last executing test programs:

1m27.977834671s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

1m15.443684813s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

1m10.658957263s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

42.320603222s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

42.320471856s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

42.320230942s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

42.320141178s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

33.549998651s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

23.652056808s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

18.029132146s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

9.066632355s ago: executing program 2 (id=740):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000000a80)=""/128, 0x80}], 0x1)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, 0x0, 0x0, 0x0, 0x1}})
r3 = socket(0x6, 0x3, 0xffffffff)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200080027bd707544dbdf250a0800060105000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4004)
connect$caif(r3, &(0x7f0000000040)=@rfm={0x25, 0xe7, "43eb33b6e514194f68bc9b32f3888d6c"}, 0x18)

4.012970106s ago: executing program 4 (id=1403):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x20, 0x70bd27, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xfffffffe, 0x3e}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40008844}, 0x20024085)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0x2, {{0xa, 0x4e21, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}}}, 0x88) (async, rerun: 32)
ioctl(r0, 0xfffffff9, &(0x7f0000000200)="6b0ff8f5eba7f62ca98e4bbe8c604ebe62b4349735e9fd260a1762956c2b337fd8b417dcc8d2b23fcab63c33fca4424964a40fa85fa26378e6260cac8113fab06d04d168c6cd46551adbeda18ac4405abfac4fdcbe5e77a977ba1590e0661175cb45cf38543f34efdeb8c5a2c14a7ae8ce96e27a7d1803f910f278d49d4f35d019d20af4dab8c1b4691269a2f92602273dda73b05fece22850c84f6f833c5a0e769c73caca8acf16175b77f8e472ad19bae9d92a7c0e70c5ce3e411ff41ca573c5553e64350776e6cb633dc9dd272e4f5d43b92f3962cbc300e1ff6663bfe121a10be7cee716004b8fd79175d0f44b74473d49d5c3f8d3eea63a1e0574893c48a1af12d1e673dbd7967ebc4ea0c5909afa41dc756482905628644c65c61d43f06fa37bcbcb6098b9fb34fba36835d9916d32bf2fb56c1f6360cd2629173a6e5a02e21f6532072d82bd8fa93161b2980043f84dc23ee20a5f0ae9cd20fc085c81d33ad0b291177444ff58387d740eaef838aa450a3e6bdf309fa5927cb10a94947ae65471a1a7119ba05af36237534ca15fde8f0d28929ef49575859ff016639624dac05e657b81f3397a4e795c4e75558ff4a114a8fe6314de1fd985c4d8573ce43a1d791026a20920aef766fa6a2b7008b7749d8967fe37f1ebbbe7c28350ce983ef74616341edf7707ff8c0183647b8e4c230626d0f1069e532d7796ce0c05b26d570fd28f229c88a5abd8c4afd809ab7e206742572ae146ad0368f6296cd7ab09b19c3a536de5e6c1f64406853d602f458bc2fae0c0eae762c67d968e1d1fd730f872c45eba2e2c54a4a16c23a1b5c76215d29d6bf843b8ab809a8eee2603103bed3869350fb4ee56a859804bc7bf3607d2069b8e3e7f5b62eda5a8a78d86ad50860eddf0abaae7dcd98f20f454f8398a8fb314051ff8c2ac0675753204baa5314656da6ee8b9cf821710633070224373b67ebcdc25f8ad4f0a2ee06ec4419b5e2cf654dcee41cca4c19bd03fc026d2c7b49b911420b2fc998394b62f3b444213ac4e564a1b67495a8db50ec4ab8da80cee5732f95d6ea7c67783c95b91da170217ee91f5e60962164c11ea43e7c7ef8c97d41e4254f0dbcac59ff56a229e5feae3566fb93df6448476e18f2479ca1a6438ebff05176dc6e6275a04e8a7df6b161373d9fb2c50c279d79671e202645c2105bb6a984c61684b5a182ba96b4264da34fc4578438ec274f9205f1e882044ecb152bbfa8c38183abb6e76c43b3662b1d39d6633473ab3570656db8239fab86d803c7afd540c780d05f1c98f4e56db58f0c1ba4188dc886bdd68280e3247b2f2f38539e4cef2a39ca31419c0b2445d1325489631202550e6cd7f3c8e66fdebe1696b62330d8de75f2073a664d33b0c26395642a2b0c00deffbbbe802d09a22d221d4e1f53eb1ddcffa7dcb715bcf68686a53d3b4ec97e9f540d4d23eb121cfb917bfecf509c5283b9b11e94180cc010c05a8fbc04b759fd230bf0a20da2b55d3886cbd6df02fe1006c3965dff3110812aa4f201ee58f75c67328dd6963352c8f1d3a43ca01caa4eff06e647ee8b5d1b431d84a8d34d50613231ec704b317c0844176546f5a893bc6dcef4accf53429f688eba528df72f90f7fc2f3b4246b7cee74ce7e271e2e9c7ad49de5f8a1102ab0df459a352b80601caf72146a4415b9f12a8d2cb285408808056b574e1242839f2b5dba4898bc484bf6245fe07fe84b2f19c0d6d5b07b873e8c7627c915144d71ef475b0ddef469c1ef4167fa5d0cc59bd94d5c619a726d136571eeecbd75cc6928fb43c9af0d34f4e05eae3c949e421fe72730f8ac9ae7f4242142967f4d7ffbaf6b9cda36d669ead76b50a9685294b6a796bc1b73480e2367e7ee46651d3f0222deb7d9d53a8a6eb57afe106d9c1ef769dd487d8d8d55ed4a3c846f447b37437daf2f2ad363e0f000dbb24c45d74169884f1a9f7d109fcbb31889eaa21202a3dab12f91669e0db2a86c14c396109862e188f1bc96a659206a84aa9a94908190614dcaaa77e0a774114680e85dfd32306c4adde79693ccba34da1b80aca9efeded6f066f4148b58129648ae06e572f34f2e6574680b1f604b96de99b17e19a1fcd80f41d0f64d38e9567f860c4cd81ceae6944af1956016fb2b8d0b6513864b55d948fe43d23de4b7c8d8021346f68bfee61df11bc52aad808f91e6080f1b267677e58501dfd81b47361b0a9936a2ee966129ea9681e36895e7ed024e47479cd0de9396ddc81380adf4feabfe188ef60d703d3f58bb20984ec81ec59dfd505884b3d923514768396c11c7a369013354e036aa439effc9f7c02e91c321947e34711841066141ce2d08bbe396416f8e58a10981e20c0479e79eb0d4c07d59f2243b101a6d64b0c6dcc4947ed0ed0c01f9fcaa518cb751cd098e375c4689d2fb26308b6d712bc9da6efd9fcdfce986d2d316341df61f97d0e927174317f14984db81f970f36b979c076c6ad210e0693d00eee4ba7124cacdea72c7a609971ee7e6113499f70307972b0e1c72315cc0a298f438a471524c52be3b7d3db9263b70f931ca9aa78ce059da0fc67da9d49cc20cb283d5308cca53c0d2a9a2bc5bee1dc1e30c21f7d9dd1df25cbc5782d31a910531b694ad4e049949d7ccd3ca735adf1185b1acd8303bfa6eae29abd80f822f4ecb07b353ed0fc6aa7b804b2f984100fe5b99f45db1058e777e752938585adfd8bddce9f84ae233f49b77a049e8255fa0769c771f35a4ab654f4e91eb9a3f3968c21fa7f3363a1f9b708ceb7318907039d4efacfec2f560cd07395c20a3fdf983bb3225555225b685a0862e682e09b1008e293d345ff072fb6fe8637c78facfa2e401054a6dd129a2afa7148b59e8824315cb8f51ff3f420efeeac62be97a31feaabf1303503fd34a78bfc48cfbebcf717fe4afa885dd947554841b34ae993eb017a74f02a29c509560de603f17fe4eced4c1c5b636d9f33d17422fbef923faf8a87757239d39f4192de9b7cca66965f6ee7ab4d88f7be94112afcee70179d6de07a3b2c8ad5ad97aee400fb3d71aa895b6b08cc533c51b0de0968ae4664b2f975f75849adf947e245f5b87777f9fe7b0b75163b7c05e62e1f98a239e62771b6d20b3dbdfca564cfa2d5e043fd8fa87ce2c9b33094aae638bbd383044744bf550608f334bfe8cfd20eba90c8db512326aabfc4896a72052bf31841c7fc7ac52621a101b3948d9e811ac44b8d0c67b2f0ab30e6e7a0b24adee372e87f1875be27eed674846a3bc48c0465b31400ed490727a08304ecd2aaec0da36bcae13ceced5b59deabf4056b6bb9c979c0c7e2364b0b998aaaa9a4ea3bd0042ef409854ff3da39f32fa70f4b475f4bd4bc6cde11a0c3d327e5a3b24650225901b048d49025a2f92fc0724e22a24be4058f52282631898924b3fb8f724d9416be9e45099276b299bf1199f8785edb79352d6c2841d02a3817d5e77fd86dad0b6ee5a8210a519674bfea1cc69a83aaecd54a6f93198a11edd9c0c1bc4c4eb23c93613b1f84952c5dfff20090158ef0bf857d885853a40fa64dce4518cf46ba614d154d894faf04785f48378eb24ee36d1ce0495275cd90e812f50dde43f37603e20431fffd3e11a6af194b42ab01e7b1291a091f795c76e9a661b4c04895009928bd54e08684ba4af6d826483b04f5708aedab7d4df5d0ee2c24abfb35226a3f01415074dd658b1bed3087bc3e1536414ce49291a9804f932e13239c303b360cae925410fdfb4cb4035ce9a0e6eddc1fa2d16f04cca724ecf3b81d4b9578ea8d985078e51327abfd7a4fdcc099c95b7b19af1d29f57fc2cff4227e392c49d3fe7424c0abd8cb589fab50a986c06b4c4987384c3f80793941c248e1da5aacaea7db45610d00f9044d1a63956e54fa32b338d0d2e6a9df01342a522e5241f398596ecce13b51c99b67effbc88cfa153b72d9c50f4c045a241ab4db4e1ebcd1e786a70208bb0847d9cda60f9a72aee5c85646e094da7bdf07c5d643c3327a67d46ab6715fc87580646a1d6549849356509062040f780730437ed3614a2c742f1d3737866871a36e96d2a2c0b1497d4fe7b5cd0da80265899572028ee3d29b22871ec1645a51b99857c418994ee82934a1e920af809d17259ccfb9f02f938df49047ea830d5bf227000398e8bd89b74e42644d6033af301ec035a823f4c7fc69cd8a6f23356c1cd0b8b6ff9c32ca808c95a8bae103d24c9b9f80844f02efd7e3c54dfad00cdc65237268023496047da691b4362d6e873e8a83290015f208bce911f1517dda645d5c79c046c34ba6b11c6ccd87daf4220c7b02b23dd67aa1faa820aa5881e61a9e9acfe405d0a1e9a266bdbcd0179621451a35b28e67cce7c060225cb782001870a83d07b7d6d3d9c16b275ae83fc9b36c8526b238637e19ca4db89ea6b08d5e270ba9a3c70aeffc7a579d391880d9dd3e3357a8c7b09ff53cf353cabafe0da641772f458c4ed08ed382d4b139cb84d4ad2f81fd25cc5a977d29cecaa6748f0722d16f93a7e0386b9883641b3495015b50c3162d2743e4f3ac218e43a59ed51015bc3aae6630e033dc32ab1a6e02b5dfed6c63e7c922396306b698433b0ef101cd9850a3dc6df0e9ddb302671e69d5d983890f66211f802c7d68332904ae1281afea88fd79ddd58bd118642ba16ea7d0e4202b6ee3c4fc77f0841ae1f24786ccee651aae02e75d3b0c46f2a7e2a4c16793d8dc922ce7abfc95500e98023124971b4a674f1524d620e2f3135b2c8a68aaf872dd6759e62814cc59c49526ca7b1b7d08ed16ad01f0792e06bf9163b6fc91b94b265d7e1529abcd62de453c203be2251701fdb862224dda054a99ab4ed98985493c058850804bf6a7ed8a239893fa54119a9f636f50edeecdba31ceb5ed9637665042f4f20cac9bb5ba9ba29c06a4cae696b9eed88d614293d75b504ea13a99aa2e3d3c49027b5564516c7ec9536e7744307b80180a6297a89fb9f3bbac08266a6809930c017ddd6efaeceb2cc4c800848ca84edea9387bbfcc818a375e43a0702031216da4d2f59fa2d44ed6dbc3a09dd62a0a168f7d04852cd5c2f51ad3688ee59ffd05d7341ed194ec77ef80268a0641dec6c3eb28a3260544c671b863229e746864082c930af3e564d806efc6077133232ba48cda3139264b701bec87977fbb2aed27a2ea214fb018134ad09b2c88302b2e20fecb128b1fae5cd34181fc5aca90658449e3aefd61021cab664a31c350f4dc5c2941b71d02d5c9ed4b007f7ac3d302e2891b3aa66b60e15b1414a2e109174de3ef870439efd21c7b7a45d8218f5e698dcdc954955e915a5ef4e2b1c8efbb8b0dd8d6fe29158a37039d009ef9425548daaf888b6672462d82c2ceda96fd10e9cc78990042892e82ec88148b17b2b4eb32d2565a090272205f487300db1e866202a08004a0b911d603b5c82f0384a04d447995349cc967e4b3f7e76bb832c20cedefb4e72138b2554dc804af9a6d62fe47ef6990d75009f3d8f3684dab9ced453a93feab6e1f86d37fd7d3e632df16e8281c7c5e4b1a1993f7e7dbedb12dbe124a63ae3014f692bcd4b16473091a5c13d91c941b202422df816a5ccc64aadfb43ca52bd7c1588e8c85565ebc0e2ba9da0570f59a7bb2289f4408c8096c9171d4f25bb822fa38cf16deedcd60c83e882d768fbde9e27e2bf3585d9f5cda1f48c08cdba8cf9e2f09df34e77a2beece780b0b58ce7eecb43922cbfdf1123899a6c599c89d56469740fc1b19fa35") (async, rerun: 32)
r2 = openat$cgroup(r1, &(0x7f0000001200)='syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000001240)='blkio.bfq.io_queued\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r0)
sendmsg$NL80211_CMD_ASSOCIATE(r3, &(0x7f0000001380)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x24, r4, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1f}}}}, [@NL80211_ATTR_DISABLE_VHT={0x4}]}, 0x24}}, 0x4008000) (async)
r5 = bpf$ITER_CREATE(0x21, &(0x7f00000013c0)={r3}, 0x8)
bind$alg(r5, &(0x7f0000001400)={0x26, 'hash\x00', 0x0, 0x0, 'md4\x00'}, 0x58) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r6, &(0x7f0000001540)={&(0x7f0000001480)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001500)={&(0x7f00000014c0)={0x2c, 0xd, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xd}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x8040)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000001580), 0x4) (async)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000015c0)={0x9, 0x0, 0x8206, 0xcb, 0x2, 0xb5b8, 0x0, 0xc69b, <r7=>0x0}, &(0x7f0000001600)=0x20)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000001640)={r7, 0x1, 0xe, 0x2, 0x101, 0x1}, 0x14)
recvfrom$l2tp6(r3, &(0x7f0000001680)=""/47, 0x2f, 0x292c51e05c355fe5, 0x0, 0x0)
r8 = socket(0x1, 0x4, 0x8b2) (async)
getsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f00000016c0), &(0x7f0000001700)=0x4) (async)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000001800)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000017c0)={&(0x7f0000001780)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x8}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0xfffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x80804) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000018c0)={'ip6tnl0\x00', &(0x7f0000001840)={'syztnl1\x00', <r9=>0x0, 0x4, 0x6, 0xe2, 0x7fffffff, 0x42, @empty, @mcast2, 0x40, 0x8000, 0x97f8, 0x1ff}}) (rerun: 64)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000001900)={@dev={0xac, 0x14, 0x14, 0x31}, @empty, r9}, 0xc) (async)
tee(r6, 0xffffffffffffffff, 0x0, 0x4)
sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000001a80)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001a40)={&(0x7f0000001980)={0x88, 0x0, 0x800, 0x35, 0x25dfdbfb, {}, [@pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) (async)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000001ac0)={<r10=>r7, 0xfffffffb}, &(0x7f0000001b00)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000001bc0)={r10, 0x70, &(0x7f0000001b40)=[@in6={0xa, 0x4e24, 0x5, @empty, 0x79e98189}, @in6={0xa, 0x4e24, 0x4, @empty, 0x5}, @in6={0xa, 0x4e20, 0xb1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x7}, @in6={0xa, 0x4e20, 0xe, @mcast2, 0x10}]}, &(0x7f0000001c00)=0x10)
r11 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_buf(r11, 0x29, 0x45, &(0x7f0000001c40)=""/90, &(0x7f0000001cc0)=0x5a) (async)
getsockopt$inet_int(r8, 0x0, 0xe, &(0x7f0000001d00), &(0x7f0000001d40)=0x4) (async)
ioctl$TUNSETOFFLOAD(r5, 0x400454d0, 0xa)

3.647700636s ago: executing program 4 (id=1406):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffff9c, &(0x7f0000000000), 0x80200, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r8, r7, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
recvmsg$unix(r5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)=""/139, 0x8b}], 0x1, &(0x7f0000000880)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r9=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000080)="851b87474bdd942639a21bfca015f0d95b35a9dcfb77b67cdd6233550d0a380e6df417783fca7c3837c94218464f6d58cb323b156121d6324d8e028fc4a3", 0x3e}, {&(0x7f0000000140)}, {&(0x7f0000000380)="70c1de46c2b4a0d11b8603e8993fefbe8ba79bb85a1624580d8e609727c301aadab88fe9647d45850a8c97dbd030928fb527bf0c6ae7f19343afffd8d57763c4814a3c3905d527251371033dbe578b0527e64db1da20a1310d35d17fecdd2d6aad43ec9e2807a3", 0x67}, {&(0x7f0000000400)="0dc0d57b53b64f24b51b501b081db93f9efcca35fa60d78713ac28b2f00006dbc0300d45a11464b1b8fdc9aa56bb0413e6a2ea4ac1e93e5692ad2ad5abbe0204f001491c3c9f3131a714019237232542489c0690421ea00261d535eb8af1aa9de84ca3ac549ce7abfe3a0ca3afdc4fe49944ebc4b420471589f6a40b70ef2f416649ade42a558f901f625788f684", 0x8e}, {&(0x7f00000004c0)="5a14a832eb27f4101dc0ef805fd46d67f6e085b20321a1c409485edecbf6a8127116dc86ae62026257e826bcc0def8e4dae6a32f2258bb732f7ae29164bd43ba7ef1eb312517c2ae3b2bb94ba4879eb3dd38c356f386356a0f434dc689dc24d861337ac8270fe9b02cd2f5166352885029edb1cdb1b80cb98885ffd90b8adc467d9f1bc76abafd3879a76c3163dd23d52ff1", 0x92}, {&(0x7f00000005c0)="6a646cbd7522696971b344d761aad920d0230e1c4636a16f2cfe37d8f37db8881aff02d0ff6617228aeeb68f6542a0b75df8fb3b8fd72f30e951d161ecfbd7d1c92a726e186775f503be0d37960a40", 0x4f}], 0x6, &(0x7f0000000700)=[@rights={{0x20, 0x1, 0x1, [r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}, 0x0)
recvmsg$unix(r9, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000fc0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8, &(0x7f0000001100)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}, 0x0)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000001080)="3e26cca5654ec15949e45af8b1159d592e49690b9f6c637472b128e2b445f281f35b794162cb429c47dca66837d2a9544b07d3f068c0072dde7325a5386fe8c27b83e9e41c7b7bc6060c4fed7f9ae8a4870cfccbc862ebfce7794091afccee06954ce44ea262ff002aba2b247865327723ddb0e09419a4ae239bf3", 0x7b}], 0x1}, 0x0)
ioctl$TUNGETVNETBE(r1, 0x800454df, &(0x7f0000000080)=0x1)
pipe(&(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r11, 0x0, 0x8ec3, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16, @ANYBLOB="77ba"], 0x48}}, 0x0)
unshare(0x22020600)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
preadv(r12, &(0x7f0000000000), 0x1000000000000359, 0x0, 0x0)
splice(r10, 0x0, r0, 0x0, 0x1, 0x0)

3.015984745s ago: executing program 1 (id=1413):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {}, {}, {0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x28, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x3, 0x27}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}]}, 0x54}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 13)

2.498863041s ago: executing program 1 (id=1414):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth0_macvtap\x00'}) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="3800000054000100000000000000000007000000", @ANYRES32, @ANYBLOB="60000100", @ANYRES32, @ANYBLOB="000000faeaffffff00000000000000000000000108"], 0x38}, 0x1, 0xf00, 0x0, 0x80}, 0x0) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(0xffffffffffffffff, 0x0, 0x0) (async)
syz_emit_ethernet(0x11f, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff8100030086dd62f288a600e53a01fe8000000000000000000000000000bbff020000000000000000000000000001320200000000000001050000000000000100c20400000021080204010150ff7f000000000000000000000000000000013b05000000000000c9102001000000000000000000000000000004010705020002c910ff01000000000800000000000000000100000000008500907800000000010e8a50f5df6e1c64b981f201c3e5f80a656d8ecf259d4f30300546a77012249482277a8ddc2110bf22029af20069271fe839b84408b357d635278dec86d41fd5a4156c34704d85050bb85971b95f869812914e25bbcab3798f3ee356a735bafd7cba863891e43e9b02850920a95f40fbd42538b7"], 0x0) (async, rerun: 64)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) (async, rerun: 64)
r4 = accept4(r3, 0x0, 0x0, 0x0) (rerun: 64)
sendmsg$xdp(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000380)="8df8387f86944c433c0a6dec0bc2fcebdefeacc41e5874ace30d62b49c02cecc70096d40e71993638c4473f4213fb31dd307cd9f9aa218de7a2b9a36d485f6da7b67c1508283f040083c423e78c243a7902c029f027051141d011d9269494d2881679725ec0897e456c760239a10788458c1", 0x72}, {&(0x7f0000000040)="4af46b8f14181e3e20db1fd9d28ec77408e7c762d5a72aa53d2509e62cb4deac3c936f247bbaf7a88c9aff", 0x2b}], 0x2, 0x0, 0x0, 0x4000}, 0x20000000) (async)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x3}, 0x4) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x9, &(0x7f0000000000)=@raw=[@func, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}}], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0)
close(r6) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18040000000000000000000000000000791000000000003335"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r6, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$bt_hci(r7, 0x0, 0x1, &(0x7f0000000c40)=""/3, &(0x7f0000000c80)=0x3)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="5400e9ab", @ANYRES32=r8, @ANYBLOB="000000000000000034001680300001802c000c80140001000004000038000000f7ffffff8100000014000100030000009b0100000800000081000000"], 0x54}}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)

2.466168257s ago: executing program 3 (id=1190):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x3, &(0x7f0000000640)="5188661a84732f1f24a9380f7b668e8f", 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r2=>0x0})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ee87a8000000000000000000071b0000edff08000200000008000b0000689b926efbec28d76d2719c9fae9ad67b75f3265aebd094ba53e8f3c6a96aea4a83173714613bf523a07ed3b784bcd573dcb"], 0x24}}, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$IPT_SO_GET_ENTRIES(r7, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="e6696c7465720000000000400000000000004f9f0aec551478090000000000006d000000539d076933079d7f3b5d6e9d82c9714c9f90bc2e92bd02ad6c38f37104138e6e3399bb32ceca87a42ef721e87dd36db4b25c0000000000000002f262e5f828806161a33c25cfb05dea191be8d70b6f082d08137bacf84207e8845964011d8f568aeeb4"], &(0x7f0000000180)=0x91)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r9 = socket$l2tp(0x2, 0x2, 0x73)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r10, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r9], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rcu_utilization\x00', r11}, 0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r12, &(0x7f0000004580), 0x0, 0x44080)
r13 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r13, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000000240)="ad", 0x1}], 0x1}}], 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r14 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4400000010000305000000140000000000922c0a9f45a1ae08000044e2ad0847bbb9f995a35e0701f833158e907546133d1c3304000000e6c54f9f1cf0d8345ad996b7a3307a0d2e61003038a2203e14ff9827632b41124cca823f41ce76180e04f697e451ef30aa312f9920078f04000000b820d5ac4c97f1b9513e4446d58ca91539d99c5b0fb96878648064d8a29d327a2738770171bdd8596b8460d9a2c5587d14ff68f187cadd9e456f2cb181c4b90e52602ddfb22251a37067e23e841952ebb3471a815317c6a524b179ddd65cae2b28caf56a82b59b97d45836c94333d768f748f6c7d8f64bcc924b307782ad603a11a5907519d67c81f9084329bf9ba6cf171f584597b35731f7a5112c44fe0f3fce01f371ec7126966aea7683ce519250c188c3909a45048b8df6bc2680e9faadb7e19ac706a2904fa6b2a88cae1b4e68c506839900394cf7730833d64f0716c00324", @ANYBLOB="8028dbb11d326f676b41011670516ceb0a292c53f3aabb0c4683ed9cc7771db5bb05919d48744eb40069e7ec2952a7d9e71d0b6d2511b0cc471b6a3891d6a07d4a5e025004e9d9599e26bf7a097e98fac0cb70506a01ae8871ae05471c18a632aaa5fd4f1cf6d9f8fe062dcc6209222f7948b7b7bd2af0940e1fbc47f26ca2c7d84640572db4120e5f71f012cbe96633a08e5e45826748f157e77514c0035e3716e996b9e1a4904723b29e3d6feda310adb50db27a7da35d4e866d524ab758633c85651430de7ea5904db20f7c65e0314c8da7a2eeb239c16be1359227b7886b04cd1dca34d69e3b18cc98f262699429dd61317ea73943f587", @ANYBLOB="05030200000000001c0012800b0001006d616373656300000c000280050006000200000008000500", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

1.620230356s ago: executing program 4 (id=1415):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={@loopback={0x5000000}, @local, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x0, 0x0, 0x5, 0x84bf5b164f237be8, 0x80000000000000, 0x80600087})

1.618321297s ago: executing program 0 (id=1416):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x1}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000000)=[0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0xa, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0xb2, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
sendmsg$xdp(r1, &(0x7f0000000400)={&(0x7f0000000380)={0x2c, 0x2, r3, 0x3e}, 0x10, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x42090}, 0x0)
ioctl$SIOCGETNODEID(r0, 0x89e1, &(0x7f0000000040))
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r6=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000012c0)={0x30, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r6}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x30}], 0x1}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000440)={{{@in6=@private2, @in=@loopback, 0x1, 0x8, 0x4e20, 0x7, 0xa, 0x20, 0x60, 0x2e, r3, r6}, {0x8, 0xfffffffffffff954, 0x8c3, 0x5, 0x8f3, 0x3, 0x5, 0x7fffffffffffffff}, {0x2b9, 0x8000, 0x2, 0x3}, 0x7, 0x6e6bbd, 0x1}, {{@in=@remote, 0x4d2, 0xff}, 0xa, @in=@multicast1, 0x0, 0x3, 0x0, 0x4, 0x4, 0x8, 0x8}}, 0xe8)

