340.092034][T14470] 8021q: adding VLAN 0 to HW filter on device team0
[  340.142925][   T71] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.150197][   T71] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.199342][   T71] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.206606][   T71] bridge0: port 2(bridge_slave_1) entered forwarding state
[  341.009639][T14470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.081155][T14680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3403'.
[  341.131981][T14680] bridge_slave_1: left allmulticast mode
[  341.147749][T14680] bridge_slave_1: left promiscuous mode
[  341.155901][T14680] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.185782][T14680] bridge_slave_0: left allmulticast mode
[  341.193978][T14680] bridge_slave_0: left promiscuous mode
[  341.228489][T14680] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.322223][T14688] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3407'.
[  341.375761][T14470] veth0_vlan: entered promiscuous mode
[  341.471012][T14690] Bluetooth: MGMT ver 1.23
[  341.553722][T14470] veth1_vlan: entered promiscuous mode
[  341.665314][T14470] veth0_macvtap: entered promiscuous mode
[  341.694016][T14470] veth1_macvtap: entered promiscuous mode
[  341.761090][T14470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.811730][T14470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  341.845095][ T6713] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  341.934210][ T6713] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.955265][ T6713] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  342.108270][ T5879] Bluetooth: hci3: command tx timeout
[  342.137147][ T6713] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.326756][   T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.356622][   T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.606375][T14713] netlink: 'syz.3.3416': attribute type 1 has an invalid length.
[  342.609243][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.651699][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.740139][T14713] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.903735][T14716] bond1: (slave bridge1): making interface the new active one
[  342.929567][T14716] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  343.177691][T14728] netlink: 'syz.3.3418': attribute type 1 has an invalid length.
[  343.350998][T14728] 8021q: adding VLAN 0 to HW filter on device bond2
[  343.475805][T14730] bond2: (slave bridge2): making interface the new active one
[  343.494853][T14730] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  343.701757][T14742] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3424'.
[  343.720534][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3423'.
[  343.860531][T14742] hsr_slave_1 (unregistering): left promiscuous mode
[  344.147530][T14748] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3426'.
[  344.237771][T14752] netlink: 'syz.3.3428': attribute type 10 has an invalid length.
[  344.303186][T14752] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  344.453380][T14756] dvmrp1: left allmulticast mode
[  344.781938][T14766] syz_tun: entered allmulticast mode
[  344.832809][T14766] dvmrp1: entered allmulticast mode
[  344.855163][T14765] syz_tun: left allmulticast mode
[  345.052781][T14774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3436'.
[  345.208199][T14780] netlink: 'syz.0.3439': attribute type 8 has an invalid length.
[  345.656963][T14795] syz_tun: entered allmulticast mode
[  345.693154][T14795] dvmrp1: entered allmulticast mode
[  345.724685][T14793] syz_tun: left allmulticast mode
[  346.340616][T14823] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3458'.
[  346.425421][T14826] syz_tun: entered allmulticast mode
[  346.525512][T14825] syz_tun: left allmulticast mode
[  346.611748][T14829] dvmrp1: left allmulticast mode
[  346.670207][T14836] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3463'.
[  347.330799][T14858] syz_tun: entered allmulticast mode
[  347.396114][T14858] dvmrp1: entered allmulticast mode
[  347.430114][T14862] bond0: (slave gretap0): Opening slave failed
[  347.455208][T14857] syz_tun: left allmulticast mode
[  348.291930][T14890] syz_tun: entered allmulticast mode
[  348.341706][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880541e3400: rx timeout, send abort
[  348.413717][T14889] syz_tun: left allmulticast mode
[  348.685051][T14905] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  348.813618][    C1] vcan0: j1939_tp_rxtimer: 0xffff888054a4a400: rx timeout, send abort
[  348.850339][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880541e3400: abort rx timeout. Force session deactivation
[  348.993999][T14912] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3497'.
[  349.257226][T14922] syz_tun: entered allmulticast mode
[  349.322143][    C1] vcan0: j1939_tp_rxtimer: 0xffff888054a4a400: abort rx timeout. Force session deactivation
[  349.341864][T14921] syz_tun: left allmulticast mode
[  350.784203][T14974] syzkaller0: entered promiscuous mode
[  350.792455][T14974] syzkaller0: entered allmulticast mode
[  351.087924][T14988] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  351.824939][T15016] syzkaller0: entered promiscuous mode
[  351.831806][T15016] syzkaller0: entered allmulticast mode
[  352.689294][T15050] syz_tun: entered allmulticast mode
[  352.736485][T15050] dvmrp1: entered allmulticast mode
[  352.988555][T15063] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3558'.
[  353.511624][T15083] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3567'.
[  353.534751][T15086] syz_tun: entered allmulticast mode
[  353.591041][T15086] dvmrp1: entered allmulticast mode
[  353.614207][T15084] syz_tun: left allmulticast mode
[  353.705290][T15089] pimreg: left allmulticast mode
[  355.074951][T15143] syzkaller0: entered promiscuous mode
[  355.085409][T15143] syzkaller0: entered allmulticast mode
[  356.305103][T15177] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  356.349600][T15179] netlink: 'syz.4.3608': attribute type 1 has an invalid length.
[  356.470576][T15179] 8021q: adding VLAN 0 to HW filter on device bond1
[  356.495147][T15188] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3608'.
[  356.547889][T15186] bond1: (slave bridge0): making interface the new active one
[  356.567850][T15186] bond1: (slave bridge0): Enslaving as an active interface with an up link
[  357.654780][T15229] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  357.681390][T15229] syzkaller0: entered promiscuous mode
[  357.719554][T15229] syzkaller0: entered allmulticast mode
[  358.858777][T15271] syz_tun: entered allmulticast mode
[  358.943322][T15271] dvmrp1: entered allmulticast mode
[  358.965508][T15269] syz_tun: left allmulticast mode
[  359.171317][T15280] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3650'.
[  359.352988][T15291] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3655'.
[  359.456635][T15292] syz_tun: left allmulticast mode
[  359.482352][T15292] dvmrp1: left allmulticast mode
[  359.572493][T15297] dvmrp1: left allmulticast mode
[  359.831978][T15304] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  360.366835][T15293] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3654'.
[  360.722991][T15324] bond0: (slave gretap0): Opening slave failed
[  360.857114][T15330] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  361.361573][T15344] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3673'.
[  361.490374][T15351] dvmrp1: left allmulticast mode
[  362.270484][T15371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3685'.
[  363.042968][T15405] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  363.273607][T15410] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3699'.
[  363.307283][T15410] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3699'.
[  363.609638][T15385] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3689'.
[  364.039000][T15433] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3703'.
[  364.077306][T15433] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3703'.
[  364.491062][T15449] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3710'.
[  365.098072][T15465] bond0: (slave gretap0): Opening slave failed
[  365.243846][T15470] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3719'.
[  365.314235][T15474] syz_tun: entered allmulticast mode
[  365.402312][T15474] dvmrp1: entered allmulticast mode
[  365.422978][T15477] pimreg: entered allmulticast mode
[  365.473982][T15477] pimreg: left allmulticast mode
[  365.560568][T15473] syz_tun: left allmulticast mode
[  365.664557][T15483] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3723'.
[  366.094011][T15501] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  366.259325][T15509] bond0: (slave gretap0): Opening slave failed
[  366.454376][T15517] bond0: (slave gretap0): Opening slave failed
[  366.735361][T15523] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3740'.
[  366.874049][T15525] pimreg: entered allmulticast mode
[  366.905826][T15525] pimreg: left allmulticast mode
[  367.483438][T15543] FAULT_INJECTION: forcing a failure.
[  367.483438][T15543] name failslab, interval 1, probability 0, space 0, times 0
[  367.516720][T15543] CPU: 1 UID: 0 PID: 15543 Comm: syz.0.3748 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  367.516752][T15543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  367.516764][T15543] Call Trace:
[  367.516772][T15543]  <TASK>
[  367.516781][T15543]  dump_stack_lvl+0x189/0x250
[  367.516812][T15543]  ? __pfx____ratelimit+0x10/0x10
[  367.516839][T15543]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.516862][T15543]  ? __pfx__printk+0x10/0x10
[  367.516892][T15543]  ? __lock_acquire+0xab9/0xd20
[  367.516932][T15543]  should_fail_ex+0x414/0x560
[  367.516965][T15543]  should_failslab+0xa8/0x100
[  367.516996][T15543]  kmem_cache_alloc_noprof+0x73/0x3c0
[  367.517021][T15543]  ? skb_clone+0x212/0x3a0
[  367.517047][T15543]  skb_clone+0x212/0x3a0
[  367.517073][T15543]  __netlink_deliver_tap+0x404/0x850
[  367.517117][T15543]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.517147][T15543]  netlink_deliver_tap+0x19c/0x1b0
[  367.517175][T15543]  netlink_unicast+0x7fa/0x9e0
[  367.517212][T15543]  ? __pfx_netlink_unicast+0x10/0x10
[  367.517241][T15543]  ? netlink_sendmsg+0x642/0xb30
[  367.517265][T15543]  ? skb_put+0x11b/0x210
[  367.517289][T15543]  netlink_sendmsg+0x805/0xb30
[  367.517329][T15543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.517361][T15543]  ? aa_sock_msg_perm+0xf1/0x1d0
[  367.517403][T15543]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  367.517424][T15543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.517453][T15543]  __sock_sendmsg+0x219/0x270
[  367.517482][T15543]  ____sys_sendmsg+0x505/0x830
[  367.517511][T15543]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.517543][T15543]  ? import_iovec+0x74/0xa0
[  367.517570][T15543]  ___sys_sendmsg+0x21f/0x2a0
[  367.517594][T15543]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.517657][T15543]  ? __fget_files+0x2a/0x420
[  367.517674][T15543]  ? __fget_files+0x3a0/0x420
[  367.517705][T15543]  __x64_sys_sendmsg+0x19b/0x260
[  367.517729][T15543]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.517763][T15543]  ? __pfx_ksys_write+0x10/0x10
[  367.517785][T15543]  ? rcu_is_watching+0x15/0xb0
[  367.517812][T15543]  ? do_syscall_64+0xbe/0x3b0
[  367.517844][T15543]  do_syscall_64+0xfa/0x3b0
[  367.517869][T15543]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.517894][T15543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.517915][T15543]  ? clear_bhb_loop+0x60/0xb0
[  367.517940][T15543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.517958][T15543] RIP: 0033:0x7f30ff78ebe9
[  367.517977][T15543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.517993][T15543] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.518014][T15543] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  367.518028][T15543] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  367.518040][T15543] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  367.518052][T15543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.518063][T15543] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  367.518098][T15543]  </TASK>
[  368.006300][T15551] syz_tun: entered allmulticast mode
[  368.125602][T15560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3757'.
[  368.140481][T15551] dvmrp1: entered allmulticast mode
[  368.173723][T15550] syz_tun: left allmulticast mode
[  368.805356][T15583] syzkaller0: entered promiscuous mode
[  368.832339][T15583] syzkaller0: entered allmulticast mode
[  369.241193][T15607] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3771'.
[  369.423613][T15612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3777'.
[  369.902915][T15639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3782'.
[  369.957965][T15639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3782'.
[  370.317675][T15657] FAULT_INJECTION: forcing a failure.
[  370.317675][T15657] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.334596][T15657] CPU: 0 UID: 0 PID: 15657 Comm: syz.0.3792 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  370.334627][T15657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  370.334639][T15657] Call Trace:
[  370.334646][T15657]  <TASK>
[  370.334655][T15657]  dump_stack_lvl+0x189/0x250
[  370.334683][T15657]  ? __pfx____ratelimit+0x10/0x10
[  370.334710][T15657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.334733][T15657]  ? __pfx__printk+0x10/0x10
[  370.334760][T15657]  ? __might_fault+0xb0/0x130
[  370.334800][T15657]  should_fail_ex+0x414/0x560
[  370.334831][T15657]  _copy_from_user+0x2d/0xb0
[  370.334853][T15657]  ___sys_sendmsg+0x158/0x2a0
[  370.334876][T15657]  ? __pfx____sys_sendmsg+0x10/0x10
[  370.334939][T15657]  ? __fget_files+0x2a/0x420
[  370.334955][T15657]  ? __fget_files+0x3a0/0x420
[  370.334985][T15657]  __x64_sys_sendmsg+0x19b/0x260
[  370.335008][T15657]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  370.335040][T15657]  ? __pfx_ksys_write+0x10/0x10
[  370.335062][T15657]  ? rcu_is_watching+0x15/0xb0
[  370.335087][T15657]  ? do_syscall_64+0xbe/0x3b0
[  370.335117][T15657]  do_syscall_64+0xfa/0x3b0
[  370.335140][T15657]  ? lockdep_hardirqs_on+0x9c/0x150
[  370.335165][T15657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.335183][T15657]  ? clear_bhb_loop+0x60/0xb0
[  370.335207][T15657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.335225][T15657] RIP: 0033:0x7f30ff78ebe9
[  370.335242][T15657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.335259][T15657] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.335281][T15657] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  370.335295][T15657] RDX: 0000000000000000 RSI: 0000200000000880 RDI: 0000000000000003
[  370.335307][T15657] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  370.335331][T15657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.335342][T15657] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  370.335375][T15657]  </TASK>
[  370.651906][T15660] syz_tun: entered promiscuous mode
[  370.664837][T15660] batadv_slave_0: entered promiscuous mode
[  371.386959][T15690] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3803'.
