last executing test programs:

1m30.658220203s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

1m15.052019005s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

1m0.752567994s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

45.817910358s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

32.748274518s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

19.252761228s ago: executing program 0 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r2, 0x29, 0x4c, &(0x7f0000000040)=0x2000000, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010000000003000000006600000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00&\x00l\t\x00\x00'], 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x30, r10, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xf4e, 0x66}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r10, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r3, 0x800, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1, 0xa}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4090}, 0x4048000)
r11 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x0, 0x1}})
socket$nl_route(0x10, 0x3, 0x0)
accept4$x25(r0, &(0x7f0000000340)={0x9, @remote}, &(0x7f00000003c0)=0x12, 0x800)
sendto$inet6(r11, &(0x7f0000000140)="5c17f7eaa4964459c367a41389756171015f526ee83d78d2966590c5c655788d9d5fb69e448209a1a57e93debf1cde19c9d0e8df09bfdad5b59b3fcf4f5d41ac4dba6c06b19cc567ebcf66309cb6b35a480997f1fd4cbc790341c004fd111631aa9662e28e3e45af0015fdd6ee17c81abcf90900e2b08008b94521bea6e779be7897e8e8f0acfd80281e670d82da6a72a4453fb0a638f0197dc17ad6f81e20fdfdc8d4a363ce7666e9622c2bc169c2bde2a3abc303586ed8bc6cf3c4d78e8749883d35a2ecebf9faedd0a62b0bc2b3dda44ad88a6f", 0xd5, 0x20000000, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000380)="5ec13721", 0x4}], 0x2}, 0x2000c040)

4.648546516s ago: executing program 1 (id=1599):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000041000000410000000700000007000000000000110400000005000000070000000000000c05020000070000000200000f0100000002000000020000000000000002000000030000009f0a0000ea000000002e617f002e00"], &(0x7f0000001640)=""/4096, 0x63, 0x1000, 0x1, 0x1, 0x10000, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x9, 0x8000009, 0x5, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x5, 0x8, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x5, 0x9f, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r2)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
unshare(0x42000000)
getsockopt$packet_int(r5, 0x107, 0xb, 0x0, &(0x7f0000000100)=0x10)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r6, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c)
setsockopt(r6, 0x84, 0x81, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newtaction={0x98, 0x30, 0x48b, 0x0, 0x0, {}, [{0x84, 0x1, [@m_ctinfo={0x30, 0x5, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_simple={0x50, 0x1, 0x0, 0x0, {{0x8b}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6f8, 0x2, 0xffffffffffffffff, 0x6, 0x1ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x98}}, 0x0)

4.044517971s ago: executing program 3 (id=1606):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1805}, 0x4)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000000240)={0x1d, r3, 0x2, {0x2, 0xff}, 0x2}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}, 0x70}}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aa1c08004515001c006700007376e7000201780a0181020200000011819078e0010001007d00966bcc5c10bdb4faf6ddc2a02600"/66], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r5=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="90000000100003f4ffffff3d2eb934982e999e49b1611a57c1690075259e4700b7", @ANYRES32=0x0, @ANYBLOB="996e17004d4c0700540012800800010068737200480002800500030008200000050003000500000005000320fd00000008000200", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES64], 0x90}}, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000380)={'vcan0\x00'})

3.970624095s ago: executing program 3 (id=1608):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000064000000030a01010000000000000000010000000900030073797a300000000014000480080002400000000208000140000000000900010073797a300000000008000a40000000021c0008800c00024000000000000000000c0001"], 0xac}}, 0x0)
close(r1)
r7 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r9)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r8, &(0x7f0000000080)={0x0, 0x12, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01000000000000000000037400062c000700737b7352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6ee4300000000001000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
recvmsg(r0, &(0x7f0000000380)={&(0x7f0000000180)=@hci, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)=""/96, 0x60}, {}], 0x2, &(0x7f00000002c0)=""/171, 0xab}, 0x120)

3.628866893s ago: executing program 1 (id=1610):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2, r2}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x3a}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0)

3.57476881s ago: executing program 1 (id=1611):
r0 = socket(0x10, 0x5, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r2=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x46, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000400)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000000140), 0x39}, 0x10062)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="000000070104009d06b2b1b364809a00000000000000000006000000010073797a3100000004"], 0x20}, 0x1, 0x0, 0x0, 0x48d5}, 0x8010)
sendmsg$NFNL_MSG_ACCT_NEW(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[@ANYBLOB="4c00004285f3e354000007010800000000000000000000006409000100738d7a30000000000900010073797a31000000000c00024000000000000100010c00024000000000000000040800054000050001"], 0x4c}}, 0x22000080)
sendmsg$NFNL_MSG_ACCT_DEL(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="20000000030701"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x48800)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x25, &(0x7f00000001c0)={r9, @in={{0x2, 0x0, @empty}}}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000580)={'syztnl1\x00', <r10=>0x0, 0x4, 0x2, 0x4, 0xcc, 0x6, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7848, 0x700, 0x10, 0x2}})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r10, @ANYRES32, @ANYBLOB="2b00000004000000", @ANYRES32=r5, @ANYBLOB, @ANYRES32, @ANYBLOB="c5010100000000000005cc8b558fcf92433497354214d5172f8100d241675c18e229d460", @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r11 = socket$rds(0x15, 0x5, 0x0)
bind$inet(r11, &(0x7f0000000280)={0x2, 0x4e20, @multicast2}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000080)={0xffffffffffffffff, 0x1, 0x4, 0x6})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="dbf76081bb7cf246c90d7a114a7f9365a150c538352785fe58478947748d96ad2f4520196bb1c7f1fd92d707ec90613ac4719feaac4a0ed438ea0ce87114ef597d6e43dd97336392b89b9082777d3fd9658b0517bf2fd2899d643c536bededc787fa6b2b3a654f403391954bd2bd7ff032b31aa1511d828d2315cb16f31985e68b87ea94d2afe4a70095a1e8e4db3fd03f516b46c3a53f", 0x97}, {&(0x7f0000000a00)="e0a49e3f54aa65607bdf0fc0515df490634d28dee46d3f52e5dbe98c9ce21818b5d2d9066b90f3629160884084d38835ea115f90f912b635ca36d3e9e72c5fca9aa82d9e4f718e5e53824bbf25873ead9545801c6e0887a2c81b219d1f6dadbb19bd0358d23c4e198294ac704a8060e34fd30bcd97d3e94686450e90cb5aec538f9807c96c2f2518f37eb4ade37dc5999ccfab8cf8fe344ccbdce1f03062f05be990ccccc00f57353ac374c9a341580641e5aabcb7db5bea154da0abb43a687743daf56746dab326a333171fe175ac259b3523f9cd0abbe57372125a4844de50356eadd3c3b182b44f64d2e7d1b640b9caeaf38b84ef30db95a52d62e83db54da74975996d01fdd73cb51c7a82ac540121cc2ced70c75bb5b5cb510916889e4acae82e6dac670dce78df13264a69cc8162949f41a33b92ba6b8e40aa869ffced1aabac0b220c10b1d1858c9a297e207f78fda6928dffcb3ac88b62c95bc07a485528bb615bfd89c223099973d2495ebf6984494f98bea59461fce42ce7bb661f4a67cfb34e6e11b8524366fb98609c44e2d34fda18f723f99f693f49683a75a00427a2ad28f311d07d941d9d5904b210588fb155b559f61c86999eb2b336f047644855375492d3bc6bd0ca93f27d48e2888e5988cce82b795fd85b9d1d3abc366c10c2baa7fc4fdcfedf24d94c45d6b55722ff0f0d8823219ffbafe1bb0aa14da13bfee3e4025e74b82dd890f4a1d846d01ec6b472d28c02eefbe5ee041f1090558cba1ab5f7c1c7e1ef31a149491a33969da6ad5edf1b2770cafd96b46e7e979856ae24282fc37c4e3e3e255286359ed5ff86ebdb615d7cf7942acc77b3180124163cfa3cf35f4719d84bb4274f51de967e079fce9b4f6f9e0d963555eb611391438bb4df8b2137f4e93d680070f15130a9f7c9c504a3dcef252c4e28f72a36ec10719f4ca655767beb2864d0a7e80be5854310b5b095d9ec9f323d0a06bfccce5be78491037378b13309e933131a3f1a6f15ed0a3dd85901796195eeded0d77a9057c6b8f2001ef714863f1ae3d45906179dbbb9dc491ab8e0cf543b3ca1c04523efbf1e64bd5ee513c453231411e3324cf8b6bf3fed74c259d88ccb5d181c20c5860c8f26f93036061ac663b144acc57986872470dd353af34a79e5279950a243706a5fe0936a8c42b1ce4cf42749828be13314590a58217ca0276208d4dce84b98f4ecd8389931140fad78cbb539cd5104adc198a815126ae1623cc59a1bc7c4ebb307dc6ac84eb133e09e216dc4a731842ef072458cc53494c307fd5e0bfcddb419d5d6b575617bc055cc4977a33392a2ff9e18e01d01ddb483254bef3d33a0e69e0e3f73b8e38512058668c6295117ab7f423797d5759560f1a49a3364a6e922645b1cf62a9c6875f9f58a22b3abca6b6fbddbeba087375dee7a9083d980a8c4c5aecaacc7afd57d2858ee4df94ff778a419158144f783c67789135b752b88834c4892fb58458cecca0a1340a1ab7a4e53f5ba9f580892a4380120e8b1bc88332d84734cdb155ecc96bfbcdcf173a2527df2830232663b236dd9ee41c985806fc63572cdc285f90d95c83a4ea4fbae000bc779db2795160214cc895c0bc6886bb9a583608904430c2aab56f930b86d714a922203da924b47e74e1db9051b5655ad5db4ee94cb0459e6493c9b330b83c8907a3352ad0a8c483709e54a9bb9708ddff2fe5ff9f64d92dbd3772985bc3a3fb53a5eae11c579ba68f0e87c586cdccc8b0a636e8bbeb3fe606195eb630e9db2e768fff8e650c9b69ef120c00ec41c6ab7161352668bb09c2d95629b685ec4b87a7643a49966e112882f18bb1b55367c0aa88d8e3277016cfa8ba45275e440758e8a21ecfdd2a721dba8dbebbb3103400645f5d9966d8fd1be1bd57aeec85943ed0acd8e04bbe4b308d3607c2214626271e2b0e1e7462b8e4681ead174157d362e0522e7901b5d86d8f2e0576f6a81bb8f31c0a9112eafdd66c5113522844c108f2a82b99a7d4fbdf25245a69c7429d8d12b268d901d431a94dc76673b91fd896a06680c10106b2bbbee1e19837fa377b568b3cc84c11a39c103be1f18ecbd1d4e789b137164d7b0cfa16d92f14aa8ee4791a426fdc3f95a598a5ead2489f10bbdfd50f034c05276065dbfa1e741c3b788bd1e745a62111f83e768c3f4a1671c08cff63054444033c17985a0cf094563c7b9e9fc881e79e699f0f6420c3300b6be413f6204c8d7f21194be08f95f07a4d0aa814c896648a01765ca8e96859c73fee2309561ceca7e4b4e9eaefa968d1ff2b7b7953eda390d0cf7205acc1a8d077b8764f5d86b0ca3185adc60fcfc99ca7fc1017b2c1c082890eb338203e9b8d5b04ad119b2a4d2e8de86aec2f2aab8799403775dcef94ae67dae2e371a3ec7a7ca542d58f3cb41b1f3821e3fecbc00c3beddd42a920a1e01f3f63dc215327faf3e2e43db619bc42e064a60c9e5a05777c2d2d82518b571025c259b9d4b5fbbf28169957eb9480be1a9764463c97adf9e6971ece4bb381939c043f9f3ac6b095332bb10cc7fe7aa49286832037c642e460f072ef027a2d61b0739a30b5c0949fb9d2568fbc202d8e2d7816d4eaee9ff8bc122b0cb21b7c73854a77f22179712ef0dd0a3679d531de7923726d952b3ef548911359721116af813ade9070dbf4f0795365c50fc1fecc13d24b23baf029698af0915966cdad7072fbcac52453d722755a0aeff4ed33ee3d06cd7eeb3062abf1aa623678641759103b4009c8b4beea58462917c19b2ac52b9dd2b514c7ca038897b35159f1f5a8832de5393556af32fc9e1c46446f090f6f3d44eac2d96ee0fe1ffd8550a11782af41880824e31b1e7a1448b73a367736354a1cc381274378d1da7f6259bfd63a0be1fdd7ff4c70349a4d17dfcf52764d528de5c7c7250e2bfbbe688948e99206b4de7884af03a817dbfaa1aa055fe52a5bd74cb945504f8908c414b65bebc5c326c352f91d8a0f4bc891113e58b742dcd9513496764da4e9bad2c45fec9ae72a0cefafb1a7bbacff82380428adb61452c71994eb911532216c17f32e56e750685b23366be6fafb955daef6c1a5f44cde99bedc5a6b24ce243d2d6ec3865977456499bfa6d74507928a24b3c843651bfc0dfa262fb33186be15d3bf7d05652c0b849d938f76bd9831cbfee700e80acc273e20f3e5090ef3473f1ca5df1814f1821e227565196e56c9f59b2188af9ddf957b0a2db722d06ab45ea18a2596ced4df01283d8e677d91b02e14b00eaf1dcae5723dc5fca3cf48ac22679fc1006132857cb65a171aff2ff21eeffc2ea3052c827b6adb06deb48b1445097d03256c601aecb591216f411f77af922bf05adca9d06a8b099f80cb73f5d2e76f5cf1ea5aeee118e07f5d26d2e8056bdf8c4e573f89b0900fd787eaa01deff5271692cb17d4c6515a4aac35a4ebf3c297af5e74758de071f8115a86e3b7a788aba8dd1267d21901b10dd3dc53bef13753d898b827e068e6f744d2064a40339d7e25d96a04ad36ec9aa70ba83200017ba8bf3ef4314fdddfc15e7fa01723226d585dde858b3f12f8f61838d02168a139fcaacc4bf33e98dba150a57c0a586457d1a9fcb6e6efd0cb13f66be1cac2fa87c94bb0c194006ce3ed425631811a57d16619f0a4b65e035766fb5342f2454a4ebdd4200970a1c2c1a12ce089d01e120c654ccfba97cbc403630fe9f9c2f5288db0b739ac92955509891248b2b9e1421f0475b02106a5b2686308dbf0f01e42fac72eaf6827ad6cc6e0b7945b52de967df52865e06df4582914bedb20027c08919f3c6677f563bc031a9f9afbbeadb00888e39b14479c51436b159b69d2bc58b8b6f4602fff41235d98274b78c60e91b58730738fe234c018989ef07f05cc8837b61bdbedbcdbc6cbd82bbc3dc99e27f499ff969f6c9c63044bb8497b3574c2192f0e422b6424edff53514d06f45e86000d82f4339167c8488278a5ad1e847d2820150f18b2f4ea06fac727f29fd096aa04ceb0eccd18ae006353ffee634d193ed25e14bccbe47ef74c6ffa469a2151f02dc5e9219b8ed43836ba8b4743d5b9339504da9f5002d5f1ba85d054be21a6b2a347760e8ba3cd9297f09fda72e7f6022db3938b0678d3886506d814ad2285d2bbc79fe1ed9463b6ddfbb6c45d61be929c982d9262e95f333ff363664447757594c498c692e2294d3489e0aa635e4fdc08d3c034e4a2276ad2fbd11f5fb593b815a8debb0ed05a13ccf54e2e50db7a6141d597b30992c4dfe02089a08ce5c1af4e48e6f3c2733d110684515119bd50bfa3f8641c2d5d0e6b25a63f3d32ecfd6dc20c20b9fd7d269f0d273d90c5e595e9e8a63b1c140a4ebf9d548eefed4221eb4df98f13b5e9e174adf66f5a02a14c4f6943c2e22c9af86f6ee304171195ba719cb0e3affbeeed651f85401bbf3b6b5e9aea11ec50246a7598dc36859fb82d8add91cbc18f20dde9e82677ab17a8b9700e64090a1ef887aad4ee2210f4dab96c1c2e5849d919d04a73b859da69e77133a6ebc11083a06604d3ce8586e26f7e13df5c42b56e26ecb23329ed365b7cd5363cde713b6be7eba26f7d3c9a8bb57d5451b8f4d6daa70a9a63aeecd12da2a05ae6c500f6686ba73acb615090fcf7496f99b7b5f5a761cbe98ecb409c2c858760eba4c0dc677e8647b0a170100ec9c5d9933f0caba87e907970b10001f98b95a462223c200b20cacec658aff3af57ab2d2a5c362d50e412d75e8dd384ac6579d80729e73bef7cb5b9a06a2438f82a95e63f0fd33f7e8f9f3417a85e499bd3aee97feedc47c4e9de30c66c8c347a454b78d18f1da344286cecfe3e79451a0cd05dafecaa7ec66927c8b10019077bbe52be3ebf40c622bcf8fb0ed4dc956e1e199bca30eb243e58111cba7e0ee40bbbe79ef9900d5caf67e89ccf6f05d96c9ba31328b9fba2c844289748138eab58022f887da2ecfcef398a8392ff47bf7281c7ab07e5340b4fae3f6f914bc39a03a3755c2286a6fe9adc2285367225be02bb89d5f7b74a18df0694fbece22194d3a20b2c25847b53be80bbbac1915be37e4ea5cebd6363f15ddfd9737551d06fb78d43bb5d40ed4b00653497c41476f0cf29c8ecf2b21f4fc015b40307d83e607a7e14c820ee2da9bf2c8dcc4e01bb4de658da49de931bf08c8cfac4da46e58126894170f5a098c9c4fb88eb67f40d521a102f242f1cab31bd82d7fa417d1e66873bf82e472ef06068a7edd5cf106a2ba8c7fdcbf201916d611b1c67de12fbee2b188fa64cade0d7032bbd30a1fa99ce2f770a72791b7c6d7109dd7168f5e495918a2670a4e48b8ad3963e00bdbfbea65401722dec86bcfbe576d45f71b5004c8a3bedd3c9603f1d252fe8a327fb162d8174d71c37e3973aaf00e10643cc09082d70cf69324a7cb84fbbc8c825da188d01b8d837fa96cfd74baa232b380e3bd7a8eb92f787a23a3ea8586a4d226222fe0267e83a706e3745a6a7900ff914a573f818895294b8b7c6a18c0f42de48645af5f1def06ce1ba851845643e6dce11ca07bc327d78eb4ec47f2d067b85ea58df1ccc2da39321c0a3ea9fca4f3407f7aca9c53d59805539fc25c06a36882501cadbf113ff483e6aefdd1e618e3fe35952464ebe3ccbd5411ffd005f24103c5c87b1d9f20f8518e5a5b0e16c839d3e2f04036aefec0196beb085edf6cbafe23b0ea261d7c65d5f6351e40b6eef10d6c73a54b6bfb0dd2d5cefa8ee71e3344e4a6e5a93d7a814a4847d65364c931136ef1", 0x1000}, {&(0x7f0000001a00)="3d0ac35403692879da06559a565a3c083e8233ded34fc685300eba475708f213155eae793af00c62db61a8fbdbe696096aaeccbbd89ecd7c80b88f5fc36a187b40ab1275cd221d92cd6822ed2b83f81ee8119eed196cd4687ec250fed47fd012e0474e8357905d40025dfb9a18008bd7aefd0dcdc9c9448a07bcd565a106c60778ae4706cc1092f278e53bb08c6c662b23", 0x91}], 0x3}, 0x40004)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="7c0000000dbb988f38580d4c11a78db491c22d97eb49d5b7dd6c787787eb874f3173b14f544f72f9553640553985e044cd839f8e26f9383cbeccea684adfcd679cd002c708fce021451a2964e5c09aac9212fefb9cba55c73f97f320ad62fd64efaf5aab6937e07e9c9bf309a79275", @ANYRES16=0x0, @ANYBLOB="020029bd7000fedbdf2510000000080006000200000008000600000000000800050071070000c3ff0280080009000100000014000100ffffffff0000000000000000000000000800090016e4000008000500000000000800040004000000080005000900000008000400030000000800050007000000"], 0x7c}, 0x1, 0x0, 0x0, 0x8004}, 0x8090)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, 0x0, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0xfffffffe, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xffe8}, {0x957f77065cabcaba}}}, 0x24}}, 0x0)

3.344762399s ago: executing program 4 (id=1613):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x2c, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x1c, 0x0, 0x0, @u32=0x4}]}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'vlan0\x00', <r5=>0x0})
poll(&(0x7f0000000040)=[{r1, 0x12}, {r0, 0xb120}, {r0, 0x8}], 0x3, 0x5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x38, r7, 0xc4fc9e906872338b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x4}]}]}]}, 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372001400028008000100", @ANYRES32=r2, @ANYBLOB="08000200", @ANYRES32=r5], 0x40}}, 0x0)

3.263946366s ago: executing program 1 (id=1614):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}, 0x1, 0x300, 0x0, 0x40801}, 0x90)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x2b, 0x80801, 0x1)
sendmmsg(r5, &(0x7f0000001f40)=[{{&(0x7f0000000180)=@qipcrtr={0x2a, 0x2, 0x8000}, 0x80, 0x0}}], 0x1, 0x20000090)
r6 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500fde10300000000119078000000000000000000004e22004d907804002000"/58], 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x3, {0x0, 0x0, 0x12, r7, {0x0, 0x6}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_cbq={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r9, &(0x7f0000000000)=@proc, 0xc)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x41071, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x5, 0x20000000ec071, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x94, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x94}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x26, 0x3, 0xd786)
sendmsg$IPCTNL_MSG_CT_GET(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x14, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
sendfile(r0, r1, 0x0, 0x3)
socket$inet6_sctp(0xa, 0x5, 0x84)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0)