1.617586221s ago: executing program 1 (id=1417):
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)={<r0=>0x0, 0x0, 0x2, [0x3, 0xc6]}, &(0x7f0000000040)=0xc)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x5, 0x0, 0x6}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000100)={<r2=>r0, 0x0, 0x7f, 0x32d, 0x6b, 0x8000, 0x4df8, 0x4, {<r3=>r1, @in={{0x2, 0x4e20, @local}}, 0x100, 0x8, 0x401, 0x958, 0xfffffffa}}, &(0x7f00000001c0)=0xb0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r5=>r3, 0x9}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={r5, 0xf5}, 0x8)
bind$inet(r4, &(0x7f00000002c0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000300)={r2, @in={{0x2, 0x4e22, @multicast1}}, 0x2, 0xd, 0xa0, 0x9, 0x0, 0x4, 0x7}, 0x9c)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000003c0)={<r6=>0x0, 0xfc}, &(0x7f0000000400)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, &(0x7f0000000440)={r1, 0xac, "18adc41950aaeecd39e19f7d1a47de1a82fd449eee8122fea4354fe86c998291c5dae03c1db11600ef64ca2fa436da40566db57ead4eb43cdc3ecfad2ed9201282319ee617f53075f198862a593f0e8bf834199c809b41f8795609a59c0b3270c353993a54371b041996c6455c1024704461c2a37f4c5cd7237fef0e651492608491d0c683f48407a8ff0203ae95333a2515dc9f0b2d773d4a60b49eee97f2213c377a26a26ee1c7376c94d9"}, &(0x7f0000000500)=0xb4)
r7 = accept4(r4, &(0x7f0000000540)=@un=@abs, &(0x7f00000005c0)=0x80, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000600)={r6, 0xffffffe3}, &(0x7f0000000640)=0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r7, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x40, 0x1409, 0x10, 0x70bd28, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x24020005}, 0x4004051)
r8 = socket$netlink(0x10, 0x3, 0x17)
socket$kcm(0x29, 0x5, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0xe81, '\x00', 0x0, r7, 0x3, 0x2, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0xffffffffffffffff, <r10=>0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{0xffffffffffffffff, <r11=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000b00)={'batadv_slave_1\x00', <r12=>0x0})
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000bc0)={0xffffffffffffffff, 0xa3c6, 0x18}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00)={0x1, <r14=>0xffffffffffffffff}, 0x4)
r15 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c40)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000cc0)={0x1, <r16=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x23, &(0x7f0000000980)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0xa}, @map_fd={0x18, 0xa, 0x1, 0x0, r9}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @exit, @alu={0x7, 0x0, 0x8, 0x4, 0x9, 0xffffffffffffffe0, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}, @map_idx={0x18, 0xa, 0x5, 0x0, 0xe}]}, &(0x7f0000000ac0)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x4a, '\x00', r12, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000b40)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000b80)={0x2, 0xd, 0x2}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000d00)=[r13, r14, r15, 0xffffffffffffffff, 0x1, r16], 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$FS_IOC_RESVSP(r16, 0x40305828, &(0x7f0000000e00)={0x0, 0x1, 0x4, 0xffffffffffffff60})
socket$inet(0x2, 0x3, 0xd6d)
ioctl$BTRFS_IOC_START_SYNC(r14, 0x80089418, &(0x7f0000000e40)=<r17=>0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r8, 0x5000943f, &(0x7f0000000f40)={{r11}, r17, 0xa, @inherit={0x90, &(0x7f0000000e80)={0x1, 0x9, 0x2, 0x9, {0x5, 0x101, 0x1, 0x80000001, 0x6}, [0x1, 0x8, 0x9, 0x9, 0x1, 0x2, 0x9dc7, 0x2, 0x9]}}, @subvolid=0xc})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000001fc0)={'syztnl1\x00', &(0x7f0000001f40)={'syztnl0\x00', r12, 0x4, 0xe, 0x0, 0xfffffffb, 0x8, @dev={0xfe, 0x80, '\x00', 0x1a}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8000, 0x3, 0x3}})

1.453704229s ago: executing program 4 (id=1418):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3}}, 0x24)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '$'}], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[], 0x18, 0x500}}], 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1)

1.443154835s ago: executing program 0 (id=1419):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000010079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b705000001001a006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000400ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d14735701aeb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca5544672599fbe8146d4e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9a9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73000000000000e117ba1f9eb3c5e8d469019cc5f15a5d1bad7d42efb389ca0bd383f5289fcaa40ffbf875e354f11de214547f8d8fa1b01f2177731b5c9ef95ca713c5120550ced99425b64fdcbad8b4d919454a8cabd2d9d9f1fbaaee7a8749fa3637cbd6186557918b9b3c8293f1b51101208859c223a74285488d0b1e60e170812f3507f1ba4dc6fa69d494082deb839c33ade4b067e48b8ae4dc7bb0938f3f4a4e1e44cef7ebbada47b6a4e7baee90926294430aaf0224b1cbf8e48030d60ec3b699495568d44e0f393f3dcc48eb88dbca0955cd220bcbdcc4fa12003b77812e61be55f113fb8f5d4da8e7d160c7a4c4b9c1901efe3c1043e88453f8fc64f413aba3bba15a1ea623f4d55fbe6e8d64f864f12fdd554a931fb411de72acef40a056dff66c242a5f5901289ca1c1c2fa31b683de897d2a6165a538dfb6971051ef826adc1cee77fa814f471c5d7cc9a098165156ae30221723297ee769a9ec8ef798f8441392afae3add45f9"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xc0, &(0x7f0000000640)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e00040002"], 0x34}}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a81700894f", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)={r2}, 0x4)
socket$key(0xf, 0x3, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f76000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)

1.3879087s ago: executing program 1 (id=1420):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x4e25, 0x161, @mcast1, 0x28}, 0x1c)
socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x3a)
bind$inet6(r2, &(0x7f0000000180)={0xa, 0x4e24, 0xfffffffe, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfff}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.current\x00', 0x26e1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'ipvlan0\x00', 0x1})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0xffffffffffffff8a)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r8], 0x48}}, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="540000001dbf5b15286582b844ba82fe558c40fd688800787646adea6b19563015a0", @ANYRES16=r4, @ANYRES64=r4, @ANYRES32=r10, @ANYRES8=r10], 0x54}}, 0x0)

1.295165192s ago: executing program 4 (id=1421):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0xbb}}, @enum={0x5, 0xa, 0x0, 0x6, 0x4, [{0x8, 0x6}, {0xd, 0x9329}, {0x0, 0x7ffb}, {0x10, 0x8}, {0x7, 0xec3}, {0x6, 0x3}, {0x9, 0x9}, {0xa, 0xb5}, {0xe, 0x1b140fdf}, {0x5, 0x3}]}]}, {0x0, [0x2e]}}, &(0x7f0000000a40)=""/4096, 0x8f, 0x1000, 0x1, 0x4, 0x0, @void, @value}, 0x28)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32], 0x18}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=@deltfilter={0x2c, 0x2d, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x7, 0x4}, {0xfff2, 0xf}, {0x3, 0x4}}, [@TCA_CHAIN={0x8, 0xb, 0xd00a}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008001}, 0x10)
close(0xffffffffffffffff)
recvmsg(r3, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x16, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fffffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@jmp={0x5, 0x1, 0xb, 0x2, 0x3, 0x50, 0x4}, @cb_func={0x18, 0x2, 0x4, 0x0, 0xfffffffffffffffa}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x4}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000280)={0x6, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff, @void, @value}, 0x94)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x38}, 0x300}, 0x0)

1.181168033s ago: executing program 0 (id=1422):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r1, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000140)={0x0, 0x4}, 0x8)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r3=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4045}, 0x20046080)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x7, @mcast1, 0x7}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e22, 0x5, @mcast1, 0x7}, @in={0x2, 0x4e23, @rand_addr=0x200}, @in6={0xa, 0x4e21, 0x26, @private2={0xfc, 0x2, '\x00', 0x1}, 0xb}, @in6={0xa, 0x4e22, 0x475d, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x24000000}], 0x90)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x88, r4, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x14, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xc1}]}, @NL802154_ATTR_SEC_LEVEL={0x34, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x65}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7f}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}]}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x88}, 0x1, 0x0, 0x0, 0x8090}, 0x80c8)
sendmsg$NL802154_CMD_GET_SEC_KEY(r0, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, r4, 0x300, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x10)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
r7 = openat$ppp(0xffffff9c, &(0x7f0000001c80), 0x20280, 0x0)
r8 = gettid()
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001cc0)={0x0, 0x0, <r9=>0x0}, &(0x7f0000001d00)=0xc)
r10 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000001d40), &(0x7f0000001dc0)=0x60)
sendmsg$netlink(r6, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000000680)={0x1010, 0x30, 0x10, 0x70bd25, 0x25dfdbfd, "", [@generic="07c2666ed464bd1902cce4dae93ea7dde69c1a8abbb809d3247a6dc20e8efdea9f690e8d1ffd44b3eefd3094d20133d98fa9c0fedb193ce6b99c2fed655f89d9acb49f526a6d51b02d047f4c0a360e0b361e0c300ca16ef273603b43a1faf1c3ab7b9fd7a13a07096a183feb1c508ce429d3dc5652e92490680e705446ae07c679d34296ada7fd0447874dca4001f6266ffde02d1d1b7f5457e8f3db7c3a45350e0a9f91d78955a574ed7afeb95648c9d69a8652ab103e97e1c896647eb99ebe1efb828b5be0ed7e0b9940f55de1e090fcccc2e1f5a251b3eb93bca3cfebec1d81410dcd055b11515c2c70d51c108eabdd601a599a7925ab1242d3a28a051a73389cd5685cb84f90dd9a12904a9b12800c88d642649ad7346fc903a08f86ca9b98eca05a994ae6baac24e5fa5d42ef29d4511c37f5d7933bae948a964c9b1b38341f165d3e95aef3025dac7420153b8f39161c76765b463cfebd1488d712eaeb544d9bffa832111c317e701825ae41152f50d76e0c42bde90e89bc330d53007f79334761764499c2f16a2b6ee3af781ba778be8d0318c32dbf040f976efc6247e00de0d1a88f4d43952062a7c9872a5d5568a7e852293de10bb33c9511788638b915217516df9bbe7236abe7f5f2bbfbfe51acdedecc495693b2baa56801b6fca2594fcdc6a9f88720c4d9f7b72a3449b4355bf2f42b64570c1e032062c9e5fd7d620b4188a0d88f70bdd5f075eb70eb669ec17277b185eddb4dd3dce448940853308329698ba13396000d146a99050369bb50d59c52812343d42078eaabf1b4a7907ae099131288735d9ed2e6cd539b12b235498e22b2b0405a15d6be905b43529f84f0da33754809e398fec77ff0d0876fd757b7b20635979e407fa62299e07e3dddf66b50f5ace63e1d8f35412d8f283931227bb32a535e205891cd6d8925d046cb28fb54c9f0313f5019cd7d089966ec3dec721681c1a3d16403a2bb4bd6d8f53f48225932a7fa4a9f59e59e5daf0c956b735f3a6f04cde38af296fcb934ce41e85a85dcd090dde07cfaa65f2725f983876ce946fe4f6f14a05632fc60425453c6337c4ad0d844871cbd77ab92bb9803b4b751c637b957062253a914a98fe7e82a1c53653090861b4331bec4d990d5151178ccbb3f8cc752a4ddff56b7864577895631ada3dd4fb3a93d897957cf15c2ea155abebf25cb46ff29d801418b37e81a9101ddb28f4a53eb5f72d11068cb28e2e98bb268e5120c842784921b88bc27c971a19e6cb25a7d989dc1964c6d329a75d3cefe8ca44071d56a2a507962af3f976fb82aa62db00b9479a709fcc23becbd41844190c7ae46c8282cb7685ce601ebe61f8333b33f14ea89b2e3d07a26b0634b8be0424030b77eacace61ed7e353f7e2b7f8fd616ff9516ea10e1760ad8ccfeb7249099095ec77ebf709a60732da542ffc37899470d1bb69dd5c5ab6aafb3b185cb92bdc8c811c2e36fde44bd1b979cb96ec85aaf003ed1746640fa8e194c709e99cbbc34340c1ac3275c17bea24e3d821c4425f51a1495c0734a06bbba06a7d819505b0fc53d40c066e76d431200373b5334e2fe2a136741448eda72af85a924286cb8edd1e30cfa707d964984e514b752de6fee62021eec18a9584440dfc65c322c1af877bf58349b34bf3feac7b0fe6e187ff01df43bb387dec8c14e58826926adae788c5e25309024c4f62c0dd9775fa8a99ab464490a71c88efccbe59a29826b9cb51809391ac4bc44eb804a7ce9c818c297f4e46b3eeda76461114767295e24c5c81c78a1edb2a33e7a778b5ca403b3a3ad0e5064568ffa20cf370c7c7467df82d65d4d45e24283232abea445e728f6126262bda01cd93adf0e13c2dd80606f1528d7af58413ff99ddeac9ee4de5b92d99a3c03b670b5a9abbfe7190cd1e2013b173f1f77b596777f4bf82d4e6c7526e4a3719104bb7982a0ed8e6d75539ededa63505f4e088bed8d4905515aef7721751a92050ee938197af79a9c61d07b4b9ae508afe21447910dafcce632e136700116231b87ffca08360b6e9c1d6cda506534501081bbc790923742f76890444f9253a732554241a6b187744a9684adddf9da62f6ec922c2a54517952ffa4104d81348ea1e5528f8b9f6e92ed775cd2825cd9a54b97004683c2585a9842e9d3c0ffc6716403227d8ed6ed464b9390cd103e880990e32fdd05c890edf56e64b79303841505d8741f4a359e20e35cf3fb4d091dda4d887e8eb6b9043d91fe5d00367604bdee997932b5f4669bab56097ee4ac2851bab3271b261cd9553a18c04a7b484832f5ad5d8b31d22f0fb9a31a0f32efacb534746489be4fbc851b16e42bf97ddaa231c3a459866b968585efe4ab3355a926acd836455fc82d35d81e8e149130b4f9ae70555e5e5cc7b664be5c31817fc64363dbeed7375b481ba5c77091cd5e9f47c761d64a921341ccfc1b910cfd2d6436a42cd5bfe7e0366c88f1f9530dbc5bec71d3053b847e95213faf31d02b3608e3e6e680873ecb7a3653dbe57552727acde10f1eef0f4510a0dcf1698772398c249694a3474274f2fb1fc2e33966bae2fc529b54f85c028486782ee0d044482b8d4e10ad206435b5d89ddd251cbde4fe02458c6615e317ca4b94cb4c81c5fe927d6fdc4c2c61206bf1e84f59cd1291aa88b61133114bf553d5c1ae70afdd41a58588d7ffd0be6c90c34590dc001195525a55514daf58bc638f62ab87433112558a0a73039de75518356a544b8784cd91acdd2d9ddfe10fbf3642a9f09f5fb87fc4716416dccd9a54e504c133731634f167582f55718814d9b590f9564f6c20aeee95cffdb3c7db289327db92c27207cf79459d64ef3adf8ad2de696d34fde2c50bce862aa649243b8b6420e5a1e14169146bd6b088bd4a2a0653b0b645da96d29b5f9cc6bf81469818197d45b919c5e0be79e8e649f8c9e93d81a460c123411dd9e8e4b78f4cad7bd7762c3f3e5188d6dd72a09028bfd2d8935ffabfa779979a499955d2e9e83b72529e8e9f0d819c7ff6808259cb035e76b785890c69fbaaab3b6be5ee48e9dcd35944365603b35166ab6dfcf74a064c9d7420499c19092f7fafe2d3dff4586cf9f57dbfbbbdb935d0441373a5b9925de0b39b73c33023ad1f4c600438b3fcba54f94f12e47bd797fb6571deef58befcaa0e981ed07662c2ea35dbbcb913b13499f4cc75255fcd36d2e0b23a19742f6e60ae830c86c6282b3e6c517bd2b4b7581552e16c7e0e75b2ec737c23e478f300eaa039b0526721b794dcf05abde7e40555dfddc442739469de99fd25d768c2c3038433aa7a32e68e0c94db4f98de3a3f36723f8af77e8d8f3d9facee203c0de1debb86b7fc6a646a6cbdc3f337def43a192c7f45600219e4557b48a834d23f08ec5f53f80611470dc1069b23d99c3ff649867a78c27314ee96fdc6c0de4a5b6e635b783506aa5beedeb4cc0b2d6b8fcc153b5145564a0e0731c52c48e9b31c12a89ec0ca4181bc4bb330205fa016ea0e4fd902e540d5c1de35d56da32574a9509026a7bfb2b1cd8d2d744d71af9dc54fbfefaf641ee21bb51d4f97295c11d024c3fc9053b8566212b0dd53b5d800c937a3daf2de940b93b9d81b99ef5bc3c4769e57fce1fbddb6f5776dd792f0b21347e5ef717d3378ac231eecfc45cc360cbdbaf6c93403bea443486469fad9af43eb662b6fc67cfc4aa5f74232403ed3adb50204dbacbff551528afc25d7846960496d42dc6c69edbbcd7ed894747bf5191e406ced258b4a98ec8fb5081f57b628c710f5cc99b12fd737bc3aff717dd2562933db2adb49e5b432b87fe28e502af7c745d977b763682322bc51556c33ed3e586f653600fccfd19840cb1b0f32d1fe8e75471d5fc7c31e3c4233b27a2aa37550b5d5520f5f3c706d1991cb5bfc0f518ca9d45cfdc3760324388b7134bbb5ea52b3d0293b8d28119b54f013672db47eca2a31bc4c11719c4266d441097f7a6eb9fb3f5ec60ec7a8a306381fc2a3488e296fdd6ad15dd375a25af93cc6fbafaebd568dfe41e3963b8658fa99a5698d7a96b2876bfe83d0f577240aae736ef91da499e937e69c9527791248ce1504e63bc317f37159bb35a84dc607100a50876a5ae9a6f33ed39b95409a6f33526c6ffa7eee2e213f992fa477868ceaef782a892c5b44a046cc97ade3cc978a985fb8018c9b73562249c764e1c2656e02ba5e1cc682cc917411c7c29fe080448d3b28174784deaaa60316b4370399734fd171dadaedc94f13611ec0df32dd679c166aa9cee7205e1472741b176ad062a996477db4d8220953a81f54e1d904969e903b81ff9e05258f858b2f435081490d2a39d72768eafbfdcdcdcd4f728723f1206978be92fe249f9bd095ee8873eb35474ca91e40079d2d931b509326986aec64b0ef5eacf5e21d240f4b58d5e013f5b739a24e9342eb2444e5e3a64487b086843830b18f8cc7dbe2205eff84ac3819d8c95cca1b04e57d27622b2fabad9a10bc73df503a5b2436b77fbeb42d96b4ff88691db565b75234ee4d72fcebe077c49ebc15ef57cb1b1d43173da5260ee7b96c0d7d139177201627ab19ffedf83cf26c2a978a196f290b51dd95316884f4c072544667b4620435e0abf343fc1ba8db05fa38fbd0aa52f03348468d1a325ee56e6c93ed9a120b980a36a6d3974d6eb2d49e1eb39e4fd97ccbcb4211333e60da7bde93f164c406125f5713701e6b808bdf28c84c6e764ac3c0ebfa0f8334f15ea495ca2e93f4fd73dc1c4daf8053cfd74498d942f29d055093964f991e97dd26924f13a33ed6316f35359aa058e95731aa3603cc705f9efc95e1384a7a95913ff0f2f23bf0de42d6939ad36537a46edb6256e2bc9785e633409d148628d87485c06b2125de389d17ccf30607aec74c1e7d030fd04cd1a5d605d3b4a6f79a63e6cdbc60afd89fa1b7a26a805ffdf413ec9f97c0850712d0db4bdff8eff70df28d89c67581310c9e0c96f71e3fa09bd751207cc33485d591ad65952389c0d70b21058f26944070f12f87e12c132494caaead7ff93f50f044556f7f28793905401910e16491703fb3fb448e5b229187cb9bf2931618d01f6a1929039e271981ab61fdb9f3a615ad99bbe281cb3cecfac107c95e54a15ef2197fe7f733a88fe2fd561eb25da1750bf0ad6ff888289db5267d62244ea1a86465b6fa6478eb3191e6817b815d6ca77c4d6cca5320aad1ae86b19969b1852a156deea739796bd912d9a6280b7522c434a3795ea1304b2e93c4d946afb9de2bb055c117184bdbf7c2ccf3481f41a32337f5facbf989f92eb810f81efe7de03c907b93d8015a14fc260dfca5fc51db89ec8ff83d770f948d912ebef15926bfdc5543557c45ab3bd6659b6fca4e3238ebd81a7fead8820f6a389ba9dd1b6e8e5f5b8e3436c58652120c5e26ac1a839aa671066c00896f166175f7bc43b86b7df0a93b15c8d9cfc3a796484de048faca7ad4554ac52c478a42b26cb16c36a5c450789ddcf4291ed56f3be03f745d3bfec35a8a13b69ecacae5eea5c1f42d65ebe14e78bc78b209cb56fe8f924bf615a365be76b51e1de49746b21dc5aa33cdbbe2e2400e48c462b3efd30d3b475398457a27994a0af4e8f9bf98ea1e4ef15e67cfc985471fae3a5ed2fbba67285a42f8a45d2f9af6a1c8a4c54ef467295bebc1f2b2249bdbf444049ebfe811eb112a6ebe8f671f2ebb6681b96b01605398b8f961602fc09551fd287cf226ef1a228ef4f8796d0048825d5a0312741862ca1e8f0"]}, 0x1010}, {&(0x7f00000016c0)={0x548, 0x2c, 0x100, 0xfffffff7, 0x25dfdbfb, "", [@generic="bf969661464037182b9399c8a9ea5c20cd719706f7ef768cab37d80a00c71badfe8b6186", @nested={0x10d, 0x7b, 0x0, 0x1, [@generic="5be204c337a39ea8daf7d8c9cef07aff992df0803c03607c6a358ced61ba549bd4ad3d4ab43129a8225620ee5c2dfd7afb8ac34fe28f2241b7fade9e3697c9e229013f14fbea0dac689ac04e74793a771314e9d78ecacfef8d09ca2c363c076f53f97c6d80409692c8b66fbfb5d0a041a0f7f9cfa46bbc07ff886b8834e402eeeef0", @typed={0xc, 0x8f, 0x0, 0x0, @u64=0x8}, @generic="f949311296bc8cb7d2e04e98e71d5ad2bbc31db6d8ed400aab55e3a8428945e551cc015cc27b46d31b6f08c7a19ed98ae41bac63e57c42df7d79994eb31f8ec119a54329eea104829873d7f89d94b8de6f7432304daa97905f1cdf42217b812efd60aeeb1b70cec5968ca8c6c9361f810410cf", @typed={0x8, 0x10, 0x0, 0x0, @uid=0xee00}]}, @typed={0xf5, 0x4d, 0x0, 0x0, @binary="ec6cf8f46bb12970aa78c319b508acb203c79ca182a9cdc003687b085a3904215723a5c0759925bbef9608b9ed05f23b5aac831c1a75e000c098357927ee32636889411dc7cefa739631dc693aba512a11a61b9d3cf1227e406d3bc64717ab3c642ab758e5e77a351b07ee8c050c8d513f2108c1d66790331a1d6d88eb1502aca308b36b34bf93cac2470177698f3b7d1ccb4f7d4e92135e139239411373f1803766ff3eb8c586e5df2376e29dca14f8232ec773ea8b396988aa58cabc486279319b999b70e14ebd6640ae91e224d37599e618f6ede3ca4751225f25a13418bc58bf6eb16eae00c12fb91ee60664dfe48e"}, @generic="610b8d89428b61ef337cdb5aa5a57bfa9dc6809dd8d496514b8bb416e2518c7f9a08b070b29042b4e38b0dc863bd30a858218a7d593f7d4231cfbb78bf42d07c2a7e263aa661c8fcca04", @nested={0x160, 0x138, 0x0, 0x1, [@generic="23bf51c94395b99c7b38be4a6306115d1171186dd31818387ce6ce23fc5d07fe1189da9ac1813b0fe8ba4a16f2fc386da64e9fb39a4239ea7c790aa8e83c78781fccd8da44badb87b90f37428898093245ab3dd29cefbfee8a0c2db8fdf64812fc5d096c4a012ca7b550d73b55cdfbb585de5e6b718e54cf16bbdd82f489dc5305ee30047be73357fea88f2204cb47bb1113", @typed={0x4, 0x7}, @generic="742f77790f4cd94b13d5ca49ece122c40bde8c030261d9232533cc6b7903f4b5144e329e420fb37c35f4cf082240e8dbead0f525730800c905101e9eabb283a9229970298666c7da269a4cd54858344373d7b01d3285c5506223bfafca4b2c4d3608f43923e4c127189a1abbac840f2c49beaf46e20d25b08163190ebd101439b40f56c2e5f87f4f4a2b56970b2068ad", @generic="1b61cad75152cfe0022ba901fa23d0b5b719ea3c1240210f2babdc875519f80c89d6fb4f4114acc3535b5c5752586fd8e1e16dcb7a69"]}, @generic="87c1c430e9a7ddd158c6c75bd98907c400662d47f6e50330d84a0ae09edfffa8f7e470b0a7c722c0f0919a6d5b83382edecfc28a8eb28e81a265e401d473e5e8c58fb2e83dfff52cfdc2f672955ee404518c7fc9183d6ce9847befef14cef235", @typed={0xc, 0x11a, 0x0, 0x0, @u64=0x8}, @generic="e0bdd9efba5923292ab252b6670a4218d4081f29479681f80ca1b1b42de699362827f268949053d9a4ae219ffdc707a8dcae6f34c1ab42c5f16eb10cf70fc4422c103cc57d15d62034f35bc2a19c210118cc866b3d1a0acca36bd4da3cf024263f9d07988b48fe8bf930a8fef5ae2a9722ec6a5aea6b3aaed716a14e6a2d5099afb1a8040eba99a51abd2064cd74c5267187105dc83cee76c785431e7d29fa4942003fd16127e84bc200c980d7a7779ba86632725e0ed8c0878259bdabd7833c9f4b3860d659037829a4a0a12e76017abf817918bebc399f5c2c14d1d1ee540f91df90f250cc67528ff1281a3d4370c21ad4982e"]}, 0x548}], 0x2, &(0x7f0000001e00)=[@rights={{0x1c, 0x1, 0x1, [r2, r2, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r7, r2, r2]}}, @cred={{0x1c, 0x1, 0x2, {r8, 0xffffffffffffffff, r9}}}, @rights={{0x24, 0x1, 0x1, [r2, 0xffffffffffffffff, r2, r10, 0xffffffffffffffff]}}], 0x88, 0x20000090}, 0x8890)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000002080)={'vcan0\x00', <r11=>0x0})
r12 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002200)={&(0x7f00000020c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x8, [@const={0xb, 0x0, 0x0, 0xa, 0x5}, @union={0x4, 0x1, 0x0, 0x5, 0x0, 0x4, [{0x8, 0x5, 0x2}]}]}, {0x0, [0x30, 0x0, 0x0, 0x61, 0x51, 0x61]}}, &(0x7f0000002140)=""/136, 0x44, 0x88, 0x0, 0x8, 0x10000, @value=r10}, 0x28)
r13 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000022c0)=@o_path={&(0x7f0000002280)='\x00', 0x0, 0x8, r2}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000002380)={{0x1, <r14=>0xffffffffffffffff}, &(0x7f0000002300), &(0x7f0000002340)='%+9llu \x00'}, 0x20)
r15 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000023c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r16 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002440)={0x1b, 0x0, 0x0, 0x7, 0x0, 0x1, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r17 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)=@base={0xf, 0xbd60, 0xb80, 0x9, 0x20000, 0x1, 0x43da, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r18 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002540)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000025c0)={0xffffffffffffffff, 0x3, 0x8}, 0xc)
r20 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000002600)={0x0, 0x200, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000026c0)={0x18, 0x1, &(0x7f0000001f00)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000001f40)='syzkaller\x00', 0x0, 0xc4, &(0x7f0000001f80)=""/196, 0x41100, 0x10, '\x00', r11, @fallback=0x9, r12, 0x8, &(0x7f0000002240)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r13, 0x1, &(0x7f0000002640)=[r14, r15, r16, r17, r18, r19, r20, 0xffffffffffffffff], &(0x7f0000002680)=[{0x4, 0x5, 0x9, 0x4}], 0x10, 0x2, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7, '\x00', 0x0, r12, 0x3, 0x1, 0x5, 0x0, @void, @value, @void, @value}, 0x50)