[  371.971199][T15716] bond0: (slave gretap0): Opening slave failed
[  372.211985][T15725] FAULT_INJECTION: forcing a failure.
[  372.211985][T15725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.225601][T15725] CPU: 0 UID: 0 PID: 15725 Comm: syz.3.3817 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  372.225631][T15725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  372.225642][T15725] Call Trace:
[  372.225651][T15725]  <TASK>
[  372.225659][T15725]  dump_stack_lvl+0x189/0x250
[  372.225689][T15725]  ? __pfx____ratelimit+0x10/0x10
[  372.225714][T15725]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.225737][T15725]  ? __pfx__printk+0x10/0x10
[  372.225764][T15725]  ? __might_fault+0xb0/0x130
[  372.225802][T15725]  should_fail_ex+0x414/0x560
[  372.225834][T15725]  _copy_from_user+0x2d/0xb0
[  372.225858][T15725]  ___sys_sendmsg+0x158/0x2a0
[  372.225881][T15725]  ? __pfx____sys_sendmsg+0x10/0x10
[  372.225945][T15725]  ? __fget_files+0x2a/0x420
[  372.225962][T15725]  ? __fget_files+0x3a0/0x420
[  372.225991][T15725]  __x64_sys_sendmsg+0x19b/0x260
[  372.226014][T15725]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  372.226047][T15725]  ? __pfx_ksys_write+0x10/0x10
[  372.226069][T15725]  ? rcu_is_watching+0x15/0xb0
[  372.226096][T15725]  ? do_syscall_64+0xbe/0x3b0
[  372.226128][T15725]  do_syscall_64+0xfa/0x3b0
[  372.226153][T15725]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.226178][T15725]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.226197][T15725]  ? clear_bhb_loop+0x60/0xb0
[  372.226221][T15725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.226240][T15725] RIP: 0033:0x7fea9958ebe9
[  372.226258][T15725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.226274][T15725] RSP: 002b:00007fea9a43a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  372.226297][T15725] RAX: ffffffffffffffda RBX: 00007fea997b5fa0 RCX: 00007fea9958ebe9
[  372.226311][T15725] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  372.226324][T15725] RBP: 00007fea9a43a090 R08: 0000000000000000 R09: 0000000000000000
[  372.226335][T15725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.226346][T15725] R13: 00007fea997b6038 R14: 00007fea997b5fa0 R15: 00007ffe358f0808
[  372.226380][T15725]  </TASK>
[  372.620293][T15732] syzkaller0: entered promiscuous mode
[  372.626007][T15732] syzkaller0: entered allmulticast mode
[  373.836352][T15753] FAULT_INJECTION: forcing a failure.
[  373.836352][T15753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.932322][T15753] CPU: 0 UID: 0 PID: 15753 Comm: syz.2.3826 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  373.932354][T15753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  373.932365][T15753] Call Trace:
[  373.932373][T15753]  <TASK>
[  373.932381][T15753]  dump_stack_lvl+0x189/0x250
[  373.932409][T15753]  ? __pfx____ratelimit+0x10/0x10
[  373.932434][T15753]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.932457][T15753]  ? __pfx__printk+0x10/0x10
[  373.932483][T15753]  ? __might_fault+0xb0/0x130
[  373.932522][T15753]  should_fail_ex+0x414/0x560
[  373.932552][T15753]  _copy_from_user+0x2d/0xb0
[  373.932574][T15753]  ___sys_sendmsg+0x158/0x2a0
[  373.932597][T15753]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.932658][T15753]  ? __fget_files+0x2a/0x420
[  373.932673][T15753]  ? __fget_files+0x3a0/0x420
[  373.932702][T15753]  __x64_sys_sendmsg+0x19b/0x260
[  373.932725][T15753]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  373.932755][T15753]  ? __pfx_ksys_write+0x10/0x10
[  373.932778][T15753]  ? rcu_is_watching+0x15/0xb0
[  373.932803][T15753]  ? do_syscall_64+0xbe/0x3b0
[  373.932834][T15753]  do_syscall_64+0xfa/0x3b0
[  373.932858][T15753]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.932882][T15753]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.932900][T15753]  ? clear_bhb_loop+0x60/0xb0
[  373.932923][T15753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.932940][T15753] RIP: 0033:0x7f9ef958ebe9
[  373.932957][T15753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.932973][T15753] RSP: 002b:00007f9efa464038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.932995][T15753] RAX: ffffffffffffffda RBX: 00007f9ef97b5fa0 RCX: 00007f9ef958ebe9
[  373.933007][T15753] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000004
[  373.933019][T15753] RBP: 00007f9efa464090 R08: 0000000000000000 R09: 0000000000000000
[  373.933031][T15753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.933042][T15753] R13: 00007f9ef97b6038 R14: 00007f9ef97b5fa0 R15: 00007fff9a8a68e8
[  373.933074][T15753]  </TASK>
[  377.679449][T15759] v: renamed from ip6_vti0 (while UP)
[  378.931305][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  381.061978][T15797] FAULT_INJECTION: forcing a failure.
[  381.061978][T15797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  381.175801][T15797] CPU: 0 UID: 0 PID: 15797 Comm: syz.4.3840 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  381.175834][T15797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  381.175846][T15797] Call Trace:
[  381.175854][T15797]  <TASK>
[  381.175864][T15797]  dump_stack_lvl+0x189/0x250
[  381.175891][T15797]  ? __pfx____ratelimit+0x10/0x10
[  381.175917][T15797]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.175939][T15797]  ? __pfx__printk+0x10/0x10
[  381.175966][T15797]  ? __might_fault+0xb0/0x130
[  381.176005][T15797]  should_fail_ex+0x414/0x560
[  381.176035][T15797]  _copy_from_iter+0x1db/0x16f0
[  381.176064][T15797]  ? __lock_acquire+0xab9/0xd20
[  381.176093][T15797]  ? __pfx__copy_from_iter+0x10/0x10
[  381.176124][T15797]  ? page_copy_sane+0x4e/0x280
[  381.176144][T15797]  copy_page_from_iter+0xdd/0x170
[  381.176169][T15797]  tun_get_user+0x1d7b/0x3e20
[  381.176195][T15797]  ? tun_get_user+0x6f6/0x3e20
[  381.176222][T15797]  ? aa_file_perm+0x44d/0x1550
[  381.176240][T15797]  ? __pfx_tun_get_user+0x10/0x10
[  381.176254][T15797]  ? _parse_integer_limit+0x1ae/0x1f0
[  381.176287][T15797]  ? __lock_acquire+0xab9/0xd20
[  381.176317][T15797]  ? ref_tracker_alloc+0x318/0x460
[  381.176339][T15797]  ? __lock_acquire+0xab9/0xd20
[  381.176367][T15797]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  381.176399][T15797]  ? tun_get+0x1c/0x2f0
[  381.176423][T15797]  ? tun_get+0x1c/0x2f0
[  381.176448][T15797]  ? tun_get+0x1c/0x2f0
[  381.176471][T15797]  tun_chr_write_iter+0x113/0x200
[  381.176508][T15797]  vfs_write+0x5c6/0xb30
[  381.176539][T15797]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  381.176568][T15797]  ? __pfx_vfs_write+0x10/0x10
[  381.176604][T15797]  ? __fget_files+0x2a/0x420
[  381.176632][T15797]  ksys_write+0x145/0x250
[  381.176668][T15797]  ? __pfx_ksys_write+0x10/0x10
[  381.176690][T15797]  ? rcu_is_watching+0x15/0xb0
[  381.176714][T15797]  ? do_syscall_64+0xbe/0x3b0
[  381.176745][T15797]  do_syscall_64+0xfa/0x3b0
[  381.176769][T15797]  ? lockdep_hardirqs_on+0x9c/0x150
[  381.176793][T15797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.176811][T15797]  ? clear_bhb_loop+0x60/0xb0
[  381.176841][T15797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.176859][T15797] RIP: 0033:0x7eff3698d69f
[  381.176876][T15797] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  381.176892][T15797] RSP: 002b:00007eff377a1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  381.176912][T15797] RAX: ffffffffffffffda RBX: 00007eff36bb5fa0 RCX: 00007eff3698d69f
[  381.176924][T15797] RDX: 000000000000004a RSI: 0000200000000300 RDI: 00000000000000c8
[  381.176937][T15797] RBP: 00007eff377a1090 R08: 0000000000000000 R09: 0000000000000000
[  381.176948][T15797] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  381.176959][T15797] R13: 00007eff36bb6038 R14: 00007eff36bb5fa0 R15: 00007fff846f9fa8
[  381.176992][T15797]  </TASK>
[  381.456357][T15795] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  386.559222][T15839] syz_tun: entered allmulticast mode
[  386.664626][T15838] syz_tun: left allmulticast mode
[  387.088676][T15866] pimreg: entered allmulticast mode
[  387.145622][T15868] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  387.169438][T15868] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3865'.
[  387.330250][T15876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3869'.
[  387.425905][T15879] FAULT_INJECTION: forcing a failure.
[  387.425905][T15879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.466795][T15879] CPU: 1 UID: 0 PID: 15879 Comm: syz.2.3870 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  387.466827][T15879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  387.466838][T15879] Call Trace:
[  387.466846][T15879]  <TASK>
[  387.466855][T15879]  dump_stack_lvl+0x189/0x250
[  387.466886][T15879]  ? __pfx____ratelimit+0x10/0x10
[  387.466913][T15879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  387.466937][T15879]  ? __pfx__printk+0x10/0x10
[  387.466965][T15879]  ? __might_fault+0xb0/0x130
[  387.467006][T15879]  should_fail_ex+0x414/0x560
[  387.467038][T15879]  _copy_from_user+0x2d/0xb0
[  387.467062][T15879]  ___sys_sendmsg+0x158/0x2a0
[  387.467088][T15879]  ? __pfx____sys_sendmsg+0x10/0x10
[  387.467152][T15879]  ? __fget_files+0x2a/0x420
[  387.467169][T15879]  ? __fget_files+0x3a0/0x420
[  387.467198][T15879]  __x64_sys_sendmsg+0x19b/0x260
[  387.467221][T15879]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  387.467254][T15879]  ? __pfx_ksys_write+0x10/0x10
[  387.467277][T15879]  ? rcu_is_watching+0x15/0xb0
[  387.467303][T15879]  ? do_syscall_64+0xbe/0x3b0
[  387.467335][T15879]  do_syscall_64+0xfa/0x3b0
[  387.467356][T15879]  ? lockdep_hardirqs_on+0x9c/0x150
[  387.467380][T15879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.467399][T15879]  ? clear_bhb_loop+0x60/0xb0
[  387.467422][T15879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.467449][T15879] RIP: 0033:0x7f9ef958ebe9
[  387.467467][T15879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.467484][T15879] RSP: 002b:00007f9efa464038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.467506][T15879] RAX: ffffffffffffffda RBX: 00007f9ef97b5fa0 RCX: 00007f9ef958ebe9
[  387.467519][T15879] RDX: 0000000024044000 RSI: 0000200000000880 RDI: 0000000000000003
[  387.467532][T15879] RBP: 00007f9efa464090 R08: 0000000000000000 R09: 0000000000000000
[  387.467544][T15879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.467556][T15879] R13: 00007f9ef97b6038 R14: 00007f9ef97b5fa0 R15: 00007fff9a8a68e8
[  387.467590][T15879]  </TASK>
[  387.481292][T15881] syz_tun: entered allmulticast mode
[  387.801364][T15880] syz_tun: left allmulticast mode
[  388.556314][T15909] tun0: tun_chr_ioctl cmd 2147767520
[  388.623916][T15909] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3879'.
[  388.663712][T15877] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3868'.
[  388.954845][T15920] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3882'.
[  389.318563][T15931] syz_tun: entered allmulticast mode
[  389.428265][T15928] syz_tun: left allmulticast mode
[  389.521268][T15936] IPVS: set_ctl: invalid protocol: 58 0.0.0.0:20131
[  389.667688][T15945] FAULT_INJECTION: forcing a failure.
[  389.667688][T15945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.692180][T15945] CPU: 0 UID: 0 PID: 15945 Comm: syz.4.3891 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  389.692212][T15945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  389.692224][T15945] Call Trace:
[  389.692231][T15945]  <TASK>
[  389.692240][T15945]  dump_stack_lvl+0x189/0x250
[  389.692268][T15945]  ? __pfx____ratelimit+0x10/0x10
[  389.692296][T15945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.692319][T15945]  ? __pfx__printk+0x10/0x10
[  389.692345][T15945]  ? __might_fault+0xb0/0x130
[  389.692385][T15945]  should_fail_ex+0x414/0x560
[  389.692415][T15945]  _copy_from_user+0x2d/0xb0
[  389.692438][T15945]  ___sys_sendmsg+0x158/0x2a0
[  389.692461][T15945]  ? __pfx____sys_sendmsg+0x10/0x10
[  389.692531][T15945]  ? __fget_files+0x2a/0x420
[  389.692547][T15945]  ? __fget_files+0x3a0/0x420
[  389.692576][T15945]  __x64_sys_sendmsg+0x19b/0x260
[  389.692600][T15945]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  389.692632][T15945]  ? __pfx_ksys_write+0x10/0x10
[  389.692664][T15945]  ? do_syscall_64+0xbe/0x3b0
[  389.692695][T15945]  do_syscall_64+0xfa/0x3b0
[  389.692719][T15945]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.692744][T15945]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.692763][T15945]  ? clear_bhb_loop+0x60/0xb0
[  389.692787][T15945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.692805][T15945] RIP: 0033:0x7eff3698ebe9
[  389.692822][T15945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.692839][T15945] RSP: 002b:00007eff37780038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  389.692860][T15945] RAX: ffffffffffffffda RBX: 00007eff36bb6090 RCX: 00007eff3698ebe9
[  389.692874][T15945] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  389.692886][T15945] RBP: 00007eff37780090 R08: 0000000000000000 R09: 0000000000000000
[  389.692897][T15945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.692909][T15945] R13: 00007eff36bb6128 R14: 00007eff36bb6090 R15: 00007fff846f9fa8
[  389.692942][T15945]  </TASK>
[  390.055013][T15950] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3893'.