3.211639982s ago: executing program 4 (id=1615):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b0400000000000000000200000028000480240001800b000100657874686472000014000280080007310000000008000640000000010900010073797a30000000000900020073797a3200000000050007"], 0x84}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="8421c3f8a3c8bea82ed1460f7a89e7854a97f4e6e92d93f8d8d94bc1736460fefc5007", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00'], 0x30}}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r2, 0x6, 0x23, &(0x7f0000000000)=""/48, &(0x7f0000000040)=0x30)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r4, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00000015000100000000000000000005000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x4000810}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r6, 0x6, 0x17, 0x0, &(0x7f0000000e80))
sendto$inet6(r5, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x604ab000)
sendto$inet6(r5, &(0x7f0000003380)='K', 0xfffffe42, 0x44008011, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000180)=0x40)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0x7, &(0x7f00000003c0)={0x6, 0x100, 0x2, 0x6}, 0x10)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffe000/0x2000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000012c0)=0xfffffffffffffd76)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0xd, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080000181100000ddb11de3a86ec43b356697e76e651650049631c615e815b649150", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.052495212s ago: executing program 4 (id=1616):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x7, [@typedef={0x3, 0x0, 0x0, 0x8, 0x5}, @ptr={0xd, 0x0, 0x0, 0x2, 0x5}, @ptr={0x2, 0x0, 0x0, 0x2, 0x3}, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x0, 0x5}, {0x3, 0x3}, {0xc, 0x4}]}, @int={0x4, 0x0, 0x0, 0x1, 0x0, 0x22, 0x0, 0x79}, @float={0x7, 0x0, 0x0, 0x10, 0x4}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x2e]}}, &(0x7f0000000140)=""/106, 0x83, 0x6a, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x12, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, @cgroup_sock_addr=0xe, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r4, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r5, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r6)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x30, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x3c}, @val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x101, 0x2f}}}}}, 0x30}}, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000004c0), &(0x7f0000000580)=0xc)
socket$isdn_base(0x22, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x20, 0x52, 0x1, 0x70bd28, 0x0, {0xa}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xfffffffffffffffe}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000200)={'ip_vti0\x00', <r9=>0x0, 0x7800, 0x80, 0xd9c, 0x2, {{0x4e, 0x4, 0x0, 0x7, 0x138, 0x67, 0x0, 0x3, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @empty, {[@noop, @lsrr={0x83, 0xb, 0x6b, [@multicast2, @dev={0xac, 0x14, 0x14, 0x12}]}, @cipso={0x86, 0x49, 0x0, [{0x5, 0x4, "f0b4"}, {0x5, 0x6, "31d87af1"}, {0x0, 0x5, "e2230e"}, {0x2, 0x4, "7512"}, {0x6, 0x3, "dc"}, {0x1, 0x12, "54847fcfd3879abf2635e57da23f3e4a"}, {0x5, 0x7, "00c8908d30"}, {0x6, 0x6, "1fd38789"}, {0x7, 0x8, "0acb6478d1ef"}, {0x6, 0x6, "07571864"}]}, @ssrr={0x89, 0x17, 0x90, [@multicast2, @multicast2, @remote, @remote, @dev={0xac, 0x14, 0x14, 0x37}]}, @lsrr={0x83, 0xb, 0x80, [@multicast1, @remote]}, @timestamp_addr={0x44, 0x3c, 0xe, 0x1, 0xa, [{@rand_addr=0x64010102, 0x4}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x9}, {@remote, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xb39}, {@local, 0x7}, {@dev={0xac, 0x14, 0x14, 0x29}, 0x9}, {@remote, 0x10}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0xfd, 0x1, 0x9, [{@multicast2, 0xffffffff}, {@private=0xa010101, 0x3}, {@empty, 0x3b}, {@loopback, 0x5}]}, @rr={0x7, 0x1f, 0xcf, [@empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x3c}, @dev={0xac, 0x14, 0x14, 0x11}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty]}, @ssrr={0x89, 0x27, 0xca, [@dev={0xac, 0x14, 0x14, 0x30}, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @remote, @remote, @loopback, @private=0xa010102, @loopback, @dev={0xac, 0x14, 0x14, 0x1c}]}]}}}}})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d72700900000000000000000000180012800800010070707000"], 0x4c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000440)={'syztnl0\x00', &(0x7f00000003c0)={'syztnl2\x00', r9, 0x8000, 0x1, 0xa36f, 0x0, {{0x10, 0x4, 0x1, 0x3d, 0x40, 0x65, 0x0, 0x8, 0x2f, 0x0, @empty, @rand_addr=0x64010102, {[@ssrr={0x89, 0x2b, 0xac, [@rand_addr=0x64010101, @empty, @multicast2, @multicast1, @private=0xa010100, @broadcast, @broadcast, @private=0xa010101, @broadcast, @broadcast]}]}}}}})

2.997124488s ago: executing program 2 (id=1617):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4000000010000100030000000000100000000000", @ANYRES32=0x0, @ANYBLOB="80920500a0030000180016801400018010000600fcffffff040008000f00000008001b"], 0x40}, 0x1, 0x0, 0x0, 0x44040}, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89ff, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x7, 0x0, 0x0, 0xa1}})
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$sock_ax25_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x83, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01402cbd7000000049ab8900001ea2ec9058", @ANYRES32=r5, @ANYBLOB="20001d801c00008006000500c200000005000b000100000005000c0001000000", @ANYRESHEX, @ANYRES16=r5], 0x3c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4000000010000100030000000000100000000000", @ANYRES32=0x0, @ANYBLOB="80920500a0030000180016801400018010000600fcffffff040008000f00000008001b"], 0x40}, 0x1, 0x0, 0x0, 0x44040}, 0x0) (async)
socket(0x400000000010, 0x3, 0x0) (async)
ioctl$sock_SIOCETHTOOL(r1, 0x89ff, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000400)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x7, 0x0, 0x0, 0xa1}}) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0x0) (async)
ioctl$sock_ax25_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x83, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01402cbd7000000049ab8900001ea2ec9058", @ANYRES32=r5, @ANYBLOB="20001d801c00008006000500c200000005000b000100000005000c0001000000", @ANYRESHEX, @ANYRES16=r5], 0x3c}}, 0x0) (async)

856.08901ms ago: executing program 1 (id=1618):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x25dfdbff, {{@in=@loopback, @in=@private=0xa010102, 0x1, 0x0, 0x0, 0x0, 0x2}, {@in=@loopback, 0x4d3, 0x32}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0xa, 0x4}, [@algo_aead={0x4c, 0x12, {{'gcm(aes)\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001640)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0xc87)

788.373387ms ago: executing program 3 (id=1619):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "97e9cddb93ea4ed1e2ace5b0c90ad625"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}]}, 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r4, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x36)
connect$inet6(r5, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b7000000e1000000bca30000000000002403000020feffff720af0ff36ffff3b71a4f0ff000000001f030000000000002e030200000000002604fdffffff00000f010000000000001d440000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a094f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad13f10c3ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc6cb14fd785a2bc3f6555ffbf67162869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85af49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6840a00001b3045024a982f3c48153b080044e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dfda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba182a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced305efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea8315557d7f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301f7f0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c335adb30fd105b1d94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8004bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1f018c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3ef1f000000000000004aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ad42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f944a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6ecf078c900dca2cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121975e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed62315359000000000000000000221188b1800e6af2e5f44d5855010c552c971a994896dd5feb39c43b6673108a6d74137092ba42cfe7201b4920ae8eeb4b9028427b4f9b956bd6d8fdd42acc72e89288e066d12fed8a4a97e211ec177a85cc68aa3489a6eff659f7b81e8bc63b00"/3273], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x53}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b8500000007000000850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r8}, 0x18)
syz_emit_ethernet(0x121b, &(0x7f0000000940)={@local, @link_local, @val={@void, {0x8100, 0x1, 0x1, 0x4}}, {@ipv4={0x800, @gre={{0xa, 0x4, 0x3, 0x0, 0x1209, 0x68, 0x0, 0x2, 0x2f, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@rr={0x7, 0x13, 0xeb, [@multicast2, @multicast1, @multicast1, @empty]}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x67, 0xffff, [0xfffd, 0xd0f], "a48fa23449642bbef65bc82b560cb905f8adbee0b91f2b3116e7f3a267d0803d636769d821d2f0dff568b8b65da5920639c5b4ef5a5b15579746259dc3de73cb7479217d10efd1a32c48b9fa15786dad9c64b278ad04d1ffc8bd1d83d48a32b14b42e5e369b456"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [], "7c9aee2d5353253055bc65acf8eb79c850467aebe8f70684ac0c1e220431664043c3108e248f36cb4ead2e03397b1368d622af898a4281f190da"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [0x8], "ccfc1502583ebfebb884a19117f27940b270a9b441cea9f8a54988a8f9ec654a86533f7dca1b974738b07a018e046b1c24b071094d7390a639214f7941841a48684fc0ac6ecf43dfb64bbe2315e332e0ab268d642feedf5480c6b216ffa53798682f3b59cf9e742ed8fb76f052db2933bb0a220b8b878f5fb1fbe9d0d9bb5e3f2abb4407ebe1c7e23afd95d68fbd20af6038b8e199431696c358f70a72ae912b988799e3f329a8c13e072c56ca6b4c05716cdeeef22868f8522524a1e78bc0f2cf4b20f7c28381844e885f88f964dbbbae055c77bcef76bfb977574b287433ddbeada7bbb2d0bcd194f70bbfbda3847ddc4c923479dc"}, {0x8, 0x88be, 0x2, {{0x4, 0x1, 0x3, 0x0, 0x1, 0x2, 0x7}, 0x1, {0xc1}}}, {0x8, 0x22eb, 0x4, {{0x8, 0x2, 0x6, 0x1, 0x1, 0x0, 0x3, 0xd}, 0x2, {0xfd0000, 0x4757, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x2, "b1c4a7ee5c8fe971db0786ecce4a7c39cdd29da23cc06b6a291fa9706af5208057131fcb46721911d96abe9dcc9ad70d5dedfcb1812432fe25a5509aac35e1682a36222e41f82656988b288cb4d9504b1a02d965e49da3841788f2d41d966e939c915e646103b01846af6d8ea868838332c66d3c916a9ddbd67dc498bee4347534ae52fac52f0e5bac7738637b39de1668925f4ba60a364cc282b61ab36c360343627ccbd28dfb89afacdc7a37f75f136164bf887d8376c7ab76a659aa41e7ed03d27f9f78bd51213d0e4a7bc99dd215412e44ad16dbb7e7dda80b65d532aa9a71275819560cf3471c66a220c217ee84f28157e6a0e6ee694bb16ed01294e714797cb6c4156915521372f4fa4faa6eb5802a062b09a4f7393188755630ae00c7f7f1e881d41d6b91f78d4f984fbf75e7326d12c402deda484c333a5c12fa72d3844e3fd8dbb5e03d203131d7290be7dc51fb0fdd8c8022e29b9f77095497144ee0f192978593fedc3cf92135ebb359c68ba6030cf68d9c37b229a396376aa68aaf8990d88996db09bac570ec00b7365999d696debab7fe5a7ca33abbe400886775f18cc32761b93ca93a3ea5917225ad5a8f8bf1feaf4ba8316b5eac37098c561f2121620dfb60c25ae0f0835900a55f659db8eaa399ed2f6b72363034afb0a80fe0db636b9b4df3230c73809654c900f81af4b4ae9f78dc1409780a490a2aa41577c55f48ffbb42611bd16c360e08debc4f456f1f8d3f3ffb33392228ff7dd9edb797ea16f36d9eec599fbc47467f95081dcdb4c1ac901ef24aa66ee08a294e452ca9ae2c18ea0eed01ae870b77f9edfb43f88cc97d5749e5a7f0360cbe3c98a0f9ea6c6d76f2feea218c4653d0d0e1207e94ce57f0fe27fbe6698c2a0c33b1d9aa724a7e0f9e75a270c76f300e770478ac3a11fdbb9501af0a5f1c22e21f6190bb04d8d6e10e97e5a430ef95354ba2694f567061cae5d1c59b0f5c3cff06c13eb9f4edf5afc792589ef90714ba8cbf1d8c5eb2cdaad6373f1e78af688e75da0eb8977e1ab2f59aa6a3d5b26a12c5193b6f2c826ea2e81076d92726eccc580d6274e5c742a9282789f083af02a81e8c09d40043e2bec666b908757cad1dfc0bb03befbe2d70af7c4d46af03c0fa14be073165aec5cddb4b47f8be75eff1e0f1bd603723c0b5f4ad84946b6885cf0e1ccf9c1249951b8135bf5bd2c11cf28c736ab1080ef5dfcf6abbdaa140e07a74bdc3a624f31065af23875f78bcf45497c7d309ff69ecc382f5b54a7eb94ca0f3661fec6e74285958eba9dccdda6aa3e2fc52b88416c7ddf9b633e1e2892809bf715da0999158f9c4a9375dad8486a9842c94fbe6dc0460a722cae7d1fb0f96c5916842c5ea7a91e779bbfb343071bb453c48ad64e749a9b391fcaf0b79669ee80fb1a4965235190c723ee15fbab2f27a3a0ac73353e328df914ab57fb8991279b29cee66e4768e515992e79dbab88eff3dae2a370d3e42802046a98bce7d527c62a8692593571b9f1aef8476e3b270a3239fe395d14912c1ff58ba7854cab8f1d90bb215e5c3389208b6fd9eb473b074239395fb5a48505ee25191c709d024d148c3b021279b351fca9ef5fdc93f5d5361755a903ae77d039c7d271cbf0274ea9fe5a1bdc1157ce275405bb85f4475ef3892c89b9b8d126745ed5764d8516391dd404b444e931e27df5d2417ef4764a15f6a470c07084bf8aecbc3a30155568ba4aa28ca3ecd0288a2083474fc0743489f3cda8c44fa190789e9826b653fe9c0bee883bf62a3deab639b5bcc2d5b850078cbb57c6d3343b0f2166ed0f4f0fe95e3896137941ec9f9a52d5a11bcb8a0d4b86c91db5b933d20aaf88cefb275454d1cca0cdd05b71579c03ebf59f35df32d8b1a3fe740454db546bec536e1f6778ade92cb650474312237d87fe1642122c6544df179588eeb601bf939aca15d913d7df893d9de190fb718eac60e7526cc308283b36e4e984ab26d104df8bdc3531c5b93da085608c3c84a943b9c0bb1e365a7001cc47e760a296609abc43e2e5291bed5a41230b70e4827a0c01881cbddd7fb8f48593a2e6388e3b9fe64f869bb2164068e3b1c6cb86f800e43809755ec1e5faeaa91b6024ff83ded87eec09dfaa9678baa4fb49d5304b066b75cd50921e512766c9986409d94de447ee5f4361af75e186547d566f8ece84fc4f3579e742a2ade703e3bf5c5ecc38dff5520527d313cfa317b56ed7ab7dca62dbc606dbb8196ca2ff326ae6ba676704a38bf924502de2fb1911d5952bff3281e7fe9d370b294a6c51f492c53c36dec57387a779bd56343b4d5efe6e045f20397f4652f5dcfeba830a01821992ffdc276958bc8a32ed8eba946c6693865a2f18731ab2e6777bb3f29ac5268cac220040c9066c4a3bc7159150188b60812df63a86037eea2762454d1ff5b8115f199b968c9e8a59c269babb070f5704d2d27d9b6c8a355bd1c96bf97c9229a6f54eca72a03830c3f8c03006b6ba733e4c53899a6e632358c333b2f2646dcc70598f107cb90ae399aff255ebbbb2da4687cf2025b6d2c59d87a61a6256c50205fa6b8acf2c648ae2a19d552a9af0b3e7d68f4f801fb5c639a1d6e168776766ff404a15f1193fc4a2e7969198991970559ce42d23c77944593bdcd94ac1fc5610a45d662f8136fe769543cf6de5a3d1325f9f1c7fe14f01a4b5341f41f0f692d078a3e7ff2496aab7d7999f78536582d9b5a6ebd1b6af27ef52e4818d3e98c131e7f246728682822b8460a87a42d20848b029aa0e571b1888af80a63d36e907317240c191049bdc92b206fb82daf186a382ddc5fc7deefb4d61fa94e19fe084023ba3e74d2738cf77219b071c8edd2e563bae8284335b56771e78d20c5e9e2b15d4acfe35de41585c74b08df4257fdeb0f2d39b1204c5b8c11958e6eb8f6e9902d4b35f06753d7e77a3d81f0e142d80890dfb4fb2d8a1b35cc89c77fe45fb15b36bb567ce6c298570d02a818653b13c973a56b58bce79c1d3041efd6b30fd1349a3813c1b731adaf3df1d632dc8186be4ef3959b5550b2e3129333ac34195003ffe986f01c1f666e4c874e726f75fce4e4e3306b3c53b7252c1344c8ebace4c3d411cab8f5dbfc3781d35efaaaf043dfd312a742e7113c99d54cecd0a6ee5a7347f9eff2d860e84d5ded3bbe39c25470b90a27a40e76791b9817c8a05945d1b29a36ef53f453a692e2ae0a5395df6741a6c5abc6a57da1f36e2d58d91d1a569da783bef5b8aaf95823e340a3214da0ebc43cae774495d3b8fbeba0d9df9dd813dca9e6a27a09f2f8b2ac413fdead6636bd5425ebb80aa9950411fc18ba03dc485c7c86dffeb0975bc2d08a32eb8b9295206e55fc6318f8258a4832cf5f4203196265ad36e86a21361d569fab92e0b439b08c3b6f2fe38a85299e97fc9e2ca2e564069f88619dfedcfce8e6dc5b3f58ce6cf3e287ec7983018bba9ed5e8e6e4f1e9854342fe389de59e962dcd5982b23e9217e3072f8a208ff54e680a1970524d24a974a05656f9a6ed1143ca2be401806d38c0ed06c97b33a09fe15bcea2f05cfaf78919ee7821f695310f4ed6b1736d0c08f30bbde6d29cc12bc7de3d21f386c0cb2cd42fcda0593978b4fd073d9ee29f4224a4666a3383512e461311b1c1b70fd156bec1025effd86aa4cd89f7071140b908ae806abec8175cfb5b3ee7ee89f1fcc9f75f45011baeb583c4068de9400245a4ca14b41708424ff04f1bcd3defe0ef52b2e1789dbf70922874265c2d13469c17cd8244f733ccacc458a17b70e285e57da2c306cb05c2aa8f783e773432c41901cd137dd3ca66c368ca3b0c9b8e89c26fc84a85d0900333d30411fcaf589654deff299a56ce278e6de0dd2bb64d77a5d99a38dd395d81cc81448c9f2ea041ba45caf0083a0c3920bd77e47be8006af329dd0c6d37c7bbef1251d0cb87d5402a62c56ca59e4d0ad9f9fafaba75487ed7c1e9e6b91e536f1f2671cf8000c799680d13e56b6675a626485beb61b1e6db8e35fc054fb791718ded80d666227ac1367565343b1df616a00afd135ba9a148300cfd0227fda17722af903aa628944f9cc26e7400387049068ea0df5c2b91c3c13a5d740e0c3bec83f3129cbbb8022c8e679748b53199aa106c0711ff6f0abc2d3e92d7753ca9df0eeba20607b22e36aad036ad6d9bd016bfc34a7c1bbf91af4af8007daad8959af0f65356cea2bcfddebed2e142aa5ad836033246151511bd438ac7694bd17324c639ffc0916566dab215087ec26362fc18c820702f8493a6e042a668efe437f41ffc19b73c4954f44c7b15578f6ec28259c4fb37b5bd705a836c61fd0a8b3de338a6537dadf9076062def173074913a2d82a3fe121ce25710d08646adf125486e9f07340ece11e1f9c7c3cc58083583053e8bc22c7c21c724a5063dd5632b22825eee1ae87c8b6aa3c3bcae4d4c3becc3e00edb12e2de85f7b70f13c155a72e8fe0495de7e3ecad4e765a1c8a7915e6a339704c35d73c8d3834d2999a6b409044fdef5fe1911b0c3c5dbbffc953d5406db692a89f491a32affa1307baf894a859984c9d8665bc2d653140db495b31be58b3f122194be83ac5091a04b7e011bed01aa298f73285cadd5110d0b607e9e20e91eda7b3074ea4c5755d80f49c7250d8c910797a56249ada8ad55233bb94bfb5cea382653cad3176414c59b271f72f6565dd5f7e70d53c4398296fc54d9b2cb5018837e34fa70ad3afd17cfac64cae0231cb6df10c10fe0b6d7f96ca4eb4b744461d4ef28ed4b12487988a9fd473e4742a5b887aa9c0247d510bc097ca33c8b2120e99c24d0468e6c252283032833def2b0d06db2f6c6516d8f565da38a01983159eff790641a5909e46af1803803eb58b36e6ae5d834fe48e88264b69dcbaa0f4cf250a8bb59e1d0c3dee6f936b576b56ba4d0b289e040ec6e1630b41fd251143a632603f81f8311b1891bc1d19f9fd89ddccdda96eb1113e7d9557c18ac2c5909bc29fe7de589ec67e882480a5eac0c8c24e22d5faa951d8e0245aa1adee5d1d70e2257361193a6a82b00fcd1543cf1b04106c80fc8b2d637f5074582f8a8f988a4ea0df9cb974f00ece2cec8fd790550d915e49bd523c3427cda320f61e2a8448de564a367f0225c40e851dce06b715d1911397de1988d5ed01818c0ca980b3ddd6d441af786b3360ec795b9877432759e97952c31a96d5e9929cc16ca0b083292f13cd867d359d1f9356ff711ea88a599dbd9af83b6d645aaeb74d86856d314d6352d024a7f4eacc6d89668c5f199f0fb7a185f65951d9aa7b2a9b803f377a31cd2fd9ae95cb1deab2b8b2607d055aa19e165cecc07e9b27930ad1f3cd336dd613941a2696e5f3d81800a861cfb0a4f08d53aaf41ab65ac637dc09c10391536161973d189aa374d0ab1cef59f78699aaf747e190d65a8b35dc1b318b6df7c03d2d5c54bbb194376827409616ffa532317171369a7a0a85c0b4d616ce8e798dfcb0a89cfe72d799b51c6a2571dee74afdc3247ad50109e78807ba29cd73c55a9836cdc0c9445ac52f9f8388bb620f6e135c47b98df30084a3362a14785d88db5f3d29206da6ba7842d458e97f7ee27be12a2b34cb81dab533e9e21ba6c554c5d94c2c825c1cc305eefa732b21fabfc8b9c80d230491f8f0bb5427cd3f4e711838c1f4b5fedd2bb3f1eabdbdc96f5a44810cfc9c3ec57eb083b4eb68cbe392a44a1aa457f28d6ec53a3f969b00b9487a548471275a0b257e1a2371ed5302b48fd"}}}}}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000500)='GPL\x00', 0x5, 0x11, &(0x7f00000017c0)=""/4098, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

785.179161ms ago: executing program 2 (id=1620):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'macvlan0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[], 0xa0}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b1a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x3, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x42, 0x800000, 0x8, 0x7})
write$bt_hci(r4, &(0x7f0000000080)=ANY=[], 0x6)

783.986198ms ago: executing program 4 (id=1621):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="3000000002"], 0x8)
r1 = socket(0x1f, 0x800, 0x80000000)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r1, 0x89f9, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000000)={@private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x3a, 0x17}})