1.093257107s ago: executing program 0 (id=1423):
socket(0x10, 0x3, 0xffff0001)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r1 = socket$inet6(0xa, 0x3, 0x20)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x24, &(0x7f0000000200)=0x7, 0x4)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0xa2, &(0x7f0000000240)={@local, @random="c4bc9cac9686", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x6c, 0x6, 0x0, @private2, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x1b, 0xe2, 0xcc, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @timestamp={0x3, 0xa}, @exp_fastopen={0xfe, 0x4}, @sack={0x5, 0x6, [0xa1be]}, @eol, @window={0x3, 0x3}, @exp_fastopen={0xfe, 0xb, 0xf989, "d463e2c4e2da7a"}, @mss={0x2, 0x4}, @exp_fastopen={0xfe, 0x4}, @fastopen={0x22, 0x2}, @sack={0x5, 0x1e, [0x4, 0x8, 0x0, 0xfc00, 0x28f, 0x0, 0x2]}]}}}}}}}}, 0x0)

1.016845249s ago: executing program 0 (id=1424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@bridge_newvlan={0x24, 0x71, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x0, 0x3}}}]}, 0x24}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @local, 0x9}], 0x1c)
listen(r8, 0x1fff)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000540)="9fa6cc9078a4d4a74e98286bc82caac53eda90e60c94d8da181892a7fa8fcbf0a1a98fb726569e8de0fce82b0f4a9b679c48928ed16d705fe347d32b7e8183555a", 0x41}], 0x1}}], 0x1, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r9, 0x0)
r10 = accept(r8, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r10, 0x84, 0x1e, 0x0, &(0x7f0000000480))
setsockopt$bt_hci_HCI_FILTER(r7, 0x0, 0x2, &(0x7f0000000280)={0x8f6, [0x1, 0x8d], 0x3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xe}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

407.699168ms ago: executing program 1 (id=1425):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000080)={0x1, 0xffff, 0x6351})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
ioctl$BTRFS_IOC_DEV_REPLACE(r2, 0xca289435, &(0x7f0000001040)={0x2, 0x8, @status={[0x2, 0x0, 0x0, 0x100000001, 0x0, 0x6]}, [0x5, 0xffffffff00000001, 0x7, 0xfffffffffffffffb, 0x0, 0x1ff, 0x7f, 0x5a, 0x5, 0x80000000, 0x4, 0x81, 0x1, 0x5, 0xa, 0x3, 0x7, 0x9, 0x4, 0x3, 0x7, 0x7fffffff, 0x80, 0x2, 0x1, 0x3, 0x4, 0x599, 0xc8e, 0x2, 0x2, 0x6, 0x7fff, 0x8000, 0x8001, 0x1, 0xa, 0xba8, 0x7a6f, 0xfffffffffffffff8, 0x7, 0x8001, 0x2, 0x4, 0x6, 0x100, 0x100000000, 0xd8b9, 0x6, 0x6, 0x2, 0x8, 0x3, 0x3, 0x5, 0x4, 0x9, 0x0, 0x400, 0x7, 0x8, 0x4, 0x7, 0x70]})
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x10000, &(0x7f0000000440))
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002740)=@newqdisc={0x24, 0x24, 0x0, 0x800, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x0)
recvmmsg$unix(r4, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)=""/85, 0x55}, {&(0x7f0000000080)=""/106, 0x6a}], 0x2}}], 0x1, 0x40010000, 0x0)
sendmsg$rds(r4, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000003780)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000ae9d9419598b33fe0376cc6386357cfb95c804a3d92081ae8efd4bdcd73f5f61c42636ca17c5cb10cac5e9230171908241ec7e0f699d048768bea10584404ad1cb3eb26414454642cb82dfed81206e4f08dda611da47e53041d03b413e2505ce2d6698a7e73938881d2f2f480177385cc2d4b2f4ed216f2cf02c8458b6ffa0a50774"], 0x48)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB='V?\x00\x00-\x00Y'], 0xfe33)

302.310314ms ago: executing program 4 (id=1426):
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000240)={@private0, <r0=>0x0}, &(0x7f0000000280)=0x14)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x2, 0x3, 0x3, 0x40, 0xffffffffffffffff, 0x9, '\x00', r0, r1, 0x3, 0x0, 0x3, 0x6, @void, @value, @void, @value}, 0x50)
pipe(&(0x7f00000045c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f00000000c0)=[{&(0x7f00000001c0)="9718b7b35f0f5725d440a340664128463b2edda3", 0x14}], 0x1000000000000344, 0x2)
r4 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{0x5, 0xf9, 0x85, 0x80000001}, {0x6, 0x2, 0x8, 0x72}, {0x7, 0x52, 0x5, 0x9}]}, 0x10)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r2, 0x0, r4, 0x0, 0xe8, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03400000000000000000010000000900010073797a3000000000400000001c0a07000000000000000000010000000900010073797a3000000000090002"], 0xc0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b7000000000000004e0a0000000000001da00000000000009500000000000000c7a199ba5633231d61336a0535434728d609f5658a9359ebbd64de3a6a34e15f0013bcf12b22aa0c3ab50c0bb8a9699b61d63c1241e47dbce83afda45edf8b54d12716bd7070f76846dedd79cd68223be16030753751a8f7d6fb0808bc4cce042a5fbdd42679099493099841879e27ef86c6cbc18c100f732b6fa27e20d0c73ff6998293305c3d9303862e6a2b839b7435b40986a69a5841b71efc1c2407ccfa1538f312633d28d8b183846896f5ea10dcddd1284c2b53432e5c7f10fae683311b25f5"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xffdf, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x32)

171.645038ms ago: executing program 1 (id=1427):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300)={r1}, 0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000140)=0x10)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f00000003c0)={0xa, 0x4e22, 0x101, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xc}, 0x1c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000480)=ANY=[@ANYBLOB="28000089c35a6bb1b53fffd7f70032d6fa5c806b9b564d8c9ff3b30c232f0100000000007700000a02000105040100070000"], 0x28}, 0x1, 0x0, 0x0, 0x4000014}, 0x40040)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x6d, &(0x7f0000000080)={r7}, &(0x7f0000000240)=0x18)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000340)={r7}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 0 (id=1428):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f020033000b35d25a806c8c6f94f90f24fc60100007000c000300053582c137153e37000c0980fc0b10070300", 0x33fe0}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1e, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000005feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030200000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f1ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c107571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d1abf3cb17b40ac9b10968f38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb548d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d61f3b39c64307f9c82b2807c9ff4a269841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67a41b9e320146ee9f566a28"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xf}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f00000000c0)=0x6)
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x1c000)
listen(r0, 0x7)

kernel console output (not intermixed with test programs):