[  390.233555][T15952] dvmrp1: left allmulticast mode
[  391.030960][T15984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3907'.
[  391.210548][T15996] pimreg: entered allmulticast mode
[  391.257026][T15996] pimreg: left allmulticast mode
[  392.369738][T16044] syz_tun: entered allmulticast mode
[  393.256317][T16024] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3918'.
[  393.608765][T16056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3929'.
[  393.814191][T16081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3938'.
[  394.070524][T16086] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3939'.
[  394.247368][T16086] vlan2: entered promiscuous mode
[  394.253006][T16086] macvtap0: entered promiscuous mode
[  395.658140][T16128] tipc: Started in network mode
[  395.663184][T16128] tipc: Node identity e21940c6f18c, cluster identity 4711
[  395.672797][T16128] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  395.705552][T16124] syzkaller0: entered promiscuous mode
[  395.734110][T16124] syzkaller0: entered allmulticast mode
[  395.839854][T16124] tipc: Resetting bearer <eth:syzkaller0>
[  396.264666][T16144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3961'.
[  396.330845][T16123] tipc: Resetting bearer <eth:syzkaller0>
[  396.369032][T16123] tipc: Disabling bearer <eth:syzkaller0>
[  396.729636][T16159] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3968'.
[  396.773421][T16159] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  397.109038][T16180] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3977'.
[  397.937184][T16205] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3987'.
[  397.946385][T16205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3987'.
[  397.988801][ T5942] IPVS: starting estimator thread 0...
[  398.108528][T16221] IPVS: using max 25 ests per chain, 60000 per kthread
[  398.430130][T16241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3997'.
[  399.228201][T16260] netlink: 'syz.2.4006': attribute type 21 has an invalid length.
[  399.474505][T16267] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4009'.
[  400.513889][T16306] FAULT_INJECTION: forcing a failure.
[  400.513889][T16306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.531131][T16306] CPU: 0 UID: 0 PID: 16306 Comm: syz.3.4022 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  400.531162][T16306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  400.531174][T16306] Call Trace:
[  400.531182][T16306]  <TASK>
[  400.531190][T16306]  dump_stack_lvl+0x189/0x250
[  400.531220][T16306]  ? __pfx____ratelimit+0x10/0x10
[  400.531243][T16306]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.531263][T16306]  ? __pfx__printk+0x10/0x10
[  400.531287][T16306]  ? __might_fault+0xb0/0x130
[  400.531339][T16306]  should_fail_ex+0x414/0x560
[  400.531369][T16306]  _copy_from_user+0x2d/0xb0
[  400.531392][T16306]  ___sys_sendmsg+0x158/0x2a0
[  400.531416][T16306]  ? __pfx____sys_sendmsg+0x10/0x10
[  400.531477][T16306]  ? __fget_files+0x2a/0x420
[  400.531493][T16306]  ? __fget_files+0x3a0/0x420
[  400.531521][T16306]  __x64_sys_sendmsg+0x19b/0x260
[  400.531545][T16306]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  400.531577][T16306]  ? __pfx_ksys_write+0x10/0x10
[  400.531609][T16306]  ? do_syscall_64+0xbe/0x3b0
[  400.531640][T16306]  do_syscall_64+0xfa/0x3b0
[  400.531665][T16306]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.531688][T16306]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.531705][T16306]  ? clear_bhb_loop+0x60/0xb0
[  400.531726][T16306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.531744][T16306] RIP: 0033:0x7fea9958ebe9
[  400.531760][T16306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.531775][T16306] RSP: 002b:00007fea9a419038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.531797][T16306] RAX: ffffffffffffffda RBX: 00007fea997b6090 RCX: 00007fea9958ebe9
[  400.531811][T16306] RDX: 0000000000044101 RSI: 0000200000000000 RDI: 0000000000000003
[  400.531824][T16306] RBP: 00007fea9a419090 R08: 0000000000000000 R09: 0000000000000000
[  400.531836][T16306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.531847][T16306] R13: 00007fea997b6128 R14: 00007fea997b6090 R15: 00007ffe358f0808
[  400.531879][T16306]  </TASK>
[  400.811263][T16287] FAULT_INJECTION: forcing a failure.
[  400.811263][T16287] name fail_futex, interval 1, probability 0, space 0, times 1
[  400.826392][T16287] CPU: 1 UID: 0 PID: 16287 Comm: syz.1.4016 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  400.826423][T16287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  400.826435][T16287] Call Trace:
[  400.826443][T16287]  <TASK>
[  400.826452][T16287]  dump_stack_lvl+0x189/0x250
[  400.826485][T16287]  ? __pfx____ratelimit+0x10/0x10
[  400.826511][T16287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.826534][T16287]  ? __pfx__printk+0x10/0x10
[  400.826562][T16287]  ? __pfx___schedule+0x10/0x10
[  400.826597][T16287]  should_fail_ex+0x414/0x560
[  400.826628][T16287]  get_futex_key+0x1a8/0x1660
[  400.826651][T16287]  ? look_up_lock_class+0x74/0x170
[  400.826685][T16287]  ? __pfx_get_futex_key+0x10/0x10
[  400.826706][T16287]  ? __lock_acquire+0xab9/0xd20
[  400.826747][T16287]  futex_wake+0xf8/0x560
[  400.826773][T16287]  ? __pfx___mutex_trylock_common+0x10/0x10
[  400.826799][T16287]  ? __pfx_futex_wake+0x10/0x10
[  400.826829][T16287]  ? __lock_acquire+0xab9/0xd20
[  400.826869][T16287]  do_futex+0x395/0x420
[  400.826899][T16287]  ? __pfx_do_futex+0x10/0x10
[  400.826927][T16287]  ? __might_fault+0xb0/0x130
[  400.826957][T16287]  mm_release+0x188/0x390
[  400.826978][T16287]  ? __pfx_mm_release+0x10/0x10
[  400.826996][T16287]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.827034][T16287]  exit_mm+0xa8/0x2c0
[  400.827062][T16287]  ? __pfx_exit_mm+0x10/0x10
[  400.827089][T16287]  ? rcu_is_watching+0x15/0xb0
[  400.827114][T16287]  do_exit+0x648/0x2300
[  400.827146][T16287]  ? do_raw_spin_lock+0x121/0x290
[  400.827172][T16287]  ? __pfx_do_exit+0x10/0x10
[  400.827193][T16287]  ? __local_bh_enable_ip+0x12d/0x1c0
[  400.827233][T16287]  do_group_exit+0x21c/0x2d0
[  400.827268][T16287]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.827296][T16287]  get_signal+0x1286/0x1340
[  400.827340][T16287]  arch_do_signal_or_restart+0x9a/0x750
[  400.827370][T16287]  ? __fget_files+0x3a0/0x420
[  400.827393][T16287]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  400.827441][T16287]  ? exit_to_user_mode_loop+0x40/0x110
[  400.827472][T16287]  exit_to_user_mode_loop+0x75/0x110
[  400.827498][T16287]  do_syscall_64+0x2bd/0x3b0
[  400.827523][T16287]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.827547][T16287]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.827566][T16287]  ? clear_bhb_loop+0x60/0xb0
[  400.827591][T16287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.827609][T16287] RIP: 0033:0x7fc17998ebe9
[  400.827626][T16287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.827642][T16287] RSP: 002b:00007fc17a852038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  400.827664][T16287] RAX: fffffffffffffe00 RBX: 00007fc179bb5fa0 RCX: 00007fc17998ebe9
[  400.827678][T16287] RDX: 994b6e03113064ae RSI: 0000200000000700 RDI: 0000000000000003
[  400.827691][T16287] RBP: 00007fc17a852090 R08: 0000000000000000 R09: 0000000000000000
[  400.827703][T16287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.827714][T16287] R13: 00007fc179bb6038 R14: 00007fc179bb5fa0 R15: 00007ffe582e8608
[  400.827746][T16287]  </TASK>
[  401.221374][T16311] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  401.229690][T16311] syzkaller0: entered promiscuous mode
[  401.235208][T16311] syzkaller0: entered allmulticast mode
[  401.246442][T16311] tipc: Resetting bearer <eth:syzkaller0>
[  401.262548][T16310] tipc: Resetting bearer <eth:syzkaller0>
[  401.301402][T16310] tipc: Disabling bearer <eth:syzkaller0>
[  401.498448][T16321] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4030'.
[  401.610965][T16325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4029'.
[  401.704077][T16325] team0: Port device team_slave_0 removed
[  401.741985][T16330] pimreg: entered allmulticast mode
[  401.761289][T16330] pimreg: left allmulticast mode
[  402.129210][T16345] FAULT_INJECTION: forcing a failure.
[  402.129210][T16345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.144214][T16345] CPU: 1 UID: 0 PID: 16345 Comm: syz.1.4038 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  402.144246][T16345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  402.144257][T16345] Call Trace:
[  402.144265][T16345]  <TASK>
[  402.144274][T16345]  dump_stack_lvl+0x189/0x250
[  402.144304][T16345]  ? __pfx____ratelimit+0x10/0x10
[  402.144331][T16345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.144354][T16345]  ? __pfx__printk+0x10/0x10
[  402.144380][T16345]  ? __might_fault+0xb0/0x130
[  402.144419][T16345]  should_fail_ex+0x414/0x560
[  402.144451][T16345]  _copy_from_user+0x2d/0xb0
[  402.144473][T16345]  __sys_bpf+0x1ed/0x870
[  402.144502][T16345]  ? __pfx___sys_bpf+0x10/0x10
[  402.144542][T16345]  ? ksys_write+0x22a/0x250
[  402.144571][T16345]  ? __pfx_ksys_write+0x10/0x10
[  402.144591][T16345]  ? rcu_is_watching+0x15/0xb0
[  402.144619][T16345]  __x64_sys_bpf+0x7c/0x90
[  402.144642][T16345]  do_syscall_64+0xfa/0x3b0
[  402.144666][T16345]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.144690][T16345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.144709][T16345]  ? clear_bhb_loop+0x60/0xb0
[  402.144732][T16345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.144750][T16345] RIP: 0033:0x7fc17998ebe9
[  402.144768][T16345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.144784][T16345] RSP: 002b:00007fc17a852038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  402.144805][T16345] RAX: ffffffffffffffda RBX: 00007fc179bb5fa0 RCX: 00007fc17998ebe9
[  402.144818][T16345] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000008
[  402.144831][T16345] RBP: 00007fc17a852090 R08: 0000000000000000 R09: 0000000000000000
[  402.144842][T16345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.144853][T16345] R13: 00007fc179bb6038 R14: 00007fc179bb5fa0 R15: 00007ffe582e8608
[  402.144887][T16345]  </TASK>
[  402.533234][T16351] FAULT_INJECTION: forcing a failure.
[  402.533234][T16351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.557123][T16351] CPU: 1 UID: 0 PID: 16351 Comm: syz.4.4041 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  402.557154][T16351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  402.557165][T16351] Call Trace:
[  402.557172][T16351]  <TASK>
[  402.557181][T16351]  dump_stack_lvl+0x189/0x250
[  402.557266][T16351]  ? __pfx____ratelimit+0x10/0x10
[  402.557295][T16351]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.557318][T16351]  ? __pfx__printk+0x10/0x10
[  402.557345][T16351]  ? __might_fault+0xb0/0x130
[  402.557384][T16351]  should_fail_ex+0x414/0x560
[  402.557416][T16351]  _copy_from_user+0x2d/0xb0
[  402.557439][T16351]  get_timespec64+0x8e/0x1a0
[  402.557466][T16351]  ? __pfx_get_timespec64+0x10/0x10
[  402.557503][T16351]  __x64_sys_recvmmsg+0x143/0x240
[  402.557529][T16351]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  402.557546][T16351]  ? rcu_is_watching+0x15/0xb0
[  402.557570][T16351]  ? do_syscall_64+0xbe/0x3b0
[  402.557617][T16351]  do_syscall_64+0xfa/0x3b0
[  402.557641][T16351]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.557666][T16351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.557685][T16351]  ? clear_bhb_loop+0x60/0xb0
[  402.557710][T16351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.557728][T16351] RIP: 0033:0x7eff3698ebe9
[  402.557746][T16351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.557762][T16351] RSP: 002b:00007eff377a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  402.557784][T16351] RAX: ffffffffffffffda RBX: 00007eff36bb5fa0 RCX: 00007eff3698ebe9
[  402.557798][T16351] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  402.557811][T16351] RBP: 00007eff377a1090 R08: 0000200000003700 R09: 0000000000000000
[  402.557823][T16351] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  402.557835][T16351] R13: 00007eff36bb6038 R14: 00007eff36bb5fa0 R15: 00007fff846f9fa8
[  402.557868][T16351]  </TASK>
[  403.020159][T16367] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4047'.