725.351864ms ago: executing program 1 (id=1622):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='cdg\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000004c0)="b1f5", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000b00)="1df0603e70", 0x5}, {&(0x7f00000021c0)="f85df043030025335f4ef1a9623b15dd4a2b6568eff3c39bfb626f4c7812736513905a7b87a85e288b83e4c648d096b4b9ee7c33e7cac6c63ac91416d87d90ce41b507fefd99368c0b3e4f40effef5eb9734779bd61aa2314ff65d80e3c5f0f80057d0d05d6ffe448cc65eaba0baba237a1e601d3d736dfe551e4e50307fa8f285b68f6858fe5f293efb62011d742501c71757a67116abe7e0a88e2923a5a2fb5eae07de81d0b979e8360b318fad3f9433dc6dd8470cf99dc9547b808a817568c9", 0xc1}], 0x2}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)="3d72d216eb2738c8b395ed9f2bfe9187b707d75d32b4c3cb2189b03946ad75a8ee4da1260b6796d042df7fac5b4ab18cf81d4ddeb5c02d3dddfe115a96a5938fd4f168a115d22717eacf9df83d058468f747d804d206693f29c57280a1c482d947b42a3e9014243c6cec679ef2b1c000422c4c196d1c7d64f35bf626079a3761855b2b6037", 0x85}, {&(0x7f0000000e40)="37c3354d35aeb2eaa34b2752a57403db121378951585445bff4584877a6d52c433e44959a4258428748e386f935536a6f75534401991cfedb5877ba0118692858cbdb0baa42f76404deae66b76b89f53e3bee091d5a4d77e15f089d39b21fb6a50107864fa706205dba2d4987c52e00abe04530b7a2044691337b2a44b5b79ec7b33819affba4b634ef5dca7d2518ed365a5b033249e528850da97a0ba558b9eb982c1ca1ac7b053bae00b141334e735b268f48c3467843bb6ca61b76e63e805a7783136d849045a5c9bbc55ecc4659683a20137ff39c2854d3716ea9d3c550fb92ba56a08e94f7c3586b2e3445c279e3370085ce20890f35882f40227b2f00224dcb8bb15280299279d1200e0c7200715a3fdef489dc1a73af621f0764c1ad3f8a61ff3a1184dd09cfbacdad80091d0fd263b4feac047f194202a96764e94446c3640ebb72375dfade192e6542d18cff9f6d9ecbd177ed42f41f41173ce7845dcdfc5f44edb067cb0cc6aed7cf5369cd33dfc322387e5e4ac99ea067e1c5f82d28735a9885756d0697bf7793b602f2c575bfe1403c94ef77c4b7ccf641afafc202fcc540bccf529eb5025adddfa95c47697f13665cda26bec6e287f6d30726f5b25cf07d1819316e07ddc56589a99befab8a09f975f86772d7386e48eb477fb8422ceffc887f0c95dab6acbae685edfbff27153e0b0d79d1d5b921979159e071edfcc520d6e01ae403737b530648fee147f735e4ea4fdf301c9b3e428f8b2f0a50de00374b19509803fc92859b675df457947e3757b5f01fbda8cc0fe146d7e389b19ed10ea02733dae8d4613da42f03b923ddb2318a9d00b0d18ca9700ec4f932f430e9a7001222056939a8676aa8a585575db79923706c23554e55acfba69801c97a157a7b05972e5087d5bb4c257d706c74e3a57450b58e51b08ffcee6bbe90715a24479099ce262b7f287036edebb01c0a2f9e24a0b197424c0cfd964e5d4effceca6c7d27e0ec006a4d14e3a3174ae31492715eaa74e922228b1d18715f17c53a05ae3c3d56d091a59351d87dda03455f29e1b0f41a3f44b24203907176281bc8c1b9004917e2970a54e614a516f126b00b992a9b879a2eea5181969376746b54ba753ff598fbe1e9fa98d8f3592a744e03c3636e24197296664afc62e0bebe34fccc5f79588aebed01c26b3a0ee40f7fcf5a1de5bf532b1b4f803dd66ccf44e520426b2d06e1d0ef991b70801f3901f8cac5c173b1841460ae6a049a230774816f3c663d3026e0f2ce5eba0b790bb6c81619e9845799c7b7ecbf0f92e8d18f27e72b037f2eceacb7036189edfb2c2f3d2bac24d38ddd7742ac100484bbd81f50f7e005ffbd78461a1b605753822d0211f748bab7f17f8c784c031d00db8aa58b9a17de65322450b5d88e0fdde70ef905669a9db3f21e9d87e74301aa8", 0x400}], 0x2}}], 0x3, 0x50)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0}], 0x2}, 0x2000c881)
unshare(0x6a040000)
r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r1, 0x40047451, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
r3 = socket$unix(0x1, 0x1, 0x0)
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, r5)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRESHEX, @ANYRES32], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4080)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="2e0000001000810800b62aa73772cc9f12adf848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x240008c0)

670.914189ms ago: executing program 4 (id=1623):
unshare(0x22020400) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$cgroup_type(r1, &(0x7f0000000000), 0x9)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r1, 0x0) (async)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff}, 0x50)

556.719892ms ago: executing program 4 (id=1624):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$unix(0x1, 0x1, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket(0xa, 0x6, 0x0)
ioctl$PPPOEIOCDFWD(r2, 0x8903, 0xf0ff1f00000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r3 = socket$packet(0x11, 0x2, 0x300)
recvfrom$packet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCGSTAMPNS(r3, 0x8907, 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000009dc930ec9f91ef867c191854ad395659c035995ede0a4aab5a2f31cb190a944ca6e7535d6cecf744d7e4759873e06f0a5269580da3a24260529ee2f8335336a607a5c33e3ac907cb5e58c1b768740ff59324a7f857ecd150d401c3fc57803f47b0d9a62f1afd0da0ba4b1056eee6e002fdfb4c99fb754fe111dbb478a0aa791bb2c62110c81ec001974875560c033ba0d1cc4e54c717be66af0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r7], 0x90}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYRES16], 0x68}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000300012800b00010067656e6576650000200002800800010001000000140007000000000000000005000000000000000108000a00", @ANYRES64=r4], 0x58}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
r9 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_type(r9, &(0x7f00000000c0), 0x9)

555.216157ms ago: executing program 3 (id=1625):
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_ENABLED={0x5, 0x29, 0x1}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x74}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x8b4}, 0x8000)
r1 = socket(0x6, 0xa, 0x2)
syz_extract_tcp_res$synack(&(0x7f0000000140), 0x1, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={<r2=>0x0, <r3=>0x0, <r4=>0x0}, &(0x7f00000001c0)=0xc)
ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000200)=r2)
r5 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000240)='memory.low\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000280)=0x7, 0x12)
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r1)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x34, r6, 0x10, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x3224, 0x4a}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
connect$ax25(r1, &(0x7f0000000480)={{0x3, @bcast, 0x1}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x18, 0x1402, 0x5c92362541853a5a, 0x70bd2b, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x24004044}, 0x800)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r8, 0x8982, &(0x7f0000000600)={0x8, 'veth0_to_team\x00', {'sit0\x00'}, 0x7})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000640)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000680)=0x14)
syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), r8)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x18, 0x14, 0x8, 0x70bd27, 0x25dfdbff, {0x25, 0x8}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4085}, 0x44000)
sendmsg$inet(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000800)="eca819d8e104f383cf4d7cc1bb64b879564811150db5dc13f51393e8a79d2c945ed5c7d039563d11b8feb5956aea96f7013cf63ab49db3dde4e472e2f8109bffc0f93696bc51946746bbfd372323bb1c7abbe9368ee8fcc134b031d18d28c8ba37a93c58c90da8bd323a780920278399d5a0ad87f6538e1aea72ce9f307e70481c6200ab72b95a8772715f93101803e3050dc6451b1f74092383ff18e7261589150df703210841dfe31c770006d8895216174621ca10756a0ef8e4d82ae2", 0xbe}, {&(0x7f00000008c0)="30967e9685950547dac177a30d28fc42d5f8b8d5c3201395e36fc3829534c8448430e52c83efdcda59abbbaf9c26eec0d8961681582c23b4e4202344d4f09f", 0x3f}, {&(0x7f0000000900)="542e81034ce12fd4d1f0c8c932159b42d6a436e08e01351d527dcc364901e4f307493c226898f03b7bfe7897d8235768dac701f7097408bbf7c3da96176effe623b1da2a9ea554749af907efcda90e77f50c85c9902c8a6bad687684c18efea8af543477df90acd2e5857207f43247c4bec2a74ec7ed3f0c190e9aab87be6107ab6335825ab9fbb92d8698c9e7f3da12ad0ba450220298f495a3e13435290ed42b1d8e06003d4c2ddf6a7582c7973b5666594f43f52420230a495d6d1861b589a4212b7199a1202f112914c2f97ba89c58ea37127c7378c2e5431bd7af68c644fc26e65a3ce7ddb2a7721e9011ee61538d4ce68da5f7", 0xf6}, {&(0x7f0000000a00)="e08a70bc7f6729f4cd86ed26d9d7ea4d380943b884736b87158afbe20fab989c0e816dbd9f9af4441a2a1ecff885ac838c2ea9d1bbae263482022d2d23eeddc5bc483ff43702fc6310e6a088f0ed35f0b77206c45e97fcf7f2bd5a502f009c3177e9c6dc76c3e758f9000999dea94c261121efda09a013b66430476df323957982b20665cafa18fe1500b907c5a2d47703a591adc3b59cbb491612673e2bddb13e22978ae12971ceffa00c96de00d018b85ffeaff11344631319503ab16e1dba083330ba71d4932073010c762f9d2a", 0xcf}, {&(0x7f0000000b00)="f742b80e3c80f8b0455c0c6fc060909a5dde5b7c530e1245bf84eed20cd2fe46ffdcbc2f0c5f1c9aef7dbfe7f599ce88a8a51fe56575958ec670c16f7d65a76adc87d3c588f40442f0fc1ebdaf142f7a5483e91bf1020cab9042bdd0233baa367daf929852c9073a3eb4b368492e19c1f7ed55eb9452b872df0886cfa98c61e237ffcdce187dbc3c0a556d11117ac4a812cf4954ec2b78f60a3b8003d28dfa401cdc77b8998b8eda8e0bcefbfbc9f2486bf1bffca75df28798df5e2f9f94f21a8a29bc32d5dfff0c092d1080", 0xcc}], 0x5, &(0x7f0000000c80)=[@ip_retopts={{0x64, 0x0, 0x7, {[@cipso={0x86, 0x54, 0xffffffffffffffff, [{0x7, 0xa, "b92def4198581e7e"}, {0x7, 0x2}, {0x2, 0xe, "c298988bf8e0e78353a32d0f"}, {0x5, 0x4, "c2c9"}, {0x3, 0x8, "b57b0aff57c6"}, {0x0, 0x9, "6d2a5fb36268c2"}, {0x5, 0xe, "28ea915b29ed229b2cc9ecc6"}, {0x0, 0xb, "4cbec4d983eb91e47a"}, {0x6, 0x6, "6aaa1f76"}]}]}}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0x28, 0x0, 0x0, [0x4, 0xfffffff7]}, @timestamp_prespec={0x44, 0x14, 0x8c, 0x3, 0x3, [{@multicast1, 0xfffffff9}, {@rand_addr=0x64010102, 0x9}]}]}}}], 0x98}, 0x1)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001680)={0x0, 0x0, <r10=>0x0}, &(0x7f00000016c0)=0xc)
r11 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000001b40)={0x0, <r12=>0x0}, &(0x7f0000001b80)=0xc)
r13 = getgid()
r14 = getpid()
r15 = getgid()
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000002500)={0x0, 0x0, <r16=>0x0}, &(0x7f0000002540)=0xc)
r17 = getgid()
sendmmsg$unix(r1, &(0x7f0000002900)=[{{&(0x7f0000000d80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001140)=[{&(0x7f0000000e00)="7f88f89c1926a0e5312a6020b4bccd3bf45bdd310fc22bb996e5c69f95fa1a4571520a585f1a98a9a1ca0af0c4e3b858e43cc07f0a660480b1187f5d620fe26c70bf5a7e17292cc05026c9dff8ec047dfcd6563374f25e1a34a85681c98f9c8ab3bade6f8b176b407b03b5c8e2492a3478da6990e4637a2a3c29", 0x7a}, {&(0x7f0000000e80)="47c2edfb210eb2e26d3c2ff56f423e5d4c9be7a7ce943f0cc1147496bfc0d14fb388bc28ac92ba573a4c79de635a65d2e902dcad607386d0cf4c7f938622f9a315d6c752b5ac565ea2158336b0149fe0360d8700de44f64ff2cbb41e0e6f00b6d846024b45f4f359737df0ebc728f4a581a1db6c8fc3d88b4ab334b7e8ac46b795ea0a544a178b179053c93505eef4625deedaa99849ef896f113438e99d3f283b8b77c8553e1431dd9143365222d0f4020c2cc035fa1d27a96f84d41ac0142c44e78ae5df7ddc5b821f9e0b40f30e68310add366307c570d725d41e43ae61bf561ba411eef1e05d312533fa33b560aed90f372105549b70", 0xf8}, {&(0x7f0000000f80)="8d11776a809efcef0b310859d27dbb99a990f231f8199070268a5d2f3f8f08ffc78dfa3b1f44cfef8bd4debca30ef7a7cb5e828acb05f03ef5078ae670fbfa071894de", 0x43}, {&(0x7f0000001000)="b09e23a6bbf5d7893c76df46e98abbc0f83e7706e8297f493470ac24d3afccaa23d4e80f2f95363067", 0x29}, {&(0x7f0000001040)="e7f3eb48bdc0c90f5a773095d1e79a0b3d0587c2ce71b4958137a8b7cf2711f107d4497214a171abccfd718e67e842e568651af4c4fe96f6421cd5d8188a15712fb416ad212902de28decc98d453293afc85b4215a6b75443e5cb46a5e4b868a8e982e135c876bf3477a98d1ed1c52c2ee9d95faac89662fff21eb10bc57fe7e63621e8d921000ee2000a389eabb19c0d34a5ac91f808a2c5eb4b608e1630e97013b4e39f6e12cccb013bfd6fd6db128ee5541da85012f800975586b505826916df32824c1ccc5e10852af01282b5022e04b19688fa4f8d37715fedb3b760bce5cc1ae", 0xe3}], 0x5, &(0x7f00000011c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}], 0x20, 0x4004054}}, {{&(0x7f0000001200)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001480)=[{&(0x7f0000001280)="995784489b287cc4dcdbec910ea08c36998572e68d5db06d6ff7d281514989c01b512fa20656fcc6fa391ccaa6679f163333d0462e191eb1d2827e5e0beb9a222240b651fb84d45522af1e8990fd45f5419bbe8b9ea9055a653e0351de35cd210e3b91c84d67f5dfb6854a855d258db67dcfac2e7f35c3dbc0a9a80b95de7409aea53756864bb8bc653745794c7e406e9bd4f32c4944c8d3bbb7c26683", 0x9d}, {&(0x7f0000001340)="5e05828f2529a0b1aa4d6ee74dc01fc8878239dd5faa7f6a5982e6091d14eb5e0993", 0x22}, {&(0x7f0000001380)="62eed57ebdb5f85b9fbb40b7da2b8174cb561d9f8039f2494df3705c59bd803c97b2f9edf7433aacac832743295ad5399f28c2238d1cf3db436b17a997bea66be25fb26d3f478174d4f7bdc16c0750f2bffc64d40c7023c276b8ff1a80785d2e4a1d7a7dc96e0217223023cc5857b765d5c8b05b7b70c581758fb0073a081ab842bb8f5c9e80f0ec72d4dd088aa5d145bf836a4b64cbf462a8885b667150d439c0d307398e1ccfeab289f65c0bc045e9a7d26b23f4e1fef0bb7014400c67db42dcbd2ecf072440dd82fbc6cb9c42cc5132d51eeb6459318a09d53fedff3711b9dc54c8c2dbb766ef6e904de3324fdd5844aa2add080124f02f23", 0xfa}], 0x3, 0x0, 0x0, 0x2000c050}}, {{&(0x7f00000014c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000001540)="a536981cfea8d3e8f3727843933da5d6e9cb3cabcd640d4216e7238ef6a0ea086497c7a2505b2d74448fbc0cf7b07890241ad6bf39260bde3decfed7ad239d03b784899fe02347c66e68749032cfb720d13230", 0x53}, {&(0x7f00000015c0)="7a207f26d27b193d68464004529ad777cc76bab9d83de4f2e5f23bf3a911ad5fc92077fe106e358cd241f9c1845f4638f6d994efdf21e0d857dd32ea2e42fe0b0f6e187373a448", 0x47}], 0x2, &(0x7f0000001700)=[@cred={{0x1c, 0x1, 0x2, {r2, r3, r10}}}, @rights={{0x1c, 0x1, 0x1, [r8, r1, r11]}}], 0x40, 0x4004}}, {{&(0x7f0000001740)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f00000017c0)="b5c45017976e0a53d3c10f57bd2894d74815cccaff897ce6f93c4b5b0236b0aa112f7d4ab3e302202437644a8830eec69f09ae73f312ef557def1e667df92db5b1d8a512ce0ea229201916901461d9d1e9ef4ff3b8842b1e831a8227cd034e16a47313a1e569c77528f36aa7b926d082d4a39950d59aa61751f5e03df56fbcd1db3cdcc500f525586cb65bb9504deef9a1593685", 0x94}, {&(0x7f0000001880)="ab0c6c0e279149973ffd9f43139c6396c847150640fdf540d9de4f2b0bd8b0f0ea2e313e53a20155ada8ac5333fdd390d35d99fe5193b72b65882b80c4968ec570482395164824b4ebaa49b9e44416ba475591267e1aba9225ae64e8fa197a080152791f", 0x64}, {&(0x7f0000001900)="1bf0cd848a9fa075b0282eaecd8b8961e30793ecd609f3eb36cc2e8b27fec54e75770a98f3250fa9b45aeefa613c8a26641034ceb794a03e8f3829badd44650acd75bd875d87f3573044dcb1fd821176daffd97e2b4b48662ba1d2f30209038da56c0e8ec639bff430f882905c980ef09244b78f7c7739ac0b17d05568af3776", 0x80}, {&(0x7f0000001980)="4d33bd6aab5adf3d5cd31e2af34669f5783f944a8a95067cb37cca21c4dd20c8597a08b859db3bf2878d8d4d63c5b07d65e6", 0x32}, {&(0x7f00000019c0)="fe6e3f148cc0fad63325ccc34166ff82c19d49f851b651b36f8a3a7bed4df58233d60b5373934072d80c3edf09b2aec5d1c47b5891ae8abcc9fc77581155cab1e35f8814198d0dec5ed93700fadd5aa70ab94fb9a94c6a539e2272bbc2dbc5276d7e331d98fc5b8878beb31ec291c82aa63d925a21c3bc55edfeeb04353873330a64827c59abba6fc7601dec0b746ed28ae4173ee562998a3a0f330cf5fc19302186e0dd3189262b0a90c42a95c3b953baff62e14bc0319764ed82da59c6c33bdb2935ceeb5fcfbf9ba37435da2f5b3bcc304e35a0f1df253cd1d2e1c027d05900d7ce5cc2511758a9f7429b8a0e", 0xee}], 0x5, &(0x7f0000001bc0)=[@cred={{0x1c, 0x1, 0x2, {r2, r12, r13}}}, @rights={{0x24, 0x1, 0x1, [r9, r1, r1, r1, r1]}}, @rights={{0x20, 0x1, 0x1, [r1, r8, r8, r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}], 0x88, 0x40008010}}, {{&(0x7f0000001c80)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000001dc0)=[{&(0x7f0000001d00)="ccded4c7f25782766de6d375cf8d86a9229c471ed167a556d7520c26bcdcfaefb30ebd4b23e032f9a1074077f7f5347bca59f3bc1a938b55fc227fc25b85d86f6649613a6b767ac206ac8b78d821575309322e88be4f35d4df7d1d8bdd4f6365be17cd86bdd2792b823e829cb7ceb93f014f4eecb57391016bc90c564fe8db323d445dffbc4b3bc1", 0x88}], 0x1, &(0x7f0000001e00)=[@rights={{0x28, 0x1, 0x1, [r9, r1, r9, r1, r9, r9]}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r14, r3, r4}}}], 0x68, 0x4000000}}, {{&(0x7f0000001e80)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002440)=[{&(0x7f0000001f00)="6a1cbb3919f8ec656d1623f3d9c333543432b760b9e363b8154c154f772c8d41e9989a5e291e85604e21120901023ca5d81319a8690127f609334e2a6100de3064fb4736", 0x44}, {&(0x7f0000001f80)="3cf71682cbb1f0627b056884696a8407125202ab56ff1d83b96e2a4ea6dd0b07f8a14624e9a48fcf839fc515ce1d22780a735c07b413a55d0291c825b85726034f2e83946f8b5d331bb1a254d15be7c7a6b4b11749c6b9a95fbedafa5d4a3265b11b9d994b8a4d438fd9b517350da793eea15c36fca216d9d2c041f1a8117ac459f2a2a18fae22d72ec4656270c80c3d508db1e59d4c3fefbc2c2375400e346effb6e194e08f46175a794706f175eef2455f7f170d8cddcb09a8d35199", 0xbd}, {&(0x7f0000002040)="3980304e3f4ef03a1270e422b7e6b4f24594d7caa2f477a0bb2012067e531166d926fb208a1f04b3376485dfb92f90c3db38a02e38c5defc2b59e6d064cc493321971173c62257355afbbeef0350add112381a95452637c9d2e24ec9bfd5e1ffc919fe8e242f2075d6c2a059d7652c40dcd81f64afc7f4f23442b7929c8bef9ba38db1dfa36ce15f9c04e017126ecab804bbf88feabe74386658f600538ea6228962c8955a2df2c0c7ea848998eadd5f46a4022eb83d", 0xb6}, {&(0x7f0000002100)="82afb03de77a6084479c0f612e30194de1f64a526d38463a1ad5e36d89df456e35480048f19ffa00a72722a37b94cb5b8ad6e7b9a4d51b293fe2dd4736bdf85b07c7e46cec1be965020cf3b38869f51287e99836e7a43972b620689c391e7d6ee2fef8b3eda283f894c05ab0427bf75b7576170650d52d13e5589b46baeef41b2c4753bf3cee7a438bd5", 0x8a}, {&(0x7f00000021c0)="abefc5076cc34d4a949e9bf56874f00a4b9ba076b6f708fb3d123f285c0d6e08598bfd0499af83a2389a14162e4e0551bc625f6f5dff83f6eb8d", 0x3a}, {&(0x7f0000002200)="2865b2049acb475b60fc9eb2e5a5d6dbdc40a44b12c3974b1630582b07af1a3dc441db21f03dcedd5f6ad795b8758c0e1f9478b0ac2ff2392b66a4f2d6018cc9ecd3470c600250987dce605f84d3e04e5023068b33aa1507afa178708875beae446fcbbcfaf7108a1a5b2fb845aeb2be71e95c24f48a36843431ec098737c7d82e6794794cd1101efcf11480098bc2380995c9613bb6547991aab0abfe2b1558af17be104c41d4456fc1bf2bf210aa795da7ef3137237eebb7253abed5e3f57a392b8dd2486e633238c9ad2e34d9c3a3e3425305b597985806d49900cd1fcc43a8c3e1445e0c84986ddd", 0xea}, {&(0x7f0000002300)="a616f3ff01e6a915ac100b1802940912c11037b96d0a04f3c6e54e162e13bac7c52f2c23ee43af30f3b218bf2c45d2d47db64aa1ff97daa50d81874e67dd293e40c9b082eb78a4f3d28b989c354cd75fd1741a324eb5ed876ed04b109093e4cfaf20f079b4c83a41a2b9e33409bdfc031285bff2bd056528378b2c191d6c3075436e", 0x82}, {&(0x7f00000023c0)="e40323", 0x3}, {&(0x7f0000002400)="dda9025241a87747199edc1cecde0ec0", 0x10}], 0x9, &(0x7f0000002580)=[@cred={{0x1c, 0x1, 0x2, {r2, r3, r15}}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r16}}}, @rights={{0x10}}], 0x50, 0x2000c080}}, {{0x0, 0x0, &(0x7f0000002600), 0x0, &(0x7f0000002640)=[@cred={{0x1c, 0x1, 0x2, {r2, r3, r17}}}], 0x20}}, {{0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002680)="376076650ac1e46dc9e52b3bac4a337a1bc478904aa4f068669cd71e8b4404a2f86b3b1b3f6de6eb7600c21f830b174df6cccfce067b2073cd9948562bb8620588fd19dfd3bca3a1daed62ff97081729c082a25d714973df9080328f7424d441f2314d7bb53fbac7cdb796dc924e884cde173926", 0x74}, {&(0x7f0000002700)="4cdcf426cad878a4f95466ff8fbc43f048e5a078f5a0c4f98ec5255c4144706b6ca5c6456891f5f1fc8f0da431bd18a667de58a9b778fd3046c4462e979165828db0edf43a56e835573d6d3139b3a5ed22566ff04c20cde7ff6db613dc3f9976fe88ddef4c9ef22f9f8886793e0a8672509190c4179373b4008377d94d4d27aea5127152d70b46a46c82524502bb825267c1f57e27f5634fcb0c90664aff0b8f04390c8def1cf0a83fffb431564d3827977e5a9bd805355ab0b204843db04880a7fcadb9302987ffdd3245e3fde2c042e6a2f9bd3799dae856b8a1bd4525a5902057258f62", 0xe5}], 0x2, &(0x7f0000002840)=[@rights={{0x28, 0x1, 0x1, [r5, r9, r1, r8, r8, r8]}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}, @rights={{0x1c, 0x1, 0x1, [r1, r8, r8]}}, @cred={{0x1c, 0x1, 0x2, {r2, r3, r4}}}], 0xa8, 0x4}}], 0x8, 0x20000010)