on failed: -22
[  317.902445][   T11] team0 (unregistering): Port device team_slave_1 removed
[  317.965047][   T11] team0 (unregistering): Port device team_slave_0 removed
[  318.531507][ T9923] team0: Port device team_slave_0 added
[  318.553078][T10013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1159'.
[  318.643830][ T9923] team0: Port device team_slave_1 added
[  318.783575][ T9923] batman_adv: batadv0: Adding interface: batadv_slave_0
[  318.794903][ T9923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  318.821722][ T9923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  318.834586][ T5235] Bluetooth: hci0: command tx timeout
[  318.850667][ T9923] batman_adv: batadv0: Adding interface: batadv_slave_1
[  318.857834][ T9923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  318.884147][ T9923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  318.897650][T10040] FAULT_INJECTION: forcing a failure.
[  318.897650][T10040] name failslab, interval 1, probability 0, space 0, times 0
[  318.910876][T10040] CPU: 0 UID: 0 PID: 10040 Comm: syz.4.1165 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  318.921351][T10040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  318.931429][T10040] Call Trace:
[  318.934720][T10040]  <TASK>
[  318.937662][T10040]  dump_stack_lvl+0x241/0x360
[  318.942371][T10040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.947597][T10040]  ? __pfx__printk+0x10/0x10
[  318.952204][T10040]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  318.957685][T10040]  ? __pfx___might_resched+0x10/0x10
[  318.963022][T10040]  should_fail_ex+0x3b0/0x4e0
[  318.968449][T10040]  should_failslab+0xac/0x100
[  318.973199][T10040]  ? macvlan_changelink_sources+0xa9d/0x1740
[  318.979228][T10040]  __kmalloc_cache_noprof+0x6c/0x2c0
[  318.984557][T10040]  macvlan_changelink_sources+0xa9d/0x1740
[  318.990430][T10040]  macvlan_common_newlink+0xd3a/0x1930
[  318.995915][T10040]  ? read_word_at_a_time+0xe/0x20
[  319.000998][T10040]  ? sized_strscpy+0x8d/0x220
[  319.005721][T10040]  ? __pfx_macvlan_common_newlink+0x10/0x10
[  319.011647][T10040]  ? rtnl_create_link+0x91c/0xc20
[  319.016699][T10040]  ? __pfx_macvlan_newlink+0x10/0x10
[  319.022040][T10040]  rtnl_newlink+0x1591/0x20a0
[  319.026765][T10040]  ? __pfx_rtnl_newlink+0x10/0x10
[  319.031812][T10040]  ? do_raw_spin_unlock+0x13c/0x8b0
[  319.037099][T10040]  ? __mutex_lock+0x9ab/0xd70
[  319.041878][T10040]  ? __mutex_lock+0x52a/0xd70
[  319.046581][T10040]  ? __pfx_rtnl_newlink+0x10/0x10
[  319.051615][T10040]  rtnetlink_rcv_msg+0x73f/0xcf0
[  319.056578][T10040]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  319.061730][T10040]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.067213][T10040]  ? ref_tracker_free+0x643/0x7e0
[  319.072349][T10040]  netlink_rcv_skb+0x1e3/0x430
[  319.077141][T10040]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.082639][T10040]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.087960][T10040]  ? netlink_deliver_tap+0x2e/0x1b0
[  319.093191][T10040]  netlink_unicast+0x7f6/0x990
[  319.098011][T10040]  ? __pfx_netlink_unicast+0x10/0x10
[  319.103359][T10040]  ? __virt_addr_valid+0x183/0x530
[  319.108505][T10040]  ? __check_object_size+0x48e/0x900
[  319.113834][T10040]  netlink_sendmsg+0x8e4/0xcb0
[  319.118639][T10040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.123947][T10040]  ? aa_sock_msg_perm+0x91/0x160
[  319.128925][T10040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.134233][T10040]  __sock_sendmsg+0x221/0x270
[  319.138939][T10040]  ____sys_sendmsg+0x52a/0x7e0
[  319.143735][T10040]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.149055][T10040]  __sys_sendmsg+0x292/0x380
[  319.153665][T10040]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.158808][T10040]  ? __pfx_vfs_write+0x10/0x10
[  319.163620][T10040]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  319.169986][T10040]  ? do_syscall_64+0x100/0x230
[  319.174774][T10040]  ? do_syscall_64+0xb6/0x230
[  319.179469][T10040]  do_syscall_64+0xf3/0x230
[  319.184084][T10040]  ? clear_bhb_loop+0x35/0x90
[  319.188786][T10040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.194703][T10040] RIP: 0033:0x7f365117df39
[  319.199138][T10040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.218748][T10040] RSP: 002b:00007f3652017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.227181][T10040] RAX: ffffffffffffffda RBX: 00007f3651335f80 RCX: 00007f365117df39
[  319.235187][T10040] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  319.243197][T10040] RBP: 00007f3652017090 R08: 0000000000000000 R09: 0000000000000000
[  319.251198][T10040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.259191][T10040] R13: 0000000000000000 R14: 00007f3651335f80 R15: 00007fff1cd61df8
[  319.267210][T10040]  </TASK>
[  319.331514][T10036] syzkaller0: entered promiscuous mode
[  319.337424][T10036] syzkaller0: entered allmulticast mode
[  319.413419][ T9923] hsr_slave_0: entered promiscuous mode
[  319.441600][ T9923] hsr_slave_1: entered promiscuous mode
[  320.917853][ T5235] Bluetooth: hci0: command tx timeout
[  322.281174][T10065] FAULT_INJECTION: forcing a failure.
[  322.281174][T10065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.331459][T10065] CPU: 0 UID: 0 PID: 10065 Comm: syz.1.1171 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  322.341950][T10065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  322.352043][T10065] Call Trace:
[  322.355358][T10065]  <TASK>
[  322.358319][T10065]  dump_stack_lvl+0x241/0x360
[  322.363052][T10065]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.368311][T10065]  ? __pfx__printk+0x10/0x10
[  322.372950][T10065]  should_fail_ex+0x3b0/0x4e0
[  322.377671][T10065]  _copy_from_user+0x2f/0xe0
[  322.382302][T10065]  bpf_test_init+0x11f/0x180
[  322.386947][T10065]  bpf_prog_test_run_skb+0x2bb/0x1820
[  322.392376][T10065]  ? __pfx_lock_release+0x10/0x10
[  322.397476][T10065]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  322.403326][T10065]  ? fput+0x1a8/0x230
[  322.407327][T10065]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  322.413154][T10065]  bpf_prog_test_run+0x2e4/0x360
[  322.418282][T10065]  __sys_bpf+0x48d/0x810
[  322.422534][T10065]  ? __pfx___sys_bpf+0x10/0x10
[  322.427324][T10065]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  322.433312][T10065]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  322.439651][T10065]  ? do_syscall_64+0x100/0x230
[  322.444430][T10065]  __x64_sys_bpf+0x7c/0x90
[  322.448860][T10065]  do_syscall_64+0xf3/0x230
[  322.453368][T10065]  ? clear_bhb_loop+0x35/0x90
[  322.458050][T10065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.463951][T10065] RIP: 0033:0x7f295077df39
[  322.468400][T10065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.488028][T10065] RSP: 002b:00007f295155d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  322.496454][T10065] RAX: ffffffffffffffda RBX: 00007f2950935f80 RCX: 00007f295077df39
[  322.504441][T10065] RDX: 0000000000000028 RSI: 0000000020000440 RDI: 000000000000000a
[  322.512420][T10065] RBP: 00007f295155d090 R08: 0000000000000000 R09: 0000000000000000
[  322.520400][T10065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.528465][T10065] R13: 0000000000000000 R14: 00007f2950935f80 R15: 00007ffc0a39c288
[  322.536462][T10065]  </TASK>
[  322.599903][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1173'.
[  322.620889][T10069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'.
[  322.888255][T10092] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1175'.
[  323.079740][T10087] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1177'.
[  323.098213][T10091] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1177'.
[  323.110419][T10096] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1175'.
[  323.416544][T10118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1184'.
[  323.472902][T10118] erspan0: entered promiscuous mode
[  323.508545][T10118] macvtap1: entered promiscuous mode
[  323.514570][T10118] macvtap1: entered allmulticast mode
[  323.520629][T10118] erspan0: entered allmulticast mode
[  323.545438][T10124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1184'.
[  323.587667][T10124] erspan0: left allmulticast mode
[  323.618536][T10124] erspan0: left promiscuous mode
[  323.812790][T10133] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  323.833919][T10135] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  323.966553][ T9923] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  324.085493][T10128] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1187'.
[  324.094966][ T9923] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  324.130715][T10128] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1187'.
[  324.143906][ T9923] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  324.214423][ T9923] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  324.248543][T10137] netlink: 'syz.0.1189': attribute type 10 has an invalid length.
[  324.268372][T10137] 8021q: adding VLAN 0 to HW filter on device team0
[  324.287263][T10137] bond0: (slave team0): Enslaving as an active interface with an up link
[  324.309347][T10147] netlink: 'syz.0.1189': attribute type 10 has an invalid length.
[  324.340217][T10147] bond0: (slave team0): Releasing backup interface
[  324.371260][T10147] bridge0: port 2(team0) entered blocking state
[  324.384867][T10147] bridge0: port 2(team0) entered disabled state
[  324.398070][T10147] team0: entered allmulticast mode
[  324.410073][T10147] team_slave_0: entered allmulticast mode
[  324.418775][T10147] team_slave_1: entered allmulticast mode
[  324.429370][T10147] team0: entered promiscuous mode
[  324.437031][T10147] team_slave_0: entered promiscuous mode
[  324.446499][T10147] team_slave_1: entered promiscuous mode
[  324.623812][T10162] netlink: 'syz.0.1191': attribute type 1 has an invalid length.
[  324.662057][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  324.678581][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  324.688991][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  324.698303][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  324.706064][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  324.720480][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  324.732243][ T9923] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.837911][ T9923] 8021q: adding VLAN 0 to HW filter on device team0
[  324.883186][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.890396][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.923967][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.931232][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.998446][T10177] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  325.316586][T10163] chnl_net:caif_netlink_parms(): no params data found
[  325.548146][T10163] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.563045][T10163] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.570593][T10163] bridge_slave_0: entered allmulticast mode
[  325.578148][T10163] bridge_slave_0: entered promiscuous mode
[  325.587238][T10163] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.594928][T10163] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.602317][T10163] bridge_slave_1: entered allmulticast mode
[  325.610377][T10163] bridge_slave_1: entered promiscuous mode
[  325.731509][T10163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.787238][T10163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.877845][T10163] team0: Port device team_slave_0 added
[  325.889471][T10163] team0: Port device team_slave_1 added
[  325.900399][ T9923] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.017202][T10163] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.036105][T10163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.065198][T10163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.078440][T10163] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.089685][T10163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.115948][T10163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.242067][T10217] syzkaller1: entered promiscuous mode
[  326.278335][T10217] syzkaller1: entered allmulticast mode
[  326.328008][T10226] Cannot find map_set index 0 as target
[  326.394958][T10163] hsr_slave_0: entered promiscuous mode
[  326.426985][T10163] hsr_slave_1: entered promiscuous mode
[  326.487895][T10163] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  326.497053][T10163] Cannot create hsr debugfs directory
[  326.650074][ T9923] veth0_vlan: entered promiscuous mode
[  326.833524][ T5235] Bluetooth: hci1: command tx timeout
[  326.874528][ T9923] veth1_vlan: entered promiscuous mode
[  326.994468][T10257] netlink: 'syz.4.1206': attribute type 30 has an invalid length.
[  327.011832][T10259] netlink: 'syz.0.1207': attribute type 12 has an invalid length.
[  327.022557][ T9923] veth0_macvtap: entered promiscuous mode
[  327.061440][ T9923] veth1_macvtap: entered promiscuous mode
[  327.163194][T10163] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.243623][T10263] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  327.365620][T10163] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.437218][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  327.468607][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.480261][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  327.491045][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.501290][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  327.511927][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.528459][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  327.541341][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.546140][T10269] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  327.553082][ T9923] batman_adv: batadv0: Interface activated: batadv_slave_0
[  327.643959][T10163] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.676952][T10267] __nla_validate_parse: 8 callbacks suppressed
[  327.676976][T10267] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1208'.
[  327.709794][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.725760][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.737260][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.749683][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.760991][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.779861][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.800189][ T9923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.818610][ T9923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.831597][ T9923] batman_adv: batadv0: Interface activated: batadv_slave_1
[  327.848970][T10273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1210'.
[  327.859669][T10272] netlink: 120 bytes leftover after parsing attributes in process `syz.0.1210'.
[  327.906097][T10163] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.935605][T10279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1212'.
[  327.948138][ T9923] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.958188][ T9923] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.967773][ T9923] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.977753][ T9923] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.182991][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.203823][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.310135][T10163] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  328.345553][T10163] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  328.362503][T10163] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  328.363203][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.391338][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.436179][T10163] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  328.454879][T10291] netlink: 'syz.0.1217': attribute type 10 has an invalid length.
[  328.915988][ T5235] Bluetooth: hci1: command tx timeout
[  329.973346][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  329.983823][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  330.009856][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  330.059776][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  330.069411][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  330.088247][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  330.997199][ T5237] Bluetooth: hci1: command tx timeout
[  331.317321][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.456342][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.487869][T10313] FAULT_INJECTION: forcing a failure.
[  331.487869][T10313] name failslab, interval 1, probability 0, space 0, times 0
[  331.513647][T10313] CPU: 0 UID: 0 PID: 10313 Comm: syz.4.1224 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  331.524138][T10313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  331.534229][T10313] Call Trace:
[  331.537523][T10313]  <TASK>
[  331.540467][T10313]  dump_stack_lvl+0x241/0x360
[  331.545193][T10313]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.550601][T10313]  ? __pfx__printk+0x10/0x10
[  331.555310][T10313]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  331.560812][T10313]  ? __pfx___might_resched+0x10/0x10
[  331.566111][T10313]  ? dev_prep_valid_name+0x916/0xa40
[  331.571404][T10313]  should_fail_ex+0x3b0/0x4e0
[  331.576091][T10313]  should_failslab+0xac/0x100
[  331.580774][T10313]  ? register_netdevice+0x59c/0x1b00
[  331.586090][T10313]  __kmalloc_cache_noprof+0x6c/0x2c0
[  331.591392][T10313]  register_netdevice+0x59c/0x1b00
[  331.596520][T10313]  ? __pfx_bond_changelink+0x10/0x10
[  331.601812][T10313]  ? read_word_at_a_time+0xe/0x20
[  331.606874][T10313]  ? sized_strscpy+0x8d/0x220
[  331.611569][T10313]  ? __pfx_register_netdevice+0x10/0x10
[  331.617122][T10313]  ? validate_linkmsg+0x71e/0x900
[  331.622157][T10313]  ? rtnl_create_link+0x91c/0xc20
[  331.627213][T10313]  bond_newlink+0x3b/0x90
[  331.631573][T10313]  ? __pfx_bond_newlink+0x10/0x10
[  331.636629][T10313]  rtnl_newlink+0x1591/0x20a0
[  331.641344][T10313]  ? __pfx_rtnl_newlink+0x10/0x10
[  331.646379][T10313]  ? do_raw_spin_unlock+0x13c/0x8b0
[  331.651600][T10313]  ? __mutex_lock+0x9ab/0xd70
[  331.656309][T10313]  ? __mutex_lock+0x52a/0xd70
[  331.661022][T10313]  ? __pfx_rtnl_newlink+0x10/0x10
[  331.666051][T10313]  rtnetlink_rcv_msg+0x73f/0xcf0
[  331.670991][T10313]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  331.676118][T10313]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  331.681589][T10313]  ? ref_tracker_free+0x643/0x7e0
[  331.686624][T10313]  netlink_rcv_skb+0x1e3/0x430
[  331.691395][T10313]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  331.696867][T10313]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  331.702177][T10313]  ? netlink_deliver_tap+0x2e/0x1b0
[  331.707381][T10313]  netlink_unicast+0x7f6/0x990
[  331.712157][T10313]  ? __pfx_netlink_unicast+0x10/0x10
[  331.717448][T10313]  ? __virt_addr_valid+0x183/0x530
[  331.722568][T10313]  ? __check_object_size+0x48e/0x900
[  331.727864][T10313]  netlink_sendmsg+0x8e4/0xcb0
[  331.732650][T10313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.737953][T10313]  ? aa_sock_msg_perm+0x91/0x160
[  331.742899][T10313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.748195][T10313]  __sock_sendmsg+0x221/0x270
[  331.752883][T10313]  ____sys_sendmsg+0x52a/0x7e0
[  331.757691][T10313]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.762993][T10313]  __sys_sendmsg+0x292/0x380
[  331.767587][T10313]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.772711][T10313]  ? __pfx_vfs_write+0x10/0x10
[  331.777507][T10313]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.783846][T10313]  ? do_syscall_64+0x100/0x230
[  331.788619][T10313]  ? do_syscall_64+0xb6/0x230
[  331.793300][T10313]  do_syscall_64+0xf3/0x230
[  331.797808][T10313]  ? clear_bhb_loop+0x35/0x90
[  331.802485][T10313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.808383][T10313] RIP: 0033:0x7f365117df39
[  331.812815][T10313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.832443][T10313] RSP: 002b:00007f3652017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.840879][T10313] RAX: ffffffffffffffda RBX: 00007f3651335f80 RCX: 00007f365117df39
[  331.848858][T10313] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  331.856839][T10313] RBP: 00007f3652017090 R08: 0000000000000000 R09: 0000000000000000
[  331.864808][T10313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  331.872785][T10313] R13: 0000000000000000 R14: 00007f3651335f80 R15: 00007fff1cd61df8
[  331.880870][T10313]  </TASK>
[  331.959293][T10320] netlink: 144316 bytes leftover after parsing attributes in process `syz.4.1227'.
[  332.069555][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.099820][T10321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1226'.
[  332.110095][T10321] bridge_slave_1: left allmulticast mode
[  332.117640][T10321] bridge_slave_1: left promiscuous mode
[  332.124177][T10321] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.133770][T10321] bridge_slave_0: left allmulticast mode
[  332.139604][T10321] bridge_slave_0: left promiscuous mode
[  332.146034][T10321] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.193266][ T5237] Bluetooth: hci0: command tx timeout
[  332.298726][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.499906][T10306] chnl_net:caif_netlink_parms(): no params data found
[  332.523465][T10334] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1232'.
[  332.778071][T10306] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.785500][T10306] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.794601][T10306] bridge_slave_0: entered allmulticast mode
[  332.801805][T10306] bridge_slave_0: entered promiscuous mode
[  332.824829][T10163] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.891169][T10306] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.900637][T10306] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.908212][T10306] bridge_slave_1: entered allmulticast mode
[  332.917871][T10306] bridge_slave_1: entered promiscuous mode
[  332.929325][T10327] netlink: 'syz.0.1229': attribute type 1 has an invalid length.
[  332.942858][T10327] NCSI netlink: No device for ifindex 0
[  333.072970][ T5237] Bluetooth: hci1: command tx timeout
[  333.106685][T10306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.149608][T10306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.170224][T10163] 8021q: adding VLAN 0 to HW filter on device team0
[  333.188992][   T11] bridge_slave_1: left allmulticast mode
[  333.197337][   T11] bridge_slave_1: left promiscuous mode
[  333.210026][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.223252][   T11] bridge_slave_0: left allmulticast mode
[  333.229051][   T11] bridge_slave_0: left promiscuous mode
[  333.243817][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.284655][T10350] infiniband syz1: set down
[  333.289651][T10350] infiniband syz1: added ipvlan1
[  333.355399][T10350] RDS/IB: syz1: added
[  333.362922][T10350] smc: adding ib device syz1 with port count 1
[  333.387880][T10350] smc:    ib device syz1 port 1 has pnetid 
[  333.718062][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.729730][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.741140][   T11] bond0 (unregistering): Released all slaves
[  334.272822][ T5237] Bluetooth: hci0: command tx timeout
[  336.163571][T10306] team0: Port device team_slave_0 added
[  336.214113][T10306] team0: Port device team_slave_1 added
[  336.232942][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.240115][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.289271][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.296481][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.353075][ T5237] Bluetooth: hci0: command tx timeout
[  336.574321][T10306] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.581336][T10306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.618361][T10306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.640027][T10306] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.649566][T10306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.683494][T10306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.911962][T10306] hsr_slave_0: entered promiscuous mode
[  336.938035][T10306] hsr_slave_1: entered promiscuous mode
[  336.949927][T10306] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.958758][T10306] Cannot create hsr debugfs directory
[  337.297680][T10163] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.526761][T10163] veth0_vlan: entered promiscuous mode
[  337.565662][T10163] veth1_vlan: entered promiscuous mode
[  337.640915][T10163] veth0_macvtap: entered promiscuous mode
[  337.686689][T10163] veth1_macvtap: entered promiscuous mode
[  337.813579][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.827491][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.837845][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.848494][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.860447][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.871134][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.881117][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.891657][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.902030][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.913151][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.924519][T10163] batman_adv: batadv0: Interface activated: batadv_slave_0
[  337.941624][T10306] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  337.951601][T10306] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  337.962615][T10306] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  337.986167][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.998396][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.008363][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.019045][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.029563][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.041459][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.051532][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.064177][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.076444][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.086983][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.098313][T10163] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.110053][T10306] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  338.146994][T10163] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.164321][T10163] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.181729][T10163] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.205086][T10163] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.438688][ T5237] Bluetooth: hci0: command tx timeout
[  338.629035][T10306] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.671226][   T11] hsr_slave_0: left promiscuous mode
[  338.689824][   T11] hsr_slave_1: left promiscuous mode
[  338.699349][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.714828][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.728787][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.738827][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.770513][   T11] veth1_macvtap: left promiscuous mode
[  338.776315][   T11] veth0_macvtap: left promiscuous mode
[  338.781954][   T11] veth1_vlan: left promiscuous mode
[  338.788743][   T11] veth0_vlan: left promiscuous mode
[  339.506575][   T11] team0 (unregistering): Port device team_slave_1 removed
[  339.560804][   T11] team0 (unregistering): Port device team_slave_0 removed
[  340.091980][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.100203][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.138113][T10306] 8021q: adding VLAN 0 to HW filter on device team0
[  340.185466][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.192590][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.262092][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.269362][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.279904][ T2994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.320690][ T2994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.548408][T10306] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.581873][   T11] bridge_slave_1: left allmulticast mode
[  340.588515][   T11] bridge_slave_1: left promiscuous mode
[  340.594449][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.605532][   T11] bridge_slave_0: left allmulticast mode
[  340.611289][   T11] bridge_slave_0: left promiscuous mode
[  340.618506][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.040481][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.052033][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.065868][   T11] bond0 (unregistering): Released all slaves
[  341.096119][T10306] veth0_vlan: entered promiscuous mode
[  341.109723][T10306] veth1_vlan: entered promiscuous mode
[  341.190142][   T11] tipc: Left network mode
[  341.195778][T10306] veth0_macvtap: entered promiscuous mode
[  341.206656][T10306] veth1_macvtap: entered promiscuous mode
[  341.266946][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.278168][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.288841][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.301208][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.312202][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.324172][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.334570][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.347765][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.359350][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.370348][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.382206][T10306] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.439649][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.452066][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.464972][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.476319][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.486600][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.497866][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.508136][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.519399][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.529820][T10306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.540730][T10306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.554225][T10306] batman_adv: batadv0: Interface activated: batadv_slave_1
[  341.599298][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  341.616539][T10306] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  341.626289][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  341.637074][T10306] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.637127][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  341.654161][T10306] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  341.665737][T10306] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.675899][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  341.690126][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  341.699186][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  341.899611][ T2924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.907806][ T2924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.944632][   T11] hsr_slave_0: left promiscuous mode
[  341.950669][   T11] hsr_slave_1: left promiscuous mode
[  341.968179][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.980289][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.991629][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.999607][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.017228][   T11] veth1_macvtap: left promiscuous mode
[  342.022993][   T11] veth0_macvtap: left promiscuous mode
[  342.028571][   T11] veth1_vlan: left promiscuous mode
[  342.035244][   T11] veth0_vlan: left promiscuous mode
[  342.540213][   T11] team0 (unregistering): Port device team_slave_1 removed
[  342.597863][   T11] team0 (unregistering): Port device team_slave_0 removed
[  343.167009][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  343.179733][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.356108][T10429] chnl_net:caif_netlink_parms(): no params data found
[  343.451524][T10429] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.459046][T10429] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.466483][T10429] bridge_slave_0: entered allmulticast mode
[  343.474041][T10429] bridge_slave_0: entered promiscuous mode
[  343.482271][T10429] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.492175][T10429] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.500468][T10429] bridge_slave_1: entered allmulticast mode
[  343.508084][T10429] bridge_slave_1: entered promiscuous mode
[  343.541044][T10429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  343.554161][T10429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  343.589087][T10429] team0: Port device team_slave_0 added
[  343.603781][T10429] team0: Port device team_slave_1 added
[  343.628444][T10429] batman_adv: batadv0: Adding interface: batadv_slave_0
[  343.636909][T10429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  343.664600][T10429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  343.677703][T10429] batman_adv: batadv0: Adding interface: batadv_slave_1
[  343.684901][T10429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  343.711078][T10429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.721715][ T5235] Bluetooth: hci1: command tx timeout
[  343.752576][T10429] hsr_slave_0: entered promiscuous mode
[  343.760529][T10429] hsr_slave_1: entered promiscuous mode
[  343.800336][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.885625][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.961531][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.021599][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.194581][   T11] bridge_slave_1: left allmulticast mode
[  344.200315][   T11] bridge_slave_1: left promiscuous mode
[  344.208870][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.227371][   T11] bridge_slave_0: left allmulticast mode
[  344.233566][   T11] bridge_slave_0: left promiscuous mode
[  344.239328][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.842426][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  344.857626][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  344.868570][   T11] bond0 (unregistering): Released all slaves
[  345.311669][   T11] hsr_slave_0: left promiscuous mode
[  345.325368][   T11] hsr_slave_1: left promiscuous mode
[  345.339540][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  345.356167][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  345.370170][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  345.380940][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  345.418905][   T11] veth1_macvtap: left promiscuous mode
[  345.427952][   T11] veth0_macvtap: left promiscuous mode
[  345.437212][   T11] veth1_vlan: left promiscuous mode
[  345.447378][   T11] veth0_vlan: left promiscuous mode
[  345.628891][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  345.640872][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  345.649880][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  345.658069][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  345.667017][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  345.674599][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  345.805055][ T5235] Bluetooth: hci1: command tx timeout
[  346.119806][   T11] team0 (unregistering): Port device team_slave_1 removed
[  346.172046][   T11] team0 (unregistering): Port device team_slave_0 removed
[  346.898225][T10429] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  346.935662][T10429] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  346.978091][T10429] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  346.997396][T10429] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  347.148336][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.289610][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.339416][T10429] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.371348][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.398500][T10466] chnl_net:caif_netlink_parms(): no params data found
[  347.463737][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.521757][T10429] 8021q: adding VLAN 0 to HW filter on device team0
[  347.563116][ T2924] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.570349][ T2924] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.619207][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.626348][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.644961][T10466] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.652329][T10466] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.662436][T10466] bridge_slave_0: entered allmulticast mode
[  347.669968][T10466] bridge_slave_0: entered promiscuous mode
[  347.685360][T10466] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.692597][T10466] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.700361][T10466] bridge_slave_1: entered allmulticast mode
[  347.707682][T10466] bridge_slave_1: entered promiscuous mode
[  347.723448][ T5235] Bluetooth: hci0: command tx timeout
[  347.828809][T10466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.872897][ T5235] Bluetooth: hci1: command tx timeout
[  347.874725][T10466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.906744][   T11] bridge_slave_1: left allmulticast mode
[  347.912495][   T11] bridge_slave_1: left promiscuous mode
[  347.935345][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.954291][   T11] bridge_slave_0: left allmulticast mode
[  347.960007][   T11] bridge_slave_0: left promiscuous mode
[  347.975070][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.616240][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  348.634513][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  348.646104][   T11] bond0 (unregistering): Released all slaves
[  348.725933][T10466] team0: Port device team_slave_0 added
[  348.751804][T10466] team0: Port device team_slave_1 added
[  348.802552][T10466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  348.810360][T10466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.837786][T10466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  348.850989][T10466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  348.858760][T10466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.884954][T10466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.104487][T10466] hsr_slave_0: entered promiscuous mode
[  349.111194][T10466] hsr_slave_1: entered promiscuous mode
[  349.128832][T10466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  349.140365][T10466] Cannot create hsr debugfs directory
[  349.220045][T10429] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.345938][   T11] hsr_slave_0: left promiscuous mode
[  349.359617][   T11] hsr_slave_1: left promiscuous mode
[  349.366497][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  349.381386][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.391084][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.399315][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  349.421653][   T11] veth1_macvtap: left promiscuous mode
[  349.427346][   T11] veth0_macvtap: left promiscuous mode
[  349.433686][   T11] veth1_vlan: left promiscuous mode
[  349.438978][   T11] veth0_vlan: left promiscuous mode
[  349.802977][ T5235] Bluetooth: hci0: command tx timeout
[  349.918913][   T11] team0 (unregistering): Port device team_slave_1 removed
[  349.963652][ T5235] Bluetooth: hci1: command tx timeout
[  349.977604][   T11] team0 (unregistering): Port device team_slave_0 removed
[  350.615713][T10429] veth0_vlan: entered promiscuous mode
[  350.639784][T10429] veth1_vlan: entered promiscuous mode
[  350.715788][T10429] veth0_macvtap: entered promiscuous mode
[  350.740714][T10429] veth1_macvtap: entered promiscuous mode
[  350.798636][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.823013][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.833906][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.845198][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.858095][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.868828][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.885107][T10429] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.900784][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.926038][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.946497][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.960569][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.971090][T10429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.981939][T10429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.003706][T10429] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.079031][T10429] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.089361][T10429] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.098749][T10429] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.108170][T10429] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.276867][T10466] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  351.286314][T10466] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  351.298357][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.308443][T10466] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  351.318333][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.339030][T10466] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  351.371383][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.397217][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.564767][T10466] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.592610][T10466] 8021q: adding VLAN 0 to HW filter on device team0