[  403.070395][T16367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  403.235704][T16373] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4047'.
[  403.285842][T16373] openvswitch: netlink: Flow key attr not present in new flow.
[  403.349295][T16367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  403.477859][T16378] FAULT_INJECTION: forcing a failure.
[  403.477859][T16378] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.503204][T16378] CPU: 0 UID: 0 PID: 16378 Comm: syz.3.4051 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  403.503241][T16378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  403.503253][T16378] Call Trace:
[  403.503260][T16378]  <TASK>
[  403.503269][T16378]  dump_stack_lvl+0x189/0x250
[  403.503298][T16378]  ? __pfx____ratelimit+0x10/0x10
[  403.503322][T16378]  ? __pfx_dump_stack_lvl+0x10/0x10
[  403.503344][T16378]  ? __pfx__printk+0x10/0x10
[  403.503370][T16378]  ? __might_fault+0xb0/0x130
[  403.503406][T16378]  should_fail_ex+0x414/0x560
[  403.503436][T16378]  _copy_from_user+0x2d/0xb0
[  403.503457][T16378]  ___sys_sendmsg+0x158/0x2a0
[  403.503479][T16378]  ? __pfx____sys_sendmsg+0x10/0x10
[  403.503542][T16378]  ? __fget_files+0x2a/0x420
[  403.503559][T16378]  ? __fget_files+0x3a0/0x420
[  403.503589][T16378]  __x64_sys_sendmsg+0x19b/0x260
[  403.503613][T16378]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  403.503644][T16378]  ? __pfx_ksys_write+0x10/0x10
[  403.503666][T16378]  ? rcu_is_watching+0x15/0xb0
[  403.503692][T16378]  ? do_syscall_64+0xbe/0x3b0
[  403.503723][T16378]  do_syscall_64+0xfa/0x3b0
[  403.503748][T16378]  ? lockdep_hardirqs_on+0x9c/0x150
[  403.503772][T16378]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.503790][T16378]  ? clear_bhb_loop+0x60/0xb0
[  403.503814][T16378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.503861][T16378] RIP: 0033:0x7fea9958ebe9
[  403.503879][T16378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.503896][T16378] RSP: 002b:00007fea9a43a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.503918][T16378] RAX: ffffffffffffffda RBX: 00007fea997b5fa0 RCX: 00007fea9958ebe9
[  403.503933][T16378] RDX: 0000000000048000 RSI: 0000200000000300 RDI: 0000000000000003
[  403.503946][T16378] RBP: 00007fea9a43a090 R08: 0000000000000000 R09: 0000000000000000
[  403.503957][T16378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.503969][T16378] R13: 00007fea997b6038 R14: 00007fea997b5fa0 R15: 00007ffe358f0808
[  403.504000][T16378]  </TASK>
[  404.333650][T16414] netlink: 'syz.1.4062': attribute type 21 has an invalid length.
[  404.366732][T16414] netlink: 'syz.1.4062': attribute type 1 has an invalid length.
[  404.377482][T16414] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4062'.
[  405.571356][T16468] syz_tun: entered allmulticast mode
[  405.578653][T16468] syz_tun: left allmulticast mode
[  405.795597][T16480] FAULT_INJECTION: forcing a failure.
[  405.795597][T16480] name failslab, interval 1, probability 0, space 0, times 0
[  405.835167][T16480] CPU: 1 UID: 0 PID: 16480 Comm: syz.3.4086 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  405.835200][T16480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  405.835212][T16480] Call Trace:
[  405.835220][T16480]  <TASK>
[  405.835229][T16480]  dump_stack_lvl+0x189/0x250
[  405.835268][T16480]  ? __pfx____ratelimit+0x10/0x10
[  405.835295][T16480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.835319][T16480]  ? __pfx__printk+0x10/0x10
[  405.835354][T16480]  ? __pfx___might_resched+0x10/0x10
[  405.835379][T16480]  should_fail_ex+0x414/0x560
[  405.835411][T16480]  should_failslab+0xa8/0x100
[  405.835442][T16480]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  405.835469][T16480]  ? __alloc_skb+0x112/0x2d0
[  405.835503][T16480]  __alloc_skb+0x112/0x2d0
[  405.835534][T16480]  __ip6_append_data+0x2c16/0x3f30
[  405.835558][T16480]  ? __lock_acquire+0xab9/0xd20
[  405.835612][T16480]  ? __pfx_raw6_getfrag+0x10/0x10
[  405.835665][T16480]  ? __pfx___ip6_append_data+0x10/0x10
[  405.835687][T16480]  ? __pfx_ip6_mtu+0x10/0x10
[  405.835723][T16480]  ip6_append_data+0x1c4/0x380
[  405.835753][T16480]  ? __pfx_raw6_getfrag+0x10/0x10
[  405.835784][T16480]  rawv6_sendmsg+0x127a/0x1820
[  405.835834][T16480]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  405.835871][T16480]  ? __lock_acquire+0xab9/0xd20
[  405.835916][T16480]  ? __pfx_aa_sk_perm+0x10/0x10
[  405.835950][T16480]  ? sock_rps_record_flow+0x19/0x410
[  405.835977][T16480]  ? inet_sendmsg+0x2f4/0x370
[  405.835997][T16480]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  405.836022][T16480]  __sock_sendmsg+0x19c/0x270
[  405.836050][T16480]  sock_write_iter+0x258/0x330
[  405.836077][T16480]  ? __pfx_sock_write_iter+0x10/0x10
[  405.836126][T16480]  do_iter_readv_writev+0x61c/0x8b0
[  405.836166][T16480]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  405.836191][T16480]  ? common_file_perm+0x1b5/0x230
[  405.836226][T16480]  ? bpf_lsm_file_permission+0x9/0x20
[  405.836256][T16480]  ? security_file_permission+0x75/0x290
[  405.836283][T16480]  ? rw_verify_area+0x255/0x4d0
[  405.836313][T16480]  vfs_writev+0x31a/0x960
[  405.836338][T16480]  ? __lock_acquire+0xab9/0xd20
[  405.836368][T16480]  ? __pfx_vfs_writev+0x10/0x10
[  405.836406][T16480]  ? __fget_files+0x2a/0x420
[  405.836430][T16480]  ? __fget_files+0x3a0/0x420
[  405.836445][T16480]  ? __fget_files+0x2a/0x420
[  405.836472][T16480]  do_writev+0x14d/0x2d0
[  405.836492][T16480]  ? __pfx_do_writev+0x10/0x10
[  405.836507][T16480]  ? rcu_is_watching+0x15/0xb0
[  405.836532][T16480]  ? do_syscall_64+0xbe/0x3b0
[  405.836565][T16480]  do_syscall_64+0xfa/0x3b0
[  405.836589][T16480]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.836613][T16480]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.836632][T16480]  ? clear_bhb_loop+0x60/0xb0
[  405.836656][T16480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.836673][T16480] RIP: 0033:0x7fea9958ebe9
[  405.836691][T16480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.836708][T16480] RSP: 002b:00007fea9a43a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  405.836730][T16480] RAX: ffffffffffffffda RBX: 00007fea997b5fa0 RCX: 00007fea9958ebe9
[  405.836744][T16480] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  405.836756][T16480] RBP: 00007fea9a43a090 R08: 0000000000000000 R09: 0000000000000000
[  405.836769][T16480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.836781][T16480] R13: 00007fea997b6038 R14: 00007fea997b5fa0 R15: 00007ffe358f0808
[  405.836816][T16480]  </TASK>
[  409.477119][T16551] netlink: 248 bytes leftover after parsing attributes in process `syz.3.4109'.
[  409.508893][T16601] bond0: (slave gretap0): Opening slave failed
[  410.067349][T16620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4131'.
[  410.112623][T16624] FAULT_INJECTION: forcing a failure.
[  410.112623][T16624] name failslab, interval 1, probability 0, space 0, times 0
[  410.131389][T16624] CPU: 0 UID: 0 PID: 16624 Comm: syz.0.4133 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  410.131421][T16624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  410.131432][T16624] Call Trace:
[  410.131441][T16624]  <TASK>
[  410.131449][T16624]  dump_stack_lvl+0x189/0x250
[  410.131478][T16624]  ? __pfx____ratelimit+0x10/0x10
[  410.131506][T16624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.131529][T16624]  ? __pfx__printk+0x10/0x10
[  410.131564][T16624]  ? __pfx___might_resched+0x10/0x10
[  410.131583][T16624]  ? fs_reclaim_acquire+0x7d/0x100
[  410.131617][T16624]  should_fail_ex+0x414/0x560
[  410.131650][T16624]  should_failslab+0xa8/0x100
[  410.131678][T16624]  __kmalloc_noprof+0xcb/0x4f0
[  410.131701][T16624]  ? kfree+0x4d/0x440
[  410.131721][T16624]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  410.131746][T16624]  tomoyo_realpath_from_path+0xe3/0x5d0
[  410.131768][T16624]  ? tomoyo_domain+0xd9/0x130
[  410.131804][T16624]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  410.131830][T16624]  tomoyo_path_number_perm+0x1e8/0x5a0
[  410.131861][T16624]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  410.131908][T16624]  ? __lock_acquire+0xab9/0xd20
[  410.131961][T16624]  ? __fget_files+0x2a/0x420
[  410.131981][T16624]  ? __fget_files+0x2a/0x420
[  410.131997][T16624]  ? __fget_files+0x3a0/0x420
[  410.132013][T16624]  ? __fget_files+0x2a/0x420
[  410.132035][T16624]  security_file_ioctl+0xcb/0x2d0
[  410.132064][T16624]  __se_sys_ioctl+0x47/0x170
[  410.132091][T16624]  do_syscall_64+0xfa/0x3b0
[  410.132116][T16624]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.132141][T16624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.132160][T16624]  ? clear_bhb_loop+0x60/0xb0
[  410.132183][T16624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.132199][T16624] RIP: 0033:0x7f30ff78ebe9
[  410.132217][T16624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.132242][T16624] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  410.132265][T16624] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  410.132279][T16624] RDX: 0000200000000340 RSI: 00000000400454d9 RDI: 0000000000000005
[  410.132292][T16624] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  410.132304][T16624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.132315][T16624] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  410.132350][T16624]  </TASK>
[  410.132734][T16624] ERROR: Out of memory at tomoyo_realpath_from_path.
[  410.403082][T16629] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  410.983899][T16645] netlink: 'syz.2.4138': attribute type 10 has an invalid length.
[  411.041744][T16648] netlink: 'syz.2.4138': attribute type 10 has an invalid length.
[  411.139474][T16645] team0: Port device dummy0 added
[  411.213721][T16650] bond0: (slave gretap0): Opening slave failed
[  411.291333][T16648] team0: Port device dummy0 removed
[  411.353717][T16648] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  411.454392][T16663] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4146'.
[  411.799563][T16672] netlink: 'syz.3.4150': attribute type 3 has an invalid length.
[  411.858248][T16672] netlink: 'syz.3.4150': attribute type 1 has an invalid length.
[  411.881047][T16672] netlink: 192 bytes leftover after parsing attributes in process `syz.3.4150'.
[  411.923161][T16672] NCSI netlink: No device for ifindex 0
[  412.193670][T16695] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4159'.
[  412.197372][T16697] FAULT_INJECTION: forcing a failure.
[  412.197372][T16697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.221334][T16697] CPU: 0 UID: 0 PID: 16697 Comm: syz.0.4160 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  412.221366][T16697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  412.221377][T16697] Call Trace:
[  412.221391][T16697]  <TASK>
[  412.221400][T16697]  dump_stack_lvl+0x189/0x250
[  412.221427][T16697]  ? __pfx____ratelimit+0x10/0x10
[  412.221452][T16697]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.221474][T16697]  ? __pfx__printk+0x10/0x10
[  412.221500][T16697]  ? __might_fault+0xb0/0x130
[  412.221542][T16697]  should_fail_ex+0x414/0x560
[  412.221573][T16697]  _copy_from_user+0x2d/0xb0
[  412.221597][T16697]  ___sys_sendmsg+0x158/0x2a0
[  412.221619][T16697]  ? __pfx____sys_sendmsg+0x10/0x10
[  412.221683][T16697]  ? __fget_files+0x2a/0x420
[  412.221699][T16697]  ? __fget_files+0x3a0/0x420
[  412.221729][T16697]  __x64_sys_sendmsg+0x19b/0x260
[  412.221753][T16697]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  412.221785][T16697]  ? __pfx_ksys_write+0x10/0x10
[  412.221809][T16697]  ? rcu_is_watching+0x15/0xb0
[  412.221834][T16697]  ? do_syscall_64+0xbe/0x3b0
[  412.221866][T16697]  do_syscall_64+0xfa/0x3b0
[  412.221889][T16697]  ? lockdep_hardirqs_on+0x9c/0x150
[  412.221915][T16697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.221934][T16697]  ? clear_bhb_loop+0x60/0xb0
[  412.221978][T16697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.221996][T16697] RIP: 0033:0x7f30ff78ebe9
[  412.222016][T16697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.222032][T16697] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  412.222054][T16697] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  412.222069][T16697] RDX: 0000000000040000 RSI: 0000200000000e80 RDI: 0000000000000003
[  412.222082][T16697] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  412.222093][T16697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.222105][T16697] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  412.222147][T16697]  </TASK>
[  412.479517][T16701] netlink: 'syz.2.4163': attribute type 8 has an invalid length.