480.436954ms ago: executing program 2 (id=1626):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) (async)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xa00, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91324fc60", 0x14}], 0x1}, 0x0) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0) (async)
r6 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="87000000000000000000050000000c0003800400040004000380180001801400020073797a5f74756e000000000000000000"], 0x38}}, 0x0) (async)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r0, @ANYRES16=r6, @ANYBLOB="eedbec1569486b507ff18c558ef85175cb5d3912e300004b0c96e38e12df80632e6eab3396b8512783fde04e9050647eeadda09fe270498e49bd6e18d578a6c8de7cb92e4bd9630bebce15d8359dcf36b32cb99b4fe352831907dfe4830dc6a56b8671fca5ac4eb285a78765245b21f3fa086d2b1178d6"], 0x50}}, 0x4044)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r9=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050629bd7000fbdbdf250800000008002a0b0200000008000300", @ANYRES32=r9, @ANYRES16=r6], 0x24}, 0x1, 0x0, 0x0, 0x4048010}, 0x20008000) (async)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000440)="f9a976acd5", 0x5) (async)
r11 = accept4(r10, 0x0, 0x0, 0x0)
sendmmsg$alg(r11, &(0x7f0000004c00)=[{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000000)="a9861869a75f66ef7d128ae4230965648a021cdf93508c9706dc1e4d9e1d4c436faf1d2786e53d4c8b827fc9174b67dab67acb28c76f6310145b3bfb0804675b44f3372615", 0x45}, {&(0x7f0000000240)="eeb9ff4efd6ce05a6ccd7c232e4442ec0660f89aeac6d45aea60e560bd9dd945dfc8e65ad2cf2e4d55fb59ee276f5e40e07f7b37b86e88c65190565d726b079d4043e88acbc549f5d3291ba8e35c906d22091ac5b87485aab22c1c9723fe9e1fdc8dd53b5e20ff5f2aa43f29cb053bba51958b69b6a5196c75f6c4c10e213afd12e617eceab1020c9c814d456046a1", 0x8f}, {&(0x7f0000001380)}], 0x3, &(0x7f0000001480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) (async)
r12 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r12, 0x112, 0x4, 0x0, &(0x7f0000000240)) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan0\x00'})
r13 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'ipvlan1\x00', <r14=>0x0})
sendmsg$nl_route(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001c000104f3599c2d00000000e504c007fa253e65a1f390c55100000000000000", @ANYRES32=r14, @ANYBLOB="810000000a0001000180c2000000000008000f0001000000"], 0x30}}, 0x4)

375.953436ms ago: executing program 3 (id=1627):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0xfffffffffffffe82, 0x4010004, 0x0, 0x32)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$inet6_int(r1, 0x29, 0x11, 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0xffffffffffffff92, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001100010100000000feffff0f00000000", @ANYRES32=r3, @ANYBLOB="012a17fee325066bc0"], 0x20}, 0x1, 0x0, 0x0, 0x4000090}, 0x8804)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="400000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000100", @ANYRES32=r1, @ANYBLOB="080002000ba2e8e9463d089d18e2795f30bfa3f49f0f6e27b7adda92e92a8b347fdde3f7e387e6bfed6073424a0bb4983ed11d8528dae37f3b363b8e1a77ffa9f1af54cdebb0c0b6795810680dc360297113dab800143b028d272125006d52b211f44315", @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="400000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000100", @ANYRES32=r1, @ANYBLOB="080002000ba2e8e9463d089d18e2795f30bfa3f49f0f6e27b7adda92e92a8b347fdde3f7e387e6bfed6073424a0bb4983ed11d8528dae37f3b363b8e1a77ffa9f1af54cdebb0c0b6795810680dc360297113dab800143b028d272125006d52b211f44315", @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x0, 0x0, 0x27, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a8e1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8) (async)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x0, 0x0, 0x27, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a8e1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
close(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0}, 0x18)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000d80)=0x1, 0x4) (async)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000d80)=0x1, 0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000011c0)={&(0x7f0000000dc0)="99999505071e6d2a3b971ea9f07043d93c5fa5ae9d0ad6249e79dc4ee23571c1eaa0cac66ef8407e86a36785c750aa30325c9f4c4d9d35c234bd08b621d2520a3fef9c350a54eaedfaf5366decfa4bdbcddd3afcd77bd296acda97b4bd576238e0d9f25b5ce7a69132694a7641a8d3fc76e85295abaa4d2984a39eb21483a43c3d9213aa9e0893a73f5ad98a25b6396891bd1a432c7e8c4852b9ab6aa3647a60848574717762fbfe8a3c9df432957758a5822da159fe3fbec3b4a5364048a9ea0a1cc1a6735d8baba58caa", &(0x7f0000000ec0)=""/55, &(0x7f0000000f00)="a999b02b57436b2b88ac43f7308f334b3bdf1732a954cbcd490d5451b73b497ea47fa0a1fe2af119f618737e781beddd0cc5257ab908d381b95a0575c0039209a237aee7817e9de9de8cbeb95e98fa8616f28fd8293e56028271bfd5c8f55f225ee214d122917e4fa4288f5fabd0e6666eeabac34c472771898af366e189cc624f58a9f96a7e5c00d5ad368127fcd803ee033b69292de48bf0ef9161161d", &(0x7f0000000fc0)="b404bb2b7527131454c716f750004e8e160ec915d839dc59fa5114e06656bf7c4bf5ca47ef7ec4263b78ded7e8c0b1cfbe44b50fecebc5f8912f7066bdbcdef97f9bf5537bdd1b4c9e2f4068d60de75dbd8b08baf9eabc1ac5", 0x7}, 0x38) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000011c0)={&(0x7f0000000dc0)="99999505071e6d2a3b971ea9f07043d93c5fa5ae9d0ad6249e79dc4ee23571c1eaa0cac66ef8407e86a36785c750aa30325c9f4c4d9d35c234bd08b621d2520a3fef9c350a54eaedfaf5366decfa4bdbcddd3afcd77bd296acda97b4bd576238e0d9f25b5ce7a69132694a7641a8d3fc76e85295abaa4d2984a39eb21483a43c3d9213aa9e0893a73f5ad98a25b6396891bd1a432c7e8c4852b9ab6aa3647a60848574717762fbfe8a3c9df432957758a5822da159fe3fbec3b4a5364048a9ea0a1cc1a6735d8baba58caa", &(0x7f0000000ec0)=""/55, &(0x7f0000000f00)="a999b02b57436b2b88ac43f7308f334b3bdf1732a954cbcd490d5451b73b497ea47fa0a1fe2af119f618737e781beddd0cc5257ab908d381b95a0575c0039209a237aee7817e9de9de8cbeb95e98fa8616f28fd8293e56028271bfd5c8f55f225ee214d122917e4fa4288f5fabd0e6666eeabac34c472771898af366e189cc624f58a9f96a7e5c00d5ad368127fcd803ee033b69292de48bf0ef9161161d", &(0x7f0000000fc0)="b404bb2b7527131454c716f750004e8e160ec915d839dc59fa5114e06656bf7c4bf5ca47ef7ec4263b78ded7e8c0b1cfbe44b50fecebc5f8912f7066bdbcdef97f9bf5537bdd1b4c9e2f4068d60de75dbd8b08baf9eabc1ac5", 0x7}, 0x38)
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000180), r6)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000240)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000280)={'syztnl2\x00', r3, 0x2f, 0x8, 0x1a, 0x6, 0x0, @private0, @remote, 0x7800, 0x8000, 0x8000, 0x8}}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000280)={'syztnl2\x00', r3, 0x2f, 0x8, 0x1a, 0x6, 0x0, @private0, @remote, 0x7800, 0x8000, 0x8000, 0x8}})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000480)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000004c0)={'team0\x00', <r9=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000005c0)=0x14)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f0000000640)={0x73c, r7, 0x2, 0x70bd28, 0x25dfdbfb, {}, [{{0x8, 0x1, r3}, {0x9c, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r3}, {0x4}}, {{0x8, 0x1, r3}, {0x150, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x164c17c8}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x8, 0xbb, 0xd3, 0x6}, {0xfffd, 0x6c, 0x7d, 0xb}, {0xa, 0x5, 0x4d}, {0x7, 0x4, 0x89, 0x1}, {0x0, 0xb, 0x7, 0xda1}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x149f}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x50}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0xac, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}}]}}, {{0x8, 0x1, r3}, {0x4}}, {{0x8, 0x1, r3}, {0x11c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7a4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf}}}]}}, {{0x8, 0x1, r3}, {0x1c0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xcac}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xda}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r9}, {0x16c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x10000}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffff1d6e}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x73c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})

263.30781ms ago: executing program 2 (id=1628):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ac00000012000105000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="00000000000000feffffff0000000000040002005c0001000058"], 0xac}}, 0x0)

133.162531ms ago: executing program 2 (id=1629):
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)='4', 0x1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r0, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x7, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0x82, &(0x7f00000002c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xdc, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000ba00000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)

538.238µs ago: executing program 2 (id=1630):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3) (async)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x4, 0x90, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000540), 0x4) (async)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000140)) (async)
ioctl$PPPIOCSMAXCID(r7, 0x40047451, &(0x7f0000000200)) (async)
pwritev(r7, &(0x7f0000000480)=[{&(0x7f00000004c0)='\x00!B', 0x3}], 0x1, 0x1000000, 0x1)
unshare(0x22020600) (async)
setsockopt$inet6_tcp_int(r6, 0x11a, 0x1b, 0x0, 0x0) (async)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="ee000000", @ANYRES16=0x0, @ANYBLOB="0100fdffffff000000000100000008000100", @ANYRES32=r8, @ANYBLOB="400002803c0001"], 0x5c}, 0x1, 0xf000, 0x0, 0x8c1}, 0x20040) (async)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="180100002d000100000000000000002108"], 0x118}], 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
sendmsg$NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x78, r9, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x80000000}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x6}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x80}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x2}, @NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'gre0\x00'}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xffff}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x24, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x8}, @NL80211_TXQ_ATTR_TXOP={0x6, 0x2, 0x7}, @NL80211_TXQ_ATTR_QUEUE={0x5, 0x1, 0x8}, @NL80211_TXQ_ATTR_CWMAX={0x6, 0x4, 0x6}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4048011}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x40, 0x28, 0xd27, 0x70bd29, 0x20000, {0x0, 0x0, 0x0, r4, {0xc}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x3, 0x5}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x84}, 0x8000)

0s ago: executing program 3 (id=1631):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="2c02000010000b0500000200000000006f6d8864d22a3e2f00a46c887c090200002b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff2d2d"], 0x22c}], 0x1}, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, 0x0, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="0a00000a51f09f852f00090000000800000002", @ANYRES16, @ANYRES64, @ANYRES32=0x0, @ANYRES32], 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5ca601288763"], 0xffdd)
bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
accept(r5, &(0x7f0000000100)=@xdp, &(0x7f0000000080)=0x80)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000c93820c192368781161eca090000000000000097d1dc4582347f7e8238fd5e46cab7611463d00c7ad9c37f582a4085e70804f629b9f4af283765d42d516a07cd04720a298e33b60b72200637faa7c07d3b998ca3f85de8dbbd86d8b3e07de72c4eda5aa52c0d5c1eb95b560ae629605daf64add946ecd79785526dc17a3dda99f7e02361c6565973b3a0e9dd3b3a70321e01d141608fc224657a2548a3b39bdbc65a4f1d70281db4afa41ef9e58aa736446ca539abe99061d1048b066f204697db12e91849ec7802c2d8e3f1e695b959d23a2c329810214165cc047bd86a5bd2be0a46cb3f2a066b60dd635dfffd4abf75a79c7eb454fcbdb37b0ef6", @ANYRES16=r6, @ANYBLOB="010700000000000000002000000008000300", @ANYRESOCT=r5], 0x1c}}, 0x48000)
syz_genetlink_get_family_id$tipc(&(0x7f0000000340), r5)
setsockopt$sock_int(r4, 0x1, 0x3f, &(0x7f0000000200), 0x4)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000100"/28], 0x50)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000640)=ANY=[@ANYBLOB="1818bb20e989dbcb262e8dc70095885894a1dd0e6e04aa1b1cb1618557bc40e2d6d51d5ed43c6aa7f719c81fa6162f6ca69558c5ee54f1227952495aed80ca633a4e608a97ab5bce6c1f18a99ef8b9681bc4b1254efabfe49fc7975ab000b92bd315172e01a346e34902cdc83373b7b7ad4d4029db82554ebd13f121153fa57e6dfadb930c1129a0700bd2c94e940198c47fcb0deee1079b13b99e4c7ef744bde2a3fba90ee2ea077e5e77df77fd694641686a3db80f5609bfb4e05a734e8be0247bef0fe83197bbf287bf1bf687580a0e7b5826dcf8", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca90000000000003509020000d44affe5000d0000000000b702000000000000739af0ff00000000c5090400041004807baaf0ff00000000bf8600000000000007080000f8ffffffbfa400000000000007060000f0ffffffb70200000800000018220000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$unix(r7, &(0x7f0000003000)=@abs={0x1}, 0x4f)
r10 = socket$netlink(0x10, 0x3, 0x4)
write(r10, &(0x7f0000000000)="29000000140005d8ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29)

kernel console output (not intermixed with test programs):