[  351.619730][   T66] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.626937][   T66] bridge0: port 1(bridge_slave_0) entered forwarding state
[  351.648655][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.655839][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[  351.873547][ T5235] Bluetooth: hci0: command tx timeout
[  351.994987][ T1122] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.098984][T10466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.174981][ T1122] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.271011][ T1122] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.320097][T10466] veth0_vlan: entered promiscuous mode
[  352.362368][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  352.379799][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  352.380539][ T1122] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.398645][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  352.409904][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  352.415660][T10466] veth1_vlan: entered promiscuous mode
[  352.425031][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  352.433162][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  352.502487][T10466] veth0_macvtap: entered promiscuous mode
[  352.547672][T10466] veth1_macvtap: entered promiscuous mode
[  352.644468][ T1122] bridge_slave_1: left allmulticast mode
[  352.650190][ T1122] bridge_slave_1: left promiscuous mode
[  352.656821][ T1122] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.667508][ T1122] bridge_slave_0: left allmulticast mode
[  352.675164][ T1122] bridge_slave_0: left promiscuous mode
[  352.680963][ T1122] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.078854][ T1122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  353.090390][ T1122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  353.101276][ T1122] bond0 (unregistering): Released all slaves
[  353.120696][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.132801][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.145867][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.156590][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.167016][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.177586][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.187565][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.198109][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.209751][T10466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.249118][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.262111][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.275246][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.285748][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.295923][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.306413][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.316680][T10466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  353.327959][T10466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.349170][T10466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  353.410655][T10466] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.420460][T10466] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.431770][T10466] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.440989][T10466] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.721861][T10590] chnl_net:caif_netlink_parms(): no params data found
[  353.769487][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.810407][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.820926][ T1122] hsr_slave_0: left promiscuous mode
[  353.838307][ T1122] hsr_slave_1: left promiscuous mode
[  353.844680][ T1122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  353.852240][ T1122] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.863979][ T1122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  353.875001][ T1122] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.906715][ T1122] veth1_macvtap: left promiscuous mode
[  353.912310][ T1122] veth0_macvtap: left promiscuous mode
[  353.919990][ T1122] veth1_vlan: left promiscuous mode
[  353.926413][ T1122] veth0_vlan: left promiscuous mode
[  353.952766][ T5235] Bluetooth: hci0: command tx timeout
[  354.463132][ T1122] team0 (unregistering): Port device team_slave_1 removed
[  354.514902][ T5235] Bluetooth: hci1: command tx timeout
[  354.524990][ T1122] team0 (unregistering): Port device team_slave_0 removed
[  355.113130][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.121066][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.175860][T10590] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.183578][T10590] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.193164][T10590] bridge_slave_0: entered allmulticast mode
[  355.200210][T10590] bridge_slave_0: entered promiscuous mode
[  355.216935][T10590] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.241701][T10590] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.274268][T10590] bridge_slave_1: entered allmulticast mode
[  355.281378][T10590] bridge_slave_1: entered promiscuous mode
[  355.430533][T10590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  355.456814][T10590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.504494][T10590] team0: Port device team_slave_0 added
[  355.520432][T10590] team0: Port device team_slave_1 added
[  355.565685][T10590] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.574890][T10590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.606988][T10590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  355.625436][T10590] batman_adv: batadv0: Adding interface: batadv_slave_1
[  355.632436][T10590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.661410][T10590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.713225][T10590] hsr_slave_0: entered promiscuous mode
[  355.719779][T10590] hsr_slave_1: entered promiscuous mode
[  356.158908][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.279800][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.367276][T10590] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  356.382457][T10590] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  356.394554][T10590] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  356.409537][T10590] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  356.447915][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.535689][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.593764][ T5235] Bluetooth: hci1: command tx timeout
[  356.639467][T10590] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.672323][T10590] 8021q: adding VLAN 0 to HW filter on device team0
[  356.689865][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.697008][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  356.711977][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.719147][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.841235][   T12] bridge_slave_1: left allmulticast mode
[  356.847941][   T12] bridge_slave_1: left promiscuous mode
[  356.860493][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.880641][   T12] bridge_slave_0: left allmulticast mode
[  356.888568][   T12] bridge_slave_0: left promiscuous mode
[  356.895026][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.194197][T10672] Cannot find add_set index 0 as target
[  357.322448][T10670] delete_channel: no stack
[  357.554202][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  357.567115][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  357.598570][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  357.619764][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  357.639064][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  357.653003][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  357.802373][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.819921][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.837181][   T12] bond0 (unregistering): Released all slaves
[  357.860339][T10674] netlink: 'syz.4.1242': attribute type 12 has an invalid length.
[  358.672822][ T5237] Bluetooth: hci1: command tx timeout
[  359.719995][ T5237] Bluetooth: hci0: command tx timeout
[  360.276674][ T1111] wlan1: Trigger new scan to find an IBSS to join
[  360.757213][ T5237] Bluetooth: hci1: command tx timeout
[  361.288920][T10725] netlink: 'syz.1.1247': attribute type 9 has an invalid length.
[  361.448179][T10590] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.514683][T10590] veth0_vlan: entered promiscuous mode
[  361.526621][T10590] veth1_vlan: entered promiscuous mode
[  361.657807][T10742] netlink: 'syz.0.1250': attribute type 9 has an invalid length.
[  361.673038][T10742] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.1250'.
[  361.793285][ T5237] Bluetooth: hci0: command tx timeout
[  361.902427][   T12] hsr_slave_0: left promiscuous mode
[  361.908997][   T12] hsr_slave_1: left promiscuous mode
[  361.920161][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  361.928737][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  361.939741][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.950411][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  361.978780][   T12] veth1_macvtap: left promiscuous mode
[  361.985496][   T12] veth0_macvtap: left promiscuous mode
[  361.991211][   T12] veth1_vlan: left promiscuous mode
[  362.000130][   T12] veth0_vlan: left promiscuous mode
[  362.610483][   T12] team0 (unregistering): Port device team_slave_1 removed
[  362.660584][   T12] team0 (unregistering): Port device team_slave_0 removed
[  363.174791][T10590] veth0_macvtap: entered promiscuous mode
[  363.190950][T10590] veth1_macvtap: entered promiscuous mode
[  363.328265][   T66] wlan1: Trigger new scan to find an IBSS to join
[  363.352008][T10751] hsr0: entered promiscuous mode
[  363.417367][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.428542][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.439471][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.462751][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.478543][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.501845][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.514647][T10590] batman_adv: batadv0: Interface activated: batadv_slave_0
[  363.525937][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.550645][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.560969][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.572508][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.588364][T10590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.599097][T10590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.617603][T10590] batman_adv: batadv0: Interface activated: batadv_slave_1
[  363.632232][T10590] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.647511][T10590] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.657056][T10590] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.673376][T10590] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  363.694054][T10755] 8021q: adding VLAN 0 to HW filter on device batadv1
[  363.872756][ T5237] Bluetooth: hci0: command tx timeout
[  364.020964][T10777] lo: entered promiscuous mode
[  364.033483][T10685] chnl_net:caif_netlink_parms(): no params data found
[  364.440332][T10685] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.484076][T10685] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.491898][T10685] bridge_slave_0: entered allmulticast mode
[  364.521886][T10685] bridge_slave_0: entered promiscuous mode
[  364.553649][T10685] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.560990][T10685] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.593593][T10685] bridge_slave_1: entered allmulticast mode
[  364.604012][T10685] bridge_slave_1: entered promiscuous mode
[  364.916469][T10685] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.939371][ T1111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  364.988347][T10685] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.011350][ T1111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  365.063032][T10813] netlink: 'syz.4.1262': attribute type 1 has an invalid length.
[  365.130762][T10685] team0: Port device team_slave_0 added
[  365.171113][T10685] team0: Port device team_slave_1 added
[  365.172124][T10815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1261'.
[  365.182221][ T2885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  365.228237][ T2885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  365.291479][T10685] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.314769][T10685] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.349391][T10685] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.461380][T10685] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.480874][T10685] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.528260][T10685] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.619961][T10685] hsr_slave_0: entered promiscuous mode
[  365.643594][T10685] hsr_slave_1: entered promiscuous mode
[  365.663611][T10685] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  365.675920][T10685] Cannot create hsr debugfs directory
[  365.952871][ T5237] Bluetooth: hci0: command tx timeout
[  366.130767][ T2885] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.261261][ T2885] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.277113][   T11] wlan1: Creating new IBSS network, BSSID 5e:3b:b1:40:14:a8
[  366.369810][ T2885] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.529223][ T2885] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.734706][T10871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1268'.
[  367.071668][ T2885] bridge_slave_1: left allmulticast mode
[  367.093709][ T2885] bridge_slave_1: left promiscuous mode
[  367.100800][ T2885] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.116987][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  367.127774][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  367.137750][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  367.147774][ T2885] bridge_slave_0: left allmulticast mode
[  367.156761][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  367.163994][ T2885] bridge_slave_0: left promiscuous mode
[  367.170154][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  367.171310][ T2885] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.185002][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  367.288043][T10888] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  367.346345][T10890] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1273'.
[  367.766064][ T2885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.784422][ T2885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.798300][ T2885] bond0 (unregistering): Released all slaves
[  368.029294][T10685] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  368.079741][T10685] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  368.130461][T10685] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  368.270164][T10685] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  368.440542][T10918] netlink: 'syz.1.1280': attribute type 8 has an invalid length.
[  368.730499][T10685] 8021q: adding VLAN 0 to HW filter on device bond0
[  368.813880][T10907] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  368.850589][T10685] 8021q: adding VLAN 0 to HW filter on device team0
[  368.864362][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.871513][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.889967][T10907] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  369.049731][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.056984][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.151049][ T2885] hsr_slave_0: left promiscuous mode
[  369.159040][ T2885] hsr_slave_1: left promiscuous mode
[  369.169296][ T2885] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.182996][ T2885] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.203460][ T2885] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.220474][ T2885] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.233582][ T5235] Bluetooth: hci1: command tx timeout
[  369.270444][ T2885] veth1_macvtap: left promiscuous mode
[  369.280988][ T2885] veth0_macvtap: left promiscuous mode
[  369.301416][T10940] RDS: rds_bind could not find a transport for ::ffff:100.1.1.2, load rds_tcp or rds_rdma?
[  369.323246][ T2885] veth1_vlan: left promiscuous mode
[  369.331876][ T2885] veth0_vlan: left promiscuous mode
[  370.148284][ T2885] team0 (unregistering): Port device team_slave_1 removed
[  370.221070][ T2885] team0 (unregistering): Port device team_slave_0 removed
[  370.672942][T10923] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  370.986751][T10990] FAULT_INJECTION: forcing a failure.
[  370.986751][T10990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.001103][T10990] CPU: 1 UID: 0 PID: 10990 Comm: syz.1.1284 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  371.011577][T10990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  371.021662][T10990] Call Trace:
[  371.024979][T10990]  <TASK>
[  371.027942][T10990]  dump_stack_lvl+0x241/0x360
[  371.032676][T10990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.037915][T10990]  ? __pfx__printk+0x10/0x10
[  371.042547][T10990]  ? __pfx_lock_release+0x10/0x10
[  371.047614][T10990]  ? percpu_ref_get_many+0x19/0x140
[  371.052859][T10990]  should_fail_ex+0x3b0/0x4e0
[  371.057586][T10990]  _copy_from_iter+0x1ed/0x1d60
[  371.062468][T10990]  ? rcu_is_watching+0x15/0xb0
[  371.067279][T10990]  ? __mutex_lock+0x2ef/0xd70
[  371.072004][T10990]  ? __pfx__copy_from_iter+0x10/0x10
[  371.077342][T10990]  ? alloc_pages_mpol_noprof+0x417/0x680
[  371.083033][T10990]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  371.089058][T10990]  ? page_copy_sane+0x46/0x260
[  371.093866][T10990]  copy_page_from_iter+0x7a/0x100
[  371.098940][T10990]  pipe_write+0x7f5/0x1a30
[  371.099651][T10685] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  371.103370][T10990]  ? mark_lock+0x9a/0x360
[  371.103442][T10990]  ? __pfx_pipe_write+0x10/0x10
[  371.103464][T10990]  ? common_file_perm+0x1a6/0x210
[  371.103485][T10990]  ? bpf_lsm_file_permission+0x9/0x10
[  371.103510][T10990]  ? security_file_permission+0x74/0x280
[  371.103541][T10990]  vfs_write+0xa6d/0xc90
[  371.103571][T10990]  ? __pfx_pipe_write+0x10/0x10
[  371.103591][T10990]  ? __pfx_vfs_write+0x10/0x10
[  371.103626][T10990]  ? fdget_pos+0x19a/0x320
[  371.103647][T10990]  ksys_write+0x183/0x2b0
[  371.117963][T10685] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  371.118280][T10990]  ? __pfx_ksys_write+0x10/0x10
[  371.177006][T10990]  ? rcu_is_watching+0x15/0xb0
[  371.181818][T10990]  ? trace_sys_enter+0x1f/0xd0
[  371.186732][T10990]  do_syscall_64+0xf3/0x230
[  371.191286][T10990]  ? clear_bhb_loop+0x35/0x90
[  371.196002][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.201944][T10990] RIP: 0033:0x7f295077df39
[  371.206392][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.226032][T10990] RSP: 002b:00007f295155d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  371.234490][T10990] RAX: ffffffffffffffda RBX: 00007f2950935f80 RCX: 00007f295077df39
[  371.242500][T10990] RDX: 00000000ffffff49 RSI: 0000000020000300 RDI: 0000000000000000
[  371.250508][T10990] RBP: 00007f295155d090 R08: 0000000000000000 R09: 0000000000000000
[  371.258611][T10990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  371.266620][T10990] R13: 0000000000000000 R14: 00007f2950935f80 R15: 00007ffc0a39c288
[  371.274641][T10990]  </TASK>
[  371.329767][ T5235] Bluetooth: hci1: command tx timeout
[  371.366790][T10881] chnl_net:caif_netlink_parms(): no params data found
[  371.426097][T11004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'.
[  371.529187][T11004] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1287'.
[  371.620731][T11020] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 1, id = 0
[  371.632083][T10685] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.943086][T11028] veth1_macvtap: left promiscuous mode
[  371.948633][T11028] macsec0: entered allmulticast mode
[  371.975915][T11031] veth1_macvtap: entered promiscuous mode
[  371.982131][T11031] veth1_macvtap: entered allmulticast mode
[  371.991233][T11031] macsec0: left allmulticast mode
[  371.997311][T11031] veth1_macvtap: left allmulticast mode
[  372.022283][T10881] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.036711][T10881] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.046250][T10881] bridge_slave_0: entered allmulticast mode
[  372.053977][T10881] bridge_slave_0: entered promiscuous mode
[  372.082249][T11034] bond0: entered promiscuous mode
[  372.087816][T11034] bond_slave_0: entered promiscuous mode
[  372.094073][T11034] bond_slave_1: entered promiscuous mode
[  372.100148][T11034] mac80211_hwsim hwsim31 wlan1: entered promiscuous mode
[  372.108535][T10881] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.132998][T10881] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.152952][T10881] bridge_slave_1: entered allmulticast mode
[  372.159983][T10881] bridge_slave_1: entered promiscuous mode
[  372.245146][T10881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.272329][T10881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  372.289906][T11038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1292'.
[  372.596273][T10685] veth0_vlan: entered promiscuous mode
[  372.611316][T11033] bond0: left promiscuous mode
[  372.627959][T11033] bond_slave_0: left promiscuous mode
[  372.634244][T11033] bond_slave_1: left promiscuous mode
[  372.639826][T11033] mac80211_hwsim hwsim31 wlan1: left promiscuous mode
[  372.749020][T10881] team0: Port device team_slave_0 added
[  372.784834][T10685] veth1_vlan: entered promiscuous mode
[  372.819870][T10881] team0: Port device team_slave_1 added
[  372.855391][T11062] netlink: 9372 bytes leftover after parsing attributes in process `syz.0.1294'.
[  372.967253][T10881] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.975355][T10881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.008376][T10881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  373.030597][T10881] batman_adv: batadv0: Adding interface: batadv_slave_1
[  373.044528][T10881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  373.083003][T10881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  373.151971][T10881] hsr_slave_0: entered promiscuous mode
[  373.162711][T10881] hsr_slave_1: entered promiscuous mode
[  373.189513][T11072] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20002
[  373.206641][T10685] veth0_macvtap: entered promiscuous mode
[  373.283318][T10685] veth1_macvtap: entered promiscuous mode
[  373.394173][ T5235] Bluetooth: hci1: command tx timeout
[  373.492012][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.504785][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.520685][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.531737][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.541908][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.553158][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.565308][T10685] batman_adv: batadv0: Interface activated: batadv_slave_0
[  373.580679][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.592357][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.603690][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.622692][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.635487][T10685] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  373.650571][T10685] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.665613][T10685] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.684380][T11081] workqueue: name exceeds WQ_NAME_LEN. Truncating to: †<)Ù2¼”›U7‘Åä‹¡ô¾ÐËÝ;&!éi‡¼
[  373.732043][T10685] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.754877][T10685] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.771983][T10685] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.801746][T10685] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.000532][T11095] IPv6: Can't replace route, no match found
[  374.396316][T11112] tipc: Started in network mode
[  374.406128][T11112] tipc: Node identity aaaaaaaaaa17, cluster identity 4711
[  374.439549][T11112] tipc: Enabled bearer <eth:bond0>, priority 10
[  374.559100][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.592762][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.666344][T11126] team0: entered promiscuous mode
[  374.683331][T11126] team_slave_0: entered promiscuous mode
[  374.699718][T11126] team_slave_1: entered promiscuous mode
[  374.733338][T11126] team0: left promiscuous mode
[  374.738192][T11126] team_slave_0: left promiscuous mode
[  374.768441][T11126] team_slave_1: left promiscuous mode
[  374.888240][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.909323][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.933397][T10881] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  374.969812][T10881] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  375.023634][T10881] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  375.083051][T10881] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  375.138737][T11138] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20002
[  375.294102][T11145] FAULT_INJECTION: forcing a failure.
[  375.294102][T11145] name failslab, interval 1, probability 0, space 0, times 0
[  375.324214][T11145] CPU: 0 UID: 0 PID: 11145 Comm: syz.0.1310 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  375.334701][T11145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.344794][T11145] Call Trace:
[  375.348102][T11145]  <TASK>
[  375.351085][T11145]  dump_stack_lvl+0x241/0x360
[  375.355815][T11145]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.361060][T11145]  ? __pfx__printk+0x10/0x10
[  375.365696][T11145]  ? ref_tracker_alloc+0x332/0x490
[  375.370859][T11145]  should_fail_ex+0x3b0/0x4e0
[  375.375591][T11145]  ? skb_clone+0x20c/0x390
[  375.380047][T11145]  should_failslab+0xac/0x100
[  375.384766][T11145]  ? skb_clone+0x20c/0x390
[  375.389222][T11145]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  375.394647][T11145]  skb_clone+0x20c/0x390
[  375.398939][T11145]  __netlink_deliver_tap+0x3cc/0x7c0
[  375.404279][T11145]  ? netlink_deliver_tap+0x2e/0x1b0
[  375.409524][T11145]  netlink_deliver_tap+0x19d/0x1b0
[  375.414733][T11145]  netlink_unicast+0x7c4/0x990
[  375.419547][T11145]  ? __pfx_netlink_unicast+0x10/0x10
[  375.424881][T11145]  ? __virt_addr_valid+0x183/0x530
[  375.430044][T11145]  ? __check_object_size+0x48e/0x900
[  375.435405][T11145]  netlink_sendmsg+0x8e4/0xcb0
[  375.440233][T11145]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.445572][T11145]  ? aa_sock_msg_perm+0x91/0x160
[  375.450560][T11145]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.455896][T11145]  __sock_sendmsg+0x221/0x270
[  375.460624][T11145]  ____sys_sendmsg+0x52a/0x7e0
[  375.465435][T11145]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.470771][T11145]  ? rcu_is_watching+0x15/0xb0
[  375.475582][T11145]  ? __might_fault+0xaa/0x120
[  375.477732][T10881] 8021q: adding VLAN 0 to HW filter on device bond0
[  375.480278][T11145]  __sys_sendmmsg+0x3ab/0x730
[  375.480320][T11145]  ? __pfx___sys_sendmmsg+0x10/0x10
[  375.480352][T11145]  ? __pfx_lock_release+0x10/0x10
[  375.501761][T10881] 8021q: adding VLAN 0 to HW filter on device team0
[  375.501815][T11145]  ? kstrtouint_from_user+0x128/0x190
[  375.513834][T11145]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  375.519776][T11145]  ? ksys_write+0x229/0x2b0
[  375.524317][T11145]  ? __pfx_lock_release+0x10/0x10
[  375.529401][T11145]  ? vfs_write+0x7bf/0xc90
[  375.533857][T11145]  ? kmem_cache_free+0x1a2/0x420
[  375.538844][T11145]  ? __mutex_unlock_slowpath+0x21d/0x750
[  375.538903][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.544490][T11145]  ? __fget_files+0x3f3/0x470
[  375.544524][T11145]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  375.544550][T11145]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  375.544574][T11145]  ? do_syscall_64+0x100/0x230
[  375.544595][T11145]  __x64_sys_sendmmsg+0xa0/0xb0
[  375.551674][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.556248][T11145]  do_syscall_64+0xf3/0x230
[  375.556270][T11145]  ? clear_bhb_loop+0x35/0x90
[  375.556289][T11145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.556314][T11145] RIP: 0033:0x7efccc97df39
[  375.573763][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.578187][T11145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.578208][T11145] RSP: 002b:00007efccd77c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  375.578232][T11145] RAX: ffffffffffffffda RBX: 00007efcccb35f80 RCX: 00007efccc97df39
[  375.585529][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.589886][T11145] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  375.615714][T10881] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  375.631462][T11145] RBP: 00007efccd77c090 R08: 0000000000000000 R09: 0000000000000000
[  375.631484][T11145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  375.631495][T11145] R13: 0000000000000000 R14: 00007efcccb35f80 R15: 00007ffce9f9d688
[  375.631523][T11145]  </TASK>
[  375.637608][    T8] tipc: Node number set to 12429994
[  375.656587][ T5235] Bluetooth: hci1: command tx timeout
[  375.682899][T10881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  376.061392][ T1111] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.231593][ T1111] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.320814][ T1111] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.360787][T10881] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.427408][ T1111] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.496581][T10881] veth0_vlan: entered promiscuous mode
[  376.550489][T10881] veth1_vlan: entered promiscuous mode
[  376.670762][ T1111] bridge_slave_1: left allmulticast mode
[  376.679050][ T1111] bridge_slave_1: left promiscuous mode
[  376.684965][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.699485][ T1111] bridge_slave_0: left allmulticast mode
[  376.705927][ T1111] bridge_slave_0: left promiscuous mode
[  376.713034][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.359370][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  377.380882][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  377.395528][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  377.421468][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  377.431131][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  377.431464][ T1111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.447608][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  377.471483][ T1111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.486307][ T1111] bond0 (unregistering): Released all slaves
[  377.499904][T11195] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1315'.
[  377.512480][T11201] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1315'.
[  377.661766][T11212] tipc: Enabled bearer <eth:xfrm0>, priority 10
[  377.775467][T10881] veth0_macvtap: entered promiscuous mode
[  377.845835][T10881] veth1_macvtap: entered promiscuous mode
[  377.961053][T11228] netlink: 'syz.1.1322': attribute type 9 has an invalid length.
[  378.002046][T11228] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1322'.
[  378.045664][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.056394][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.066317][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.076838][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.086732][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.097238][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.107412][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.118256][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.129598][T10881] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.141934][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.152587][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.162565][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.173099][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.183102][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.193866][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.203936][T10881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  378.214777][T10881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.226269][T10881] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.277020][T11231] tipc: Enabling of bearer <h:s> rejected, media not registered
[  378.290365][T10881] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.302477][T10881] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.315873][T10881] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.335928][T10881] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.764753][ T1111] hsr_slave_0: left promiscuous mode
[  378.783368][ T1111] hsr_slave_1: left promiscuous mode
[  378.796973][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  378.814049][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.829333][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.852832][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.889349][ T1111] veth1_macvtap: left promiscuous mode
[  378.895956][ T1111] veth0_macvtap: left promiscuous mode
[  378.903989][ T1111] veth1_vlan: left promiscuous mode
[  378.909346][ T1111] veth0_vlan: left promiscuous mode
[  378.994468][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  379.000811][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  379.476440][ T5237] Bluetooth: hci0: command tx timeout
[  379.934673][ T1111] team0 (unregistering): Port device team_slave_1 removed
[  379.989626][ T1111] team0 (unregistering): Port device team_slave_0 removed
[  380.620101][ T1122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.669915][ T1122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.913081][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.920956][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.986287][T11209] chnl_net:caif_netlink_parms(): no params data found
[  381.278363][T11209] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.297562][T11209] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.310120][T11209] bridge_slave_0: entered allmulticast mode
[  381.319258][T11209] bridge_slave_0: entered promiscuous mode
[  381.337237][T11209] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.350337][T11209] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.359408][T11209] bridge_slave_1: entered allmulticast mode
[  381.372028][T11209] bridge_slave_1: entered promiscuous mode
[  381.387906][T11320] dvmrp1: entered allmulticast mode
[  381.496003][ T1111] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.541633][T11209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  381.561951][ T5237] Bluetooth: hci0: command tx timeout
[  381.575507][T11209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  381.648649][ T1111] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.708461][T11209] team0: Port device team_slave_0 added
[  381.732303][ T1111] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.750341][T11209] team0: Port device team_slave_1 added
[  381.785144][T11209] batman_adv: batadv0: Adding interface: batadv_slave_0
[  381.799894][T11209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  381.826801][T11209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  381.848057][T11209] batman_adv: batadv0: Adding interface: batadv_slave_1
[  381.858282][T11209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  381.890709][T11209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  381.939271][ T1111] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.011906][T11209] hsr_slave_0: entered promiscuous mode
[  382.020730][T11209] hsr_slave_1: entered promiscuous mode
[  382.035776][T11209] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  382.043775][T11209] Cannot create hsr debugfs directory
[  382.305926][ T1111] bridge_slave_1: left allmulticast mode
[  382.311650][ T1111] bridge_slave_1: left promiscuous mode
[  382.345004][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.397668][ T1111] bridge_slave_0: left allmulticast mode
[  382.416920][ T1111] bridge_slave_0: left promiscuous mode
[  382.438689][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.569925][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  382.580957][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  382.590980][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  382.612319][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  382.626035][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  382.641748][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  382.983189][ T1111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.000577][ T1111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.011870][ T1111] bond0 (unregistering): Released all slaves
[  383.644039][ T5237] Bluetooth: hci0: command tx timeout
[  383.799974][T11380] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1347'.
[  383.917164][T11384] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  383.943106][ T1111] hsr_slave_0: left promiscuous mode
[  383.955448][ T1111] hsr_slave_1: left promiscuous mode
[  383.977070][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  383.985787][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  383.994732][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  384.002552][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  384.031962][ T1111] veth1_macvtap: left promiscuous mode
[  384.047932][ T1111] veth0_macvtap: left promiscuous mode
[  384.060220][ T1111] veth1_vlan: left promiscuous mode
[  384.073014][ T1111] veth0_vlan: left promiscuous mode
[  384.706723][ T1111] team0 (unregistering): Port device team_slave_1 removed
[  384.759333][ T5237] Bluetooth: hci1: command tx timeout
[  384.774502][ T1111] team0 (unregistering): Port device team_slave_0 removed
[  385.297458][T11380] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  385.312306][T11380] bond1 (unregistering): Released all slaves
[  385.434294][T11400] FAULT_INJECTION: forcing a failure.
[  385.434294][T11400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  385.484029][T11400] CPU: 0 UID: 0 PID: 11400 Comm: syz.4.1351 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  385.494524][T11400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  385.504622][T11400] Call Trace:
[  385.507928][T11400]  <TASK>
[  385.510879][T11400]  dump_stack_lvl+0x241/0x360
[  385.515607][T11400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.520850][T11400]  ? __pfx__printk+0x10/0x10
[  385.525481][T11400]  ? __pfx_lock_release+0x10/0x10
[  385.530544][T11400]  ? rcu_is_watching+0x15/0xb0
[  385.535350][T11400]  should_fail_ex+0x3b0/0x4e0
[  385.540073][T11400]  _copy_from_iter+0x1ed/0x1d60
[  385.544978][T11400]  ? alloc_pages_mpol_noprof+0x417/0x680
[  385.550654][T11400]  ? __pfx__copy_from_iter+0x10/0x10
[  385.555983][T11400]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  385.560504][T11209] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  385.561975][T11400]  ? alloc_pages_noprof+0xef/0x170
[  385.573792][T11400]  ? page_copy_sane+0x46/0x260
[  385.578602][T11400]  copy_page_from_iter+0x7a/0x100
[  385.583674][T11400]  tun_get_user+0x2046/0x47e0
[  385.588398][T11400]  ? tun_get_user+0x871/0x47e0
[  385.593223][T11400]  ? __lock_acquire+0x1384/0x2050
[  385.598311][T11400]  ? __pfx_tun_get_user+0x10/0x10
[  385.603365][T11400]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  385.608864][T11400]  ? tun_get+0x1e/0x2f0
[  385.613071][T11400]  ? __pfx_lock_release+0x10/0x10
[  385.618099][T11400]  ? tun_get+0x1e/0x2f0
[  385.622246][T11400]  ? tun_get+0x27d/0x2f0
[  385.626502][T11400]  tun_chr_write_iter+0x10d/0x1f0
[  385.631543][T11400]  vfs_write+0xa6d/0xc90
[  385.635790][T11400]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  385.641350][T11400]  ? __pfx_vfs_write+0x10/0x10
[  385.646167][T11400]  ? fdget_pos+0x19a/0x320
[  385.650626][T11400]  ksys_write+0x183/0x2b0
[  385.655003][T11400]  ? __pfx_ksys_write+0x10/0x10
[  385.659885][T11400]  ? do_syscall_64+0x100/0x230
[  385.664658][T11400]  ? do_syscall_64+0xb6/0x230
[  385.669336][T11400]  do_syscall_64+0xf3/0x230
[  385.673836][T11400]  ? clear_bhb_loop+0x35/0x90
[  385.678527][T11400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.684431][T11400] RIP: 0033:0x7f365117ca1f
[  385.688846][T11400] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  385.708458][T11400] RSP: 002b:00007f3652017000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  385.716876][T11400] RAX: ffffffffffffffda RBX: 00007f3651335f80 RCX: 00007f365117ca1f
[  385.724855][T11400] RDX: 0000000000000066 RSI: 0000000020001180 RDI: 00000000000000c8
[  385.732830][T11400] RBP: 00007f3652017090 R08: 0000000000000000 R09: 0000000000000000
[  385.740830][T11400] R10: 0000000000000066 R11: 0000000000000293 R12: 0000000000000001
[  385.748809][T11400] R13: 0000000000000001 R14: 00007f3651335f80 R15: 00007fff1cd61df8
[  385.756795][T11400]  </TASK>
[  385.762612][ T5237] Bluetooth: hci0: command tx timeout
[  385.806118][T11209] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  385.858802][T11209] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  385.879948][T11209] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  385.893030][T11414] bond0: entered promiscuous mode
[  385.898135][T11414] bond_slave_0: entered promiscuous mode
[  385.909779][T11414] bond_slave_1: entered promiscuous mode