[  412.498167][T16702] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4161'.
[  413.352348][T16730] FAULT_INJECTION: forcing a failure.
[  413.352348][T16730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.426593][T16730] CPU: 0 UID: 0 PID: 16730 Comm: syz.4.4175 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  413.426625][T16730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  413.426637][T16730] Call Trace:
[  413.426646][T16730]  <TASK>
[  413.426655][T16730]  dump_stack_lvl+0x189/0x250
[  413.426689][T16730]  ? __pfx____ratelimit+0x10/0x10
[  413.426716][T16730]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.426738][T16730]  ? __pfx__printk+0x10/0x10
[  413.426764][T16730]  ? __might_fault+0xb0/0x130
[  413.426800][T16730]  should_fail_ex+0x414/0x560
[  413.426830][T16730]  _copy_from_user+0x2d/0xb0
[  413.426852][T16730]  ___sys_sendmsg+0x158/0x2a0
[  413.426875][T16730]  ? __pfx____sys_sendmsg+0x10/0x10
[  413.426936][T16730]  ? __fget_files+0x2a/0x420
[  413.426963][T16730]  ? __fget_files+0x3a0/0x420
[  413.426991][T16730]  __x64_sys_sendmsg+0x19b/0x260
[  413.427014][T16730]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  413.427044][T16730]  ? __pfx_ksys_write+0x10/0x10
[  413.427066][T16730]  ? rcu_is_watching+0x15/0xb0
[  413.427092][T16730]  ? do_syscall_64+0xbe/0x3b0
[  413.427122][T16730]  do_syscall_64+0xfa/0x3b0
[  413.427147][T16730]  ? lockdep_hardirqs_on+0x9c/0x150
[  413.427171][T16730]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.427189][T16730]  ? clear_bhb_loop+0x60/0xb0
[  413.427212][T16730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.427229][T16730] RIP: 0033:0x7eff3698ebe9
[  413.427247][T16730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.427262][T16730] RSP: 002b:00007eff377a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.427284][T16730] RAX: ffffffffffffffda RBX: 00007eff36bb5fa0 RCX: 00007eff3698ebe9
[  413.427297][T16730] RDX: 0000000000008844 RSI: 0000200000000080 RDI: 0000000000000003
[  413.427309][T16730] RBP: 00007eff377a1090 R08: 0000000000000000 R09: 0000000000000000
[  413.427320][T16730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.427331][T16730] R13: 00007eff36bb6038 R14: 00007eff36bb5fa0 R15: 00007fff846f9fa8
[  413.427363][T16730]  </TASK>
[  413.710209][T16733] FAULT_INJECTION: forcing a failure.
[  413.710209][T16733] name failslab, interval 1, probability 0, space 0, times 0
[  413.723477][T16733] CPU: 1 UID: 0 PID: 16733 Comm: syz.3.4168 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  413.723508][T16733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  413.723521][T16733] Call Trace:
[  413.723529][T16733]  <TASK>
[  413.723538][T16733]  dump_stack_lvl+0x189/0x250
[  413.723568][T16733]  ? __pfx____ratelimit+0x10/0x10
[  413.723596][T16733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.723620][T16733]  ? __pfx__printk+0x10/0x10
[  413.723653][T16733]  ? __pfx___might_resched+0x10/0x10
[  413.723678][T16733]  should_fail_ex+0x414/0x560
[  413.723733][T16733]  should_failslab+0xa8/0x100
[  413.723763][T16733]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  413.723790][T16733]  ? __alloc_skb+0x112/0x2d0
[  413.723823][T16733]  __alloc_skb+0x112/0x2d0
[  413.723856][T16733]  netlink_sendmsg+0x5c6/0xb30
[  413.723905][T16733]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.723937][T16733]  ? aa_sock_msg_perm+0xf1/0x1d0
[  413.723968][T16733]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  413.723989][T16733]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.724025][T16733]  __sock_sendmsg+0x219/0x270
[  413.724054][T16733]  sock_write_iter+0x258/0x330
[  413.724081][T16733]  ? __pfx_sock_write_iter+0x10/0x10
[  413.724129][T16733]  do_iter_readv_writev+0x61c/0x8b0
[  413.724164][T16733]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  413.724188][T16733]  ? common_file_perm+0x1b5/0x230
[  413.724221][T16733]  ? bpf_lsm_file_permission+0x9/0x20
[  413.724242][T16733]  ? security_file_permission+0x75/0x290
[  413.724268][T16733]  ? rw_verify_area+0x255/0x4d0
[  413.724297][T16733]  vfs_writev+0x31a/0x960
[  413.724321][T16733]  ? __lock_acquire+0xab9/0xd20
[  413.724351][T16733]  ? __pfx_vfs_writev+0x10/0x10
[  413.724390][T16733]  ? __fget_files+0x2a/0x420
[  413.724413][T16733]  ? __fget_files+0x3a0/0x420
[  413.724429][T16733]  ? __fget_files+0x2a/0x420
[  413.724457][T16733]  do_writev+0x14d/0x2d0
[  413.724481][T16733]  ? __pfx_do_writev+0x10/0x10
[  413.724497][T16733]  ? rcu_is_watching+0x15/0xb0
[  413.724523][T16733]  ? do_syscall_64+0xbe/0x3b0
[  413.724555][T16733]  do_syscall_64+0xfa/0x3b0
[  413.724581][T16733]  ? lockdep_hardirqs_on+0x9c/0x150
[  413.724606][T16733]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.724625][T16733]  ? clear_bhb_loop+0x60/0xb0
[  413.724649][T16733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.724667][T16733] RIP: 0033:0x7fea9958ebe9
[  413.724685][T16733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.724701][T16733] RSP: 002b:00007fea9a419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  413.724723][T16733] RAX: ffffffffffffffda RBX: 00007fea997b6090 RCX: 00007fea9958ebe9
[  413.724736][T16733] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[  413.724748][T16733] RBP: 00007fea9a419090 R08: 0000000000000000 R09: 0000000000000000
[  413.724760][T16733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.724771][T16733] R13: 00007fea997b6128 R14: 00007fea997b6090 R15: 00007ffe358f0808
[  413.724805][T16733]  </TASK>
[  414.050554][T16736] netlink: 'syz.1.4176': attribute type 1 has an invalid length.
[  414.240019][T16736] 8021q: adding VLAN 0 to HW filter on device bond1
[  414.439312][T16737] bond1: (slave wlan0): Enslaving as an active interface with a down link
[  414.473696][T16742] bond0: (slave gretap0): Opening slave failed
[  414.547116][T16753] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4180'.
[  414.563370][T16744] vlan2: entered allmulticast mode
[  414.571299][T16744] veth1: entered allmulticast mode
[  414.584637][T16744] veth1: entered promiscuous mode
[  414.589037][T16754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4181'.
[  414.595668][T16744] veth1: left promiscuous mode
[  414.622578][T16744] bond1: (slave vlan2): making interface the new active one
[  414.642033][T16744] bond1: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  414.673558][T16744] veth1: entered promiscuous mode
[  414.683106][T16744] vlan2: entered promiscuous mode
[  414.695783][T16744] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  415.038346][T16770] tipc: Started in network mode
[  415.058637][T16770] tipc: Node identity a65460559423, cluster identity 4711
[  415.093967][T16770] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  415.110261][T16773] syzkaller0: entered promiscuous mode
[  415.127000][T16773] syzkaller0: entered allmulticast mode
[  415.192147][T16770] tipc: Resetting bearer <eth:syzkaller0>
[  415.401069][T16784] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4193'.
[  416.197679][T15626] tipc: Node number set to 846684245
[  416.340159][T16794] netlink: 'syz.3.4194': attribute type 12 has an invalid length.
[  416.493236][T16807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4197'.
[  416.736270][T16817] FAULT_INJECTION: forcing a failure.
[  416.736270][T16817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.785794][T16817] CPU: 1 UID: 0 PID: 16817 Comm: syz.3.4199 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  416.785827][T16817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  416.785839][T16817] Call Trace:
[  416.785849][T16817]  <TASK>
[  416.785858][T16817]  dump_stack_lvl+0x189/0x250
[  416.785897][T16817]  ? __pfx____ratelimit+0x10/0x10
[  416.785924][T16817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  416.785947][T16817]  ? __pfx__printk+0x10/0x10
[  416.785989][T16817]  should_fail_ex+0x414/0x560
[  416.786022][T16817]  _copy_to_user+0x31/0xb0
[  416.786048][T16817]  simple_read_from_buffer+0xe1/0x170
[  416.786082][T16817]  proc_fail_nth_read+0x1b3/0x220
[  416.786108][T16817]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  416.786133][T16817]  ? rw_verify_area+0x2a6/0x4d0
[  416.786156][T16817]  ? __lock_acquire+0xab9/0xd20
[  416.786182][T16817]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  416.786206][T16817]  vfs_read+0x1fd/0xa30
[  416.786230][T16817]  ? fdget_pos+0x247/0x320
[  416.786253][T16817]  ? __pfx___mutex_lock+0x10/0x10
[  416.786281][T16817]  ? __pfx_vfs_read+0x10/0x10
[  416.786308][T16817]  ? __fget_files+0x2a/0x420
[  416.786332][T16817]  ? __fget_files+0x3a0/0x420
[  416.786348][T16817]  ? __fget_files+0x2a/0x420
[  416.786376][T16817]  ksys_read+0x145/0x250
[  416.786405][T16817]  ? __pfx_ksys_read+0x10/0x10
[  416.786436][T16817]  ? do_syscall_64+0xbe/0x3b0
[  416.786472][T16817]  do_syscall_64+0xfa/0x3b0
[  416.786494][T16817]  ? lockdep_hardirqs_on+0x9c/0x150
[  416.786517][T16817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.786535][T16817]  ? clear_bhb_loop+0x60/0xb0
[  416.786556][T16817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.786573][T16817] RIP: 0033:0x7fea9958d5fc
[  416.786591][T16817] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  416.786607][T16817] RSP: 002b:00007fea9a3f8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  416.786627][T16817] RAX: ffffffffffffffda RBX: 00007fea997b6180 RCX: 00007fea9958d5fc
[  416.786641][T16817] RDX: 000000000000000f RSI: 00007fea9a3f80a0 RDI: 0000000000000005
[  416.786652][T16817] RBP: 00007fea9a3f8090 R08: 0000000000000000 R09: 0000000000000000
[  416.786663][T16817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.786674][T16817] R13: 00007fea997b6218 R14: 00007fea997b6180 R15: 00007ffe358f0808
[  416.786708][T16817]  </TASK>
[  417.441533][T16832] netlink: 'syz.2.4204': attribute type 10 has an invalid length.
[  417.522495][T16831] netlink: 'syz.2.4204': attribute type 10 has an invalid length.
[  418.263548][T16832] bond0: (slave dummy0): Releasing backup interface
[  418.400249][T16832] team0: Port device dummy0 added
[  418.487432][T16831] team0: Port device dummy0 removed
[  418.538424][T16831] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  418.898119][T16865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4212'.
[  419.196271][T16873] FAULT_INJECTION: forcing a failure.
[  419.196271][T16873] name failslab, interval 1, probability 0, space 0, times 0
[  419.219235][T16873] CPU: 1 UID: 0 PID: 16873 Comm: syz.1.4215 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  419.219267][T16873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  419.219278][T16873] Call Trace:
[  419.219286][T16873]  <TASK>
[  419.219295][T16873]  dump_stack_lvl+0x189/0x250
[  419.219324][T16873]  ? __pfx____ratelimit+0x10/0x10
[  419.219351][T16873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  419.219373][T16873]  ? __pfx__printk+0x10/0x10
[  419.219408][T16873]  ? __pfx___might_resched+0x10/0x10
[  419.219426][T16873]  ? fs_reclaim_acquire+0x7d/0x100
[  419.219461][T16873]  should_fail_ex+0x414/0x560
[  419.219493][T16873]  should_failslab+0xa8/0x100
[  419.219523][T16873]  __kmalloc_noprof+0xcb/0x4f0
[  419.219547][T16873]  ? kfree+0x4d/0x440
[  419.219566][T16873]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  419.219592][T16873]  tomoyo_realpath_from_path+0xe3/0x5d0
[  419.219614][T16873]  ? tomoyo_domain+0xd9/0x130
[  419.219641][T16873]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  419.219667][T16873]  tomoyo_path_number_perm+0x1e8/0x5a0
[  419.219697][T16873]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  419.219744][T16873]  ? __lock_acquire+0xab9/0xd20
[  419.219797][T16873]  ? __fget_files+0x2a/0x420
[  419.219819][T16873]  ? __fget_files+0x2a/0x420
[  419.219834][T16873]  ? __fget_files+0x3a0/0x420
[  419.219849][T16873]  ? __fget_files+0x2a/0x420
[  419.219871][T16873]  security_file_ioctl+0xcb/0x2d0
[  419.219908][T16873]  __se_sys_ioctl+0x47/0x170
[  419.219935][T16873]  do_syscall_64+0xfa/0x3b0
[  419.219961][T16873]  ? lockdep_hardirqs_on+0x9c/0x150
[  419.219986][T16873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.220006][T16873]  ? clear_bhb_loop+0x60/0xb0
[  419.220030][T16873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.220049][T16873] RIP: 0033:0x7fc17998ebe9
[  419.220068][T16873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.220083][T16873] RSP: 002b:00007fc17a852038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  419.220105][T16873] RAX: ffffffffffffffda RBX: 00007fc179bb5fa0 RCX: 00007fc17998ebe9
[  419.220119][T16873] RDX: 0000200000000540 RSI: 000000000000891c RDI: 0000000000000003
[  419.220131][T16873] RBP: 00007fc17a852090 R08: 0000000000000000 R09: 0000000000000000
[  419.220141][T16873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.220153][T16873] R13: 00007fc179bb6038 R14: 00007fc179bb5fa0 R15: 00007ffe582e8608
[  419.220188][T16873]  </TASK>
[  419.221305][T16873] ERROR: Out of memory at tomoyo_realpath_from_path.