te type 1 has an invalid length.
[  238.200460][T10033] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.235625][T10033] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.255983][T10033] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.308425][T10199] 8021q: adding VLAN 0 to HW filter on device bond7
[  238.348386][T10202] bond7: (slave veth11): Enslaving as an active interface with a down link
[  238.366897][T10033] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.378220][T10033] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.387299][T10033] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.396512][T10033] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.672026][T10219] FAULT_INJECTION: forcing a failure.
[  238.672026][T10219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.686993][ T7042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.700813][T10219] CPU: 1 UID: 0 PID: 10219 Comm: syz.1.1053 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  238.700846][T10219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.700859][T10219] Call Trace:
[  238.700867][T10219]  <TASK>
[  238.700876][T10219]  dump_stack_lvl+0x241/0x360
[  238.700908][T10219]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.700930][T10219]  ? __pfx__printk+0x10/0x10
[  238.700952][T10219]  ? __pfx_lock_release+0x10/0x10
[  238.700990][T10219]  should_fail_ex+0x40a/0x550
[  238.701021][T10219]  _copy_from_user+0x2d/0xb0
[  238.701046][T10219]  generic_map_update_batch+0x5ba/0x900
[  238.701084][T10219]  ? __pfx_generic_map_update_batch+0x10/0x10
[  238.701106][T10219]  ? __fget_files+0x395/0x410
[  238.701132][T10219]  ? __fget_files+0x2a/0x410
[  238.701167][T10219]  ? __pfx_generic_map_update_batch+0x10/0x10
[  238.701189][T10219]  bpf_map_do_batch+0x39a/0x660
[  238.701223][T10219]  __sys_bpf+0x375/0x820
[  238.701253][T10219]  ? __pfx___sys_bpf+0x10/0x10
[  238.701296][T10219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  238.701330][T10219]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.701363][T10219]  ? do_syscall_64+0x100/0x230
[  238.701397][T10219]  __x64_sys_bpf+0x7c/0x90
[  238.701424][T10219]  do_syscall_64+0xf3/0x230
[  238.701452][T10219]  ? clear_bhb_loop+0x35/0x90
[  238.701485][T10219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.701513][T10219] RIP: 0033:0x7fca2c98d169
[  238.701532][T10219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.701549][T10219] RSP: 002b:00007fca2d76c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  238.701571][T10219] RAX: ffffffffffffffda RBX: 00007fca2cba5fa0 RCX: 00007fca2c98d169
[  238.701586][T10219] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  238.701600][T10219] RBP: 00007fca2d76c090 R08: 0000000000000000 R09: 0000000000000000
[  238.701624][T10219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  238.701637][T10219] R13: 0000000000000000 R14: 00007fca2cba5fa0 R15: 00007fff71ca39b8
[  238.701667][T10219]  </TASK>
[  238.716293][ T7042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.808975][T10219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1053'.
[  238.945876][T10229] netlink: 'syz.2.1055': attribute type 29 has an invalid length.
[  238.955796][T10229] netlink: 'syz.2.1055': attribute type 29 has an invalid length.
[  238.972733][T10230] netlink: 'syz.4.1052': attribute type 10 has an invalid length.
[  239.047431][T10231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1053'.
[  239.090144][ T7045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.122498][ T7045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.196196][T10238] sctp: [Deprecated]: syz.1.1058 (pid 10238) Use of int in max_burst socket option.
[  239.196196][T10238] Use struct sctp_assoc_value instead
[  239.291016][T10238] x_tables: duplicate underflow at hook 1
[  239.449414][T10249] xt_l2tp: invalid flags combination: 4
[  239.649164][T10258] ip6t_srh: unknown srh match flags  4000
[  239.686559][T10262] netlink: 'syz.2.1062': attribute type 1 has an invalid length.
[  239.744666][T10262] 8021q: adding VLAN 0 to HW filter on device bond7
[  239.889232][T10266] bond7: (slave veth11): Enslaving as an active interface with a down link
[  240.188580][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.679622][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.738515][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.809511][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.898355][   T11] bridge_slave_1: left allmulticast mode
[  240.905275][   T11] bridge_slave_1: left promiscuous mode
[  240.913394][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.922897][   T11] bridge_slave_0: left allmulticast mode
[  240.928590][   T11] bridge_slave_0: left promiscuous mode
[  240.934905][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.716614][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  241.735602][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  241.770110][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  241.784107][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  241.792216][ T5147] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  241.799617][ T5147] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  242.260787][T10308] netlink: 'syz.4.1073': attribute type 10 has an invalid length.
[  242.308514][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.327304][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.339754][   T11] bond0 (unregistering): Released all slaves
[  242.942935][T10329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1076'.
[  243.202642][T10337] nbd: must specify at least one socket
[  243.244176][   T11] hsr_slave_0: left promiscuous mode
[  243.283156][   T11] hsr_slave_1: left promiscuous mode
[  243.299472][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.317329][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.329999][T10341] netlink: 'syz.2.1079': attribute type 1 has an invalid length.
[  243.341613][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.351136][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.382472][   T11] veth1_macvtap: left promiscuous mode
[  243.388182][   T11] veth0_macvtap: left promiscuous mode
[  243.394049][   T11] veth1_vlan: left promiscuous mode
[  243.399476][   T11] veth0_vlan: left promiscuous mode
[  243.905133][ T5147] Bluetooth: hci0: command tx timeout
[  243.945916][   T11] team0 (unregistering): Port device team_slave_1 removed
[  243.997552][   T11] team0 (unregistering): Port device team_slave_0 removed
[  244.499222][T10341] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR
[  244.508106][T10343] lo: entered promiscuous mode
[  244.526633][T10343] lo: entered allmulticast mode
[  244.762834][T10358] netlink: 188 bytes leftover after parsing attributes in process `syz.4.1082'.
[  244.790910][T10358] netlink: 'syz.4.1082': attribute type 1 has an invalid length.
[  244.863024][T10300] chnl_net:caif_netlink_parms(): no params data found
[  244.923323][T10368] netlink: 'syz.4.1082': attribute type 1 has an invalid length.
[  245.102053][T10377] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  245.111177][T10377] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  245.236934][T10382] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1085'.
[  245.368010][T10300] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.405598][T10300] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.430471][T10300] bridge_slave_0: entered allmulticast mode
[  245.443783][T10300] bridge_slave_0: entered promiscuous mode
[  245.487864][T10300] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.515125][T10391] netlink: 'syz.1.1088': attribute type 10 has an invalid length.
[  245.554150][T10300] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.568298][T10300] bridge_slave_1: entered allmulticast mode
[  245.596196][T10300] bridge_slave_1: entered promiscuous mode
[  245.718296][T10300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.789209][T10300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.818084][T10411] syzkaller1: entered promiscuous mode
[  245.831561][T10413] netlink: 'syz.4.1093': attribute type 1 has an invalid length.
[  245.854663][T10411] syzkaller1: entered allmulticast mode
[  245.972807][T10413] 8021q: adding VLAN 0 to HW filter on device bond8
[  245.981348][ T5147] Bluetooth: hci0: command tx timeout
[  246.223619][T10432] IPVS: set_ctl: invalid protocol: 12 127.0.0.1:20000
[  246.279774][T10417] bond8: (slave veth13): Enslaving as an active interface with a down link
[  246.363809][T10300] team0: Port device team_slave_0 added
[  246.396498][T10300] team0: Port device team_slave_1 added
[  246.644888][T10453] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1098'.
[  246.890149][T10464] FAULT_INJECTION: forcing a failure.
[  246.890149][T10464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.915540][T10464] CPU: 1 UID: 0 PID: 10464 Comm: syz.2.1100 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  246.915573][T10464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.915586][T10464] Call Trace:
[  246.915594][T10464]  <TASK>
[  246.915603][T10464]  dump_stack_lvl+0x241/0x360
[  246.915635][T10464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.915658][T10464]  ? __pfx__printk+0x10/0x10
[  246.915681][T10464]  ? __pfx_lock_release+0x10/0x10
[  246.915721][T10464]  should_fail_ex+0x40a/0x550
[  246.915755][T10464]  _copy_from_user+0x2d/0xb0
[  246.915783][T10464]  generic_map_update_batch+0x567/0x900
[  246.915822][T10464]  ? __pfx_generic_map_update_batch+0x10/0x10
[  246.915844][T10464]  ? __fget_files+0x395/0x410
[  246.915872][T10464]  ? __fget_files+0x2a/0x410
[  246.915909][T10464]  ? __pfx_generic_map_update_batch+0x10/0x10
[  246.915942][T10464]  bpf_map_do_batch+0x39a/0x660
[  246.915979][T10464]  __sys_bpf+0x375/0x820
[  246.916009][T10464]  ? __pfx___sys_bpf+0x10/0x10
[  246.916051][T10464]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  246.916086][T10464]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.916119][T10464]  ? do_syscall_64+0x100/0x230
[  246.916152][T10464]  __x64_sys_bpf+0x7c/0x90
[  246.916179][T10464]  do_syscall_64+0xf3/0x230
[  246.916207][T10464]  ? clear_bhb_loop+0x35/0x90
[  246.916240][T10464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.916268][T10464] RIP: 0033:0x7fd8c7d8d169
[  246.916286][T10464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.916303][T10464] RSP: 002b:00007fd8c8c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  246.916326][T10464] RAX: ffffffffffffffda RBX: 00007fd8c7fa5fa0 RCX: 00007fd8c7d8d169
[  246.916341][T10464] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  246.916355][T10464] RBP: 00007fd8c8c7b090 R08: 0000000000000000 R09: 0000000000000000
[  246.916368][T10464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  246.916394][T10464] R13: 0000000000000000 R14: 00007fd8c7fa5fa0 R15: 00007fffe26fb418
[  246.916424][T10464]  </TASK>
[  246.917567][T10464] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1100'.
[  247.130395][T10471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1100'.
[  247.175917][T10300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.195295][T10300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.230921][T10300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.256485][T10300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.281427][T10300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.314356][T10300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.476929][T10475] netlink: 'syz.3.1104': attribute type 10 has an invalid length.
[  247.564370][T10300] hsr_slave_0: entered promiscuous mode
[  247.579960][T10300] hsr_slave_1: entered promiscuous mode
[  247.589600][T10481] netlink: 'syz.2.1107': attribute type 1 has an invalid length.
[  247.598277][T10300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  247.613499][T10300] Cannot create hsr debugfs directory
[  247.666032][T10481] 8021q: adding VLAN 0 to HW filter on device bond8
[  247.842023][T10487] bond8: (slave veth13): Enslaving as an active interface with a down link
[  248.051953][ T5147] Bluetooth: hci0: command tx timeout
[  248.569021][T10510] FAULT_INJECTION: forcing a failure.
[  248.569021][T10510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.623340][T10510] CPU: 0 UID: 0 PID: 10510 Comm: syz.4.1117 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  248.623371][T10510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.623384][T10510] Call Trace:
[  248.623391][T10510]  <TASK>
[  248.623400][T10510]  dump_stack_lvl+0x241/0x360
[  248.623431][T10510]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.623454][T10510]  ? __pfx__printk+0x10/0x10
[  248.623477][T10510]  ? __pfx_lock_release+0x10/0x10
[  248.623518][T10510]  should_fail_ex+0x40a/0x550
[  248.623553][T10510]  _copy_from_user+0x2d/0xb0
[  248.623580][T10510]  generic_map_update_batch+0x5ba/0x900
[  248.623622][T10510]  ? __pfx_generic_map_update_batch+0x10/0x10
[  248.623645][T10510]  ? __fget_files+0x395/0x410
[  248.623673][T10510]  ? __fget_files+0x2a/0x410
[  248.623710][T10510]  ? __pfx_generic_map_update_batch+0x10/0x10
[  248.623732][T10510]  bpf_map_do_batch+0x39a/0x660
[  248.623769][T10510]  __sys_bpf+0x375/0x820
[  248.623835][T10510]  ? __pfx___sys_bpf+0x10/0x10
[  248.623878][T10510]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.623912][T10510]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  248.623945][T10510]  ? do_syscall_64+0x100/0x230
[  248.623987][T10510]  __x64_sys_bpf+0x7c/0x90
[  248.624011][T10510]  do_syscall_64+0xf3/0x230
[  248.624038][T10510]  ? clear_bhb_loop+0x35/0x90
[  248.624068][T10510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.624094][T10510] RIP: 0033:0x7f08d1b8d169
[  248.624112][T10510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.624129][T10510] RSP: 002b:00007f08d2a42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  248.624151][T10510] RAX: ffffffffffffffda RBX: 00007f08d1da5fa0 RCX: 00007f08d1b8d169
[  248.624165][T10510] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  248.624179][T10510] RBP: 00007f08d2a42090 R08: 0000000000000000 R09: 0000000000000000
[  248.624192][T10510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  248.624204][T10510] R13: 0000000000000000 R14: 00007f08d1da5fa0 R15: 00007ffe5b957b88
[  248.624234][T10510]  </TASK>
[  248.858202][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1117'.
[  248.968967][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1117'.
[  249.180409][T10526] netlink: 'syz.4.1121': attribute type 1 has an invalid length.
[  249.295876][T10526] 8021q: adding VLAN 0 to HW filter on device bond9
[  249.322625][T10527] bond9: (slave veth15): Enslaving as an active interface with a down link
[  249.345417][T10528] netlink: 'syz.3.1120': attribute type 10 has an invalid length.
[  249.429103][T10300] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  249.489020][T10537] tun0: tun_chr_ioctl cmd 1074025677
[  249.498811][T10537] tun0: linktype set to 270
[  249.510503][T10537] netlink: 'syz.4.1123': attribute type 1 has an invalid length.
[  249.526867][T10300] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  249.529443][T10537] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1123'.
[  249.552377][T10300] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  249.583563][T10539] netlink: 'syz.2.1124': attribute type 29 has an invalid length.
[  249.596455][T10300] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  249.613357][T10537] xt_TCPMSS: Only works on TCP SYN packets
[  249.624707][T10537] ipt_REJECT: ECHOREPLY no longer supported.
[  250.053941][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1126'.
[  250.147002][ T5147] Bluetooth: hci0: command tx timeout
[  250.256367][T10548] syz.3.1126 uses old SIOCAX25GETINFO
[  250.287103][T10300] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.399519][T10300] 8021q: adding VLAN 0 to HW filter on device team0
[  250.466058][ T3550] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.473307][ T3550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.714028][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.721389][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.328111][T10588] FAULT_INJECTION: forcing a failure.
[  251.328111][T10588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.377816][T10588] CPU: 0 UID: 0 PID: 10588 Comm: syz.3.1132 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  251.377849][T10588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.377862][T10588] Call Trace:
[  251.377869][T10588]  <TASK>
[  251.377886][T10588]  dump_stack_lvl+0x241/0x360
[  251.377917][T10588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.377940][T10588]  ? __pfx__printk+0x10/0x10
[  251.377963][T10588]  ? __pfx_lock_release+0x10/0x10
[  251.378004][T10588]  should_fail_ex+0x40a/0x550
[  251.378034][T10588]  _copy_from_user+0x2d/0xb0
[  251.378060][T10588]  copy_msghdr_from_user+0xae/0x680
[  251.378091][T10588]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  251.378114][T10588]  ? __fget_files+0x2a/0x410
[  251.378147][T10588]  ? __fget_files+0x2a/0x410
[  251.378185][T10588]  __sys_sendmsg+0x209/0x350
[  251.378222][T10588]  ? __pfx___sys_sendmsg+0x10/0x10
[  251.378267][T10588]  ? do_sys_openat2+0x17a/0x1d0
[  251.378324][T10588]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.378358][T10588]  ? do_syscall_64+0x100/0x230
[  251.378389][T10588]  ? do_syscall_64+0xb6/0x230
[  251.378418][T10588]  do_syscall_64+0xf3/0x230
[  251.378446][T10588]  ? clear_bhb_loop+0x35/0x90
[  251.378478][T10588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.378506][T10588] RIP: 0033:0x7f541a18d169
[  251.378525][T10588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.378543][T10588] RSP: 002b:00007f541b02c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.378565][T10588] RAX: ffffffffffffffda RBX: 00007f541a3a5fa0 RCX: 00007f541a18d169
[  251.378579][T10588] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000004
[  251.378592][T10588] RBP: 00007f541b02c090 R08: 0000000000000000 R09: 0000000000000000
[  251.378605][T10588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.378617][T10588] R13: 0000000000000000 R14: 00007f541a3a5fa0 R15: 00007ffd96ff6b88
[  251.378648][T10588]  </TASK>
[  251.799792][T10594] netlink: 'syz.2.1133': attribute type 1 has an invalid length.
[  251.944264][T10594] 8021q: adding VLAN 0 to HW filter on device bond9
[  251.980222][T10600] bond9: (slave veth15): Enslaving as an active interface with a down link
[  252.213903][T10604] netlink: 'syz.1.1136': attribute type 10 has an invalid length.
[  252.272380][T10611] netlink: 'syz.3.1139': attribute type 3 has an invalid length.
[  252.283051][T10611] netlink: 'syz.3.1139': attribute type 39 has an invalid length.
[  252.291384][T10300] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.363237][T10613] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1139'.
[  252.400469][T10613] bond15: entered promiscuous mode
[  252.406429][T10613] 8021q: adding VLAN 0 to HW filter on device bond15
[  252.535006][T10613] veth25: entered promiscuous mode
[  252.632497][T10613] bond15: (slave veth25): Enslaving as an active interface with an up link
[  252.692602][T10621] : entered promiscuous mode
[  252.794691][T10300] veth0_vlan: entered promiscuous mode
[  253.132823][T10629] veth13: entered promiscuous mode
[  253.139402][T10629] veth13: entered allmulticast mode
[  253.169651][T10300] veth1_vlan: entered promiscuous mode
[  253.275709][T10300] veth0_macvtap: entered promiscuous mode
[  253.536887][T10300] veth1_macvtap: entered promiscuous mode
[  253.607702][T10300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  253.650031][T10300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.709980][T10300] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.729790][T10300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.776251][T10300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.818013][T10300] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.852398][T10650] netlink: 'syz.1.1148': attribute type 1 has an invalid length.
[  253.961195][T10656] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input7
[  253.996210][T10300] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.028230][T10300] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.270918][T10300] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.279793][T10300] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.323980][T10650] 8021q: adding VLAN 0 to HW filter on device bond6
[  254.404023][T10655] bond6: (slave veth15): Enslaving as an active interface with a down link
[  254.753229][T10669] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1152'.
[  254.834883][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.854549][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.922550][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.950896][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.082116][T10678] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1155'.
[  255.186208][T10672] netlink: 'syz.2.1153': attribute type 10 has an invalid length.
[  255.644117][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.786008][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.939901][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.019833][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.124390][   T11] bridge_slave_1: left allmulticast mode
[  256.130080][   T11] bridge_slave_1: left promiscuous mode
[  256.139789][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.149743][   T11] bridge_slave_0: left allmulticast mode
[  256.155636][   T11] bridge_slave_0: left promiscuous mode
[  256.161705][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.523138][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.534807][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.545151][   T11] bond0 (unregistering): Released all slaves
[  256.823713][T10704] netlink: 'syz.2.1162': attribute type 1 has an invalid length.
[  256.837902][   T11] hsr_slave_0: left promiscuous mode
[  256.870944][   T11] hsr_slave_1: left promiscuous mode
[  256.881502][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  256.900833][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  256.922069][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  256.932296][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.037461][   T11] veth1_macvtap: left promiscuous mode
[  257.045671][   T11] veth0_macvtap: left promiscuous mode
[  257.055312][   T11] veth1_vlan: left promiscuous mode
[  257.063009][   T11] veth0_vlan: left promiscuous mode
[  257.149542][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  257.160233][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  257.169925][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  257.179261][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  257.188991][ T5848] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  257.197030][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  257.671346][   T11] team0 (unregistering): Port device team_slave_1 removed
[  257.729250][   T11] team0 (unregistering): Port device team_slave_0 removed
[  258.220152][T10704] workqueue: Failed to create a rescuer kthread for wq "bond10": -EINTR
[  258.473763][T10726] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1167'.
[  258.528906][T10726] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1167'.
[  258.554100][T10726] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1167'.
[  258.593442][T10736] FAULT_INJECTION: forcing a failure.
[  258.593442][T10736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.611581][T10726] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1167'.
[  258.654943][T10718] chnl_net:caif_netlink_parms(): no params data found
[  258.670132][T10736] CPU: 1 UID: 0 PID: 10736 Comm: syz.1.1168 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  258.670167][T10736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.670180][T10736] Call Trace:
[  258.670188][T10736]  <TASK>
[  258.670198][T10736]  dump_stack_lvl+0x241/0x360
[  258.670230][T10736]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.670254][T10736]  ? __pfx__printk+0x10/0x10
[  258.670277][T10736]  ? __pfx_lock_release+0x10/0x10
[  258.670320][T10736]  should_fail_ex+0x40a/0x550
[  258.670355][T10736]  _copy_from_user+0x2d/0xb0
[  258.670382][T10736]  generic_map_update_batch+0x5ba/0x900
[  258.670422][T10736]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.670446][T10736]  ? __fget_files+0x395/0x410
[  258.670474][T10736]  ? __fget_files+0x2a/0x410
[  258.670520][T10736]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.670543][T10736]  bpf_map_do_batch+0x39a/0x660
[  258.670581][T10736]  __sys_bpf+0x375/0x820
[  258.670613][T10736]  ? __pfx___sys_bpf+0x10/0x10
[  258.670660][T10736]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  258.670692][T10736]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  258.670724][T10736]  ? do_syscall_64+0x100/0x230
[  258.670755][T10736]  __x64_sys_bpf+0x7c/0x90
[  258.670781][T10736]  do_syscall_64+0xf3/0x230
[  258.670808][T10736]  ? clear_bhb_loop+0x35/0x90
[  258.670838][T10736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.670865][T10736] RIP: 0033:0x7fca2c98d169
[  258.670883][T10736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.670900][T10736] RSP: 002b:00007fca2d74b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  258.670922][T10736] RAX: ffffffffffffffda RBX: 00007fca2cba6080 RCX: 00007fca2c98d169
[  258.670938][T10736] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  258.670951][T10736] RBP: 00007fca2d74b090 R08: 0000000000000000 R09: 0000000000000000
[  258.670965][T10736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  258.670977][T10736] R13: 0000000000000000 R14: 00007fca2cba6080 R15: 00007fff71ca39b8
[  258.671008][T10736]  </TASK>
[  259.081466][T10736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1168'.
[  259.256650][ T5147] Bluetooth: hci0: command tx timeout
[  259.484645][T10718] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.494477][T10718] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.502802][T10718] bridge_slave_0: entered allmulticast mode
[  259.511123][T10718] bridge_slave_0: entered promiscuous mode
[  259.525008][T10739] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1169'.
[  259.603498][T10718] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.617388][T10718] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.631030][T10718] bridge_slave_1: entered allmulticast mode
[  259.648589][T10718] bridge_slave_1: entered promiscuous mode
[  259.778903][T10718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.829491][T10754] netlink: 'syz.1.1172': attribute type 10 has an invalid length.
[  259.956417][T10718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.229813][T10718] team0: Port device team_slave_0 added
[  260.287466][T10718] team0: Port device team_slave_1 added
[  260.419630][T10718] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.434046][T10718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.505042][T10718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.518990][T10718] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.526626][T10718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.558997][T10718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.655604][T10780] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1176'.
[  260.682274][T10776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1179'.
[  260.768711][T10718] hsr_slave_0: entered promiscuous mode
[  260.792424][T10718] hsr_slave_1: entered promiscuous mode
[  260.817568][T10718] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  260.832109][T10718] Cannot create hsr debugfs directory
[  260.848516][T10786] FAULT_INJECTION: forcing a failure.
[  260.848516][T10786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.862820][T10776] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1179'.
[  260.882096][T10786] CPU: 1 UID: 0 PID: 10786 Comm: syz.3.1181 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  260.882128][T10786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.882141][T10786] Call Trace:
[  260.882149][T10786]  <TASK>
[  260.882158][T10786]  dump_stack_lvl+0x241/0x360
[  260.882189][T10786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.882213][T10786]  ? __pfx__printk+0x10/0x10
[  260.882235][T10786]  ? __pfx_lock_release+0x10/0x10