[  386.061045][T11413] bond0: left promiscuous mode
[  386.076290][T11413] bond_slave_0: left promiscuous mode
[  386.081871][T11413] bond_slave_1: left promiscuous mode
[  386.136917][T11356] chnl_net:caif_netlink_parms(): no params data found
[  386.160208][T11425] netlink: 'syz.1.1356': attribute type 3 has an invalid length.
[  386.241007][T11425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1356'.
[  386.346118][T11356] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.363747][T11356] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.371105][T11356] bridge_slave_0: entered allmulticast mode
[  386.403054][T11356] bridge_slave_0: entered promiscuous mode
[  386.443601][T11356] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.450748][T11356] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.479362][T11356] bridge_slave_1: entered allmulticast mode
[  386.525136][T11356] bridge_slave_1: entered promiscuous mode
[  386.644768][T11356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.681258][T11356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.810808][T11356] team0: Port device team_slave_0 added
[  386.830057][T11209] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.836820][ T5235] Bluetooth: hci1: command tx timeout
[  386.859217][T11356] team0: Port device team_slave_1 added
[  386.927004][T11356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.943939][T11356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.978069][T11469] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20002
[  386.996566][T11356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.019352][T11209] 8021q: adding VLAN 0 to HW filter on device team0
[  387.033411][T11356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.043987][T11356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.081943][T11356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.170777][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.177985][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.189127][T11477] netlink: 'syz.0.1364': attribute type 6 has an invalid length.
[  387.204382][T11477] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1364'.
[  387.211827][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.220887][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.296951][T11356] hsr_slave_0: entered promiscuous mode
[  387.336294][T11356] hsr_slave_1: entered promiscuous mode
[  387.427460][T11487] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1367'.
[  387.637249][T11497] netlink: 'syz.4.1369': attribute type 9 has an invalid length.
[  387.668030][T11500] sock: sock_timestamping_bind_phc: sock not bind to device
[  387.674484][T11497] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.1369'.
[  388.095794][T11209] 8021q: adding VLAN 0 to HW filter on device batadv0
[  388.251063][T11525] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1373'.
[  388.331144][T11209] veth0_vlan: entered promiscuous mode
[  388.450552][T11209] veth1_vlan: entered promiscuous mode
[  388.461471][T11531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1374'.
[  388.723038][T11209] veth0_macvtap: entered promiscuous mode
[  388.732086][T11209] veth1_macvtap: entered promiscuous mode
[  388.750891][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.761917][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.772170][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.782703][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.792541][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  388.800378][T11545] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1379'.
[  388.803298][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.804491][T11209] batman_adv: batadv0: Interface activated: batadv_slave_0
[  388.912923][ T5235] Bluetooth: hci1: command tx timeout
[  388.990302][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.000995][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.011273][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.022236][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.032494][T11209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  389.043263][T11209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  389.056037][T11209] batman_adv: batadv0: Interface activated: batadv_slave_1
[  389.115849][T11209] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  389.124875][T11209] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  389.133784][T11209] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  389.142523][T11209] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  389.165617][T11551] pim6reg1: entered promiscuous mode
[  389.170984][T11551] pim6reg1: entered allmulticast mode
[  389.344507][T11356] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  389.384539][T11356] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  389.706089][T11356] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  389.727197][T11356] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  389.833937][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.841820][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.902062][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.945628][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.949251][T11574] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1383'.
[  390.235075][T11356] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.284166][T11356] 8021q: adding VLAN 0 to HW filter on device team0
[  390.328852][T11560] delete_channel: no stack
[  390.361791][ T2885] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.369009][ T2885] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.418287][ T2885] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.425584][ T2885] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.724211][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.857218][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.993228][   T55] Bluetooth: hci1: command tx timeout
[  391.032068][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.120491][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.195970][T11356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.284789][   T11] bridge_slave_1: left allmulticast mode
[  391.290504][   T11] bridge_slave_1: left promiscuous mode
[  391.297180][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.306690][   T11] bridge_slave_0: left allmulticast mode
[  391.312346][   T11] bridge_slave_0: left promiscuous mode
[  391.321481][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  391.321583][ T5247] Bluetooth: hci8: command 0x0406 tx timeout
[  391.327759][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  391.349459][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.710176][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  391.721586][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  391.735439][   T11] bond0 (unregistering): Released all slaves
[  391.792370][T11356] veth0_vlan: entered promiscuous mode
[  391.841065][T11356] veth1_vlan: entered promiscuous mode
[  391.915329][T11625] 8021q: adding VLAN 0 to HW filter on device bond1
[  392.184783][ T5244] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  392.195305][ T5244] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  392.207459][T11356] veth0_macvtap: entered promiscuous mode
[  392.223355][ T5244] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  392.234298][ T5244] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  392.247838][ T5244] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  392.257619][ T5244] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  392.361970][T11356] veth1_macvtap: entered promiscuous mode
[  392.484064][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.528957][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.556101][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.573390][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.614772][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.650931][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.674263][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.690684][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.710199][T11356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  393.254906][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.266010][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.286900][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.312261][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.341122][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.364268][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.392730][T11356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.416110][T11356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.419944][T11683] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20002
[  393.438590][T11356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  393.508399][   T11] hsr_slave_0: left promiscuous mode
[  393.527879][   T11] hsr_slave_1: left promiscuous mode
[  393.551373][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  393.561248][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.592595][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  393.611527][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  393.711489][   T11] veth1_macvtap: left promiscuous mode
[  393.743655][   T11] veth0_macvtap: left promiscuous mode
[  393.761139][T11700] FAULT_INJECTION: forcing a failure.
[  393.761139][T11700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.787068][   T11] veth1_vlan: left promiscuous mode
[  393.792428][   T11] veth0_vlan: left promiscuous mode
[  393.812864][T11700] CPU: 0 UID: 0 PID: 11700 Comm: syz.1.1399 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  393.823340][T11700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  393.833409][T11700] Call Trace:
[  393.836684][T11700]  <TASK>
[  393.839607][T11700]  dump_stack_lvl+0x241/0x360
[  393.844291][T11700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.849492][T11700]  ? __pfx__printk+0x10/0x10
[  393.854083][T11700]  ? __pfx_lock_release+0x10/0x10
[  393.859104][T11700]  ? __lock_acquire+0x1384/0x2050
[  393.864133][T11700]  should_fail_ex+0x3b0/0x4e0
[  393.868811][T11700]  _copy_from_user+0x2f/0xe0
[  393.873403][T11700]  kstrtouint_from_user+0xc6/0x190
[  393.878600][T11700]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  393.884349][T11700]  ? __pfx_lock_acquire+0x10/0x10
[  393.889388][T11700]  proc_fail_nth_write+0xaa/0x2d0
[  393.894413][T11700]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  393.900308][T11700]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  393.905941][T11700]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  393.911572][T11700]  vfs_write+0x29c/0xc90
[  393.915822][T11700]  ? __pfx_vfs_write+0x10/0x10
[  393.920586][T11700]  ? __fget_files+0x3f3/0x470
[  393.925264][T11700]  ? fdget_pos+0x24e/0x320
[  393.929674][T11700]  ksys_write+0x183/0x2b0
[  393.934004][T11700]  ? __pfx_ksys_write+0x10/0x10
[  393.938853][T11700]  ? do_syscall_64+0x100/0x230
[  393.943611][T11700]  ? do_syscall_64+0xb6/0x230
[  393.948279][T11700]  do_syscall_64+0xf3/0x230
[  393.952775][T11700]  ? clear_bhb_loop+0x35/0x90
[  393.957445][T11700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.963337][T11700] RIP: 0033:0x7f295077ca1f
[  393.967751][T11700] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  393.987371][T11700] RSP: 002b:00007f295155d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  393.995793][T11700] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f295077ca1f
[  394.003851][T11700] RDX: 0000000000000001 RSI: 00007f295155d0a0 RDI: 0000000000000004
[  394.011816][T11700] RBP: 00007f295155d090 R08: 0000000000000000 R09: 0000000000000000
[  394.019802][T11700] R10: 000000000000015e R11: 0000000000000293 R12: 0000000000000001
[  394.027768][T11700] R13: 0000000000000000 R14: 00007f2950935f80 R15: 00007ffc0a39c288
[  394.035749][T11700]  </TASK>
[  394.284752][ T2924] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  394.364261][ T5244] Bluetooth: hci0: command tx timeout
[  394.826714][   T11] team0 (unregistering): Port device team_slave_1 removed
[  394.876949][   T11] team0 (unregistering): Port device team_slave_0 removed
[  395.271021][T11356] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.282273][T11356] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.302747][T11356] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.311567][T11356] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.479492][T11732] FAULT_INJECTION: forcing a failure.
[  395.479492][T11732] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  395.492990][T11732] CPU: 1 UID: 0 PID: 11732 Comm: syz.1.1402 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  395.503442][T11732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  395.513527][T11732] Call Trace:
[  395.516828][T11732]  <TASK>
[  395.519782][T11732]  dump_stack_lvl+0x241/0x360
[  395.524502][T11732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  395.529740][T11732]  ? __pfx__printk+0x10/0x10
[  395.534371][T11732]  ? __pfx_lock_release+0x10/0x10
[  395.539514][T11732]  should_fail_ex+0x3b0/0x4e0
[  395.544210][T11732]  _copy_from_user+0x2f/0xe0
[  395.548809][T11732]  copy_msghdr_from_user+0xae/0x680
[  395.554015][T11732]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  395.559829][T11732]  __sys_sendmsg+0x22d/0x380
[  395.564415][T11732]  ? __pfx___sys_sendmsg+0x10/0x10
[  395.569527][T11732]  ? __pfx_vfs_write+0x10/0x10
[  395.574309][T11732]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  395.580640][T11732]  ? do_syscall_64+0x100/0x230
[  395.585397][T11732]  ? do_syscall_64+0xb6/0x230
[  395.590083][T11732]  do_syscall_64+0xf3/0x230
[  395.594584][T11732]  ? clear_bhb_loop+0x35/0x90
[  395.599257][T11732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.605149][T11732] RIP: 0033:0x7f295077df39
[  395.609558][T11732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.629161][T11732] RSP: 002b:00007f295155d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  395.637570][T11732] RAX: ffffffffffffffda RBX: 00007f2950935f80 RCX: 00007f295077df39
[  395.645533][T11732] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  395.653496][T11732] RBP: 00007f295155d090 R08: 0000000000000000 R09: 0000000000000000
[  395.661457][T11732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.669419][T11732] R13: 0000000000000000 R14: 00007f2950935f80 R15: 00007ffc0a39c288
[  395.677394][T11732]  </TASK>
[  396.001159][ T2885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.032314][T11756] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20002
[  396.044665][ T2885] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.186936][T11638] chnl_net:caif_netlink_parms(): no params data found
[  396.204041][ T2994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.222615][ T2994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.267947][T11766] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  396.433313][ T5244] Bluetooth: hci0: command tx timeout
[  396.460398][T11638] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.473028][T11638] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.480372][T11638] bridge_slave_0: entered allmulticast mode
[  396.487517][T11638] bridge_slave_0: entered promiscuous mode
[  396.495478][T11638] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.502598][T11638] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.510626][T11638] bridge_slave_1: entered allmulticast mode
[  396.518378][T11638] bridge_slave_1: entered promiscuous mode
[  396.590503][T11777] FAULT_INJECTION: forcing a failure.
[  396.590503][T11777] name failslab, interval 1, probability 0, space 0, times 0
[  396.604754][T11777] CPU: 1 UID: 0 PID: 11777 Comm: syz.1.1413 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  396.615262][T11777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  396.625348][T11777] Call Trace:
[  396.628642][T11777]  <TASK>
[  396.631569][T11777]  dump_stack_lvl+0x241/0x360
[  396.636250][T11777]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.641452][T11777]  ? __pfx__printk+0x10/0x10
[  396.646046][T11777]  ? ref_tracker_alloc+0x332/0x490
[  396.651166][T11777]  should_fail_ex+0x3b0/0x4e0
[  396.655873][T11777]  ? skb_clone+0x20c/0x390
[  396.660283][T11777]  should_failslab+0xac/0x100
[  396.664969][T11777]  ? skb_clone+0x20c/0x390
[  396.669407][T11777]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  396.674026][T11779] ax25_connect(): syz.0.1412 uses autobind, please contact jreuter@yaina.de
[  396.674790][T11777]  skb_clone+0x20c/0x390
[  396.674820][T11777]  __netlink_deliver_tap+0x3cc/0x7c0
[  396.693182][T11777]  ? netlink_deliver_tap+0x2e/0x1b0
[  396.698408][T11777]  netlink_deliver_tap+0x19d/0x1b0
[  396.703553][T11777]  netlink_unicast+0x7c4/0x990
[  396.708328][T11777]  ? __pfx_netlink_unicast+0x10/0x10
[  396.713621][T11777]  ? __virt_addr_valid+0x183/0x530
[  396.718764][T11777]  ? __check_object_size+0x48e/0x900
[  396.724084][T11777]  netlink_sendmsg+0x8e4/0xcb0
[  396.728897][T11777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  396.734202][T11777]  ? aa_sock_msg_perm+0x91/0x160
[  396.739152][T11777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  396.744457][T11777]  __sock_sendmsg+0x221/0x270
[  396.749138][T11777]  ____sys_sendmsg+0x52a/0x7e0
[  396.753931][T11777]  ? __pfx_____sys_sendmsg+0x10/0x10
[  396.759216][T11777]  ? rcu_is_watching+0x15/0xb0
[  396.763985][T11777]  ? __might_fault+0xaa/0x120
[  396.768692][T11777]  __sys_sendmmsg+0x3ab/0x730
[  396.773404][T11777]  ? __pfx___sys_sendmmsg+0x10/0x10
[  396.778653][T11777]  ? __schedule+0x189d/0x4b30
[  396.783357][T11777]  ? __pfx___schedule+0x10/0x10
[  396.788208][T11777]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  396.794198][T11777]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  396.800228][T11777]  __x64_sys_sendmmsg+0xa0/0xb0
[  396.805095][T11777]  do_syscall_64+0xf3/0x230
[  396.809609][T11777]  ? clear_bhb_loop+0x35/0x90
[  396.814311][T11777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.820226][T11777] RIP: 0033:0x7f295077df39
[  396.824635][T11777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.844246][T11777] RSP: 002b:00007f295155d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  396.852687][T11777] RAX: ffffffffffffffda RBX: 00007f2950935f80 RCX: 00007f295077df39
[  396.860666][T11777] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  396.868650][T11777] RBP: 00007f295155d090 R08: 0000000000000000 R09: 0000000000000000
[  396.876637][T11777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  396.884604][T11777] R13: 0000000000000000 R14: 00007f2950935f80 R15: 00007ffc0a39c288
[  396.892584][T11777]  </TASK>
[  396.964515][T11638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  397.012883][T11781] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1414'.
[  397.059513][T11638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  397.152157][ T2994] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.207272][T11638] team0: Port device team_slave_0 added
[  397.225064][T11638] team0: Port device team_slave_1 added
[  397.253131][T11638] batman_adv: batadv0: Adding interface: batadv_slave_0
[  397.260422][T11638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.286760][T11638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  397.299404][T11638] batman_adv: batadv0: Adding interface: batadv_slave_1
[  397.307809][T11638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.335836][T11638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  397.381109][T11638] hsr_slave_0: entered promiscuous mode
[  397.388997][T11638] hsr_slave_1: entered promiscuous mode
[  397.395625][T11638] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  397.405051][T11638] Cannot create hsr debugfs directory
[  397.450167][ T2994] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.548666][ T2994] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.665627][ T2994] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.906539][ T2994] bridge_slave_1: left allmulticast mode
[  397.912231][ T2994] bridge_slave_1: left promiscuous mode
[  397.953335][ T2994] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.021999][ T2994] bridge_slave_0: left allmulticast mode
[  398.042796][ T2994] bridge_slave_0: left promiscuous mode
[  398.048628][ T2994] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.080061][T11814] netlink: 'syz.0.1419': attribute type 9 has an invalid length.
[  398.105647][T11814] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.1419'.
[  398.173165][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  398.198683][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  398.207942][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  398.226100][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  398.236124][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  398.246428][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  398.370368][T11828] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  398.512862][ T5244] Bluetooth: hci0: command tx timeout
[  398.613262][ T2994] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  398.626409][ T2994] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  398.637052][ T2994] bond0 (unregistering): Released all slaves
[  398.689166][T11820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1420'.
[  399.022152][T11638] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  399.047828][T11638] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  399.054597][T11839] xt_hashlimit: invalid interval
[  399.065256][T11638] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  399.090864][T11638] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  399.293035][T11848] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1426'.
[  399.415331][T11856] netlink: 144316 bytes leftover after parsing attributes in process `syz.0.1428'.
[  399.424955][ T2994] hsr_slave_0: left promiscuous mode
[  399.444558][ T2994] hsr_slave_1: left promiscuous mode
[  399.493239][ T2994] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  399.526046][ T2994] batman_adv: batadv0: Removing interface: batadv_slave_0
[  399.539539][T11858] BUG: Bad page state in process syz.1.1427  pfn:6f1ee
[  399.546916][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806f1eedc0 pfn:0x6f1ee
[  399.557060][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  399.564267][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  399.572912][T11858] raw: ffff88806f1eedc0 0000000000000001 00000000ffffffff 0000000000000000
[  399.581520][T11858] page dumped because: page_pool leak
[  399.586956][T11858] page_owner tracks the page as allocated
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  399.592712][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509440167, free_ts 399328798660
[  399.609977][T11858]  post_alloc_hook+0x1f3/0x230
[  399.614815][T11858]  get_page_from_freelist+0x3045/0x3190
[  399.620390][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  399.625655][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  399.631148][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  399.637121][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  399.642341][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  399.647802][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  399.653233][T11858]  bpf_prog_test_run+0x2e4/0x360
[  399.658195][T11858]  __sys_bpf+0x48d/0x810
[  399.662466][T11858]  __x64_sys_bpf+0x7c/0x90
[  399.666967][T11858]  do_syscall_64+0xf3/0x230
[  399.671487][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.677445][T11858] page last free pid 10051 tgid 10051 stack trace:
[  399.684008][T11858]  free_unref_page+0xcfb/0xf20
[  399.688796][T11858]  __put_partials+0xeb/0x130
[  399.693478][T11858]  put_cpu_partial+0x17c/0x250
[  399.698263][T11858]  __slab_free+0x2ea/0x3d0
[  399.699413][ T5217] syz-executor (5217) used greatest stack depth: 18064 bytes left
[  399.702715][T11858]  qlist_free_all+0x9a/0x140
[  399.702737][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  399.702754][T11858]  __kasan_slab_alloc+0x23/0x80
[  399.702772][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  399.730957][T11858]  getname_flags+0xb7/0x540
[  399.735526][T11858]  __x64_sys_rename+0x5d/0x90
[  399.740216][T11858]  do_syscall_64+0xf3/0x230
[  399.744781][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.750706][T11858] Modules linked in:
[  399.754663][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Not tainted 6.11.0-syzkaller-11503-gc824deb1a897 #0
[  399.765094][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  399.775164][T11858] Call Trace:
[  399.778456][T11858]  <TASK>
[  399.781397][T11858]  dump_stack_lvl+0x241/0x360
[  399.786107][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  399.791334][T11858]  ? __pfx_print_modules+0x10/0x10
[  399.796468][T11858]  ? pcpu_memcg_post_alloc_hook+0x12a/0x720
[  399.802394][T11858]  bad_page+0x166/0x1b0
[  399.806557][T11858]  free_unref_page+0xed0/0xf20
[  399.811315][T11858]  skb_release_data+0x6dc/0x8a0
[  399.816158][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  399.821166][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  399.826873][T11858]  ? mark_lock+0x9a/0x360
[  399.831186][T11858]  ? __lock_acquire+0x1384/0x2050
[  399.836206][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  399.842263][T11858]  ? mark_lock+0x9a/0x360
[  399.846579][T11858]  ? __lock_acquire+0x1384/0x2050
[  399.851620][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  399.857592][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  399.864165][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  399.870647][T11858]  ? read_tsc+0x9/0x20
[  399.874700][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  399.879886][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  399.886199][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  399.892340][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  399.898655][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  399.905319][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  399.910531][T11858]  ? __phys_addr+0xba/0x170
[  399.915017][T11858]  ? build_skb_around+0x111/0x260
[  399.920036][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  399.925921][T11858]  netif_receive_skb_list+0x55/0x4b0
[  399.931193][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  399.936640][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  399.942524][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  399.948057][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  399.953850][T11858]  ? synchronize_rcu+0x11b/0x360
[  399.958773][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  399.964060][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  399.970292][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  399.976182][T11858]  ? _copy_from_user+0xa6/0xe0
[  399.980929][T11858]  ? bpf_test_init+0x15a/0x180
[  399.985679][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  399.991124][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  399.996486][T11858]  ? __pfx_lock_release+0x10/0x10
[  400.001500][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  400.007294][T11858]  ? __fget_files+0x29/0x470
[  400.011873][T11858]  ? fput+0x1a8/0x230
[  400.015842][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  400.021642][T11858]  bpf_prog_test_run+0x2e4/0x360
[  400.026571][T11858]  __sys_bpf+0x48d/0x810
[  400.030804][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  400.035580][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  400.041574][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  400.047892][T11858]  ? do_syscall_64+0x100/0x230
[  400.052652][T11858]  __x64_sys_bpf+0x7c/0x90
[  400.057068][T11858]  do_syscall_64+0xf3/0x230
[  400.061575][T11858]  ? clear_bhb_loop+0x35/0x90
[  400.066236][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.072116][T11858] RIP: 0033:0x7f295077df39
[  400.076515][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.096108][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  400.104509][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  400.112464][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  400.120427][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  400.128404][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  400.136376][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  400.144359][T11858]  </TASK>
[  400.147535][T11858] Disabling lock debugging due to kernel taint
[  400.153732][T11858] BUG: Bad page state in process syz.1.1427  pfn:6f1ef
[  400.160568][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806f1efdc0 pfn:0x6f1ef
[  400.170762][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  400.177897][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  400.186496][T11858] raw: ffff88806f1efdc0 0000000000000001 00000000ffffffff 0000000000000000
[  400.195092][T11858] page dumped because: page_pool leak
[  400.200437][T11858] page_owner tracks the page as allocated
[  400.206185][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509428348, free_ts 399328807736
[  400.223401][T11858]  post_alloc_hook+0x1f3/0x230
[  400.228177][T11858]  get_page_from_freelist+0x3045/0x3190
[  400.233770][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  400.238994][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  400.244581][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  400.250488][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  400.255722][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  400.261109][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  400.266533][T11858]  bpf_prog_test_run+0x2e4/0x360
[  400.271477][T11858]  __sys_bpf+0x48d/0x810
[  400.275760][T11858]  __x64_sys_bpf+0x7c/0x90
[  400.280202][T11858]  do_syscall_64+0xf3/0x230
[  400.284721][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.290622][T11858] page last free pid 10051 tgid 10051 stack trace:
[  400.297135][T11858]  free_unref_page+0xcfb/0xf20
[  400.301906][T11858]  __put_partials+0xeb/0x130
[  400.306518][T11858]  put_cpu_partial+0x17c/0x250
[  400.311281][T11858]  __slab_free+0x2ea/0x3d0
[  400.315716][T11858]  qlist_free_all+0x9a/0x140
[  400.320307][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  400.325787][T11858]  __kasan_slab_alloc+0x23/0x80
[  400.330640][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  400.336122][T11858]  getname_flags+0xb7/0x540
[  400.340629][T11858]  __x64_sys_rename+0x5d/0x90
[  400.345324][T11858]  do_syscall_64+0xf3/0x230
[  400.349831][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.355753][T11858] Modules linked in:
[  400.359648][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  400.371552][T11858] Tainted: [B]=BAD_PAGE
[  400.375692][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  400.385751][T11858] Call Trace:
[  400.389011][T11858]  <TASK>
[  400.391923][T11858]  dump_stack_lvl+0x241/0x360
[  400.396596][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.401781][T11858]  ? __pfx_print_modules+0x10/0x10
[  400.406876][T11858]  bad_page+0x166/0x1b0
[  400.411057][T11858]  free_unref_page+0xed0/0xf20
[  400.415810][T11858]  skb_release_data+0x6dc/0x8a0
[  400.420648][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  400.425672][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  400.431383][T11858]  ? mark_lock+0x9a/0x360
[  400.435695][T11858]  ? __lock_acquire+0x1384/0x2050
[  400.440704][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  400.446755][T11858]  ? mark_lock+0x9a/0x360
[  400.451065][T11858]  ? __lock_acquire+0x1384/0x2050
[  400.456086][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  400.462049][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  400.468616][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  400.475098][T11858]  ? read_tsc+0x9/0x20
[  400.479149][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  400.484330][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  400.490637][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  400.496774][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  400.503087][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  400.509742][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  400.514919][T11858]  ? __phys_addr+0xba/0x170
[  400.519399][T11858]  ? build_skb_around+0x111/0x260
[  400.524408][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  400.530286][T11858]  netif_receive_skb_list+0x55/0x4b0
[  400.535557][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  400.541003][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  400.546877][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  400.552402][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  400.558191][T11858]  ? synchronize_rcu+0x11b/0x360
[  400.563119][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  400.568391][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  400.574615][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  400.580491][T11858]  ? _copy_from_user+0xa6/0xe0
[  400.585235][T11858]  ? bpf_test_init+0x15a/0x180
[  400.589978][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  400.592720][ T5244] Bluetooth: hci0: command tx timeout
[  400.595413][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  400.606141][T11858]  ? __pfx_lock_release+0x10/0x10
[  400.611183][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  400.616977][T11858]  ? __fget_files+0x29/0x470
[  400.621557][T11858]  ? fput+0x1a8/0x230
[  400.625519][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  400.631312][T11858]  bpf_prog_test_run+0x2e4/0x360
[  400.636238][T11858]  __sys_bpf+0x48d/0x810
[  400.640468][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  400.645225][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  400.651188][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  400.657497][T11858]  ? do_syscall_64+0x100/0x230
[  400.662240][T11858]  __x64_sys_bpf+0x7c/0x90
[  400.666641][T11858]  do_syscall_64+0xf3/0x230
[  400.671124][T11858]  ? clear_bhb_loop+0x35/0x90
[  400.675783][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.681667][T11858] RIP: 0033:0x7f295077df39
[  400.686070][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.705685][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  400.714083][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  400.722121][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  400.730083][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  400.738039][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  400.745990][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  400.753969][T11858]  </TASK>
[  400.757088][T11858] BUG: Bad page state in process syz.1.1427  pfn:64fd8
[  400.763974][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888064fd8dc0 pfn:0x64fd8
[  400.774050][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  400.781170][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  400.789775][T11858] raw: ffff888064fd8dc0 0000000000000001 00000000ffffffff 0000000000000000
[  400.798397][T11858] page dumped because: page_pool leak
[  400.803794][T11858] page_owner tracks the page as allocated
[  400.809502][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509416534, free_ts 399328816426
[  400.826714][T11858]  post_alloc_hook+0x1f3/0x230
[  400.831484][T11858]  get_page_from_freelist+0x3045/0x3190
[  400.837046][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  400.842244][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  400.847718][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  400.853631][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  400.858812][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  400.864197][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  400.869578][T11858]  bpf_prog_test_run+0x2e4/0x360
[  400.874529][T11858]  __sys_bpf+0x48d/0x810
[  400.878779][T11858]  __x64_sys_bpf+0x7c/0x90
[  400.883215][T11858]  do_syscall_64+0xf3/0x230
[  400.887716][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.893719][T11858] page last free pid 10051 tgid 10051 stack trace:
[  400.900564][T11858]  free_unref_page+0xcfb/0xf20
[  400.905353][T11858]  __put_partials+0xeb/0x130
[  400.909953][T11858]  put_cpu_partial+0x17c/0x250
[  400.914755][T11858]  __slab_free+0x2ea/0x3d0
[  400.919179][T11858]  qlist_free_all+0x9a/0x140
[  400.923792][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  400.929253][T11858]  __kasan_slab_alloc+0x23/0x80
[  400.934130][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  400.939614][T11858]  getname_flags+0xb7/0x540
[  400.944139][T11858]  __x64_sys_rename+0x5d/0x90
[  400.948817][T11858]  do_syscall_64+0xf3/0x230
[  400.953336][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.959234][T11858] Modules linked in:
[  400.963148][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  400.975047][T11858] Tainted: [B]=BAD_PAGE
[  400.979179][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  400.989215][T11858] Call Trace:
[  400.992475][T11858]  <TASK>
[  400.995391][T11858]  dump_stack_lvl+0x241/0x360
[  401.000057][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.005244][T11858]  ? __pfx_print_modules+0x10/0x10
[  401.010342][T11858]  bad_page+0x166/0x1b0
[  401.014500][T11858]  free_unref_page+0xed0/0xf20
[  401.019250][T11858]  skb_release_data+0x6dc/0x8a0
[  401.024082][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  401.029099][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  401.034819][T11858]  ? mark_lock+0x9a/0x360
[  401.039154][T11858]  ? __lock_acquire+0x1384/0x2050
[  401.044183][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  401.050330][T11858]  ? mark_lock+0x9a/0x360
[  401.054644][T11858]  ? __lock_acquire+0x1384/0x2050
[  401.059668][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  401.065634][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  401.072208][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  401.078703][T11858]  ? read_tsc+0x9/0x20
[  401.082767][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  401.087980][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  401.094312][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  401.100448][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  401.106759][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  401.113423][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  401.118607][T11858]  ? __phys_addr+0xba/0x170
[  401.123113][T11858]  ? build_skb_around+0x111/0x260
[  401.128138][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  401.134037][T11858]  netif_receive_skb_list+0x55/0x4b0
[  401.139305][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  401.144747][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  401.150631][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  401.156196][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  401.161988][T11858]  ? synchronize_rcu+0x11b/0x360
[  401.166906][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  401.172196][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  401.178439][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  401.184325][T11858]  ? _copy_from_user+0xa6/0xe0
[  401.189071][T11858]  ? bpf_test_init+0x15a/0x180
[  401.193818][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  401.199283][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  401.204646][T11858]  ? __pfx_lock_release+0x10/0x10
[  401.209658][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  401.215450][T11858]  ? __fget_files+0x29/0x470
[  401.220023][T11858]  ? fput+0x1a8/0x230
[  401.223987][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  401.229780][T11858]  bpf_prog_test_run+0x2e4/0x360
[  401.234704][T11858]  __sys_bpf+0x48d/0x810
[  401.238950][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  401.243697][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  401.249667][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  401.255982][T11858]  ? do_syscall_64+0x100/0x230
[  401.260725][T11858]  __x64_sys_bpf+0x7c/0x90
[  401.265121][T11858]  do_syscall_64+0xf3/0x230
[  401.269620][T11858]  ? clear_bhb_loop+0x35/0x90
[  401.274306][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.280708][T11858] RIP: 0033:0x7f295077df39
[  401.285107][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.304697][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  401.313094][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  401.321045][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  401.328997][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  401.336950][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.344903][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  401.352863][T11858]  </TASK>
[  401.355940][T11858] BUG: Bad page state in process syz.1.1427  pfn:20f31
[  401.362826][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888020f31dc0 pfn:0x20f31
[  401.372919][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  401.380029][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  401.388624][T11858] raw: ffff888020f31dc0 0000000000000001 00000000ffffffff 0000000000000000
[  401.397224][T11858] page dumped because: page_pool leak
[  401.402568][T11858] page_owner tracks the page as allocated
[  401.408295][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509405116, free_ts 399328825822
[  401.425522][T11858]  post_alloc_hook+0x1f3/0x230
[  401.430279][T11858]  get_page_from_freelist+0x3045/0x3190