[  421.730340][T16875] bond0: (slave gretap0): Opening slave failed
[  421.947077][ T5880] Bluetooth: hci5: command 0x0406 tx timeout
[  421.963332][T16888] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4219'.
[  422.114419][T16891] netlink: 'syz.4.4222': attribute type 10 has an invalid length.
[  422.172926][T16900] netlink: 'syz.4.4222': attribute type 10 has an invalid length.
[  422.190970][T16901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4224'.
[  422.967181][T16891] team0: Port device dummy0 added
[  422.995713][T16900] team0: Port device dummy0 removed
[  423.025579][T16900] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  423.073067][T16909] bridge_slave_0: left allmulticast mode
[  423.085224][T16909] bridge_slave_0: left promiscuous mode
[  423.094111][T16909] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.155322][T16909] bridge_slave_1: left allmulticast mode
[  423.192718][T16909] bridge_slave_1: left promiscuous mode
[  423.201602][T16909] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.219392][T16909] bond0: (slave bond_slave_0): Releasing backup interface
[  423.245492][T16909] bond0: (slave bond_slave_1): Releasing backup interface
[  423.260409][T16917] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4227'.
[  423.274859][T16909] team0: Port device team_slave_1 removed
[  423.282986][T16909] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  423.291027][T16909] batman_adv: batadv0: Removing interface: batadv_slave_0
[  423.299992][T16909] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  423.308540][T16909] batman_adv: batadv0: Removing interface: batadv_slave_1
[  423.323988][T16909] bond1: (slave wlan0): Releasing active interface
[  423.332644][T16909] bond1: (slave wlan0): the permanent HWaddr of slave - 08:02:11:00:00:00 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  423.370640][T16909] bond1: (slave vlan2): Releasing active interface
[  423.378381][T16909] vlan2: left promiscuous mode
[  423.385429][T16909] veth1: left promiscuous mode
[  423.479486][T16916] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  423.607729][T16921] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  423.707759][T16930] FAULT_INJECTION: forcing a failure.
[  423.707759][T16930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  423.723258][T16930] CPU: 0 UID: 0 PID: 16930 Comm: syz.3.4234 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  423.723291][T16930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  423.723302][T16930] Call Trace:
[  423.723310][T16930]  <TASK>
[  423.723319][T16930]  dump_stack_lvl+0x189/0x250
[  423.723348][T16930]  ? __pfx____ratelimit+0x10/0x10
[  423.723375][T16930]  ? __pfx_dump_stack_lvl+0x10/0x10
[  423.723398][T16930]  ? __pfx__printk+0x10/0x10
[  423.723425][T16930]  ? __might_fault+0xb0/0x130
[  423.723465][T16930]  should_fail_ex+0x414/0x560
[  423.723496][T16930]  _copy_from_user+0x2d/0xb0
[  423.723520][T16930]  ___sys_sendmsg+0x158/0x2a0
[  423.723544][T16930]  ? __pfx____sys_sendmsg+0x10/0x10
[  423.723635][T16930]  ? __fget_files+0x2a/0x420
[  423.723652][T16930]  ? __fget_files+0x3a0/0x420
[  423.723683][T16930]  __x64_sys_sendmsg+0x19b/0x260
[  423.723706][T16930]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  423.723738][T16930]  ? __pfx_ksys_write+0x10/0x10
[  423.723760][T16930]  ? rcu_is_watching+0x15/0xb0
[  423.723786][T16930]  ? do_syscall_64+0xbe/0x3b0
[  423.723818][T16930]  do_syscall_64+0xfa/0x3b0
[  423.723843][T16930]  ? lockdep_hardirqs_on+0x9c/0x150
[  423.723866][T16930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.723885][T16930]  ? clear_bhb_loop+0x60/0xb0
[  423.723909][T16930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.723927][T16930] RIP: 0033:0x7fea9958ebe9
[  423.723944][T16930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.723961][T16930] RSP: 002b:00007fea9a43a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  423.723983][T16930] RAX: ffffffffffffffda RBX: 00007fea997b5fa0 RCX: 00007fea9958ebe9
[  423.723997][T16930] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000006
[  423.724009][T16930] RBP: 00007fea9a43a090 R08: 0000000000000000 R09: 0000000000000000
[  423.724022][T16930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.724033][T16930] R13: 00007fea997b6038 R14: 00007fea997b5fa0 R15: 00007ffe358f0808
[  423.724067][T16930]  </TASK>
[  424.302698][T16951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4239'.
[  424.827083][T16966] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4249'.
[  424.836282][T16966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4249'.
[  425.059149][   T13] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  425.085576][T16972] FAULT_INJECTION: forcing a failure.
[  425.085576][T16972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.103113][T16972] CPU: 0 UID: 0 PID: 16972 Comm: syz.4.4251 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  425.103146][T16972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  425.103158][T16972] Call Trace:
[  425.103166][T16972]  <TASK>
[  425.103175][T16972]  dump_stack_lvl+0x189/0x250
[  425.103203][T16972]  ? __pfx____ratelimit+0x10/0x10
[  425.103230][T16972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.103252][T16972]  ? __pfx__printk+0x10/0x10
[  425.103279][T16972]  ? __might_fault+0xb0/0x130
[  425.103318][T16972]  should_fail_ex+0x414/0x560
[  425.103368][T16972]  _copy_from_user+0x2d/0xb0
[  425.103408][T16972]  get_timespec64+0x8e/0x1a0
[  425.103435][T16972]  ? __pfx_get_timespec64+0x10/0x10
[  425.103475][T16972]  __x64_sys_recvmmsg+0x143/0x240
[  425.103502][T16972]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  425.103530][T16972]  ? do_syscall_64+0xbe/0x3b0
[  425.103562][T16972]  do_syscall_64+0xfa/0x3b0
[  425.103587][T16972]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.103638][T16972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.103658][T16972]  ? clear_bhb_loop+0x60/0xb0
[  425.103683][T16972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.103702][T16972] RIP: 0033:0x7eff3698ebe9
[  425.103721][T16972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.103738][T16972] RSP: 002b:00007eff37780038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  425.103779][T16972] RAX: ffffffffffffffda RBX: 00007eff36bb6090 RCX: 00007eff3698ebe9
[  425.103792][T16972] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  425.103804][T16972] RBP: 00007eff37780090 R08: 0000200000003700 R09: 0000000000000000
[  425.103816][T16972] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  425.103828][T16972] R13: 00007eff36bb6128 R14: 00007eff36bb6090 R15: 00007fff846f9fa8
[  425.103862][T16972]  </TASK>
[  425.106634][   T13] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  425.405168][   T13] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  425.430640][   T13] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  425.777082][T16993] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4257'.
[  426.146764][T17011] FAULT_INJECTION: forcing a failure.
[  426.146764][T17011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.178133][T17011] CPU: 0 UID: 0 PID: 17011 Comm: syz.3.4266 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  426.178166][T17011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  426.178177][T17011] Call Trace:
[  426.178185][T17011]  <TASK>
[  426.178196][T17011]  dump_stack_lvl+0x189/0x250
[  426.178225][T17011]  ? __pfx____ratelimit+0x10/0x10
[  426.178252][T17011]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.178275][T17011]  ? __pfx__printk+0x10/0x10
[  426.178300][T17011]  ? __might_fault+0xb0/0x130
[  426.178337][T17011]  should_fail_ex+0x414/0x560
[  426.178369][T17011]  _copy_from_user+0x2d/0xb0
[  426.178393][T17011]  ___sys_recvmsg+0x12e/0x510
[  426.178423][T17011]  ? __pfx____sys_recvmsg+0x10/0x10
[  426.178474][T17011]  ? __fget_files+0x3a0/0x420
[  426.178512][T17011]  do_recvmmsg+0x307/0x770
[  426.178545][T17011]  ? __pfx_do_recvmmsg+0x10/0x10
[  426.178581][T17011]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  426.178631][T17011]  __x64_sys_recvmmsg+0x190/0x240
[  426.178656][T17011]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  426.178685][T17011]  ? do_syscall_64+0xbe/0x3b0
[  426.178718][T17011]  do_syscall_64+0xfa/0x3b0
[  426.178742][T17011]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.178766][T17011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.178882][T17011]  ? clear_bhb_loop+0x60/0xb0
[  426.178908][T17011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.178930][T17011] RIP: 0033:0x7fea9958ebe9
[  426.178950][T17011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.178966][T17011] RSP: 002b:00007fea9a43a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  426.178989][T17011] RAX: ffffffffffffffda RBX: 00007fea997b5fa0 RCX: 00007fea9958ebe9
[  426.179003][T17011] RDX: 0400000000000284 RSI: 0000200000000040 RDI: 0000000000000003
[  426.179016][T17011] RBP: 00007fea9a43a090 R08: 0000000000000000 R09: 0000000000000000
[  426.179026][T17011] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  426.179038][T17011] R13: 00007fea997b6038 R14: 00007fea997b5fa0 R15: 00007ffe358f0808
[  426.179073][T17011]  </TASK>
[  427.018766][T17047] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4279'.
[  427.086323][T17050] FAULT_INJECTION: forcing a failure.
[  427.086323][T17050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.111147][T17050] CPU: 1 UID: 0 PID: 17050 Comm: syz.0.4280 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  427.111176][T17050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  427.111187][T17050] Call Trace:
[  427.111195][T17050]  <TASK>
[  427.111204][T17050]  dump_stack_lvl+0x189/0x250
[  427.111234][T17050]  ? __pfx____ratelimit+0x10/0x10
[  427.111260][T17050]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.111282][T17050]  ? __pfx__printk+0x10/0x10
[  427.111308][T17050]  ? __might_fault+0xb0/0x130
[  427.111345][T17050]  should_fail_ex+0x414/0x560
[  427.111376][T17050]  _copy_from_user+0x2d/0xb0
[  427.111398][T17050]  ___sys_recvmsg+0x12e/0x510
[  427.111427][T17050]  ? __pfx____sys_recvmsg+0x10/0x10
[  427.111477][T17050]  ? __fget_files+0x3a0/0x420
[  427.111515][T17050]  do_recvmmsg+0x307/0x770
[  427.111545][T17050]  ? __pfx_do_recvmmsg+0x10/0x10
[  427.111580][T17050]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  427.111629][T17050]  __x64_sys_recvmmsg+0x190/0x240
[  427.111653][T17050]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  427.111671][T17050]  ? rcu_is_watching+0x15/0xb0
[  427.111698][T17050]  ? do_syscall_64+0xbe/0x3b0
[  427.111729][T17050]  do_syscall_64+0xfa/0x3b0
[  427.111753][T17050]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.111860][T17050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.111880][T17050]  ? clear_bhb_loop+0x60/0xb0
[  427.111904][T17050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.111922][T17050] RIP: 0033:0x7f30ff78ebe9
[  427.111940][T17050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.111957][T17050] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  427.111978][T17050] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  427.111992][T17050] RDX: 04000000000002ac RSI: 0000200000000040 RDI: 0000000000000003
[  427.112005][T17050] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  427.112017][T17050] R10: 000000000000ffa6 R11: 0000000000000246 R12: 0000000000000001
[  427.112027][T17050] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  427.112057][T17050]  </TASK>
[  428.367791][T17105] FAULT_INJECTION: forcing a failure.