[  260.882281][T10786]  should_fail_ex+0x40a/0x550
[  260.882315][T10786]  _copy_from_user+0x2d/0xb0
[  260.882342][T10786]  generic_map_update_batch+0x567/0x900
[  260.882383][T10786]  ? __pfx_generic_map_update_batch+0x10/0x10
[  260.882405][T10786]  ? __fget_files+0x395/0x410
[  260.882433][T10786]  ? __fget_files+0x2a/0x410
[  260.882470][T10786]  ? __pfx_generic_map_update_batch+0x10/0x10
[  260.882493][T10786]  bpf_map_do_batch+0x39a/0x660
[  260.882529][T10786]  __sys_bpf+0x375/0x820
[  260.882560][T10786]  ? __pfx___sys_bpf+0x10/0x10
[  260.882601][T10786]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  260.882635][T10786]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  260.882668][T10786]  ? do_syscall_64+0x100/0x230
[  260.882702][T10786]  __x64_sys_bpf+0x7c/0x90
[  260.882729][T10786]  do_syscall_64+0xf3/0x230
[  260.882757][T10786]  ? clear_bhb_loop+0x35/0x90
[  260.882790][T10786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.882818][T10786] RIP: 0033:0x7f541a18d169
[  260.882836][T10786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.882854][T10786] RSP: 002b:00007f541b02c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  260.882876][T10786] RAX: ffffffffffffffda RBX: 00007f541a3a5fa0 RCX: 00007f541a18d169
[  260.882892][T10786] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  260.882905][T10786] RBP: 00007f541b02c090 R08: 0000000000000000 R09: 0000000000000000
[  260.882918][T10786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  260.882931][T10786] R13: 0000000000000000 R14: 00007f541a3a5fa0 R15: 00007ffd96ff6b88
[  260.882968][T10786]  </TASK>
[  260.887949][T10786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1181'.
[  261.066356][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1179'.
[  261.172500][T10794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1181'.
[  261.331868][ T5848] Bluetooth: hci0: command tx timeout
[  262.634306][T10822] netlink: 'syz.3.1189': attribute type 10 has an invalid length.
[  262.848301][T10718] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  262.918441][T10718] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  262.923195][T10832] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  262.944193][T10718] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  262.962031][T10718] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  263.030616][T10830] can: request_module (can-proto-0) failed.
[  263.226566][T10844] FAULT_INJECTION: forcing a failure.
[  263.226566][T10844] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.261103][T10844] CPU: 0 UID: 0 PID: 10844 Comm: syz.2.1196 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  263.261134][T10844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  263.261147][T10844] Call Trace:
[  263.261154][T10844]  <TASK>
[  263.261163][T10844]  dump_stack_lvl+0x241/0x360
[  263.261194][T10844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.261216][T10844]  ? __pfx__printk+0x10/0x10
[  263.261239][T10844]  ? __pfx_lock_release+0x10/0x10
[  263.261278][T10844]  should_fail_ex+0x40a/0x550
[  263.261311][T10844]  _copy_from_user+0x2d/0xb0
[  263.261337][T10844]  generic_map_update_batch+0x5ba/0x900
[  263.261376][T10844]  ? __pfx_generic_map_update_batch+0x10/0x10
[  263.261398][T10844]  ? __fget_files+0x395/0x410
[  263.261425][T10844]  ? __fget_files+0x2a/0x410
[  263.261461][T10844]  ? __pfx_generic_map_update_batch+0x10/0x10
[  263.261483][T10844]  bpf_map_do_batch+0x39a/0x660
[  263.261520][T10844]  __sys_bpf+0x375/0x820
[  263.261550][T10844]  ? __pfx___sys_bpf+0x10/0x10
[  263.261590][T10844]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  263.261623][T10844]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  263.261654][T10844]  ? do_syscall_64+0x100/0x230
[  263.261687][T10844]  __x64_sys_bpf+0x7c/0x90
[  263.261714][T10844]  do_syscall_64+0xf3/0x230
[  263.261741][T10844]  ? clear_bhb_loop+0x35/0x90
[  263.261773][T10844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.261800][T10844] RIP: 0033:0x7fd8c7d8d169
[  263.261819][T10844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.261836][T10844] RSP: 002b:00007fd8c8c7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  263.261858][T10844] RAX: ffffffffffffffda RBX: 00007fd8c7fa5fa0 RCX: 00007fd8c7d8d169
[  263.261873][T10844] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  263.261886][T10844] RBP: 00007fd8c8c7b090 R08: 0000000000000000 R09: 0000000000000000
[  263.261898][T10844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  263.261909][T10844] R13: 0000000000000000 R14: 00007fd8c7fa5fa0 R15: 00007fffe26fb418
[  263.261938][T10844]  </TASK>
[  263.482866][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1196'.
[  263.492156][ T5848] Bluetooth: hci0: command 0x040f tx timeout
[  263.561484][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1196'.
[  263.748367][T10855] openvswitch: netlink: Missing key (keys=40, expected=100)
[  263.767842][T10858] netlink: 'syz.2.1202': attribute type 1 has an invalid length.
[  263.804461][T10858] 8021q: adding VLAN 0 to HW filter on device bond10
[  263.834743][T10858] bond10: (slave veth17): Enslaving as an active interface with a down link
[  263.857532][T10718] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.925907][T10718] 8021q: adding VLAN 0 to HW filter on device team0
[  264.023159][ T3550] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.030413][ T3550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.045780][ T3550] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.053027][ T3550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.117613][T10869] netlink: 'syz.3.1203': attribute type 10 has an invalid length.
[  264.208182][T10718] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  264.237557][T10718] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  264.372263][T10877] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1207'.
[  264.422374][T10877] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0
[  264.719069][T10889] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1211'.
[  264.731458][T10889] xt_policy: too many policy elements
[  264.754867][T10893] FAULT_INJECTION: forcing a failure.
[  264.754867][T10893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.775008][T10893] CPU: 1 UID: 0 PID: 10893 Comm: syz.3.1213 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  264.775038][T10893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.775051][T10893] Call Trace:
[  264.775059][T10893]  <TASK>
[  264.775067][T10893]  dump_stack_lvl+0x241/0x360
[  264.775098][T10893]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.775121][T10893]  ? __pfx__printk+0x10/0x10
[  264.775143][T10893]  ? __pfx_lock_release+0x10/0x10
[  264.775184][T10893]  should_fail_ex+0x40a/0x550
[  264.775217][T10893]  _copy_from_user+0x2d/0xb0
[  264.775244][T10893]  generic_map_update_batch+0x567/0x900
[  264.775284][T10893]  ? __pfx_generic_map_update_batch+0x10/0x10
[  264.775306][T10893]  ? __fget_files+0x395/0x410
[  264.775334][T10893]  ? __fget_files+0x2a/0x410
[  264.775367][T10893]  ? __pfx_generic_map_update_batch+0x10/0x10
[  264.775389][T10893]  bpf_map_do_batch+0x39a/0x660
[  264.775425][T10893]  __sys_bpf+0x375/0x820
[  264.775456][T10893]  ? __pfx___sys_bpf+0x10/0x10
[  264.775495][T10893]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  264.775528][T10893]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  264.775560][T10893]  ? do_syscall_64+0x100/0x230
[  264.775601][T10893]  __x64_sys_bpf+0x7c/0x90
[  264.775626][T10893]  do_syscall_64+0xf3/0x230
[  264.775653][T10893]  ? clear_bhb_loop+0x35/0x90
[  264.775686][T10893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.775712][T10893] RIP: 0033:0x7f541a18d169
[  264.775728][T10893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.775742][T10893] RSP: 002b:00007f541b02c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  264.775762][T10893] RAX: ffffffffffffffda RBX: 00007f541a3a5fa0 RCX: 00007f541a18d169
[  264.775777][T10893] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  264.775790][T10893] RBP: 00007f541b02c090 R08: 0000000000000000 R09: 0000000000000000
[  264.775803][T10893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  264.775815][T10893] R13: 0000000000000000 R14: 00007f541a3a5fa0 R15: 00007ffd96ff6b88
[  264.775845][T10893]  </TASK>
[  264.823620][T10718] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.207883][T10891] syzkaller0: entered promiscuous mode
[  265.214151][T10891] syzkaller0: entered allmulticast mode
[  265.217342][T10904] netlink: 'syz.3.1216': attribute type 1 has an invalid length.
[  267.402056][T10904] 8021q: adding VLAN 0 to HW filter on device bond16
[  267.430514][T10910] bond16: (slave veth27): Enslaving as an active interface with a down link
[  267.605195][T10718] veth0_vlan: entered promiscuous mode
[  267.651566][T10718] veth1_vlan: entered promiscuous mode
[  267.736806][T10718] veth0_macvtap: entered promiscuous mode
[  267.853261][T10930] netlink: 'syz.1.1219': attribute type 10 has an invalid length.
[  267.862433][T10718] veth1_macvtap: entered promiscuous mode
[  267.927677][T10939] __nla_validate_parse: 4 callbacks suppressed
[  267.927697][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1222'.
[  267.963674][T10718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.974691][T10718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.986400][T10718] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.999298][T10718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  268.010602][T10718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.021950][T10718] batman_adv: batadv0: Interface activated: batadv_slave_1
[  268.045609][T10718] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.061320][T10718] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.080431][T10718] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.108804][T10718] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.176119][T10945] FAULT_INJECTION: forcing a failure.
[  268.176119][T10945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.190748][T10945] CPU: 1 UID: 0 PID: 10945 Comm: syz.1.1226 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  268.190779][T10945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.190792][T10945] Call Trace:
[  268.190800][T10945]  <TASK>
[  268.190809][T10945]  dump_stack_lvl+0x241/0x360
[  268.190844][T10945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.190869][T10945]  ? __pfx__printk+0x10/0x10
[  268.190892][T10945]  ? __pfx_lock_release+0x10/0x10
[  268.190934][T10945]  should_fail_ex+0x40a/0x550
[  268.190970][T10945]  _copy_from_user+0x2d/0xb0
[  268.190998][T10945]  generic_map_update_batch+0x5ba/0x900
[  268.191040][T10945]  ? __pfx_generic_map_update_batch+0x10/0x10
[  268.191063][T10945]  ? __fget_files+0x395/0x410
[  268.191091][T10945]  ? __fget_files+0x2a/0x410
[  268.191129][T10945]  ? __pfx_generic_map_update_batch+0x10/0x10
[  268.191152][T10945]  bpf_map_do_batch+0x39a/0x660
[  268.191189][T10945]  __sys_bpf+0x375/0x820
[  268.191220][T10945]  ? __pfx___sys_bpf+0x10/0x10
[  268.191264][T10945]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  268.191299][T10945]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  268.191333][T10945]  ? do_syscall_64+0x100/0x230
[  268.191374][T10945]  __x64_sys_bpf+0x7c/0x90
[  268.191402][T10945]  do_syscall_64+0xf3/0x230
[  268.191430][T10945]  ? clear_bhb_loop+0x35/0x90
[  268.191463][T10945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.191492][T10945] RIP: 0033:0x7fca2c98d169
[  268.191510][T10945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.191528][T10945] RSP: 002b:00007fca2d76c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  268.191551][T10945] RAX: ffffffffffffffda RBX: 00007fca2cba5fa0 RCX: 00007fca2c98d169
[  268.191566][T10945] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  268.191579][T10945] RBP: 00007fca2d76c090 R08: 0000000000000000 R09: 0000000000000000
[  268.191592][T10945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.191604][T10945] R13: 0000000000000000 R14: 00007fca2cba5fa0 R15: 00007fff71ca39b8
[  268.191634][T10945]  </TASK>
[  268.471957][T10945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1226'.
[  268.570306][T10945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1226'.
[  268.857896][T10961] netlink: 'syz.1.1230': attribute type 1 has an invalid length.
[  268.862077][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.874118][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.898049][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.907945][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.063844][T10961] 8021q: adding VLAN 0 to HW filter on device bond7
[  269.126204][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.156023][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.423718][T10986] netlink: 'syz.3.1236': attribute type 10 has an invalid length.
[  269.946657][T11013] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  269.955593][T11013] CPU: 1 UID: 0 PID: 11013 Comm: syz.3.1243 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  269.955623][T11013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.955636][T11013] Call Trace:
[  269.955644][T11013]  <TASK>
[  269.955653][T11013]  dump_stack_lvl+0x241/0x360
[  269.955688][T11013]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.955713][T11013]  ? __pfx__printk+0x10/0x10
[  269.955740][T11013]  ? __kmalloc_cache_noprof+0x243/0x390
[  269.955770][T11013]  ? sysfs_warn_dup+0x51/0xa0
[  269.955800][T11013]  sysfs_warn_dup+0x8e/0xa0
[  269.955825][T11013]  sysfs_do_create_link_sd+0xbe/0x110
[  269.955855][T11013]  device_add_class_symlinks+0x1c5/0x250
[  269.955892][T11013]  device_add+0x553/0xbf0
[  269.955930][T11013]  wiphy_register+0x1922/0x2650
[  269.955979][T11013]  ? __pfx_wiphy_register+0x10/0x10
[  269.956010][T11013]  ? minstrel_ht_alloc+0x84b/0x940
[  269.956052][T11013]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  269.956094][T11013]  ieee80211_register_hw+0x35d9/0x42e0
[  269.956134][T11013]  ? ieee80211_register_hw+0x15e1/0x42e0
[  269.956169][T11013]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  269.956206][T11013]  ? __asan_memset+0x23/0x50
[  269.956227][T11013]  ? __hrtimer_init+0x170/0x250
[  269.956255][T11013]  mac80211_hwsim_new_radio+0x2ae8/0x4a40
[  269.956314][T11013]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  269.956343][T11013]  ? trace_kmalloc+0x1f/0xd0
[  269.956369][T11013]  ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0
[  269.956400][T11013]  ? kstrndup+0xbb/0x150
[  269.956454][T11013]  hwsim_new_radio_nl+0xece/0x2290
[  269.956494][T11013]  ? __pfx___nla_validate_parse+0x10/0x10
[  269.956522][T11013]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  269.956587][T11013]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  269.956628][T11013]  genl_rcv_msg+0xb1f/0xec0
[  269.956668][T11013]  ? __pfx_genl_rcv_msg+0x10/0x10
[  269.956733][T11013]  ? __pfx_lock_acquire+0x10/0x10
[  269.956765][T11013]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  269.956790][T11013]  ? __pfx___might_resched+0x10/0x10
[  269.956831][T11013]  netlink_rcv_skb+0x206/0x480
[  269.956856][T11013]  ? __pfx_genl_rcv_msg+0x10/0x10
[  269.956886][T11013]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  269.956947][T11013]  genl_rcv+0x28/0x40
[  269.956985][T11013]  netlink_unicast+0x7f6/0x990
[  269.957046][T11013]  ? __pfx_netlink_unicast+0x10/0x10
[  269.957076][T11013]  ? __virt_addr_valid+0x45f/0x530
[  269.957097][T11013]  ? __phys_addr_symbol+0x2f/0x70
[  269.957129][T11013]  ? __check_object_size+0x47a/0x730
[  269.957163][T11013]  netlink_sendmsg+0x8de/0xcb0
[  269.957202][T11013]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.957231][T11013]  ? aa_sock_msg_perm+0x91/0x160
[  269.957270][T11013]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.957291][T11013]  __sock_sendmsg+0x221/0x270
[  269.957321][T11013]  ____sys_sendmsg+0x53a/0x860
[  269.957364][T11013]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.957394][T11013]  ? __fget_files+0x2a/0x410
[  269.957428][T11013]  ? __fget_files+0x2a/0x410
[  269.957476][T11013]  __sys_sendmsg+0x269/0x350
[  269.957516][T11013]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.957602][T11013]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  269.957637][T11013]  ? do_syscall_64+0x100/0x230
[  269.957671][T11013]  ? do_syscall_64+0xb6/0x230
[  269.957703][T11013]  do_syscall_64+0xf3/0x230
[  269.957732][T11013]  ? clear_bhb_loop+0x35/0x90
[  269.957766][T11013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.957795][T11013] RIP: 0033:0x7f541a18d169
[  269.957816][T11013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.957835][T11013] RSP: 002b:00007f541b00b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.957858][T11013] RAX: ffffffffffffffda RBX: 00007f541a3a6080 RCX: 00007f541a18d169
[  269.957875][T11013] RDX: 0000000000000800 RSI: 0000400000000100 RDI: 0000000000000006
[  269.957889][T11013] RBP: 00007f541a20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  269.957902][T11013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  269.957915][T11013] R13: 0000000000000000 R14: 00007f541a3a6080 R15: 00007ffd96ff6b88
[  269.957950][T11013]  </TASK>
[  270.444135][T11014] syzkaller1: entered promiscuous mode
[  270.449689][T11014] syzkaller1: entered allmulticast mode
[  270.631993][ T7041] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.699608][ T7041] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.769578][ T7041] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.823317][ T7041] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.939314][ T7041] bridge_slave_1: left allmulticast mode
[  270.946164][ T7041] bridge_slave_1: left promiscuous mode
[  270.952107][ T7041] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.961855][ T7041] bridge_slave_0: left allmulticast mode
[  270.967853][ T7041] bridge_slave_0: left promiscuous mode
[  270.973702][ T7041] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.243462][T11023] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  271.249501][T11018] netlink: 'syz.1.1245': attribute type 1 has an invalid length.
[  271.831486][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  271.852177][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  271.872432][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  271.882977][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  271.904139][ T5848] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  271.914231][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  271.925278][ T7041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.945053][ T7041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.959862][ T7041] bond0 (unregistering): Released all slaves
[  272.007459][T11018] 8021q: adding VLAN 0 to HW filter on device bond8
[  272.066695][T11025] bond8: (slave veth17): Enslaving as an active interface with a down link
[  272.547870][T11057] netlink: 'syz.3.1253': attribute type 10 has an invalid length.
[  272.684652][T11060] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1256'.
[  272.766120][T11060] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  272.803867][T11060] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  272.851973][T11060] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  272.873676][T11060] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  273.057516][ T7041] hsr_slave_0: left promiscuous mode
[  273.099051][ T7041] hsr_slave_1: left promiscuous mode
[  273.112274][ T7041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.130264][ T7041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.175019][ T7041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.201369][ T7041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.308206][ T7041] veth1_macvtap: left promiscuous mode
[  273.322399][ T7041] veth0_macvtap: left promiscuous mode
[  273.328204][ T7041] veth1_vlan: left promiscuous mode
[  273.338549][ T7041] veth0_vlan: left promiscuous mode
[  273.698176][T11082] netlink: 'syz.4.1262': attribute type 1 has an invalid length.
[  273.972025][ T5848] Bluetooth: hci0: command tx timeout
[  274.238859][ T7041] team0 (unregistering): Port device team_slave_1 removed
[  274.296314][ T7041] team0 (unregistering): Port device team_slave_0 removed
[  274.818296][T11082] workqueue: Failed to create a rescuer kthread for wq "bond10": -EINTR
[  275.163108][T11038] chnl_net:caif_netlink_parms(): no params data found
[  275.454567][T11112] netlink: 'syz.4.1269': attribute type 1 has an invalid length.
[  275.462973][T11112] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1269'.
[  275.500223][T11038] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.519319][T11038] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.533774][T11038] bridge_slave_0: entered allmulticast mode
[  275.547911][T11038] bridge_slave_0: entered promiscuous mode
[  275.568646][T11120] SET target dimension over the limit!
[  275.583602][T11119] tipc: Started in network mode
[  275.588698][T11119] tipc: Node identity ac14142f, cluster identity 4711
[  275.598190][T11119] tipc: New replicast peer: 0.0.0.0
[  275.617383][T11119] tipc: Enabled bearer <udp:syz2>, priority 10
[  275.646921][T11038] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.672305][T11038] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.679806][T11038] bridge_slave_1: entered allmulticast mode
[  275.689392][T11038] bridge_slave_1: entered promiscuous mode
[  275.703568][T11119] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1270'.
[  275.723135][T11119] netlink: 'syz.2.1270': attribute type 1 has an invalid length.
[  275.782893][T11129] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1270'.
[  275.835734][T11119] bond11: entered promiscuous mode
[  275.842433][T11119] 8021q: adding VLAN 0 to HW filter on device bond11
[  275.852521][T11038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.875827][T11038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.964614][T11119] bond3: (slave veth3): Releasing active interface
[  275.978211][T11119] bond4: (slave veth5): Releasing active interface
[  275.989012][T11119] bond5: (slave veth7): Releasing active interface
[  276.005459][T11119] bond6: (slave veth9): Releasing active interface
[  276.020288][T11119] bond7: (slave veth11): Releasing active interface
[  276.036809][T11119] bond8: (slave veth13): Releasing active interface
[  276.048965][T11119] bond9: (slave veth15): Releasing active interface
[  276.051658][ T5848] Bluetooth: hci0: command tx timeout
[  276.069222][T11119] bond10: (slave veth17): Releasing active interface
[  276.137460][T11038] team0: Port device team_slave_0 added
[  276.235971][T11038] team0: Port device team_slave_1 added
[  276.367167][T11149] netlink: 'syz.3.1278': attribute type 1 has an invalid length.
[  276.730895][T10440] tipc: Node number set to 2886997039
[  278.135527][ T5848] Bluetooth: hci0: command tx timeout
[  278.539143][T11149] workqueue: Failed to create a rescuer kthread for wq "bond17": -EINTR
[  278.598658][T11154] workqueue: Failed to create a rescuer kthread for wq "bond10": -EINTR
[  278.658127][T11038] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.710823][T11038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.762811][T11038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.790506][T11038] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.805260][T11038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.831819][T11038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.867695][T11164] pim6reg1: entered promiscuous mode
[  278.891597][T11164] pim6reg1: entered allmulticast mode
[  278.929623][T11178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1285'.
[  278.993593][T11176] netlink: 'syz.4.1284': attribute type 10 has an invalid length.
[  279.148775][T11186] FAULT_INJECTION: forcing a failure.
[  279.148775][T11186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.156353][T11038] hsr_slave_0: entered promiscuous mode
[  279.171557][T11038] hsr_slave_1: entered promiscuous mode
[  279.178008][T11038] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  279.185971][T11038] Cannot create hsr debugfs directory
[  279.223711][T11186] CPU: 1 UID: 0 PID: 11186 Comm: syz.1.1289 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  279.223742][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  279.223756][T11186] Call Trace:
[  279.223763][T11186]  <TASK>
[  279.223772][T11186]  dump_stack_lvl+0x241/0x360
[  279.223803][T11186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.223827][T11186]  ? __pfx__printk+0x10/0x10
[  279.223850][T11186]  ? __pfx_lock_release+0x10/0x10
[  279.223890][T11186]  should_fail_ex+0x40a/0x550
[  279.223925][T11186]  _copy_from_iter+0x1df/0x1c40
[  279.223948][T11186]  ? __virt_addr_valid+0x183/0x530
[  279.223969][T11186]  ? __pfx_lock_release+0x10/0x10
[  279.224007][T11186]  ? __alloc_skb+0x28f/0x440
[  279.224035][T11186]  ? __pfx__copy_from_iter+0x10/0x10
[  279.224060][T11186]  ? __virt_addr_valid+0x183/0x530
[  279.224079][T11186]  ? __virt_addr_valid+0x183/0x530
[  279.224096][T11186]  ? __virt_addr_valid+0x45f/0x530
[  279.224117][T11186]  ? __phys_addr_symbol+0x2f/0x70
[  279.224147][T11186]  ? __check_object_size+0x47a/0x730
[  279.224180][T11186]  netlink_sendmsg+0x742/0xcb0
[  279.224216][T11186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.224243][T11186]  ? aa_sock_msg_perm+0x91/0x160
[  279.224279][T11186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.224300][T11186]  __sock_sendmsg+0x221/0x270
[  279.224327][T11186]  ____sys_sendmsg+0x53a/0x860
[  279.224387][T11186]  ? __pfx_____sys_sendmsg+0x10/0x10
[  279.224417][T11186]  ? __fget_files+0x2a/0x410
[  279.224449][T11186]  ? __fget_files+0x2a/0x410
[  279.224494][T11186]  __sys_sendmsg+0x269/0x350
[  279.224529][T11186]  ? __pfx___sys_sendmsg+0x10/0x10
[  279.224574][T11186]  ? do_sys_openat2+0x17a/0x1d0
[  279.224629][T11186]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  279.224663][T11186]  ? do_syscall_64+0x100/0x230
[  279.224695][T11186]  ? do_syscall_64+0xb6/0x230
[  279.224727][T11186]  do_syscall_64+0xf3/0x230
[  279.224760][T11186]  ? clear_bhb_loop+0x35/0x90
[  279.224792][T11186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.224820][T11186] RIP: 0033:0x7fca2c98d169
[  279.224839][T11186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.224856][T11186] RSP: 002b:00007fca2d76c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.224880][T11186] RAX: ffffffffffffffda RBX: 00007fca2cba5fa0 RCX: 00007fca2c98d169
[  279.224895][T11186] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000004
[  279.224908][T11186] RBP: 00007fca2d76c090 R08: 0000000000000000 R09: 0000000000000000
[  279.224921][T11186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.224934][T11186] R13: 0000000000000000 R14: 00007fca2cba5fa0 R15: 00007fff71ca39b8
[  279.224964][T11186]  </TASK>
[  279.686651][T11197] netlink: 'syz.1.1293': attribute type 1 has an invalid length.
[  279.819913][T11197] 8021q: adding VLAN 0 to HW filter on device bond9
[  279.914955][T11209] netlink: 'syz.3.1295': attribute type 10 has an invalid length.
[  279.955702][T11200] bond9: (slave veth19): Enslaving as an active interface with a down link
[  279.982290][T11206] syzkaller1: entered promiscuous mode
[  279.994345][T11216] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1295'.
[  280.005333][T11206] syzkaller1: entered allmulticast mode
[  280.210880][ T5848] Bluetooth: hci0: command tx timeout
[  280.332716][T11211] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  280.349199][T11211] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  280.359493][T11211] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  280.374632][T11211] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  280.409787][T11211] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  280.419361][T11211] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  280.428742][T11211] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  280.437579][T11211] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  280.518118][T11209] veth0_vlan: left promiscuous mode
[  280.528427][T11209] veth0_vlan: entered promiscuous mode
[  280.538795][T11209] team0: Device veth0_vlan failed to register rx_handler
[  280.822186][T11230] FAULT_INJECTION: forcing a failure.
[  280.822186][T11230] name failslab, interval 1, probability 0, space 0, times 0