[  401.435837][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  401.441034][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  401.446508][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  401.452412][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  401.457654][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  401.463061][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  401.468423][T11858]  bpf_prog_test_run+0x2e4/0x360
[  401.473490][T11858]  __sys_bpf+0x48d/0x810
[  401.477735][T11858]  __x64_sys_bpf+0x7c/0x90
[  401.482130][T11858]  do_syscall_64+0xf3/0x230
[  401.486649][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.492576][T11858] page last free pid 10051 tgid 10051 stack trace:
[  401.499091][T11858]  free_unref_page+0xcfb/0xf20
[  401.503906][T11858]  __put_partials+0xeb/0x130
[  401.508484][T11858]  put_cpu_partial+0x17c/0x250
[  401.513266][T11858]  __slab_free+0x2ea/0x3d0
[  401.517687][T11858]  qlist_free_all+0x9a/0x140
[  401.522255][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  401.527740][T11858]  __kasan_slab_alloc+0x23/0x80
[  401.532591][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  401.538079][T11858]  getname_flags+0xb7/0x540
[  401.542560][T11858]  __x64_sys_rename+0x5d/0x90
[  401.547251][T11858]  do_syscall_64+0xf3/0x230
[  401.551756][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.557676][T11858] Modules linked in:
[  401.561571][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  401.573441][T11858] Tainted: [B]=BAD_PAGE
[  401.577567][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  401.587599][T11858] Call Trace:
[  401.590859][T11858]  <TASK>
[  401.593770][T11858]  dump_stack_lvl+0x241/0x360
[  401.598457][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.603641][T11858]  ? __pfx_print_modules+0x10/0x10
[  401.608736][T11858]  bad_page+0x166/0x1b0
[  401.612874][T11858]  free_unref_page+0xed0/0xf20
[  401.617626][T11858]  skb_release_data+0x6dc/0x8a0
[  401.622470][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  401.627487][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  401.633194][T11858]  ? mark_lock+0x9a/0x360
[  401.637508][T11858]  ? __lock_acquire+0x1384/0x2050
[  401.642519][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  401.648576][T11858]  ? mark_lock+0x9a/0x360
[  401.652901][T11858]  ? __lock_acquire+0x1384/0x2050
[  401.657943][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  401.663915][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  401.670483][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  401.676979][T11858]  ? read_tsc+0x9/0x20
[  401.681040][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  401.686229][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  401.692546][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  401.698692][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  401.705005][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  401.711665][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  401.716847][T11858]  ? __phys_addr+0xba/0x170
[  401.721334][T11858]  ? build_skb_around+0x111/0x260
[  401.726343][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  401.732236][T11858]  netif_receive_skb_list+0x55/0x4b0
[  401.737507][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  401.742954][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  401.748830][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  401.754361][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  401.760156][T11858]  ? synchronize_rcu+0x11b/0x360
[  401.765082][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  401.770354][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  401.776607][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  401.782502][T11858]  ? _copy_from_user+0xa6/0xe0
[  401.787249][T11858]  ? bpf_test_init+0x15a/0x180
[  401.792253][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  401.797699][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  401.803059][T11858]  ? __pfx_lock_release+0x10/0x10
[  401.808068][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  401.813955][T11858]  ? __fget_files+0x29/0x470
[  401.818545][T11858]  ? fput+0x1a8/0x230
[  401.822516][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  401.828314][T11858]  bpf_prog_test_run+0x2e4/0x360
[  401.833244][T11858]  __sys_bpf+0x48d/0x810
[  401.837473][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  401.842215][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  401.848181][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  401.854587][T11858]  ? do_syscall_64+0x100/0x230
[  401.859330][T11858]  __x64_sys_bpf+0x7c/0x90
[  401.863732][T11858]  do_syscall_64+0xf3/0x230
[  401.868216][T11858]  ? clear_bhb_loop+0x35/0x90
[  401.872884][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.878804][T11858] RIP: 0033:0x7f295077df39
[  401.883207][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.902797][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  401.911190][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  401.919229][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  401.927179][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  401.935134][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.943084][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  401.951039][T11858]  </TASK>
[  401.954117][T11858] BUG: Bad page state in process syz.1.1427  pfn:7c3fe
[  401.960965][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c3fedc0 pfn:0x7c3fe
[  401.971065][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  401.978200][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  401.986802][T11858] raw: ffff88807c3fedc0 0000000000000001 00000000ffffffff 0000000000000000
[  401.995430][T11858] page dumped because: page_pool leak
[  402.000778][T11858] page_owner tracks the page as allocated
[  402.006505][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509393582, free_ts 399328871873
[  402.023746][T11858]  post_alloc_hook+0x1f3/0x230
[  402.028507][T11858]  get_page_from_freelist+0x3045/0x3190
[  402.034071][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  402.039284][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  402.044780][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  402.050683][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  402.055914][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  402.061295][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  402.066700][T11858]  bpf_prog_test_run+0x2e4/0x360
[  402.071643][T11858]  __sys_bpf+0x48d/0x810
[  402.075928][T11858]  __x64_sys_bpf+0x7c/0x90
[  402.080345][T11858]  do_syscall_64+0xf3/0x230
[  402.084867][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.090774][T11858] page last free pid 10051 tgid 10051 stack trace:
[  402.097293][T11858]  free_unref_page+0xcfb/0xf20
[  402.102163][T11858]  __put_partials+0xeb/0x130
[  402.106788][T11858]  put_cpu_partial+0x17c/0x250
[  402.111561][T11858]  __slab_free+0x2ea/0x3d0
[  402.116000][T11858]  qlist_free_all+0x9a/0x140
[  402.120600][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  402.126081][T11858]  __kasan_slab_alloc+0x23/0x80
[  402.130932][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  402.136409][T11858]  getname_flags+0xb7/0x540
[  402.140918][T11858]  __x64_sys_rename+0x5d/0x90
[  402.145612][T11858]  do_syscall_64+0xf3/0x230
[  402.150112][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.156025][T11858] Modules linked in:
[  402.159919][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  402.171809][T11858] Tainted: [B]=BAD_PAGE
[  402.175961][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.185996][T11858] Call Trace:
[  402.189254][T11858]  <TASK>
[  402.192164][T11858]  dump_stack_lvl+0x241/0x360
[  402.196834][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.202017][T11858]  ? __pfx_print_modules+0x10/0x10
[  402.207119][T11858]  bad_page+0x166/0x1b0
[  402.211256][T11858]  free_unref_page+0xed0/0xf20
[  402.216010][T11858]  skb_release_data+0x6dc/0x8a0
[  402.220843][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  402.225844][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  402.231547][T11858]  ? mark_lock+0x9a/0x360
[  402.235858][T11858]  ? __lock_acquire+0x1384/0x2050
[  402.240885][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  402.246937][T11858]  ? mark_lock+0x9a/0x360
[  402.251245][T11858]  ? __lock_acquire+0x1384/0x2050
[  402.256258][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  402.262253][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  402.268844][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  402.275333][T11858]  ? read_tsc+0x9/0x20
[  402.279387][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  402.284571][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  402.290878][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  402.297029][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  402.303350][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  402.310027][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  402.315215][T11858]  ? __phys_addr+0xba/0x170
[  402.319703][T11858]  ? build_skb_around+0x111/0x260
[  402.324714][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  402.330591][T11858]  netif_receive_skb_list+0x55/0x4b0
[  402.335857][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  402.341318][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  402.347237][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  402.352835][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  402.358748][T11858]  ? synchronize_rcu+0x11b/0x360
[  402.363690][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  402.368962][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  402.375192][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  402.381077][T11858]  ? _copy_from_user+0xa6/0xe0
[  402.385824][T11858]  ? bpf_test_init+0x15a/0x180
[  402.390568][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  402.396006][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  402.401363][T11858]  ? __pfx_lock_release+0x10/0x10
[  402.406373][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  402.412162][T11858]  ? __fget_files+0x29/0x470
[  402.416736][T11858]  ? fput+0x1a8/0x230
[  402.420695][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  402.426485][T11858]  bpf_prog_test_run+0x2e4/0x360
[  402.431410][T11858]  __sys_bpf+0x48d/0x810
[  402.435636][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  402.440383][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  402.446343][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  402.452659][T11858]  ? do_syscall_64+0x100/0x230
[  402.457414][T11858]  __x64_sys_bpf+0x7c/0x90
[  402.461811][T11858]  do_syscall_64+0xf3/0x230
[  402.466292][T11858]  ? clear_bhb_loop+0x35/0x90
[  402.470942][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.476828][T11858] RIP: 0033:0x7f295077df39
[  402.481248][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.500836][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  402.509232][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  402.517193][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  402.525149][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  402.533110][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  402.541072][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  402.549035][T11858]  </TASK>
[  402.552106][T11858] BUG: Bad page state in process syz.1.1427  pfn:281be
[  402.558972][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880281bedc0 pfn:0x281be
[  402.569050][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  402.576177][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  402.584782][T11858] raw: ffff8880281bedc0 0000000000000001 00000000ffffffff 0000000000000000
[  402.593397][T11858] page dumped because: page_pool leak
[  402.598831][T11858] page_owner tracks the page as allocated
[  402.604572][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509382239, free_ts 399328881026
[  402.621802][T11858]  post_alloc_hook+0x1f3/0x230
[  402.626591][T11858]  get_page_from_freelist+0x3045/0x3190
[  402.632143][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  402.637357][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  402.642854][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  402.648757][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  402.653978][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  402.659355][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  402.664757][T11858]  bpf_prog_test_run+0x2e4/0x360
[  402.669698][T11858]  __sys_bpf+0x48d/0x810
[  402.673959][T11858]  __x64_sys_bpf+0x7c/0x90
[  402.678375][T11858]  do_syscall_64+0xf3/0x230
[  402.682898][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.688889][T11858] page last free pid 10051 tgid 10051 stack trace:
[  402.695403][T11858]  free_unref_page+0xcfb/0xf20
[  402.700175][T11858]  __put_partials+0xeb/0x130
[  402.704783][T11858]  put_cpu_partial+0x17c/0x250
[  402.709544][T11858]  __slab_free+0x2ea/0x3d0
[  402.713982][T11858]  qlist_free_all+0x9a/0x140
[  402.718658][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  402.724136][T11858]  __kasan_slab_alloc+0x23/0x80
[  402.728985][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  402.734461][T11858]  getname_flags+0xb7/0x540
[  402.738968][T11858]  __x64_sys_rename+0x5d/0x90
[  402.743692][T11858]  do_syscall_64+0xf3/0x230
[  402.748194][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.754112][T11858] Modules linked in:
[  402.758009][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  402.769880][T11858] Tainted: [B]=BAD_PAGE
[  402.774010][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  402.784070][T11858] Call Trace:
[  402.787328][T11858]  <TASK>
[  402.790238][T11858]  dump_stack_lvl+0x241/0x360
[  402.794909][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.800091][T11858]  ? __pfx_print_modules+0x10/0x10
[  402.805187][T11858]  bad_page+0x166/0x1b0
[  402.809336][T11858]  free_unref_page+0xed0/0xf20
[  402.814102][T11858]  skb_release_data+0x6dc/0x8a0
[  402.818938][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  402.823945][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  402.829651][T11858]  ? mark_lock+0x9a/0x360
[  402.833963][T11858]  ? __lock_acquire+0x1384/0x2050
[  402.838973][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  402.845022][T11858]  ? mark_lock+0x9a/0x360
[  402.849330][T11858]  ? __lock_acquire+0x1384/0x2050
[  402.854342][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  402.860302][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  402.866874][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  402.873380][T11858]  ? read_tsc+0x9/0x20
[  402.877433][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  402.882611][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  402.889018][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  402.895156][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  402.901470][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  402.908125][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  402.913396][T11858]  ? __phys_addr+0xba/0x170
[  402.917964][T11858]  ? build_skb_around+0x111/0x260
[  402.922972][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  402.928845][T11858]  netif_receive_skb_list+0x55/0x4b0
[  402.934113][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  402.939554][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  402.945432][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  402.950974][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  402.956783][T11858]  ? synchronize_rcu+0x11b/0x360
[  402.961701][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  402.966978][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  402.973215][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  402.979112][T11858]  ? _copy_from_user+0xa6/0xe0
[  402.983863][T11858]  ? bpf_test_init+0x15a/0x180
[  402.988632][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  402.994096][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  402.999451][T11858]  ? __pfx_lock_release+0x10/0x10
[  403.004469][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  403.010262][T11858]  ? __fget_files+0x29/0x470
[  403.014833][T11858]  ? fput+0x1a8/0x230
[  403.018810][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  403.024599][T11858]  bpf_prog_test_run+0x2e4/0x360
[  403.029518][T11858]  __sys_bpf+0x48d/0x810
[  403.033741][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  403.038489][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  403.044451][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  403.050779][T11858]  ? do_syscall_64+0x100/0x230
[  403.055524][T11858]  __x64_sys_bpf+0x7c/0x90
[  403.059921][T11858]  do_syscall_64+0xf3/0x230
[  403.064405][T11858]  ? clear_bhb_loop+0x35/0x90
[  403.069064][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.074942][T11858] RIP: 0033:0x7f295077df39
[  403.079336][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.098946][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  403.107351][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  403.115322][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  403.123288][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  403.131236][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  403.139220][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  403.147194][T11858]  </TASK>
[  403.150311][T11858] BUG: Bad page state in process syz.1.1427  pfn:7b91e
[  403.157205][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807b91edc0 pfn:0x7b91e
[  403.167302][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  403.174438][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  403.183038][T11858] raw: ffff88807b91edc0 0000000000000001 00000000ffffffff 0000000000000000
[  403.191628][T11858] page dumped because: page_pool leak
[  403.197018][T11858] page_owner tracks the page as allocated
[  403.202773][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509371285, free_ts 399328890362
[  403.220004][T11858]  post_alloc_hook+0x1f3/0x230
[  403.224804][T11858]  get_page_from_freelist+0x3045/0x3190
[  403.230336][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  403.235583][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  403.241046][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  403.246954][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  403.252154][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  403.257579][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  403.262983][T11858]  bpf_prog_test_run+0x2e4/0x360
[  403.267907][T11858]  __sys_bpf+0x48d/0x810
[  403.272130][T11858]  __x64_sys_bpf+0x7c/0x90
[  403.276567][T11858]  do_syscall_64+0xf3/0x230
[  403.281080][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.287006][T11858] page last free pid 10051 tgid 10051 stack trace:
[  403.293524][T11858]  free_unref_page+0xcfb/0xf20
[  403.298284][T11858]  __put_partials+0xeb/0x130
[  403.302910][T11858]  put_cpu_partial+0x17c/0x250
[  403.307674][T11858]  __slab_free+0x2ea/0x3d0
[  403.312071][T11858]  qlist_free_all+0x9a/0x140
[  403.316691][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  403.322156][T11858]  __kasan_slab_alloc+0x23/0x80
[  403.327026][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  403.332487][T11858]  getname_flags+0xb7/0x540
[  403.337004][T11858]  __x64_sys_rename+0x5d/0x90
[  403.341681][T11858]  do_syscall_64+0xf3/0x230
[  403.346198][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.352097][T11858] Modules linked in:
[  403.356009][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  403.367986][T11858] Tainted: [B]=BAD_PAGE
[  403.372114][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  403.382266][T11858] Call Trace:
[  403.385541][T11858]  <TASK>
[  403.388467][T11858]  dump_stack_lvl+0x241/0x360
[  403.393141][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  403.398343][T11858]  ? __pfx_print_modules+0x10/0x10
[  403.403479][T11858]  bad_page+0x166/0x1b0
[  403.407647][T11858]  free_unref_page+0xed0/0xf20
[  403.412400][T11858]  skb_release_data+0x6dc/0x8a0
[  403.417239][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  403.422269][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  403.428071][T11858]  ? mark_lock+0x9a/0x360
[  403.432383][T11858]  ? __lock_acquire+0x1384/0x2050
[  403.437391][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  403.443445][T11858]  ? mark_lock+0x9a/0x360
[  403.447761][T11858]  ? __lock_acquire+0x1384/0x2050
[  403.452776][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  403.458763][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  403.465349][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  403.471851][T11858]  ? read_tsc+0x9/0x20
[  403.475914][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  403.481100][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  403.487411][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  403.493557][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  403.499869][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  403.506535][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  403.511719][T11858]  ? __phys_addr+0xba/0x170
[  403.516299][T11858]  ? build_skb_around+0x111/0x260
[  403.521481][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  403.527382][T11858]  netif_receive_skb_list+0x55/0x4b0
[  403.532667][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  403.538134][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  403.544014][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  403.549548][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  403.555344][T11858]  ? synchronize_rcu+0x11b/0x360
[  403.560262][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  403.565529][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  403.571776][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  403.577660][T11858]  ? _copy_from_user+0xa6/0xe0
[  403.582409][T11858]  ? bpf_test_init+0x15a/0x180
[  403.587158][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  403.592599][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  403.597960][T11858]  ? __pfx_lock_release+0x10/0x10
[  403.602985][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  403.608797][T11858]  ? __fget_files+0x29/0x470
[  403.613374][T11858]  ? fput+0x1a8/0x230
[  403.617337][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  403.623127][T11858]  bpf_prog_test_run+0x2e4/0x360
[  403.628046][T11858]  __sys_bpf+0x48d/0x810
[  403.632265][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  403.637040][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  403.643021][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  403.649365][T11858]  ? do_syscall_64+0x100/0x230
[  403.654112][T11858]  __x64_sys_bpf+0x7c/0x90
[  403.658506][T11858]  do_syscall_64+0xf3/0x230
[  403.662989][T11858]  ? clear_bhb_loop+0x35/0x90
[  403.667643][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.673525][T11858] RIP: 0033:0x7f295077df39
[  403.677918][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.697502][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  403.705900][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  403.713853][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  403.721912][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  403.729862][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  403.737812][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  403.745772][T11858]  </TASK>
[  403.748839][T11858] BUG: Bad page state in process syz.1.1427  pfn:645ee
[  403.755730][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880645eedc0 pfn:0x645ee
[  403.765807][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  403.772939][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  403.781503][T11858] raw: ffff8880645eedc0 0000000000000001 00000000ffffffff 0000000000000000
[  403.790096][T11858] page dumped because: page_pool leak
[  403.795489][T11858] page_owner tracks the page as allocated
[  403.801183][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509361053, free_ts 399328899045
[  403.818407][T11858]  post_alloc_hook+0x1f3/0x230
[  403.823201][T11858]  get_page_from_freelist+0x3045/0x3190
[  403.828732][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  403.833942][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  403.839418][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  403.845332][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  403.850541][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  403.855940][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  403.861321][T11858]  bpf_prog_test_run+0x2e4/0x360
[  403.866281][T11858]  __sys_bpf+0x48d/0x810
[  403.870530][T11858]  __x64_sys_bpf+0x7c/0x90
[  403.874978][T11858]  do_syscall_64+0xf3/0x230
[  403.879491][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.885410][T11858] page last free pid 10051 tgid 10051 stack trace:
[  403.891903][T11858]  free_unref_page+0xcfb/0xf20
[  403.896689][T11858]  __put_partials+0xeb/0x130
[  403.901283][T11858]  put_cpu_partial+0x17c/0x250
[  403.906065][T11858]  __slab_free+0x2ea/0x3d0
[  403.910482][T11858]  qlist_free_all+0x9a/0x140
[  403.915093][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  403.920554][T11858]  __kasan_slab_alloc+0x23/0x80
[  403.925437][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  403.930899][T11858]  getname_flags+0xb7/0x540
[  403.935457][T11858]  __x64_sys_rename+0x5d/0x90
[  403.940160][T11858]  do_syscall_64+0xf3/0x230
[  403.944698][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.950616][T11858] Modules linked in:
[  403.954533][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  403.966424][T11858] Tainted: [B]=BAD_PAGE
[  403.970552][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  403.980587][T11858] Call Trace:
[  403.983853][T11858]  <TASK>
[  403.986764][T11858]  dump_stack_lvl+0x241/0x360
[  403.991435][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  403.996622][T11858]  ? __pfx_print_modules+0x10/0x10
[  404.001718][T11858]  bad_page+0x166/0x1b0
[  404.005868][T11858]  free_unref_page+0xed0/0xf20
[  404.010614][T11858]  skb_release_data+0x6dc/0x8a0
[  404.015451][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  404.020456][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  404.026157][T11858]  ? mark_lock+0x9a/0x360
[  404.030465][T11858]  ? __lock_acquire+0x1384/0x2050
[  404.035473][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  404.041546][T11858]  ? mark_lock+0x9a/0x360
[  404.045855][T11858]  ? __lock_acquire+0x1384/0x2050
[  404.050864][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  404.056829][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  404.063399][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  404.069880][T11858]  ? read_tsc+0x9/0x20
[  404.073934][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  404.079115][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  404.085444][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  404.091597][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  404.097938][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  404.104620][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  404.109803][T11858]  ? __phys_addr+0xba/0x170
[  404.114291][T11858]  ? build_skb_around+0x111/0x260
[  404.119347][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  404.125255][T11858]  netif_receive_skb_list+0x55/0x4b0
[  404.130521][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  404.135966][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  404.141841][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  404.147373][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  404.153162][T11858]  ? synchronize_rcu+0x11b/0x360
[  404.158080][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  404.163355][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  404.169581][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  404.175472][T11858]  ? _copy_from_user+0xa6/0xe0
[  404.180216][T11858]  ? bpf_test_init+0x15a/0x180
[  404.184963][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  404.190405][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  404.195770][T11858]  ? __pfx_lock_release+0x10/0x10
[  404.200783][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  404.206574][T11858]  ? __fget_files+0x29/0x470
[  404.211146][T11858]  ? fput+0x1a8/0x230
[  404.215111][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  404.220906][T11858]  bpf_prog_test_run+0x2e4/0x360
[  404.225832][T11858]  __sys_bpf+0x48d/0x810
[  404.230056][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  404.234802][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  404.240791][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  404.247275][T11858]  ? do_syscall_64+0x100/0x230
[  404.252016][T11858]  __x64_sys_bpf+0x7c/0x90
[  404.256468][T11858]  do_syscall_64+0xf3/0x230
[  404.260949][T11858]  ? clear_bhb_loop+0x35/0x90
[  404.265604][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.271479][T11858] RIP: 0033:0x7f295077df39
[  404.275878][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.295567][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  404.303971][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  404.311939][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  404.319916][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  404.327900][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  404.335863][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  404.344025][T11858]  </TASK>
[  404.347123][T11858] BUG: Bad page state in process syz.1.1427  pfn:5da49
[  404.353994][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805da49dc0 pfn:0x5da49
[  404.364074][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  404.371187][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  404.379785][T11858] raw: ffff88805da49dc0 0000000000000001 00000000ffffffff 0000000000000000
[  404.388377][T11858] page dumped because: page_pool leak
[  404.393751][T11858] page_owner tracks the page as allocated
[  404.399456][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509350343, free_ts 399328907971
[  404.416668][T11858]  post_alloc_hook+0x1f3/0x230
[  404.421440][T11858]  get_page_from_freelist+0x3045/0x3190
[  404.427091][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  404.432292][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  404.437776][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  404.443688][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  404.448869][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  404.454254][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  404.459629][T11858]  bpf_prog_test_run+0x2e4/0x360
[  404.464576][T11858]  __sys_bpf+0x48d/0x810
[  404.468816][T11858]  __x64_sys_bpf+0x7c/0x90
[  404.473246][T11858]  do_syscall_64+0xf3/0x230
[  404.477743][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.483649][T11858] page last free pid 10051 tgid 10051 stack trace:
[  404.490138][T11858]  free_unref_page+0xcfb/0xf20
[  404.494919][T11858]  __put_partials+0xeb/0x130
[  404.499525][T11858]  put_cpu_partial+0x17c/0x250
[  404.504296][T11858]  __slab_free+0x2ea/0x3d0
[  404.508719][T11858]  qlist_free_all+0x9a/0x140
[  404.513331][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  404.518792][T11858]  __kasan_slab_alloc+0x23/0x80
[  404.523664][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  404.529131][T11858]  getname_flags+0xb7/0x540
[  404.533649][T11858]  __x64_sys_rename+0x5d/0x90
[  404.538323][T11858]  do_syscall_64+0xf3/0x230
[  404.542836][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.548737][T11858] Modules linked in:
[  404.552613][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  404.564501][T11858] Tainted: [B]=BAD_PAGE
[  404.568629][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  404.578664][T11858] Call Trace:
[  404.581921][T11858]  <TASK>
[  404.584853][T11858]  dump_stack_lvl+0x241/0x360
[  404.589520][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.594715][T11858]  ? __pfx_print_modules+0x10/0x10
[  404.599835][T11858]  bad_page+0x166/0x1b0
[  404.603974][T11858]  free_unref_page+0xed0/0xf20
[  404.608721][T11858]  skb_release_data+0x6dc/0x8a0
[  404.613553][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  404.618554][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  404.624256][T11858]  ? mark_lock+0x9a/0x360
[  404.628571][T11858]  ? __lock_acquire+0x1384/0x2050
[  404.633584][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  404.639632][T11858]  ? mark_lock+0x9a/0x360
[  404.644027][T11858]  ? __lock_acquire+0x1384/0x2050
[  404.649036][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  404.654999][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  404.661568][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  404.668064][T11858]  ? read_tsc+0x9/0x20
[  404.672113][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  404.677292][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  404.683600][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  404.689732][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  404.696039][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  404.702697][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  404.707873][T11858]  ? __phys_addr+0xba/0x170
[  404.712351][T11858]  ? build_skb_around+0x111/0x260
[  404.717361][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  404.723258][T11858]  netif_receive_skb_list+0x55/0x4b0
[  404.728525][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  404.733972][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  404.739851][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  404.745392][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  404.751180][T11858]  ? synchronize_rcu+0x11b/0x360
[  404.756099][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  404.761372][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  404.767603][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  404.773483][T11858]  ? _copy_from_user+0xa6/0xe0
[  404.778228][T11858]  ? bpf_test_init+0x15a/0x180
[  404.782972][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  404.788412][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  404.793786][T11858]  ? __pfx_lock_release+0x10/0x10
[  404.798795][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  404.804584][T11858]  ? __fget_files+0x29/0x470
[  404.809156][T11858]  ? fput+0x1a8/0x230
[  404.813134][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  404.818919][T11858]  bpf_prog_test_run+0x2e4/0x360
[  404.823836][T11858]  __sys_bpf+0x48d/0x810
[  404.828061][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  404.832810][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  404.838861][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  404.845176][T11858]  ? do_syscall_64+0x100/0x230
[  404.849919][T11858]  __x64_sys_bpf+0x7c/0x90
[  404.854402][T11858]  do_syscall_64+0xf3/0x230
[  404.858883][T11858]  ? clear_bhb_loop+0x35/0x90
[  404.863540][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.869414][T11858] RIP: 0033:0x7f295077df39
[  404.873815][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.893399][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  404.901791][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  404.909742][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  404.917709][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  404.925659][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  404.933611][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  404.941594][T11858]  </TASK>
[  404.944664][T11858] BUG: Bad page state in process syz.1.1427  pfn:7b462
[  404.951540][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807b462dc0 pfn:0x7b462
[  404.961622][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  404.968755][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  404.977352][T11858] raw: ffff88807b462dc0 0000000000000001 00000000ffffffff 0000000000000000
[  404.985969][T11858] page dumped because: page_pool leak
[  404.991318][T11858] page_owner tracks the page as allocated
[  404.997064][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509339020, free_ts 399328917693
[  405.014272][T11858]  post_alloc_hook+0x1f3/0x230
[  405.019032][T11858]  get_page_from_freelist+0x3045/0x3190
[  405.024600][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  405.029795][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  405.035263][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  405.041158][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  405.046418][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  405.051803][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  405.057231][T11858]  bpf_prog_test_run+0x2e4/0x360
[  405.062187][T11858]  __sys_bpf+0x48d/0x810
[  405.066462][T11858]  __x64_sys_bpf+0x7c/0x90
[  405.070882][T11858]  do_syscall_64+0xf3/0x230
[  405.075399][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.081301][T11858] page last free pid 10051 tgid 10051 stack trace:
[  405.087811][T11858]  free_unref_page+0xcfb/0xf20
[  405.092584][T11858]  __put_partials+0xeb/0x130
[  405.097196][T11858]  put_cpu_partial+0x17c/0x250
[  405.101957][T11858]  __slab_free+0x2ea/0x3d0
[  405.106387][T11858]  qlist_free_all+0x9a/0x140
[  405.110981][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  405.116476][T11858]  __kasan_slab_alloc+0x23/0x80
[  405.121334][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  405.126819][T11858]  getname_flags+0xb7/0x540
[  405.131330][T11858]  __x64_sys_rename+0x5d/0x90
[  405.136020][T11858]  do_syscall_64+0xf3/0x230
[  405.140524][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.146443][T11858] Modules linked in:
[  405.150340][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  405.162212][T11858] Tainted: [B]=BAD_PAGE
[  405.166360][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  405.176398][T11858] Call Trace:
[  405.179655][T11858]  <TASK>
[  405.182569][T11858]  dump_stack_lvl+0x241/0x360
[  405.187239][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.192426][T11858]  ? __pfx_print_modules+0x10/0x10
[  405.197524][T11858]  bad_page+0x166/0x1b0
[  405.201661][T11858]  free_unref_page+0xed0/0xf20
[  405.206410][T11858]  skb_release_data+0x6dc/0x8a0
[  405.211240][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  405.216249][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  405.221953][T11858]  ? mark_lock+0x9a/0x360
[  405.226357][T11858]  ? __lock_acquire+0x1384/0x2050
[  405.231367][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  405.237430][T11858]  ? mark_lock+0x9a/0x360
[  405.241754][T11858]  ? __lock_acquire+0x1384/0x2050
[  405.246774][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  405.252757][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  405.259344][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  405.265831][T11858]  ? read_tsc+0x9/0x20
[  405.269881][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  405.275064][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  405.281373][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  405.287513][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  405.293828][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  405.300504][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  405.305702][T11858]  ? __phys_addr+0xba/0x170
[  405.310214][T11858]  ? build_skb_around+0x111/0x260
[  405.315257][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  405.321138][T11858]  netif_receive_skb_list+0x55/0x4b0
[  405.326406][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  405.331872][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  405.337764][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  405.343303][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  405.349102][T11858]  ? synchronize_rcu+0x11b/0x360
[  405.354050][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  405.359321][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  405.365550][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  405.371428][T11858]  ? _copy_from_user+0xa6/0xe0
[  405.376180][T11858]  ? bpf_test_init+0x15a/0x180
[  405.381016][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  405.386458][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  405.391833][T11858]  ? __pfx_lock_release+0x10/0x10
[  405.396852][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  405.402648][T11858]  ? __fget_files+0x29/0x470
[  405.407244][T11858]  ? fput+0x1a8/0x230
[  405.411208][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  405.417003][T11858]  bpf_prog_test_run+0x2e4/0x360
[  405.421923][T11858]  __sys_bpf+0x48d/0x810
[  405.426149][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  405.430893][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  405.436859][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  405.443169][T11858]  ? do_syscall_64+0x100/0x230
[  405.447919][T11858]  __x64_sys_bpf+0x7c/0x90
[  405.452394][T11858]  do_syscall_64+0xf3/0x230
[  405.456897][T11858]  ? clear_bhb_loop+0x35/0x90
[  405.461570][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.467453][T11858] RIP: 0033:0x7f295077df39
[  405.471849][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.491443][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.499842][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  405.507824][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  405.515782][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  405.523735][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.531685][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  405.539660][T11858]  </TASK>