[  428.367791][T17105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  428.396824][T17105] CPU: 0 UID: 0 PID: 17105 Comm: syz.0.4301 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  428.396855][T17105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  428.396867][T17105] Call Trace:
[  428.396876][T17105]  <TASK>
[  428.396884][T17105]  dump_stack_lvl+0x189/0x250
[  428.396912][T17105]  ? __pfx____ratelimit+0x10/0x10
[  428.396938][T17105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.396960][T17105]  ? __pfx__printk+0x10/0x10
[  428.396986][T17105]  ? __might_fault+0xb0/0x130
[  428.397036][T17105]  should_fail_ex+0x414/0x560
[  428.397067][T17105]  _copy_from_user+0x2d/0xb0
[  428.397091][T17105]  ___sys_sendmsg+0x158/0x2a0
[  428.397114][T17105]  ? __pfx____sys_sendmsg+0x10/0x10
[  428.397177][T17105]  ? __fget_files+0x2a/0x420
[  428.397193][T17105]  ? __fget_files+0x3a0/0x420
[  428.397223][T17105]  __sys_sendmmsg+0x227/0x430
[  428.397250][T17105]  ? __pfx___sys_sendmmsg+0x10/0x10
[  428.397267][T17105]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  428.397326][T17105]  ? ksys_write+0x22a/0x250
[  428.397356][T17105]  ? __pfx_ksys_write+0x10/0x10
[  428.397377][T17105]  ? rcu_is_watching+0x15/0xb0
[  428.397406][T17105]  __x64_sys_sendmmsg+0xa0/0xc0
[  428.397428][T17105]  do_syscall_64+0xfa/0x3b0
[  428.397453][T17105]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.397478][T17105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.397498][T17105]  ? clear_bhb_loop+0x60/0xb0
[  428.397521][T17105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.397539][T17105] RIP: 0033:0x7f30ff78ebe9
[  428.397557][T17105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.397572][T17105] RSP: 002b:00007f3100595038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  428.397593][T17105] RAX: ffffffffffffffda RBX: 00007f30ff9b5fa0 RCX: 00007f30ff78ebe9
[  428.397607][T17105] RDX: 0400000000000235 RSI: 0000200000000000 RDI: 0000000000000003
[  428.397619][T17105] RBP: 00007f3100595090 R08: 0000000000000000 R09: 0000000000000000
[  428.397630][T17105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.397642][T17105] R13: 00007f30ff9b6038 R14: 00007f30ff9b5fa0 R15: 00007ffc47e07248
[  428.397675][T17105]  </TASK>
[  428.859068][T17119] syz_tun: entered allmulticast mode
[  428.897510][T17118] syz_tun: left allmulticast mode
[  429.159929][T17128] netlink: 'syz.1.4311': attribute type 1 has an invalid length.
[  429.195314][T17128] netlink: 144 bytes leftover after parsing attributes in process `syz.1.4311'.
[  429.224491][T17128] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4311'.
[  429.367010][T17144] syz_tun: entered allmulticast mode
[  429.435140][T17144] dvmrp1: entered allmulticast mode
[  429.452694][T17143] syz_tun: left allmulticast mode
[  429.571772][ T5879] Bluetooth: hci3: link tx timeout
[  429.581456][ T5879] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.601093][ T5880] Bluetooth: hci3: link tx timeout
[  429.615545][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.624029][ T5880] Bluetooth: hci3: link tx timeout
[  429.629670][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.643778][ T5880] Bluetooth: hci3: link tx timeout
[  429.649958][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.663785][ T5880] Bluetooth: hci3: link tx timeout
[  429.672315][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.680784][ T5880] Bluetooth: hci3: link tx timeout
[  429.686200][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.697119][ T5880] Bluetooth: hci3: link tx timeout
[  429.702295][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.710864][ T5880] Bluetooth: hci3: link tx timeout
[  429.716028][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.724172][ T5880] Bluetooth: hci3: link tx timeout
[  429.729667][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.738857][ T5880] Bluetooth: hci3: link tx timeout
[  429.744016][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  429.752155][ T5880] Bluetooth: hci3: link tx timeout
[  429.757467][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  430.086998][T17167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4325'.
[  430.451718][T17163] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.569972][T17181] FAULT_INJECTION: forcing a failure.
[  430.569972][T17181] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.614928][T17181] CPU: 0 UID: 0 PID: 17181 Comm: syz.0.4327 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  430.614961][T17181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  430.614973][T17181] Call Trace:
[  430.614989][T17181]  <TASK>
[  430.614998][T17181]  dump_stack_lvl+0x189/0x250
[  430.615028][T17181]  ? __pfx____ratelimit+0x10/0x10
[  430.615055][T17181]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.615078][T17181]  ? __pfx__printk+0x10/0x10
[  430.615104][T17181]  ? __might_fault+0xb0/0x130
[  430.615145][T17181]  should_fail_ex+0x414/0x560
[  430.615176][T17181]  _copy_from_user+0x2d/0xb0
[  430.615200][T17181]  ___sys_sendmsg+0x158/0x2a0
[  430.615224][T17181]  ? __pfx____sys_sendmsg+0x10/0x10
[  430.615288][T17181]  ? __fget_files+0x2a/0x420
[  430.615304][T17181]  ? __fget_files+0x3a0/0x420
[  430.615334][T17181]  __x64_sys_sendmsg+0x19b/0x260
[  430.615357][T17181]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  430.615388][T17181]  ? __pfx_ksys_write+0x10/0x10
[  430.615421][T17181]  ? do_syscall_64+0xbe/0x3b0
[  430.615453][T17181]  do_syscall_64+0xfa/0x3b0
[  430.615477][T17181]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.615502][T17181]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.615520][T17181]  ? clear_bhb_loop+0x60/0xb0
[  430.615544][T17181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.615563][T17181] RIP: 0033:0x7f30ff78ebe9
[  430.615581][T17181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.615597][T17181] RSP: 002b:00007f3100553038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  430.615620][T17181] RAX: ffffffffffffffda RBX: 00007f30ff9b6180 RCX: 00007f30ff78ebe9
[  430.615634][T17181] RDX: 0000000004041080 RSI: 0000200000000280 RDI: 0000000000000005
[  430.615646][T17181] RBP: 00007f3100553090 R08: 0000000000000000 R09: 0000000000000000
[  430.615658][T17181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.615670][T17181] R13: 00007f30ff9b6218 R14: 00007f30ff9b6180 R15: 00007ffc47e07248
[  430.615704][T17181]  </TASK>
[  431.119699][T17191] netlink: 280 bytes leftover after parsing attributes in process `syz.4.4332'.
[  431.447898][T17202] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4336'.
[  431.626887][ T5880] Bluetooth: hci3: command 0x0406 tx timeout
[  431.810247][T17218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4339'.
[  432.196795][ T5879] Bluetooth: hci1: command 0x0406 tx timeout
[  440.397214][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  447.547009][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  464.812721][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  464.836944][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  464.867032][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  464.917371][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  464.944654][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  464.967206][T14137] syz_tun (unregistering): left allmulticast mode
[  465.073302][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  465.088479][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  465.097378][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  465.105720][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  465.115805][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  465.135786][ T5879] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  465.149410][ T5872] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  465.167910][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  465.177570][ T5872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  465.186715][ T5872] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  465.197504][ T5872] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  465.207290][ T5879] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  465.240497][ T5872] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  465.267960][ T5872] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  465.292914][ T5879] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  465.314040][ T5879] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  465.318004][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  465.332521][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  465.377112][ T5880] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  465.389767][ T5880] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  465.459656][T13592] syz_tun (unregistering): left promiscuous mode
[  465.529095][ T3004] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.701247][ T3004] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.802491][ T3004] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.923706][ T3004] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.742718][ T3004] dvmrp1 (unregistering): left allmulticast mode
[  466.916711][ T3004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.929198][ T3004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.940727][ T3004] bond0 (unregistering): Released all slaves
[  466.975205][T17238] chnl_net:caif_netlink_parms(): no params data found
[  467.073550][ T5880] Bluetooth: hci2: command tx timeout
[  467.230621][ T5872] Bluetooth: hci0: command tx timeout
[  467.307338][ T5872] Bluetooth: hci4: command tx timeout
[  467.388334][ T5872] Bluetooth: hci3: command tx timeout
[  467.466860][ T5872] Bluetooth: hci1: command tx timeout
[  467.734546][T17241] chnl_net:caif_netlink_parms(): no params data found
[  467.764952][T17238] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.773033][T17238] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.780531][T17238] bridge_slave_0: entered allmulticast mode
[  467.821964][T17238] bridge_slave_0: entered promiscuous mode
[  467.983654][ T3004] hsr_slave_0: left promiscuous mode
[  467.995858][ T3004] hsr_slave_1: left promiscuous mode
[  468.002862][ T3004] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  468.011436][ T3004] batman_adv: batadv0: Removing interface: batadv_slave_0
[  468.020395][ T3004] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  468.028582][ T3004] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.054781][ T3004] veth1_macvtap: left promiscuous mode
[  468.061059][ T3004] veth0_macvtap: left promiscuous mode
[  468.066963][ T3004] veth1_vlan: left promiscuous mode
[  468.072640][ T3004] veth0_vlan: left promiscuous mode
[  468.677776][ T3004] team0 (unregistering): Port device team_slave_1 removed
[  468.732162][ T3004] team0 (unregistering): Port device team_slave_0 removed
[  469.156793][ T5872] Bluetooth: hci2: command tx timeout
[  469.254314][T17238] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.261729][T17238] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.269691][T17238] bridge_slave_1: entered allmulticast mode
[  469.281108][T17238] bridge_slave_1: entered promiscuous mode
[  469.317966][ T5872] Bluetooth: hci0: command tx timeout
[  469.386841][ T5872] Bluetooth: hci4: command tx timeout
[  469.464987][T17238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  469.482367][ T5872] Bluetooth: hci3: command tx timeout
[  469.559556][T17238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  469.566547][ T5872] Bluetooth: hci1: command tx timeout
[  469.733386][T17238] team0: Port device team_slave_0 added
[  469.747167][T17238] team0: Port device team_slave_1 added
[  469.822144][T17241] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.830470][T17241] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.838491][T17241] bridge_slave_0: entered allmulticast mode
[  469.845753][T17241] bridge_slave_0: entered promiscuous mode
[  469.865690][T17241] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.873115][T17241] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.880547][T17241] bridge_slave_1: entered allmulticast mode
[  469.889077][T17241] bridge_slave_1: entered promiscuous mode
[  469.901396][T17238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  469.909918][T17238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  469.937840][T17238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  469.951475][T17238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  469.958833][T17238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  469.986090][T17238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  470.204223][T17241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  470.220292][T17241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  470.363778][T17235] chnl_net:caif_netlink_parms(): no params data found
[  470.401471][T17238] hsr_slave_0: entered promiscuous mode
[  470.408598][T17238] hsr_slave_1: entered promiscuous mode
[  470.414783][T17238] debugfs: 'hsr0' already exists in 'hsr'
[  470.420893][T17238] Cannot create hsr debugfs directory
[  470.445458][T17241] team0: Port device team_slave_0 added
[  470.463556][T17241] team0: Port device team_slave_1 added
[  470.505962][T17237] chnl_net:caif_netlink_parms(): no params data found
[  470.613440][T17241] batman_adv: batadv0: Adding interface: batadv_slave_0
[  470.621109][T17241] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  470.648033][T17241] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  470.724071][T17241] batman_adv: batadv0: Adding interface: batadv_slave_1
[  470.732641][T17241] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  470.760823][T17241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  470.799955][T17233] chnl_net:caif_netlink_parms(): no params data found
[  470.889405][ T3004] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.090024][ T3004] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.113550][T17235] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.123197][T17235] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.132805][T17235] bridge_slave_0: entered allmulticast mode
[  471.144983][T17235] bridge_slave_0: entered promiscuous mode
[  471.181013][T17237] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.189186][T17237] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.197091][T17237] bridge_slave_0: entered allmulticast mode
[  471.206193][T17237] bridge_slave_0: entered promiscuous mode
[  471.226791][ T5872] Bluetooth: hci2: command tx timeout
[  471.258717][T17235] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.266853][T17235] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.274271][T17235] bridge_slave_1: entered allmulticast mode
[  471.282105][T17235] bridge_slave_1: entered promiscuous mode
[  471.298135][T17241] hsr_slave_0: entered promiscuous mode
[  471.304999][T17241] hsr_slave_1: entered promiscuous mode
[  471.311725][T17241] debugfs: 'hsr0' already exists in 'hsr'
[  471.317827][T17241] Cannot create hsr debugfs directory
[  471.324079][T17237] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.331771][T17237] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.339371][T17237] bridge_slave_1: entered allmulticast mode
[  471.348230][T17237] bridge_slave_1: entered promiscuous mode
[  471.387439][ T5872] Bluetooth: hci0: command tx timeout
[  471.425221][ T3004] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.466877][ T5872] Bluetooth: hci4: command tx timeout
[  471.554282][ T5872] Bluetooth: hci3: command tx timeout
[  471.608681][ T3004] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.627524][ T5872] Bluetooth: hci1: command tx timeout
[  471.644339][T17237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  471.658985][T17237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  471.734191][T17235] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  471.751648][T17235] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  471.820745][T17233] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.829318][T17233] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.837935][T17233] bridge_slave_0: entered allmulticast mode