[  280.843534][T11230] CPU: 1 UID: 0 PID: 11230 Comm: syz.1.1301 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  280.843566][T11230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  280.843578][T11230] Call Trace:
[  280.843586][T11230]  <TASK>
[  280.843594][T11230]  dump_stack_lvl+0x241/0x360
[  280.843630][T11230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.843652][T11230]  ? __pfx__printk+0x10/0x10
[  280.843672][T11230]  ? __kmalloc_cache_noprof+0x48/0x390
[  280.843701][T11230]  ? __pfx___might_resched+0x10/0x10
[  280.843731][T11230]  should_fail_ex+0x40a/0x550
[  280.843762][T11230]  should_failslab+0xac/0x100
[  280.843788][T11230]  __kmalloc_cache_noprof+0x70/0x390
[  280.843813][T11230]  ? rtnl_newlink+0x147/0x1da0
[  280.843838][T11230]  rtnl_newlink+0x147/0x1da0
[  280.843858][T11230]  ? __lock_acquire+0x1397/0x2100
[  280.843894][T11230]  ? __lock_acquire+0x1397/0x2100
[  280.843922][T11230]  ? __pfx_rtnl_newlink+0x10/0x10
[  280.843942][T11230]  ? __pfx_validate_chain+0x10/0x10
[  280.843981][T11230]  ? validate_chain+0x11e/0x5920
[  280.844001][T11230]  ? __pfx_lock_acquire+0x10/0x10
[  280.844031][T11230]  ? __pfx_lock_release+0x10/0x10
[  280.844062][T11230]  ? __pfx_validate_chain+0x10/0x10
[  280.844084][T11230]  ? mark_lock+0x9a/0x360
[  280.844105][T11230]  ? __lock_acquire+0x1397/0x2100
[  280.844162][T11230]  ? __pfx_lock_release+0x10/0x10
[  280.844204][T11230]  ? __pfx_rtnl_newlink+0x10/0x10
[  280.844247][T11230]  rtnetlink_rcv_msg+0x791/0xcf0
[  280.844267][T11230]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  280.844288][T11230]  ? __lock_acquire+0x1397/0x2100
[  280.844316][T11230]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  280.844353][T11230]  netlink_rcv_skb+0x206/0x480
[  280.844374][T11230]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  280.844397][T11230]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  280.844449][T11230]  ? netlink_deliver_tap+0x2e/0x1b0
[  280.844472][T11230]  netlink_unicast+0x7f6/0x990
[  280.844509][T11230]  ? __pfx_netlink_unicast+0x10/0x10
[  280.844536][T11230]  ? __virt_addr_valid+0x45f/0x530
[  280.844554][T11230]  ? __phys_addr_symbol+0x2f/0x70
[  280.844583][T11230]  ? __check_object_size+0x47a/0x730
[  280.844612][T11230]  netlink_sendmsg+0x8de/0xcb0
[  280.844644][T11230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.844669][T11230]  ? aa_sock_msg_perm+0x91/0x160
[  280.844703][T11230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.844722][T11230]  __sock_sendmsg+0x221/0x270
[  280.844747][T11230]  ____sys_sendmsg+0x53a/0x860
[  280.844784][T11230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  280.844810][T11230]  ? __fget_files+0x2a/0x410
[  280.844840][T11230]  ? __fget_files+0x2a/0x410
[  280.844874][T11230]  __sys_sendmsg+0x269/0x350
[  280.844907][T11230]  ? __pfx___sys_sendmsg+0x10/0x10
[  280.844948][T11230]  ? do_sys_openat2+0x17a/0x1d0
[  280.845000][T11230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  280.845030][T11230]  ? do_syscall_64+0x100/0x230
[  280.845059][T11230]  ? do_syscall_64+0xb6/0x230
[  280.845086][T11230]  do_syscall_64+0xf3/0x230
[  280.845111][T11230]  ? clear_bhb_loop+0x35/0x90
[  280.845141][T11230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.845167][T11230] RIP: 0033:0x7fca2c98d169
[  280.845185][T11230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.845200][T11230] RSP: 002b:00007fca2d76c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.845222][T11230] RAX: ffffffffffffffda RBX: 00007fca2cba5fa0 RCX: 00007fca2c98d169
[  280.845235][T11230] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000004
[  280.845247][T11230] RBP: 00007fca2d76c090 R08: 0000000000000000 R09: 0000000000000000
[  280.845259][T11230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.845269][T11230] R13: 0000000000000000 R14: 00007fca2cba5fa0 R15: 00007fff71ca39b8
[  280.845303][T11230]  </TASK>
[  281.348364][T11239] netlink: 'syz.1.1303': attribute type 4 has an invalid length.
[  281.370578][T11239] netlink: 'syz.1.1303': attribute type 4 has an invalid length.
[  281.386881][T11038] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  281.396968][T11038] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  281.423906][T11038] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  281.449427][T11038] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  282.054493][T11038] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.079021][T11038] 8021q: adding VLAN 0 to HW filter on device team0
[  282.175917][T11038] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  282.251129][T11248] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1306'.
[  282.270988][T11038] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.295246][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.302462][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.335202][T11253] netlink: 'syz.3.1307': attribute type 1 has an invalid length.
[  282.340450][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.350155][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.434959][T11253] 8021q: adding VLAN 0 to HW filter on device bond17
[  282.471608][T11254] bond17: (slave veth29): Enslaving as an active interface with a down link
[  282.660064][T11038] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.742645][T11038] veth0_vlan: entered promiscuous mode
[  282.757801][T11038] veth1_vlan: entered promiscuous mode
[  282.837005][T11038] veth0_macvtap: entered promiscuous mode
[  282.866339][T11038] veth1_macvtap: entered promiscuous mode
[  282.919826][T11038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.943122][T11038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.970065][T11038] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.998127][T11038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.022532][T11038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.048883][T11038] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.075166][T11038] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.104794][T11038] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.131003][T11038] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.139775][T11038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.295399][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.312942][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.448093][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.462076][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.594867][T11276] dccp_invalid_packet: P.type (RESET) not Data || [Data]Ack, while P.X == 0
[  284.025029][T11288] netlink: 'syz.3.1318': attribute type 10 has an invalid length.
[  284.881640][ T3550] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.933312][ T3550] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.996266][ T3550] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.072894][ T3550] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.140205][ T3550] bridge_slave_1: left allmulticast mode
[  286.147443][ T3550] bridge_slave_1: left promiscuous mode
[  286.153985][ T3550] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.163188][ T3550] bridge_slave_0: left allmulticast mode
[  286.168855][ T3550] bridge_slave_0: left promiscuous mode
[  286.175109][ T3550] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.380257][T11315] netlink: 'syz.1.1322': attribute type 11 has an invalid length.
[  286.883909][T11332] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  286.918580][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  286.929977][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  286.948218][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  286.957785][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  286.982570][ T5147] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  287.000100][ T5147] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  287.093970][T11338] netlink: 'syz.1.1329': attribute type 10 has an invalid length.
[  287.149396][ T3550] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.161915][ T3550] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.172524][ T3550] bond0 (unregistering): Released all slaves
[  287.197322][T11323] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1323'.
[  287.431964][T11340] xt_CT: No such helper "snmp"
[  287.666234][ T3550] hsr_slave_0: left promiscuous mode
[  287.674154][ T3550] hsr_slave_1: left promiscuous mode
[  287.680271][ T3550] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.689545][ T3550] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.701749][ T3550] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.713301][ T3550] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.749857][T11353] netlink: 'syz.4.1332': attribute type 10 has an invalid length.
[  287.760581][ T3550] veth1_macvtap: left promiscuous mode
[  287.766919][ T3550] veth0_macvtap: left promiscuous mode
[  287.773008][ T3550] veth1_vlan: left promiscuous mode
[  287.778547][ T3550] veth0_vlan: left promiscuous mode
[  288.356125][ T3550] team0 (unregistering): Port device team_slave_1 removed
[  288.406921][ T3550] team0 (unregistering): Port device team_slave_0 removed
[  288.951002][T11355] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1333'.
[  289.102038][ T5848] Bluetooth: hci0: command tx timeout
[  289.274571][T11333] chnl_net:caif_netlink_parms(): no params data found
[  289.553572][T11333] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.562239][T11333] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.569537][T11333] bridge_slave_0: entered allmulticast mode
[  289.585782][T11333] bridge_slave_0: entered promiscuous mode
[  289.594758][T11333] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.602506][T11333] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.609923][T11333] bridge_slave_1: entered allmulticast mode
[  289.617684][T11333] bridge_slave_1: entered promiscuous mode
[  289.649072][T11333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.661641][T11333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.866146][T11333] team0: Port device team_slave_0 added
[  289.885126][T11333] team0: Port device team_slave_1 added
[  290.000144][T11333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.018556][T11333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.080795][T11333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  290.193644][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.206836][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.277663][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.314123][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.329404][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.370616][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.428310][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.461143][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.473839][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1338'.
[  290.511488][T11380] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.518962][T11380] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.771620][T11380] vxcan1: left allmulticast mode
[  290.959632][T11380] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.988011][T11380] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  291.052292][T11380] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.061431][T11380] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.070989][T11380] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.079395][T11380] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  291.130261][T11333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  291.151270][T11333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.188345][ T5147] Bluetooth: hci0: command tx timeout
[  291.195773][T11333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  291.319140][T11392] xt_connbytes: Forcing CT accounting to be enabled
[  291.366902][T11392] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat'
[  291.404374][T11391] bond0 (unregistering): Released all slaves
[  291.456734][T11401] netlink: 'syz.3.1344': attribute type 1 has an invalid length.
[  291.465244][T11401] netlink: 'syz.3.1344': attribute type 8 has an invalid length.
[  291.579986][T11333] hsr_slave_0: entered promiscuous mode
[  291.596705][T11333] hsr_slave_1: entered promiscuous mode
[  291.606958][T11333] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  291.620566][T11333] Cannot create hsr debugfs directory
[  291.671463][T11406] netlink: 'syz.2.1343': attribute type 10 has an invalid length.
[  292.031895][T11414] smc: net device bond0 applied user defined pnetid SYZ2
[  292.333870][T11422] warn_alloc: 1 callbacks suppressed
[  292.333892][T11422] syz.4.1349: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  292.370963][T11422] CPU: 0 UID: 0 PID: 11422 Comm: syz.4.1349 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  292.370996][T11422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.371009][T11422] Call Trace:
[  292.371017][T11422]  <TASK>
[  292.371026][T11422]  dump_stack_lvl+0x241/0x360
[  292.371060][T11422]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.371084][T11422]  ? __pfx__printk+0x10/0x10
[  292.371111][T11422]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  292.371140][T11422]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  292.371171][T11422]  warn_alloc+0x278/0x410
[  292.371197][T11422]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  292.371233][T11422]  ? __pfx_warn_alloc+0x10/0x10
[  292.371256][T11422]  ? kasan_save_track+0x3f/0x80
[  292.371276][T11422]  ? __kasan_kmalloc+0x98/0xb0
[  292.371301][T11422]  ? xsk_setsockopt+0x4aa/0x810
[  292.371321][T11422]  ? do_sock_setsockopt+0x3af/0x720
[  292.371349][T11422]  ? __x64_sys_setsockopt+0x1ee/0x280
[  292.371379][T11422]  ? do_syscall_64+0xf3/0x230
[  292.371406][T11422]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.371446][T11422]  __vmalloc_node_range_noprof+0x126/0x1380
[  292.371511][T11422]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  292.371551][T11422]  ? __kasan_kmalloc+0x98/0xb0
[  292.371581][T11422]  vmalloc_user_noprof+0x74/0x80
[  292.371602][T11422]  ? xskq_create+0xb6/0x170
[  292.371623][T11422]  xskq_create+0xb6/0x170
[  292.371648][T11422]  xsk_init_queue+0xa1/0x100
[  292.371674][T11422]  xsk_setsockopt+0x4aa/0x810
[  292.371698][T11422]  ? __pfx_xsk_setsockopt+0x10/0x10
[  292.371721][T11422]  ? __pfx_aa_sk_perm+0x10/0x10
[  292.371753][T11422]  ? aa_sock_opt_perm+0x79/0x120
[  292.371789][T11422]  ? __pfx_xsk_setsockopt+0x10/0x10
[  292.371809][T11422]  do_sock_setsockopt+0x3af/0x720
[  292.371860][T11422]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  292.371897][T11422]  ? __fget_files+0x395/0x410
[  292.371926][T11422]  ? __fget_files+0x2a/0x410
[  292.371966][T11422]  __x64_sys_setsockopt+0x1ee/0x280
[  292.372005][T11422]  do_syscall_64+0xf3/0x230
[  292.372033][T11422]  ? clear_bhb_loop+0x35/0x90
[  292.372067][T11422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.372095][T11422] RIP: 0033:0x7f08d1b8d169
[  292.372114][T11422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.372133][T11422] RSP: 002b:00007f08d2a42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  292.372156][T11422] RAX: ffffffffffffffda RBX: 00007f08d1da5fa0 RCX: 00007f08d1b8d169
[  292.372172][T11422] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  292.372185][T11422] RBP: 00007f08d1c0e2a0 R08: 0000000000000004 R09: 0000000000000000
[  292.372198][T11422] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[  292.372212][T11422] R13: 0000000000000000 R14: 00007f08d1da5fa0 R15: 00007ffe5b957b88
[  292.372245][T11422]  </TASK>
[  292.372254][T11422] Mem-Info:
[  292.462322][T11424] x_tables: duplicate underflow at hook 2
[  292.499503][T11422] active_anon:13305 inactive_anon:0 isolated_anon:0
[  292.499503][T11422]  active_file:1680 inactive_file:38412 isolated_file:0
[  292.499503][T11422]  unevictable:768 dirty:174 writeback:0
[  292.499503][T11422]  slab_reclaimable:11497 slab_unreclaimable:108707
[  292.499503][T11422]  mapped:28671 shmem:6474 pagetables:728
[  292.499503][T11422]  sec_pagetables:0 bounce:0
[  292.499503][T11422]  kernel_misc_reclaimable:0
[  292.499503][T11422]  free:1299255 free_pcp:2520 free_cma:0
[  292.592756][T11427] IPVS: length: 186 != 24
[  292.653685][T11422] Node 0 active_anon:49420kB inactive_anon:0kB active_file:6720kB inactive_file:153576kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114684kB dirty:696kB writeback:0kB shmem:20660kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12552kB pagetables:2912kB sec_pagetables:0kB all_unreclaimable? no
[  292.771062][T11422] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  292.834594][T11422] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  292.864321][T11422] lowmem_reserve[]: 0 2490 2490 0 0
[  292.869733][T11422] Node 0 DMA32 free:1279444kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:49580kB inactive_anon:0kB active_file:6720kB inactive_file:153252kB unevictable:1536kB writepending:696kB present:3129332kB managed:2549840kB mlocked:0kB bounce:0kB free_pcp:9112kB local_pcp:896kB free_cma:0kB
[  292.906033][T11422] lowmem_reserve[]: 0 0 0 0 0
[  292.912141][T11422] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  292.939884][T11422] lowmem_reserve[]: 0 0 0 0 0
[  292.951262][T11422] Node 1 Normal free:3906712kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  292.980394][T11422] lowmem_reserve[]: 0 0 0 0 0
[  292.985996][T11422] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  292.999114][T11422] Node 0 DMA32: 3*4kB (ME) 1*8kB (U) 2*16kB (UE) 127*32kB (UME) 349*64kB (UME) 38*128kB (UME) 26*256kB (UME) 6*512kB (UME) 3*1024kB (UM) 5*2048kB (UME) 299*4096kB (UM) = 1279060kB
[  293.017587][ T1151] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  293.027746][T11422] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  293.027903][T11422] Node 1 Normal: 242*4kB (UE) 44*8kB (UME) 37*16kB (UME) 187*32kB (UME) 111*64kB (UME) 18*128kB (UME) 17*256kB (UME) 10*512kB (UME) 5*1024kB (UM) 4*2048kB (UE) 944*4096kB (M) = 3906712kB
[  293.028138][T11422] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  293.028156][T11422] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  293.028174][T11422] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  293.028192][T11422] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  293.028208][T11422] 45641 total pagecache pages
[  293.105622][T11422] 0 pages in swap cache
[  293.109855][T11422] Free swap  = 124996kB
[  293.118423][T11422] Total swap = 124996kB
[  293.123914][T11422] 2097051 pages RAM
[  293.127772][T11422] 0 pages HighMem/MovableOnly
[  293.140143][T11422] 427869 pages reserved
[  293.144616][T11422] 0 pages cma reserved
[  293.250947][ T5147] Bluetooth: hci0: command 0x040f tx timeout
[  293.390016][T11333] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  293.423154][T11333] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  293.441569][T11451] delete_channel: no stack
[  293.530031][T11462] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  293.562296][T11333] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  293.642452][T11333] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  293.660300][T11464] netlink: 'syz.3.1360': attribute type 10 has an invalid length.
[  294.151743][T11333] 8021q: adding VLAN 0 to HW filter on device bond0
[  294.197067][T11333] 8021q: adding VLAN 0 to HW filter on device team0
[  294.364242][ T7045] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.371499][ T7045] bridge0: port 1(bridge_slave_0) entered forwarding state
[  294.507592][ T7042] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.514856][ T7042] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.626954][T11492] FAULT_INJECTION: forcing a failure.
[  294.626954][T11492] name failslab, interval 1, probability 0, space 0, times 0
[  294.651052][T11492] CPU: 0 UID: 0 PID: 11492 Comm: syz.2.1370 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  294.651085][T11492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  294.651098][T11492] Call Trace:
[  294.651105][T11492]  <TASK>
[  294.651114][T11492]  dump_stack_lvl+0x241/0x360
[  294.651145][T11492]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.651167][T11492]  ? __pfx__printk+0x10/0x10
[  294.651201][T11492]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  294.651231][T11492]  ? __pfx___might_resched+0x10/0x10
[  294.651265][T11492]  should_fail_ex+0x40a/0x550
[  294.651299][T11492]  should_failslab+0xac/0x100
[  294.651329][T11492]  __kmalloc_node_noprof+0xe1/0x4d0
[  294.651365][T11492]  ? __kvmalloc_node_noprof+0x72/0x190
[  294.651403][T11492]  __kvmalloc_node_noprof+0x72/0x190
[  294.651437][T11492]  alloc_netdev_mqs+0xce7/0x1210
[  294.651480][T11492]  rtnl_create_link+0x2f9/0xc90
[  294.651519][T11492]  rtnl_newlink_create+0x302/0xb30
[  294.651556][T11492]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  294.651587][T11492]  ? __pfx___mutex_lock+0x10/0x10
[  294.651625][T11492]  ? ns_capable+0x8a/0xf0
[  294.651653][T11492]  rtnl_newlink+0x1683/0x1da0
[  294.651677][T11492]  ? __lock_acquire+0x1397/0x2100
[  294.651720][T11492]  ? __pfx_rtnl_newlink+0x10/0x10
[  294.651743][T11492]  ? __pfx_validate_chain+0x10/0x10
[  294.651858][T11492]  ? __pfx_lock_release+0x10/0x10
[  294.651908][T11492]  ? __pfx_rtnl_newlink+0x10/0x10
[  294.651933][T11492]  rtnetlink_rcv_msg+0x791/0xcf0
[  294.651955][T11492]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  294.651979][T11492]  ? __lock_acquire+0x1397/0x2100
[  294.652012][T11492]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  294.652054][T11492]  netlink_rcv_skb+0x206/0x480
[  294.652083][T11492]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  294.652109][T11492]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  294.652158][T11492]  ? netlink_deliver_tap+0x2e/0x1b0
[  294.652184][T11492]  netlink_unicast+0x7f6/0x990
[  294.652227][T11492]  ? __pfx_netlink_unicast+0x10/0x10
[  294.652257][T11492]  ? __virt_addr_valid+0x45f/0x530
[  294.652279][T11492]  ? __phys_addr_symbol+0x2f/0x70
[  294.652311][T11492]  ? __check_object_size+0x47a/0x730
[  294.652350][T11492]  netlink_sendmsg+0x8de/0xcb0
[  294.652387][T11492]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.652416][T11492]  ? aa_sock_msg_perm+0x91/0x160
[  294.652454][T11492]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.652476][T11492]  __sock_sendmsg+0x221/0x270
[  294.652514][T11492]  ____sys_sendmsg+0x53a/0x860
[  294.652556][T11492]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.652586][T11492]  ? __fget_files+0x2a/0x410
[  294.652619][T11492]  ? __fget_files+0x2a/0x410
[  294.652658][T11492]  __sys_sendmsg+0x269/0x350
[  294.652697][T11492]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.652743][T11492]  ? do_sys_openat2+0x17a/0x1d0
[  294.652804][T11492]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.652838][T11492]  ? do_syscall_64+0x100/0x230
[  294.652870][T11492]  ? do_syscall_64+0xb6/0x230
[  294.652902][T11492]  do_syscall_64+0xf3/0x230
[  294.652931][T11492]  ? clear_bhb_loop+0x35/0x90
[  294.652965][T11492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.652993][T11492] RIP: 0033:0x7fd8c7d8d169
[  294.653013][T11492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.653030][T11492] RSP: 002b:00007fd8c8c7b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.653066][T11492] RAX: ffffffffffffffda RBX: 00007fd8c7fa5fa0 RCX: 00007fd8c7d8d169
[  294.653081][T11492] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000004
[  294.653095][T11492] RBP: 00007fd8c8c7b090 R08: 0000000000000000 R09: 0000000000000000
[  294.653108][T11492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  294.653119][T11492] R13: 0000000000000000 R14: 00007fd8c7fa5fa0 R15: 00007fffe26fb418
[  294.653152][T11492]  </TASK>
[  295.054141][T11494] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  295.158319][T11333] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  295.179435][T11333] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  295.340954][ T5848] Bluetooth: hci0: command 0x040f tx timeout
[  295.472847][T11494] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  295.664274][T11494] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  295.754599][T11333] 8021q: adding VLAN 0 to HW filter on device batadv0
[  295.845910][T11494] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  295.937715][T11516] __nla_validate_parse: 100 callbacks suppressed
[  295.937736][T11516] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1374'.
[  296.126004][T11523] netlink: 'syz.3.1376': attribute type 10 has an invalid length.
[  296.183735][T11333] veth0_vlan: entered promiscuous mode
[  296.245185][T11494] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  296.298119][T11494] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  296.336604][T11494] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  296.359688][T11494] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  296.389551][T11333] veth1_vlan: entered promiscuous mode
[  296.506762][T11333] veth0_macvtap: entered promiscuous mode
[  296.524310][T11333] veth1_macvtap: entered promiscuous mode
[  296.618484][T11333] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.658096][T11333] batman_adv: batadv0: Interface activated: batadv_slave_1
[  296.734130][T11333] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.756881][T11333] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.779174][T11333] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.789710][T11333] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.842087][T11536] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1380'.
[  297.119508][ T7042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.132182][ T7042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.179175][T11550] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1385'.
[  297.246040][T11550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1385'.
[  297.261011][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.271326][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.419308][ T5848] Bluetooth: hci0: command 0x040f tx timeout
[  297.511267][T11559] netlink: 'syz.3.1387': attribute type 1 has an invalid length.
[  297.590135][T11558] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1388'.
[  297.594591][T11559] 8021q: adding VLAN 0 to HW filter on device bond18
[  297.650651][T11565] netlink: 'syz.2.1389': attribute type 1 has an invalid length.
[  297.676323][T11563] bond18: (slave veth31): Enslaving as an active interface with a down link
[  297.688462][T11569] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  297.725537][T11567] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1389'.
[  297.787076][T11572] netlink: 'syz.3.1391': attribute type 2 has an invalid length.
[  297.882864][T11577] netlink: 'syz.1.1390': attribute type 10 has an invalid length.
[  297.948423][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.001429][T11578] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1391'.
[  298.104616][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.190159][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.432237][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.576135][   T35] bridge_slave_1: left allmulticast mode
[  298.582118][   T35] bridge_slave_1: left promiscuous mode
[  298.587822][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.596691][   T35] bridge_slave_0: left allmulticast mode
[  298.603041][   T35] bridge_slave_0: left promiscuous mode
[  298.608827][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.018030][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  299.029133][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  299.039838][   T35] bond0 (unregistering): Released all slaves
[  299.257390][   T35] hsr_slave_0: left promiscuous mode
[  299.263926][   T35] hsr_slave_1: left promiscuous mode
[  299.269755][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.277498][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.285895][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.293844][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.326306][   T35] veth1_macvtap: left promiscuous mode
[  299.332748][   T35] veth0_macvtap: left promiscuous mode
[  299.338993][   T35] veth1_vlan: left promiscuous mode
[  299.344596][   T35] veth0_vlan: left promiscuous mode