[  405.542761][T11858] BUG: Bad page state in process syz.1.1427  pfn:30e6d
[  405.549613][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888030e6ddc0 pfn:0x30e6d
[  405.559706][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  405.566840][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  405.575438][T11858] raw: ffff888030e6ddc0 0000000000000001 00000000ffffffff 0000000000000000
[  405.584031][T11858] page dumped because: page_pool leak
[  405.589378][T11858] page_owner tracks the page as allocated
[  405.595131][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509327999, free_ts 399328925756
[  405.612346][T11858]  post_alloc_hook+0x1f3/0x230
[  405.617137][T11858]  get_page_from_freelist+0x3045/0x3190
[  405.622717][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  405.628027][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  405.633502][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  405.639404][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  405.644645][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  405.650128][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  405.655536][T11858]  bpf_prog_test_run+0x2e4/0x360
[  405.660477][T11858]  __sys_bpf+0x48d/0x810
[  405.664739][T11858]  __x64_sys_bpf+0x7c/0x90
[  405.669153][T11858]  do_syscall_64+0xf3/0x230
[  405.673669][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.679569][T11858] page last free pid 10051 tgid 10051 stack trace:
[  405.686079][T11858]  free_unref_page+0xcfb/0xf20
[  405.690848][T11858]  __put_partials+0xeb/0x130
[  405.695461][T11858]  put_cpu_partial+0x17c/0x250
[  405.700226][T11858]  __slab_free+0x2ea/0x3d0
[  405.704679][T11858]  qlist_free_all+0x9a/0x140
[  405.709268][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  405.714748][T11858]  __kasan_slab_alloc+0x23/0x80
[  405.719704][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  405.725182][T11858]  getname_flags+0xb7/0x540
[  405.729691][T11858]  __x64_sys_rename+0x5d/0x90
[  405.734385][T11858]  do_syscall_64+0xf3/0x230
[  405.738886][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.744795][T11858] Modules linked in:
[  405.748709][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  405.760580][T11858] Tainted: [B]=BAD_PAGE
[  405.764709][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  405.774740][T11858] Call Trace:
[  405.777999][T11858]  <TASK>
[  405.780909][T11858]  dump_stack_lvl+0x241/0x360
[  405.785575][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.790752][T11858]  ? __pfx_print_modules+0x10/0x10
[  405.795844][T11858]  bad_page+0x166/0x1b0
[  405.799978][T11858]  free_unref_page+0xed0/0xf20
[  405.804725][T11858]  skb_release_data+0x6dc/0x8a0
[  405.809555][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  405.814559][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  405.820259][T11858]  ? mark_lock+0x9a/0x360
[  405.824566][T11858]  ? __lock_acquire+0x1384/0x2050
[  405.829573][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  405.835622][T11858]  ? mark_lock+0x9a/0x360
[  405.839931][T11858]  ? __lock_acquire+0x1384/0x2050
[  405.844962][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  405.850929][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  405.857502][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  405.863989][T11858]  ? read_tsc+0x9/0x20
[  405.868036][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  405.873222][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  405.879530][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  405.885663][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  405.891967][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  405.898643][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  405.903823][T11858]  ? __phys_addr+0xba/0x170
[  405.908303][T11858]  ? build_skb_around+0x111/0x260
[  405.913312][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  405.919190][T11858]  netif_receive_skb_list+0x55/0x4b0
[  405.924456][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  405.929896][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  405.935774][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  405.941305][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  405.947116][T11858]  ? synchronize_rcu+0x11b/0x360
[  405.952048][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  405.957324][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  405.963561][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  405.969459][T11858]  ? _copy_from_user+0xa6/0xe0
[  405.974220][T11858]  ? bpf_test_init+0x15a/0x180
[  405.978969][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  405.984411][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  405.989767][T11858]  ? __pfx_lock_release+0x10/0x10
[  405.994776][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  406.000582][T11858]  ? __fget_files+0x29/0x470
[  406.005155][T11858]  ? fput+0x1a8/0x230
[  406.009126][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  406.014919][T11858]  bpf_prog_test_run+0x2e4/0x360
[  406.019836][T11858]  __sys_bpf+0x48d/0x810
[  406.024060][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  406.028803][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  406.034855][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  406.041173][T11858]  ? do_syscall_64+0x100/0x230
[  406.045930][T11858]  __x64_sys_bpf+0x7c/0x90
[  406.050341][T11858]  do_syscall_64+0xf3/0x230
[  406.054826][T11858]  ? clear_bhb_loop+0x35/0x90
[  406.059480][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.065359][T11858] RIP: 0033:0x7f295077df39
[  406.069754][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.089338][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  406.097732][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  406.105700][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  406.113650][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  406.121600][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.129550][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  406.137683][T11858]  </TASK>
[  406.140754][T11858] BUG: Bad page state in process syz.1.1427  pfn:28721
[  406.147658][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028721dc0 pfn:0x28721
[  406.157770][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  406.164922][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  406.173531][T11858] raw: ffff888028721dc0 0000000000000001 00000000ffffffff 0000000000000000
[  406.182110][T11858] page dumped because: page_pool leak
[  406.187498][T11858] page_owner tracks the page as allocated
[  406.193233][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509317050, free_ts 399328935635
[  406.210441][T11858]  post_alloc_hook+0x1f3/0x230
[  406.215304][T11858]  get_page_from_freelist+0x3045/0x3190
[  406.220863][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  406.226083][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  406.231572][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  406.237490][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  406.242721][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  406.248080][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  406.253475][T11858]  bpf_prog_test_run+0x2e4/0x360
[  406.258415][T11858]  __sys_bpf+0x48d/0x810
[  406.262701][T11858]  __x64_sys_bpf+0x7c/0x90
[  406.267126][T11858]  do_syscall_64+0xf3/0x230
[  406.271620][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.277554][T11858] page last free pid 10051 tgid 10051 stack trace:
[  406.284074][T11858]  free_unref_page+0xcfb/0xf20
[  406.288830][T11858]  __put_partials+0xeb/0x130
[  406.293452][T11858]  put_cpu_partial+0x17c/0x250
[  406.298228][T11858]  __slab_free+0x2ea/0x3d0
[  406.302684][T11858]  qlist_free_all+0x9a/0x140
[  406.307275][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  406.312767][T11858]  __kasan_slab_alloc+0x23/0x80
[  406.317617][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  406.323092][T11858]  getname_flags+0xb7/0x540
[  406.327632][T11858]  __x64_sys_rename+0x5d/0x90
[  406.332298][T11858]  do_syscall_64+0xf3/0x230
[  406.336832][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.342758][T11858] Modules linked in:
[  406.346649][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  406.358523][T11858] Tainted: [B]=BAD_PAGE
[  406.362663][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  406.372727][T11858] Call Trace:
[  406.376023][T11858]  <TASK>
[  406.378940][T11858]  dump_stack_lvl+0x241/0x360
[  406.383611][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.388792][T11858]  ? __pfx_print_modules+0x10/0x10
[  406.393908][T11858]  bad_page+0x166/0x1b0
[  406.398046][T11858]  free_unref_page+0xed0/0xf20
[  406.402795][T11858]  skb_release_data+0x6dc/0x8a0
[  406.407629][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  406.412636][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  406.418367][T11858]  ? mark_lock+0x9a/0x360
[  406.422685][T11858]  ? __lock_acquire+0x1384/0x2050
[  406.427698][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  406.433746][T11858]  ? mark_lock+0x9a/0x360
[  406.438053][T11858]  ? __lock_acquire+0x1384/0x2050
[  406.443064][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  406.449028][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  406.455598][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  406.462076][T11858]  ? read_tsc+0x9/0x20
[  406.466130][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  406.471317][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  406.477630][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  406.483768][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  406.490093][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  406.496769][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  406.501947][T11858]  ? __phys_addr+0xba/0x170
[  406.506432][T11858]  ? build_skb_around+0x111/0x260
[  406.511438][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  406.517316][T11858]  netif_receive_skb_list+0x55/0x4b0
[  406.522583][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  406.528025][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  406.533904][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  406.539431][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  406.545217][T11858]  ? synchronize_rcu+0x11b/0x360
[  406.550130][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  406.555398][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  406.561619][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  406.567496][T11858]  ? _copy_from_user+0xa6/0xe0
[  406.572245][T11858]  ? bpf_test_init+0x15a/0x180
[  406.577008][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  406.582450][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  406.587806][T11858]  ? __pfx_lock_release+0x10/0x10
[  406.592818][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  406.598605][T11858]  ? __fget_files+0x29/0x470
[  406.603187][T11858]  ? fput+0x1a8/0x230
[  406.607161][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  406.612963][T11858]  bpf_prog_test_run+0x2e4/0x360
[  406.617902][T11858]  __sys_bpf+0x48d/0x810
[  406.622125][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  406.626870][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  406.632836][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  406.639143][T11858]  ? do_syscall_64+0x100/0x230
[  406.643885][T11858]  __x64_sys_bpf+0x7c/0x90
[  406.648296][T11858]  do_syscall_64+0xf3/0x230
[  406.652779][T11858]  ? clear_bhb_loop+0x35/0x90
[  406.657431][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.663305][T11858] RIP: 0033:0x7f295077df39
[  406.667698][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.687286][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  406.695681][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  406.703631][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  406.711581][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  406.719537][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.727488][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  406.735447][T11858]  </TASK>
[  406.738523][T11858] BUG: Bad page state in process syz.1.1427  pfn:2fc5f
[  406.745388][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802fc5fdc0 pfn:0x2fc5f
[  406.755488][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  406.762598][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  406.771199][T11858] raw: ffff88802fc5fdc0 0000000000000001 00000000ffffffff 0000000000000000
[  406.779794][T11858] page dumped because: page_pool leak
[  406.785168][T11858] page_owner tracks the page as allocated
[  406.790870][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509306196, free_ts 399328944740
[  406.808078][T11858]  post_alloc_hook+0x1f3/0x230
[  406.812869][T11858]  get_page_from_freelist+0x3045/0x3190
[  406.818393][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  406.823598][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  406.829055][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  406.834966][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  406.840169][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  406.845553][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  406.850930][T11858]  bpf_prog_test_run+0x2e4/0x360
[  406.855881][T11858]  __sys_bpf+0x48d/0x810
[  406.860121][T11858]  __x64_sys_bpf+0x7c/0x90
[  406.864551][T11858]  do_syscall_64+0xf3/0x230
[  406.869051][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.874960][T11858] page last free pid 10051 tgid 10051 stack trace:
[  406.881454][T11858]  free_unref_page+0xcfb/0xf20
[  406.886235][T11858]  __put_partials+0xeb/0x130
[  406.890827][T11858]  put_cpu_partial+0x17c/0x250
[  406.895601][T11858]  __slab_free+0x2ea/0x3d0
[  406.900015][T11858]  qlist_free_all+0x9a/0x140
[  406.904611][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  406.910067][T11858]  __kasan_slab_alloc+0x23/0x80
[  406.914940][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  406.920400][T11858]  getname_flags+0xb7/0x540
[  406.924913][T11858]  __x64_sys_rename+0x5d/0x90
[  406.929605][T11858]  do_syscall_64+0xf3/0x230
[  406.934121][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.940023][T11858] Modules linked in:
[  406.943932][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  406.955824][T11858] Tainted: [B]=BAD_PAGE
[  406.959950][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  406.969982][T11858] Call Trace:
[  406.973245][T11858]  <TASK>
[  406.976158][T11858]  dump_stack_lvl+0x241/0x360
[  406.980820][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.986005][T11858]  ? __pfx_print_modules+0x10/0x10
[  406.991100][T11858]  bad_page+0x166/0x1b0
[  406.995239][T11858]  free_unref_page+0xed0/0xf20
[  406.999988][T11858]  skb_release_data+0x6dc/0x8a0
[  407.004820][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  407.009822][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  407.015523][T11858]  ? mark_lock+0x9a/0x360
[  407.019832][T11858]  ? __lock_acquire+0x1384/0x2050
[  407.024843][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  407.030889][T11858]  ? mark_lock+0x9a/0x360
[  407.035197][T11858]  ? __lock_acquire+0x1384/0x2050
[  407.040204][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  407.046167][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  407.052744][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  407.059242][T11858]  ? read_tsc+0x9/0x20
[  407.063296][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  407.068473][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  407.074784][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  407.080943][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  407.087254][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  407.093928][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  407.099118][T11858]  ? __phys_addr+0xba/0x170
[  407.103599][T11858]  ? build_skb_around+0x111/0x260
[  407.108620][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  407.114516][T11858]  netif_receive_skb_list+0x55/0x4b0
[  407.119793][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  407.125242][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  407.131124][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  407.136668][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  407.142466][T11858]  ? synchronize_rcu+0x11b/0x360
[  407.147390][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  407.152676][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  407.158928][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  407.164839][T11858]  ? _copy_from_user+0xa6/0xe0
[  407.169589][T11858]  ? bpf_test_init+0x15a/0x180
[  407.174357][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  407.179813][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  407.185174][T11858]  ? __pfx_lock_release+0x10/0x10
[  407.190192][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  407.195985][T11858]  ? __fget_files+0x29/0x470
[  407.200557][T11858]  ? fput+0x1a8/0x230
[  407.204521][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  407.210310][T11858]  bpf_prog_test_run+0x2e4/0x360
[  407.215232][T11858]  __sys_bpf+0x48d/0x810
[  407.219458][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  407.224204][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  407.230167][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  407.236481][T11858]  ? do_syscall_64+0x100/0x230
[  407.241224][T11858]  __x64_sys_bpf+0x7c/0x90
[  407.245622][T11858]  do_syscall_64+0xf3/0x230
[  407.250104][T11858]  ? clear_bhb_loop+0x35/0x90
[  407.254783][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.260662][T11858] RIP: 0033:0x7f295077df39
[  407.265062][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.284658][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  407.293068][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  407.301028][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  407.308983][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  407.316942][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.324984][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  407.332959][T11858]  </TASK>
[  407.336033][T11858] BUG: Bad page state in process syz.1.1427  pfn:32604
[  407.342904][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888032604dc0 pfn:0x32604
[  407.352983][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  407.360096][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  407.368696][T11858] raw: ffff888032604dc0 0000000000000001 00000000ffffffff 0000000000000000
[  407.377290][T11858] page dumped because: page_pool leak
[  407.382672][T11858] page_owner tracks the page as allocated
[  407.388376][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509295033, free_ts 399328991117
[  407.405615][T11858]  post_alloc_hook+0x1f3/0x230
[  407.410392][T11858]  get_page_from_freelist+0x3045/0x3190
[  407.415957][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  407.421156][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  407.426629][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  407.432528][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  407.437740][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  407.443136][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  407.448494][T11858]  bpf_prog_test_run+0x2e4/0x360
[  407.453440][T11858]  __sys_bpf+0x48d/0x810
[  407.457682][T11858]  __x64_sys_bpf+0x7c/0x90
[  407.462080][T11858]  do_syscall_64+0xf3/0x230
[  407.466598][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.472495][T11858] page last free pid 10051 tgid 10051 stack trace:
[  407.478999][T11858]  free_unref_page+0xcfb/0xf20
[  407.483792][T11858]  __put_partials+0xeb/0x130
[  407.488366][T11858]  put_cpu_partial+0x17c/0x250
[  407.493153][T11858]  __slab_free+0x2ea/0x3d0
[  407.497571][T11858]  qlist_free_all+0x9a/0x140
[  407.502142][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  407.507609][T11858]  __kasan_slab_alloc+0x23/0x80
[  407.512459][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  407.517936][T11858]  getname_flags+0xb7/0x540
[  407.522441][T11858]  __x64_sys_rename+0x5d/0x90
[  407.527129][T11858]  do_syscall_64+0xf3/0x230
[  407.531630][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.537538][T11858] Modules linked in:
[  407.541434][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  407.553301][T11858] Tainted: [B]=BAD_PAGE
[  407.557428][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  407.567459][T11858] Call Trace:
[  407.570715][T11858]  <TASK>
[  407.573630][T11858]  dump_stack_lvl+0x241/0x360
[  407.578290][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.583471][T11858]  ? __pfx_print_modules+0x10/0x10
[  407.588565][T11858]  bad_page+0x166/0x1b0
[  407.592706][T11858]  free_unref_page+0xed0/0xf20
[  407.597494][T11858]  skb_release_data+0x6dc/0x8a0
[  407.602330][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  407.607334][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  407.613042][T11858]  ? mark_lock+0x9a/0x360
[  407.617350][T11858]  ? __lock_acquire+0x1384/0x2050
[  407.622354][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  407.628400][T11858]  ? mark_lock+0x9a/0x360
[  407.632714][T11858]  ? __lock_acquire+0x1384/0x2050
[  407.637743][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  407.643794][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  407.650382][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  407.656864][T11858]  ? read_tsc+0x9/0x20
[  407.660912][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  407.666091][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  407.672399][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  407.678535][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  407.684842][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  407.691510][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  407.696686][T11858]  ? __phys_addr+0xba/0x170
[  407.701172][T11858]  ? build_skb_around+0x111/0x260
[  407.706186][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  407.712084][T11858]  netif_receive_skb_list+0x55/0x4b0
[  407.717370][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  407.722817][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  407.728710][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  407.734243][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  407.740031][T11858]  ? synchronize_rcu+0x11b/0x360
[  407.744949][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  407.750228][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  407.756449][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  407.762325][T11858]  ? _copy_from_user+0xa6/0xe0
[  407.767071][T11858]  ? bpf_test_init+0x15a/0x180
[  407.771812][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  407.777251][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  407.782605][T11858]  ? __pfx_lock_release+0x10/0x10
[  407.787623][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  407.793429][T11858]  ? __fget_files+0x29/0x470
[  407.798002][T11858]  ? fput+0x1a8/0x230
[  407.801966][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  407.807782][T11858]  bpf_prog_test_run+0x2e4/0x360
[  407.812711][T11858]  __sys_bpf+0x48d/0x810
[  407.816954][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  407.821704][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  407.827671][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  407.833988][T11858]  ? do_syscall_64+0x100/0x230
[  407.838728][T11858]  __x64_sys_bpf+0x7c/0x90
[  407.843122][T11858]  do_syscall_64+0xf3/0x230
[  407.847602][T11858]  ? clear_bhb_loop+0x35/0x90
[  407.852267][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.858142][T11858] RIP: 0033:0x7f295077df39
[  407.862534][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.882117][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  407.890508][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  407.898462][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  407.906524][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  407.914477][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.922443][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  407.930403][T11858]  </TASK>
[  407.933473][T11858] BUG: Bad page state in process syz.1.1427  pfn:5764a
[  407.940320][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805764adc0 pfn:0x5764a
[  407.950404][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  407.957535][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  407.966132][T11858] raw: ffff88805764adc0 0000000000000001 00000000ffffffff 0000000000000000
[  407.974724][T11858] page dumped because: page_pool leak
[  407.980067][T11858] page_owner tracks the page as allocated
[  407.985810][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509283951, free_ts 399328999408
[  408.003018][T11858]  post_alloc_hook+0x1f3/0x230
[  408.007776][T11858]  get_page_from_freelist+0x3045/0x3190
[  408.013354][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  408.018562][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  408.024039][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  408.029940][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  408.035160][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  408.040544][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  408.045944][T11858]  bpf_prog_test_run+0x2e4/0x360
[  408.050884][T11858]  __sys_bpf+0x48d/0x810
[  408.055139][T11858]  __x64_sys_bpf+0x7c/0x90
[  408.059556][T11858]  do_syscall_64+0xf3/0x230
[  408.064072][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.069998][T11858] page last free pid 10051 tgid 10051 stack trace:
[  408.076504][T11858]  free_unref_page+0xcfb/0xf20
[  408.081272][T11858]  __put_partials+0xeb/0x130
[  408.085876][T11858]  put_cpu_partial+0x17c/0x250
[  408.090635][T11858]  __slab_free+0x2ea/0x3d0
[  408.095059][T11858]  qlist_free_all+0x9a/0x140
[  408.099647][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  408.105121][T11858]  __kasan_slab_alloc+0x23/0x80
[  408.109973][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  408.115454][T11858]  getname_flags+0xb7/0x540
[  408.119960][T11858]  __x64_sys_rename+0x5d/0x90
[  408.124653][T11858]  do_syscall_64+0xf3/0x230
[  408.129153][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.135062][T11858] Modules linked in:
[  408.138958][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  408.150828][T11858] Tainted: [B]=BAD_PAGE
[  408.154957][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  408.164991][T11858] Call Trace:
[  408.168250][T11858]  <TASK>
[  408.171161][T11858]  dump_stack_lvl+0x241/0x360
[  408.175832][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  408.181012][T11858]  ? __pfx_print_modules+0x10/0x10
[  408.186110][T11858]  bad_page+0x166/0x1b0
[  408.190248][T11858]  free_unref_page+0xed0/0xf20
[  408.194997][T11858]  skb_release_data+0x6dc/0x8a0
[  408.199906][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  408.204937][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  408.210658][T11858]  ? mark_lock+0x9a/0x360
[  408.214992][T11858]  ? __lock_acquire+0x1384/0x2050
[  408.220005][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  408.226056][T11858]  ? mark_lock+0x9a/0x360
[  408.230368][T11858]  ? __lock_acquire+0x1384/0x2050
[  408.235407][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  408.241371][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  408.247953][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  408.254448][T11858]  ? read_tsc+0x9/0x20
[  408.258503][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  408.263689][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  408.270000][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  408.276143][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  408.282457][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  408.289116][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  408.294299][T11858]  ? __phys_addr+0xba/0x170
[  408.298783][T11858]  ? build_skb_around+0x111/0x260
[  408.303796][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  408.309686][T11858]  netif_receive_skb_list+0x55/0x4b0
[  408.314965][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  408.320413][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  408.326292][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  408.331844][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  408.337636][T11858]  ? synchronize_rcu+0x11b/0x360
[  408.342556][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  408.347828][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  408.354073][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  408.359978][T11858]  ? _copy_from_user+0xa6/0xe0
[  408.364727][T11858]  ? bpf_test_init+0x15a/0x180
[  408.369490][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  408.374958][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  408.380315][T11858]  ? __pfx_lock_release+0x10/0x10
[  408.385327][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  408.391110][T11858]  ? __fget_files+0x29/0x470
[  408.395681][T11858]  ? fput+0x1a8/0x230
[  408.399642][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  408.405430][T11858]  bpf_prog_test_run+0x2e4/0x360
[  408.410350][T11858]  __sys_bpf+0x48d/0x810
[  408.414576][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  408.419327][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  408.425293][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  408.431602][T11858]  ? do_syscall_64+0x100/0x230
[  408.436346][T11858]  __x64_sys_bpf+0x7c/0x90
[  408.440739][T11858]  do_syscall_64+0xf3/0x230
[  408.445224][T11858]  ? clear_bhb_loop+0x35/0x90
[  408.449875][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.455749][T11858] RIP: 0033:0x7f295077df39
[  408.460143][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.479729][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  408.488123][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  408.496074][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  408.504024][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  408.511972][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  408.519935][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  408.527894][T11858]  </TASK>
[  408.530971][T11858] BUG: Bad page state in process syz.1.1427  pfn:2774c
[  408.537838][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802774cdc0 pfn:0x2774c
[  408.547908][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  408.555056][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  408.563661][T11858] raw: ffff88802774cdc0 0000000000000001 00000000ffffffff 0000000000000000
[  408.572235][T11858] page dumped because: page_pool leak
[  408.577625][T11858] page_owner tracks the page as allocated
[  408.583352][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509273268, free_ts 399329009131
[  408.600548][T11858]  post_alloc_hook+0x1f3/0x230
[  408.605337][T11858]  get_page_from_freelist+0x3045/0x3190
[  408.610863][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  408.616064][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  408.621535][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  408.627445][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  408.632672][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  408.638043][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  408.643429][T11858]  bpf_prog_test_run+0x2e4/0x360
[  408.648369][T11858]  __sys_bpf+0x48d/0x810
[  408.652590][T11858]  __x64_sys_bpf+0x7c/0x90
[  408.657018][T11858]  do_syscall_64+0xf3/0x230
[  408.661518][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.667422][T11858] page last free pid 10051 tgid 10051 stack trace:
[  408.673931][T11858]  free_unref_page+0xcfb/0xf20
[  408.678778][T11858]  __put_partials+0xeb/0x130
[  408.683394][T11858]  put_cpu_partial+0x17c/0x250
[  408.688157][T11858]  __slab_free+0x2ea/0x3d0
[  408.692551][T11858]  qlist_free_all+0x9a/0x140
[  408.697156][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  408.702612][T11858]  __kasan_slab_alloc+0x23/0x80
[  408.707493][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  408.712965][T11858]  getname_flags+0xb7/0x540
[  408.717468][T11858]  __x64_sys_rename+0x5d/0x90
[  408.722147][T11858]  do_syscall_64+0xf3/0x230
[  408.726662][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.732562][T11858] Modules linked in:
[  408.736471][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  408.748357][T11858] Tainted: [B]=BAD_PAGE
[  408.752483][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  408.762514][T11858] Call Trace:
[  408.765772][T11858]  <TASK>
[  408.768682][T11858]  dump_stack_lvl+0x241/0x360
[  408.773346][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  408.778528][T11858]  ? __pfx_print_modules+0x10/0x10
[  408.783625][T11858]  bad_page+0x166/0x1b0
[  408.787763][T11858]  free_unref_page+0xed0/0xf20
[  408.792508][T11858]  skb_release_data+0x6dc/0x8a0
[  408.797339][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  408.802341][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  408.808044][T11858]  ? mark_lock+0x9a/0x360
[  408.812367][T11858]  ? __lock_acquire+0x1384/0x2050
[  408.817389][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  408.823440][T11858]  ? mark_lock+0x9a/0x360
[  408.827755][T11858]  ? __lock_acquire+0x1384/0x2050
[  408.832780][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  408.838749][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  408.845317][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  408.851797][T11858]  ? read_tsc+0x9/0x20
[  408.855846][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  408.861090][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  408.867415][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  408.873567][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  408.879885][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  408.886542][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  408.891725][T11858]  ? __phys_addr+0xba/0x170
[  408.896213][T11858]  ? build_skb_around+0x111/0x260
[  408.901245][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  408.907122][T11858]  netif_receive_skb_list+0x55/0x4b0
[  408.912385][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  408.917832][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  408.923711][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  408.929245][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  408.935036][T11858]  ? synchronize_rcu+0x11b/0x360
[  408.939950][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  408.945216][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  408.951510][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  408.957415][T11858]  ? _copy_from_user+0xa6/0xe0
[  408.962164][T11858]  ? bpf_test_init+0x15a/0x180
[  408.966916][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  408.972361][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  408.977727][T11858]  ? __pfx_lock_release+0x10/0x10
[  408.982740][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  408.988550][T11858]  ? __fget_files+0x29/0x470
[  408.993129][T11858]  ? fput+0x1a8/0x230
[  408.997095][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  409.002890][T11858]  bpf_prog_test_run+0x2e4/0x360
[  409.007816][T11858]  __sys_bpf+0x48d/0x810
[  409.012042][T11858]  ? __pfx___sys_bpf+0x10/0x10
[  409.016790][T11858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  409.022764][T11858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  409.029092][T11858]  ? do_syscall_64+0x100/0x230
[  409.033841][T11858]  __x64_sys_bpf+0x7c/0x90
[  409.038328][T11858]  do_syscall_64+0xf3/0x230
[  409.042814][T11858]  ? clear_bhb_loop+0x35/0x90
[  409.047466][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.053344][T11858] RIP: 0033:0x7f295077df39
[  409.057737][T11858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.077325][T11858] RSP: 002b:00007f295153c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  409.085719][T11858] RAX: ffffffffffffffda RBX: 00007f2950936058 RCX: 00007f295077df39
[  409.093678][T11858] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  409.101635][T11858] RBP: 00007f29507f0216 R08: 0000000000000000 R09: 0000000000000000
[  409.109592][T11858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  409.117550][T11858] R13: 0000000000000000 R14: 00007f2950936058 R15: 00007ffc0a39c288
[  409.125512][T11858]  </TASK>
[  409.128588][T11858] BUG: Bad page state in process syz.1.1427  pfn:7a684
[  409.135455][T11858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807a684dc0 pfn:0x7a684
[  409.145533][T11858] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  409.152684][T11858] raw: 00fff00000000000 dead000000000040 ffff88806585e000 0000000000000000
[  409.161259][T11858] raw: ffff88807a684dc0 0000000000000001 00000000ffffffff 0000000000000000
[  409.169848][T11858] page dumped because: page_pool leak
[  409.175253][T11858] page_owner tracks the page as allocated
[  409.180944][T11858] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11858, tgid 11850 (syz.1.1427), ts 399509262085, free_ts 399329018473
[  409.198144][T11858]  post_alloc_hook+0x1f3/0x230
[  409.202936][T11858]  get_page_from_freelist+0x3045/0x3190
[  409.208466][T11858]  __alloc_pages_noprof+0x256/0x6c0
[  409.213672][T11858]  alloc_pages_bulk_noprof+0x729/0xd40
[  409.219127][T11858]  __page_pool_alloc_pages_slow+0x122/0x690
[  409.225035][T11858]  page_pool_alloc_pages+0xd0/0x1c0
[  409.230235][T11858]  bpf_test_run_xdp_live+0x950/0x2160
[  409.235631][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  409.241010][T11858]  bpf_prog_test_run+0x2e4/0x360
[  409.245964][T11858]  __sys_bpf+0x48d/0x810
[  409.250208][T11858]  __x64_sys_bpf+0x7c/0x90
[  409.254639][T11858]  do_syscall_64+0xf3/0x230
[  409.259140][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.265047][T11858] page last free pid 10051 tgid 10051 stack trace:
[  409.271549][T11858]  free_unref_page+0xcfb/0xf20
[  409.276345][T11858]  __put_partials+0xeb/0x130
[  409.280945][T11858]  put_cpu_partial+0x17c/0x250
[  409.285733][T11858]  __slab_free+0x2ea/0x3d0
[  409.290152][T11858]  qlist_free_all+0x9a/0x140
[  409.294765][T11858]  kasan_quarantine_reduce+0x14f/0x170
[  409.300225][T11858]  __kasan_slab_alloc+0x23/0x80
[  409.305111][T11858]  kmem_cache_alloc_noprof+0x135/0x2a0
[  409.310572][T11858]  getname_flags+0xb7/0x540
[  409.315093][T11858]  __x64_sys_rename+0x5d/0x90
[  409.319771][T11858]  do_syscall_64+0xf3/0x230
[  409.324285][T11858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.330187][T11858] Modules linked in:
[  409.334101][T11858] CPU: 0 UID: 0 PID: 11858 Comm: syz.1.1427 Tainted: G    B              6.11.0-syzkaller-11503-gc824deb1a897 #0
[  409.345996][T11858] Tainted: [B]=BAD_PAGE
[  409.350126][T11858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  409.360160][T11858] Call Trace:
[  409.363425][T11858]  <TASK>
[  409.366360][T11858]  dump_stack_lvl+0x241/0x360
[  409.371021][T11858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  409.376200][T11858]  ? __pfx_print_modules+0x10/0x10
[  409.381295][T11858]  bad_page+0x166/0x1b0
[  409.385432][T11858]  free_unref_page+0xed0/0xf20
[  409.390177][T11858]  skb_release_data+0x6dc/0x8a0
[  409.395014][T11858]  sk_skb_reason_drop+0x1c9/0x380
[  409.400026][T11858]  __netif_receive_skb_core+0x3edd/0x4570
[  409.405727][T11858]  ? mark_lock+0x9a/0x360
[  409.410033][T11858]  ? __lock_acquire+0x1384/0x2050
[  409.415046][T11858]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  409.421206][T11858]  ? mark_lock+0x9a/0x360
[  409.425515][T11858]  ? __lock_acquire+0x1384/0x2050
[  409.430524][T11858]  __netif_receive_skb_list_core+0x2b1/0x980
[  409.436486][T11858]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  409.443059][T11858]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  409.449545][T11858]  ? read_tsc+0x9/0x20
[  409.453596][T11858]  ? timekeeping_get_ns+0x2c0/0x420
[  409.458776][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  409.465083][T11858]  netif_receive_skb_list_internal+0xa51/0xe30
[  409.471234][T11858]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  409.477570][T11858]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  409.484249][T11858]  ? __pfx_eth_type_trans+0x10/0x10
[  409.489426][T11858]  ? __phys_addr+0xba/0x170
[  409.493908][T11858]  ? build_skb_around+0x111/0x260
[  409.498917][T11858]  ? __xdp_build_skb_from_frame+0x338/0x650
[  409.504792][T11858]  netif_receive_skb_list+0x55/0x4b0
[  409.510066][T11858]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  409.515512][T11858]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  409.521387][T11858]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  409.526916][T11858]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  409.532717][T11858]  ? synchronize_rcu+0x11b/0x360
[  409.537642][T11858]  ? __pfx_synchronize_rcu+0x10/0x10
[  409.542919][T11858]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  409.549143][T11858]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  409.555022][T11858]  ? _copy_from_user+0xa6/0xe0
[  409.559765][T11858]  ? bpf_test_init+0x15a/0x180
[  409.564509][T11858]  ? xdp_convert_md_to_buff+0x5b/0x330
[  409.569946][T11858]  bpf_prog_test_run_xdp+0x805/0x11e0
[  409.575302][T11858]  ? __pfx_lock_release+0x10/0x10
[  409.580308][T11858]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10