[  471.846411][T17233] bridge_slave_0: entered promiscuous mode
[  471.913801][T17237] team0: Port device team_slave_0 added
[  471.920707][T17233] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.928658][T17233] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.936167][T17233] bridge_slave_1: entered allmulticast mode
[  471.943963][T17233] bridge_slave_1: entered promiscuous mode
[  472.011105][T17237] team0: Port device team_slave_1 added
[  472.062749][T17235] team0: Port device team_slave_0 added
[  472.074411][T17235] team0: Port device team_slave_1 added
[  472.128854][T17233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  472.142627][T17233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  472.209920][T17237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.217783][T17237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.244788][T17237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.267916][T17237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.274996][T17237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.302516][T17237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  472.425177][T17235] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.432695][T17235] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.459204][T17235] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.501358][T17233] team0: Port device team_slave_0 added
[  472.509237][T17235] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.516303][T17235] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.543577][T17235] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  472.628584][T17233] team0: Port device team_slave_1 added
[  472.678437][T17238] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  472.719757][T17233] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.726996][T17233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.753750][T17233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.791479][ T3004] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.820762][T17238] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  472.858877][T17237] hsr_slave_0: entered promiscuous mode
[  472.868867][T17237] hsr_slave_1: entered promiscuous mode
[  472.875297][T17237] debugfs: 'hsr0' already exists in 'hsr'
[  472.881733][T17237] Cannot create hsr debugfs directory
[  472.915751][T17233] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.924789][T17233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.954005][T17233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  472.984370][T17238] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  472.999963][T17238] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  473.033944][ T3004] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.146173][T17235] hsr_slave_0: entered promiscuous mode
[  473.153287][T17235] hsr_slave_1: entered promiscuous mode
[  473.161086][T17235] debugfs: 'hsr0' already exists in 'hsr'
[  473.167044][T17235] Cannot create hsr debugfs directory
[  473.216421][ T3004] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.286000][ T3004] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.307564][ T5872] Bluetooth: hci2: command tx timeout
[  473.381823][T17233] hsr_slave_0: entered promiscuous mode
[  473.389366][T17233] hsr_slave_1: entered promiscuous mode
[  473.395564][T17233] debugfs: 'hsr0' already exists in 'hsr'
[  473.401428][T17233] Cannot create hsr debugfs directory
[  473.467058][ T5872] Bluetooth: hci0: command tx timeout
[  473.547089][ T5872] Bluetooth: hci4: command tx timeout
[  473.597614][T17241] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  473.627364][ T5872] Bluetooth: hci3: command tx timeout
[  473.668491][T17241] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  473.706845][ T5872] Bluetooth: hci1: command tx timeout
[  473.760105][T17241] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  473.773475][T17241] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  473.953686][ T3004] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.124564][ T3004] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.180102][T17237] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  474.253406][ T3004] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.273699][T17237] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  474.310237][ T3004] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.341406][T17237] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  474.401130][T17237] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  474.537470][T17235] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  474.575798][T17235] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  474.640814][T17235] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  474.672571][T17235] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  475.040569][ T3004] bond1 (unregistering): (slave bridge0): Releasing active interface
[  475.222225][ T3004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  475.243289][ T3004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  475.256717][ T3004] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  475.267398][ T3004] bond0 (unregistering): Released all slaves
[  475.409694][ T3004] bond1 (unregistering): Released all slaves
[  475.596047][ T3004] dvmrp1 (unregistering): left allmulticast mode
[  475.841281][ T3004] bond0 (unregistering): Released all slaves
[  475.991614][ T3004] bond1 (unregistering): Released all slaves
[  476.190536][ T3004] dvmrp1 (unregistering): left allmulticast mode
[  476.365765][ T3004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  476.377966][ T3004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  476.390054][ T3004] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  476.400385][ T3004] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  476.415467][ T3004] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  476.426000][ T3004] bond0 (unregistering): Released all slaves
[  476.488156][T17238] 8021q: adding VLAN 0 to HW filter on device bond0
[  476.633887][T17241] 8021q: adding VLAN 0 to HW filter on device bond0
[  476.663766][T17238] 8021q: adding VLAN 0 to HW filter on device team0
[  476.691328][ T3004] tipc: Left network mode
[  476.792975][T17233] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  476.841020][ T2983] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.848396][ T2983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  476.862582][ T2983] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.869781][ T2983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  476.880449][T17233] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  476.894529][T17233] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  476.930906][T17241] 8021q: adding VLAN 0 to HW filter on device team0
[  476.950334][T17233] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  477.001268][ T2983] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.008671][ T2983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.054553][ T2983] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.061877][ T2983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.399543][T17237] 8021q: adding VLAN 0 to HW filter on device bond0
[  477.535613][T17237] 8021q: adding VLAN 0 to HW filter on device team0
[  477.782285][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.789728][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.888620][ T1336] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.896093][ T1336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.945691][T17235] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.098315][T17233] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.201576][T17241] 8021q: adding VLAN 0 to HW filter on device batadv0
[  478.369959][T17235] 8021q: adding VLAN 0 to HW filter on device team0
[  478.409982][T17238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  478.439880][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.447302][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.503274][T17233] 8021q: adding VLAN 0 to HW filter on device team0
[  478.612417][ T6713] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.619798][ T6713] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.682366][ T6713] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.689718][ T6713] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.735798][ T6713] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.743295][ T6713] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.289057][T17237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  479.411467][ T3004] batadv_slave_0: left promiscuous mode
[  479.526560][ T3004] hsr_slave_0: left promiscuous mode
[  479.542239][ T3004] hsr_slave_1: left promiscuous mode
[  479.557556][ T3004] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  479.565156][ T3004] batman_adv: batadv0: Removing interface: batadv_slave_0
[  479.596158][ T3004] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  479.604026][ T3004] batman_adv: batadv0: Removing interface: batadv_slave_1
[  479.617267][ T3004] hsr_slave_0: left promiscuous mode
[  479.623515][ T3004] hsr_slave_1: left promiscuous mode
[  479.644419][ T3004] hsr_slave_0: left promiscuous mode
[  479.650640][ T3004] hsr_slave_1: left promiscuous mode
[  479.656717][ T3004] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  479.664292][ T3004] batman_adv: batadv0: Removing interface: batadv_slave_1
[  479.713260][ T3004] veth1_macvtap: left promiscuous mode
[  479.720308][ T3004] veth0_macvtap: left promiscuous mode
[  479.726073][ T3004] veth1_vlan: left promiscuous mode
[  479.731578][ T3004] veth0_vlan: left promiscuous mode
[  479.739175][ T3004] veth1_macvtap: left promiscuous mode
[  479.744812][ T3004] veth0_macvtap: left promiscuous mode
[  479.750804][ T3004] veth1_vlan: left promiscuous mode
[  479.756201][ T3004] veth0_vlan: left promiscuous mode
[  479.763065][ T3004] veth1_macvtap: left promiscuous mode
[  479.768724][ T3004] veth0_macvtap: left promiscuous mode
[  479.774416][ T3004] veth1_vlan: left promiscuous mode
[  479.783273][ T3004] veth0_vlan: left promiscuous mode
[  480.555401][ T3004] team0 (unregistering): Port device team_slave_1 removed
[  480.610363][ T3004] team0 (unregistering): Port device team_slave_0 removed
[  482.624416][ T3004] team0 (unregistering): Port device team_slave_1 removed
[  482.676168][ T3004] team0 (unregistering): Port device team_slave_0 removed
[  482.921000][ T3004] Oops: general protection fault, probably for non-canonical address 0xdffffc001fffe000: 0000 [#1] SMP KASAN PTI
[  482.932948][ T3004] KASAN: probably user-memory-access in range [0x00000000ffff0000-0x00000000ffff0007]
[  482.942497][ T3004] CPU: 0 UID: 0 PID: 3004 Comm: kworker/u8:8 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full) 
[  482.954645][ T3004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  482.964728][ T3004] Workqueue: netns cleanup_net
SYZFAIL: failed to recv rpc
[  482.969511][ T3004] RIP: 0010:mld_clear_delrec+0x3a5/0x660
[  482.975175][ T3004] Code: ff ff ff e8 cd 24 41 01 89 c5 31 ff 89 c6 e8 a2 79 87 f7 85 ed 74 40 e8 59 75 87 f7 eb 05 e8 52 75 87 f7 4c 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 ff e8 8c de ea f7 4d 8b 27 49 8d 7f 30
[  482.994893][ T3004] RSP: 0018:ffffc9000b4b7390 EFLAGS: 00010206
[  483.000973][ T3004] RAX: 000000001fffe000 RBX: ffff888059163538 RCX: ffff88802ec11e00
[  483.009032][ T3004] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  483.017000][ T3004] RBP: 0000000000000001 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  483.025145][ T3004] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: ffff88806b815828
[  483.033130][ T3004] R13: dffffc0000000000 R14: ffff88806b815800 R15: 00000000ffff0000
[  483.041289][ T3004] FS:  0000000000000000(0000) GS:ffff888125c1c000(0000) knlGS:0000000000000000
[  483.050219][ T3004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  483.056986][ T3004] CR2: 00007f7cbba712ec CR3: 000000000df36000 CR4: 00000000003526f0
[  483.065081][ T3004] Call Trace:
[  483.068385][ T3004]  <TASK>
[  483.071319][ T3004]  ? ipv6_mc_down+0x2a3/0x360
[  483.076022][ T3004]  ipv6_mc_destroy_dev+0x45/0x5a0
[  483.081424][ T3004]  ? addrconf_ifdown+0x1396/0x1880
[  483.086556][ T3004]  addrconf_ifdown+0x139e/0x1880
[  483.091740][ T3004]  ? tls_dev_event+0x717/0xec0
[  483.097417][ T3004]  ? __pfx_addrconf_ifdown+0x10/0x10
[  483.103176][ T3004]  addrconf_notify+0x1bc/0x1010
[  483.108148][ T3004]  notifier_call_chain+0x1b6/0x3e0
[  483.113362][ T3004]  unregister_netdevice_many_notify+0x14d7/0x1ff0
[  483.119890][ T3004]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  483.126769][ T3004]  ? unregister_netdevice_queue+0x1b3/0x380
[  483.132668][ T3004]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  483.139351][ T3004]  ? batadv_meshif_destroy_netlink+0x1b0/0x250
[  483.145601][ T3004]  default_device_exit_batch+0x819/0x890
[  483.151589][ T3004]  ? __pfx___might_resched+0x10/0x10
[  483.156960][ T3004]  ? __pfx_default_device_exit_batch+0x10/0x10
[  483.163123][ T3004]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  483.168961][ T3004]  ? net_generic+0x1e/0x240
[  483.173498][ T3004]  ? __pfx_default_device_exit_batch+0x10/0x10
[  483.179782][ T3004]  ops_undo_list+0x525/0x990
[  483.184404][ T3004]  ? __pfx_ops_undo_list+0x10/0x10
[  483.189704][ T3004]  ? do_raw_spin_unlock+0x122/0x240
[  483.194997][ T3004]  cleanup_net+0x4c5/0x800
[  483.199448][ T3004]  ? __pfx_cleanup_net+0x10/0x10
[  483.204572][ T3004]  ? _raw_spin_unlock_irq+0x23/0x50
[  483.209785][ T3004]  ? process_scheduled_works+0x9ef/0x17b0
[  483.215503][ T3004]  ? process_scheduled_works+0x9ef/0x17b0
[  483.221219][ T3004]  process_scheduled_works+0xade/0x17b0
[  483.226870][ T3004]  ? __pfx_process_scheduled_works+0x10/0x10
[  483.232877][ T3004]  worker_thread+0x8a0/0xda0
[  483.237648][ T3004]  kthread+0x70e/0x8a0
[  483.241770][ T3004]  ? __pfx_worker_thread+0x10/0x10
[  483.246915][ T3004]  ? __pfx_kthread+0x10/0x10
[  483.251531][ T3004]  ? _raw_spin_unlock_irq+0x23/0x50
[  483.256767][ T3004]  ? lockdep_hardirqs_on+0x9c/0x150
[  483.262233][ T3004]  ? __pfx_kthread+0x10/0x10
[  483.266912][ T3004]  ret_from_fork+0x3f9/0x770
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  483.271625][ T3004]  ? __pfx_ret_from_fork+0x10/0x10
[  483.276745][ T3004]  ? __switch_to_asm+0x39/0x70
[  483.281524][ T3004]  ? __switch_to_asm+0x33/0x70
[  483.286317][ T3004]  ? __pfx_kthread+0x10/0x10
[  483.290920][ T3004]  ret_from_fork_asm+0x1a/0x30
[  483.295708][ T3004]  </TASK>
[  483.298728][ T3004] Modules linked in:
[  483.305911][ T3004] ---[ end trace 0000000000000000 ]---
[  483.315170][ T3004] RIP: 0010:mld_clear_delrec+0x3a5/0x660
[  483.321796][ T3004] Code: ff ff ff e8 cd 24 41 01 89 c5 31 ff 89 c6 e8 a2 79 87 f7 85 ed 74 40 e8 59 75 87 f7 eb 05 e8 52 75 87 f7 4c 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 ff e8 8c de ea f7 4d 8b 27 49 8d 7f 30
[  483.367847][ T3004] RSP: 0018:ffffc9000b4b7390 EFLAGS: 00010206
[  483.374278][ T3004] RAX: 000000001fffe000 RBX: ffff888059163538 RCX: ffff88802ec11e00
[  483.382375][ T3004] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  483.390440][ T3004] RBP: 0000000000000001 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  483.401234][ T3004] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: ffff88806b815828
[  483.411111][ T3004] R13: dffffc0000000000 R14: ffff88806b815800 R15: 00000000ffff0000
[  483.421615][ T3004] FS:  0000000000000000(0000) GS:ffff888125c1c000(0000) knlGS:0000000000000000
[  483.431005][ T3004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  483.437758][ T3004] CR2: 00007f7cbba712ec CR3: 000000000df36000 CR4: 00000000003526f0
[  483.445944][ T3004] Kernel panic - not syncing: Fatal exception
[  483.452396][ T3004] Kernel Offset: disabled
[  483.456817][ T3004] Rebooting in 86400 seconds..