[  299.869677][T11602] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1398'.
[  299.908598][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  299.920531][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  299.934805][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  299.944643][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  299.952591][ T5147] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  299.960102][ T5147] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  300.023199][T11607] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1398'.
[  300.338145][   T35] team0 (unregistering): Port device team_slave_1 removed
[  300.387549][   T35] team0 (unregistering): Port device team_slave_0 removed
[  300.916763][T11601] ip6gre1: entered allmulticast mode
[  301.118750][T11615] netlink: 'syz.2.1401': attribute type 1 has an invalid length.
[  301.128726][T11613] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1400'.
[  301.177221][T11615] 8021q: adding VLAN 0 to HW filter on device bond13
[  301.206455][T11617] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  301.289334][T11618] bond13: (slave veth19): Enslaving as an active interface with a down link
[  301.418133][T11634] netlink: 'syz.1.1403': attribute type 26 has an invalid length.
[  301.581241][T11642] netlink: 'syz.2.1405': attribute type 2 has an invalid length.
[  301.614552][T11642] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1405'.
[  301.652060][T11603] chnl_net:caif_netlink_parms(): no params data found
[  301.684128][T11645] netlink: 'syz.3.1404': attribute type 10 has an invalid length.
[  301.695020][T11644] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1406'.
[  301.838497][T11651] ip6tnl1: entered promiscuous mode
[  302.044097][T11663] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1411'.
[  302.052748][ T5147] Bluetooth: hci0: command tx timeout
[  302.136396][T11603] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.161195][T11603] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.168517][T11603] bridge_slave_0: entered allmulticast mode
[  302.199579][T11603] bridge_slave_0: entered promiscuous mode
[  302.232947][T11603] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.240188][T11603] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.258023][T11603] bridge_slave_1: entered allmulticast mode
[  302.274560][T11603] bridge_slave_1: entered promiscuous mode
[  302.312281][T11673] netlink: 'syz.3.1412': attribute type 29 has an invalid length.
[  302.342283][T11671] netlink: 'syz.3.1412': attribute type 29 has an invalid length.
[  302.372155][T11603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  302.407517][T11603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.559469][T11683] netlink: 'syz.3.1415': attribute type 1 has an invalid length.
[  303.433610][T11683] workqueue: Failed to create a rescuer kthread for wq "bond19": -EINTR
[  303.527792][T11603] team0: Port device team_slave_0 added
[  303.614033][T11603] team0: Port device team_slave_1 added
[  303.742624][T11707] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1419'.
[  303.763883][T11603] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.779102][T11603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.811291][T11603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.875486][T11603] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.900865][T11603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.976952][T11603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.021544][T11718] team0: Port device bridge0 removed
[  304.038502][T11718] team0: Port device dummy0 removed
[  304.061203][T11718] bridge_slave_0: left allmulticast mode
[  304.077144][T11718] bridge_slave_0: left promiscuous mode
[  304.083694][T11718] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.101642][T11718] bridge_slave_1: left allmulticast mode
[  304.107372][T11718] bridge_slave_1: left promiscuous mode
[  304.121316][T11718] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.129088][T11728] netlink: 'syz.3.1422': attribute type 10 has an invalid length.
[  304.137087][ T5848] Bluetooth: hci0: command tx timeout
[  304.147924][T11718] 
: (slave bond_slave_0): Releasing backup interface
[  304.167750][T11718] 
: (slave bond_slave_1): Releasing backup interface
[  304.180884][T11718] team0: Port device team_slave_0 removed
[  304.198066][T11718] team0: Port device team_slave_1 removed
[  304.207563][T11718] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.226496][T11718] batman_adv: batadv0: Removing interface: batadv_slave_1
[  304.246971][T11718] bond1: (slave gretap1): Releasing active interface
[  304.263578][T11718] bond2: (slave ip6erspan0): Releasing active interface
[  304.276382][T11718] bond3: (slave veth5): Releasing active interface
[  304.287897][T11718] bond4: (slave veth7): Releasing active interface
[  304.302459][ T5848] Bluetooth: hci4: command 0x0405 tx timeout
[  304.315409][T11718] bond6: (slave veth9): Releasing active interface
[  304.325999][T11718] bond7: (slave veth11): Releasing active interface
[  304.336479][T11718] bond8: (slave veth13): Releasing active interface
[  304.345051][T11718] bond9: (slave veth15): Releasing active interface
[  304.390023][T11722] team0: Mode changed to "activebackup"
[  304.555752][T11603] hsr_slave_0: entered promiscuous mode
[  304.583225][T11603] hsr_slave_1: entered promiscuous mode
[  304.589528][T11603] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  304.609013][T11748] netlink: 'syz.2.1429': attribute type 1 has an invalid length.
[  304.610774][T11603] Cannot create hsr debugfs directory
[  304.658125][T11751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1430'.
[  304.680089][T11751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1430'.
[  304.689480][T11751] netlink: 'syz.4.1430': attribute type 18 has an invalid length.
[  304.698017][T11751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1430'.
[  304.721724][T11748] 8021q: adding VLAN 0 to HW filter on device bond14
[  304.784488][T11754] bond14: (slave veth21): Enslaving as an active interface with a down link
[  304.962045][T11764] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1432'.
[  305.009731][T11769] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1433'.
[  305.639995][T11788] netlink: 'syz.3.1436': attribute type 1 has an invalid length.
[  305.830032][T11788] 8021q: adding VLAN 0 to HW filter on device bond19
[  306.070368][T11796] netlink: 'syz.3.1440': attribute type 1 has an invalid length.
[  306.095945][T11791] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  306.128481][T11797] Bluetooth: MGMT ver 1.23
[  306.221266][ T5147] Bluetooth: hci0: command tx timeout
[  306.368487][T11805] __nla_validate_parse: 2 callbacks suppressed
[  306.368509][T11805] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1441'.
[  306.400574][T11807] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  306.420827][T11805] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1441'.
[  306.438618][T11805] netlink: 'syz.3.1441': attribute type 1 has an invalid length.
[  306.572606][T11603] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  306.597328][T11603] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  306.611792][T11812] netlink: 'syz.1.1442': attribute type 10 has an invalid length.
[  306.624808][T11603] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  306.642628][T11603] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  306.771259][T11603] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.793749][T11603] 8021q: adding VLAN 0 to HW filter on device team0
[  306.826063][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.833291][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.888315][T11822] netlink: 'syz.3.1445': attribute type 1 has an invalid length.
[  306.924525][T11822] 8021q: adding VLAN 0 to HW filter on device bond20
[  306.940444][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.947698][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.048135][T11825] bond20: (slave veth33): Enslaving as an active interface with a down link
[  307.066971][T11829] xfrm1: entered allmulticast mode
[  307.249019][T11839] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1449'.
[  307.617439][T11845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1451'.
[  307.731172][T11845] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1451'.
[  308.013089][T11866] FAULT_INJECTION: forcing a failure.
[  308.013089][T11866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.038292][T11866] CPU: 0 UID: 0 PID: 11866 Comm: syz.3.1456 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  308.038327][T11866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.038358][T11866] Call Trace:
[  308.038371][T11866]  <TASK>
[  308.038381][T11866]  dump_stack_lvl+0x241/0x360
[  308.038414][T11866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.038437][T11866]  ? __pfx__printk+0x10/0x10
[  308.038462][T11866]  ? __pfx_lock_release+0x10/0x10
[  308.038503][T11866]  should_fail_ex+0x40a/0x550
[  308.038538][T11866]  _copy_from_user+0x2d/0xb0
[  308.038566][T11866]  generic_map_update_batch+0x567/0x900
[  308.038606][T11866]  ? __pfx_generic_map_update_batch+0x10/0x10
[  308.038629][T11866]  ? __fget_files+0x395/0x410
[  308.038658][T11866]  ? __fget_files+0x2a/0x410
[  308.038695][T11866]  ? __pfx_generic_map_update_batch+0x10/0x10
[  308.038719][T11866]  bpf_map_do_batch+0x39a/0x660
[  308.038757][T11866]  __sys_bpf+0x375/0x820
[  308.038788][T11866]  ? __pfx___sys_bpf+0x10/0x10
[  308.038831][T11866]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  308.038866][T11866]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.038900][T11866]  ? do_syscall_64+0x100/0x230
[  308.038934][T11866]  __x64_sys_bpf+0x7c/0x90
[  308.038962][T11866]  do_syscall_64+0xf3/0x230
[  308.038990][T11866]  ? clear_bhb_loop+0x35/0x90
[  308.039023][T11866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.039052][T11866] RIP: 0033:0x7f541a18d169
[  308.039072][T11866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.039089][T11866] RSP: 002b:00007f541b02c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  308.039113][T11866] RAX: ffffffffffffffda RBX: 00007f541a3a5fa0 RCX: 00007f541a18d169
[  308.039128][T11866] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  308.039142][T11866] RBP: 00007f541b02c090 R08: 0000000000000000 R09: 0000000000000000
[  308.039155][T11866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  308.039168][T11866] R13: 0000000000000000 R14: 00007f541a3a5fa0 R15: 00007ffd96ff6b88
[  308.039199][T11866]  </TASK>
[  308.291277][ T5147] Bluetooth: hci0: command tx timeout
[  308.364273][T11603] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.372758][T11866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1456'.
[  308.514446][T11866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1456'.
[  308.528763][T11871] netlink: 'syz.1.1457': attribute type 1 has an invalid length.
[  308.578994][T11871] 8021q: adding VLAN 0 to HW filter on device bond10
[  308.648493][T11603] veth0_vlan: entered promiscuous mode
[  308.776194][T11603] veth1_vlan: entered promiscuous mode
[  308.880289][T11603] veth0_macvtap: entered promiscuous mode
[  308.923849][T11603] veth1_macvtap: entered promiscuous mode
[  308.933682][T11882] netlink: 'syz.3.1462': attribute type 1 has an invalid length.
[  308.938607][T11879] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1460'.
[  308.992264][T11882] 8021q: adding VLAN 0 to HW filter on device bond21
[  309.040395][T11603] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.185382][T11892] netlink: 'syz.2.1461': attribute type 10 has an invalid length.
[  309.215988][T11603] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.229041][T11603] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.238170][T11603] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.262702][T11603] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.281126][T11603] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.327115][T11898] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1466'.
[  309.342514][T11898] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1466'.
[  309.393863][T11898] gretap0: entered promiscuous mode
[  309.399601][T11902] Bluetooth: MGMT ver 1.23
[  309.404662][T11898] gretap0: entered allmulticast mode
[  309.696144][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.704711][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.162554][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.171141][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.536518][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.669292][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.736505][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.801650][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.888813][   T12] bridge_slave_1: left allmulticast mode
[  311.895034][   T12] bridge_slave_1: left promiscuous mode
[  311.900858][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.909517][   T12] bridge_slave_0: left allmulticast mode
[  311.915915][   T12] bridge_slave_0: left promiscuous mode
[  311.922669][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.292425][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.304128][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.314821][   T12] bond0 (unregistering): Released all slaves
[  312.528698][   T12] hsr_slave_0: left promiscuous mode
[  312.536782][   T12] hsr_slave_1: left promiscuous mode
[  312.543083][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  312.550544][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.559543][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  312.567389][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  312.604429][   T12] veth1_macvtap: left promiscuous mode
[  312.609999][   T12] veth0_macvtap: left promiscuous mode
[  312.615736][   T12] veth1_vlan: left promiscuous mode
[  312.622170][   T12] veth0_vlan: left promiscuous mode
[  313.247017][T11964] netlink: 'syz.3.1481': attribute type 10 has an invalid length.
[  313.612040][   T12] team0 (unregistering): Port device team_slave_1 removed
[  313.636846][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  313.648327][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  313.665581][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  313.675615][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  313.685535][ T5848] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  313.693452][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  313.769878][   T12] team0 (unregistering): Port device team_slave_0 removed
[  314.632937][T11978] pimreg: entered allmulticast mode
[  314.648889][T11980] pimreg: left allmulticast mode
[  314.947484][T11984] __nla_validate_parse: 131 callbacks suppressed
[  314.947505][T11984] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1487'.
[  315.216753][T11977] chnl_net:caif_netlink_parms(): no params data found
[  315.232443][T11994] netlink: 'syz.4.1489': attribute type 2 has an invalid length.
[  315.356432][T11996] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1489'.
[  315.542869][T11977] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.565564][T11977] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.587641][T11977] bridge_slave_0: entered allmulticast mode
[  315.609931][T11977] bridge_slave_0: entered promiscuous mode
[  315.638965][T11977] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.660998][T11977] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.689467][T11977] bridge_slave_1: entered allmulticast mode
[  315.728260][T11977] bridge_slave_1: entered promiscuous mode
[  315.808058][T12004] batadv_slave_1: entered promiscuous mode
[  315.831193][ T5147] Bluetooth: hci0: command tx timeout
[  316.003863][T11977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  316.027442][T11977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  316.116634][T12018] netlink: 'syz.4.1495': attribute type 1 has an invalid length.
[  316.173754][T12018] 8021q: adding VLAN 0 to HW filter on device bond0
[  316.215698][T11977] team0: Port device team_slave_0 added
[  316.283239][T11977] team0: Port device team_slave_1 added
[  316.425689][T12021] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1496'.
[  316.485549][T11977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.498590][T11977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.535955][T11977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.556806][T11977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.567753][T11977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.604021][T11977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.759735][T11977] hsr_slave_0: entered promiscuous mode
[  316.774635][T11977] hsr_slave_1: entered promiscuous mode
[  316.784133][T11977] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  316.885748][T11977] Cannot create hsr debugfs directory
[  316.963879][T12027] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1497'.
[  317.136259][T11967] Set syz1 is full, maxelem 65536 reached
[  317.202511][T12031] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1499'.
[  317.344187][T12035] netlink: 'syz.3.1502': attribute type 10 has an invalid length.
[  317.514689][T12041] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0
[  317.619024][T12048] netlink: 'syz.2.1503': attribute type 10 has an invalid length.
[  317.620933][T12046] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1505'.
[  317.714158][T11977] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  317.766640][T11977] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  317.784334][T11977] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  317.798320][T11977] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  317.891824][ T5147] Bluetooth: hci0: command tx timeout
[  317.987935][T11977] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.032048][T11977] 8021q: adding VLAN 0 to HW filter on device team0
[  318.094350][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.101593][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.129401][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.136649][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.299768][T11977] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  318.590991][T12071] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1512'.
[  318.974695][T12079] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1515'.
[  319.158039][T11977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.225314][T11977] veth0_vlan: entered promiscuous mode
[  319.247508][T11977] veth1_vlan: entered promiscuous mode
[  319.277198][T11977] veth0_macvtap: entered promiscuous mode
[  319.303886][T11977] veth1_macvtap: entered promiscuous mode
[  319.334729][T11977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.393341][T11977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.406674][T11977] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.417087][T11977] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.426208][T11977] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.461859][T11977] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.647640][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.673138][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.699491][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.708630][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.755529][T12098] syzkaller1: entered promiscuous mode
[  319.765164][T12098] syzkaller1: entered allmulticast mode
[  319.970848][ T5848] Bluetooth: hci0: command tx timeout
[  320.057587][T12110] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1524'.
[  320.274177][T12115] netlink: 'syz.2.1526': attribute type 2 has an invalid length.
[  320.293051][T12115] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1526'.
[  320.787607][T12133] netlink: 'syz.1.1534': attribute type 1 has an invalid length.
[  320.829430][T12133] 8021q: adding VLAN 0 to HW filter on device bond11
[  321.009929][T12149] TCP: TCP_TX_DELAY enabled
[  321.063668][T12149] netlink: 'syz.1.1537': attribute type 1 has an invalid length.
[  321.181109][T12159] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1538'.
[  321.196514][T12159] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1538'.
[  321.212166][T12159] nbd: couldn't find device at index 0
[  321.955478][T12191] tipc: Started in network mode
[  321.965500][T12191] tipc: Node identity 9, cluster identity 4711
[  321.972746][T12191] tipc: Node number set to 9
[  322.402136][T12220] FAULT_INJECTION: forcing a failure.
[  322.402136][T12220] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.433885][T12220] CPU: 1 UID: 0 PID: 12220 Comm: syz.4.1558 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  322.433920][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  322.433934][T12220] Call Trace:
[  322.433942][T12220]  <TASK>
[  322.433951][T12220]  dump_stack_lvl+0x241/0x360
[  322.433983][T12220]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.434006][T12220]  ? __pfx__printk+0x10/0x10
[  322.434030][T12220]  ? __pfx_lock_release+0x10/0x10
[  322.434071][T12220]  should_fail_ex+0x40a/0x550
[  322.434104][T12220]  _copy_from_user+0x2d/0xb0
[  322.434132][T12220]  generic_map_update_batch+0x567/0x900
[  322.434173][T12220]  ? __pfx_generic_map_update_batch+0x10/0x10
[  322.434199][T12220]  ? __fget_files+0x395/0x410
[  322.434227][T12220]  ? __fget_files+0x2a/0x410
[  322.434265][T12220]  ? __pfx_generic_map_update_batch+0x10/0x10
[  322.434288][T12220]  bpf_map_do_batch+0x39a/0x660
[  322.434324][T12220]  __sys_bpf+0x375/0x820
[  322.434356][T12220]  ? __pfx___sys_bpf+0x10/0x10
[  322.434398][T12220]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  322.434432][T12220]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  322.434465][T12220]  ? do_syscall_64+0x100/0x230
[  322.434499][T12220]  __x64_sys_bpf+0x7c/0x90
[  322.434526][T12220]  do_syscall_64+0xf3/0x230
[  322.434580][T12220]  ? clear_bhb_loop+0x35/0x90
[  322.434614][T12220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.434650][T12220] RIP: 0033:0x7f08d1b8d169
[  322.434669][T12220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.434687][T12220] RSP: 002b:00007f08d2a42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  322.434709][T12220] RAX: ffffffffffffffda RBX: 00007f08d1da5fa0 RCX: 00007f08d1b8d169
[  322.434725][T12220] RDX: 0000000000000038 RSI: 0000400000000000 RDI: 000000000000001a
[  322.434738][T12220] RBP: 00007f08d2a42090 R08: 0000000000000000 R09: 0000000000000000
[  322.434751][T12220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  322.434763][T12220] R13: 0000000000000000 R14: 00007f08d1da5fa0 R15: 00007ffe5b957b88
[  322.434794][T12220]  </TASK>
[  322.436720][T12220] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1558'.
[  322.573651][T12227] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1558'.
[  322.930415][T12237] netlink: 'syz.4.1562': attribute type 10 has an invalid length.
[  322.953180][T12237] team0: Port device dummy0 added
[  323.156325][T12248] netlink: 'syz.2.1565': attribute type 1 has an invalid length.
[  323.160410][T12250] netlink: 'syz.4.1566': attribute type 11 has an invalid length.
[  323.184431][T12248] workqueue: Failed to create a rescuer kthread for wq "bond15": -EINTR
[  323.272065][T12253] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1567'.
[  324.234018][T12293] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  324.861810][T12317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1586'.
[  324.896937][T12319] netlink: 'syz.2.1588': attribute type 2 has an invalid length.
[  324.928638][T12319] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1588'.
[  325.209447][T12313] netlink: 'syz.3.1586': attribute type 3 has an invalid length.
[  325.334931][T12330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.352522][T12330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.370930][T12330] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.372891][T12333] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1592'.
[  325.390222][T12331] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.401175][T12331] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.420084][T12331] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1591'.
[  325.555425][T12343] netlink: 'syz.4.1593': attribute type 1 has an invalid length.
[  325.612714][T12343] 8021q: adding VLAN 0 to HW filter on device bond10
[  325.759550][T12347] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1595'.
[  325.861389][T12353] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1598'.
[  325.883560][T12353] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1598'.
[  326.143348][T12370] netlink: 'syz.2.1603': attribute type 2 has an invalid length.
[  326.245444][T12374] netlink: 'syz.4.1602': attribute type 10 has an invalid length.
[  326.307190][T12376] openvswitch: netlink: Key type 216 is out of range max 32
[  326.609975][T12387] syzkaller0: entered promiscuous mode
[  326.616677][T12387] syzkaller0: entered allmulticast mode
[  326.945576][T12397] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.954789][T12397] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.974176][T12397] batman_adv: batadv0: Removing interface: gretap1
[  327.166033][T12406] openvswitch: netlink: Unknown nsh attribute 0
[  329.566029][T12418] lo: entered allmulticast mode
[  329.575066][T12418] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  329.806285][T12432] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  330.016898][T12438] netlink: 'syz.1.1622': attribute type 10 has an invalid length.
[  330.046102][T12445] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.062188][T12445] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.070448][T12445] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.086024][T12445] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.095838][T12445] geneve2: entered promiscuous mode
[  330.102982][T12445] geneve2: entered allmulticast mode
[  330.110255][T12445] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  330.119047][T12445] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  330.127737][T12445] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  330.136346][T12445] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  330.361202][T12450] team0 (unregistering): Port device dummy0 removed
[  330.477966][T12463] __nla_validate_parse: 12 callbacks suppressed
[  330.477987][T12463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1630'.
[  330.494654][T12464] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1630'.
[  330.511627][T12465] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1631'.
[  330.717956][T12474] netlink: 45 bytes leftover after parsing attributes in process `syz.2.1632'.
[  331.014616][T12484] delete_channel: no stack
[  331.034031][T12487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1637'.
[  331.131419][T12490] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  359.819614][T10438] ==================================================================
[  359.827770][T10438] BUG: KASAN: slab-use-after-free in __mutex_lock+0x830/0x1010
[  359.835347][T10438] Read of size 8 at addr ffff88802a469b20 by task kworker/0:8/10438
[  359.843381][T10438] 
[  359.845715][T10438] CPU: 0 UID: 0 PID: 10438 Comm: kworker/0:8 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  359.845735][T10438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  359.845747][T10438] Workqueue: events l2cap_chan_timeout
[  359.845776][T10438] Call Trace:
[  359.845784][T10438]  <TASK>
[  359.845792][T10438]  dump_stack_lvl+0x241/0x360
[  359.845811][T10438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.845827][T10438]  ? __pfx__printk+0x10/0x10
[  359.845842][T10438]  ? _printk+0xd5/0x120
[  359.845856][T10438]  ? __virt_addr_valid+0x183/0x530
[  359.845870][T10438]  ? __virt_addr_valid+0x183/0x530
[  359.845884][T10438]  print_report+0x16e/0x5b0
[  359.845904][T10438]  ? __virt_addr_valid+0x183/0x530
[  359.845917][T10438]  ? __virt_addr_valid+0x183/0x530
[  359.845929][T10438]  ? __virt_addr_valid+0x45f/0x530
[  359.845942][T10438]  ? __phys_addr+0xba/0x170
[  359.845966][T10438]  ? __mutex_lock+0x830/0x1010
[  359.845986][T10438]  kasan_report+0x143/0x180
[  359.846005][T10438]  ? __mutex_lock+0x830/0x1010
[  359.846027][T10438]  __mutex_lock+0x830/0x1010
[  359.846047][T10438]  ? __mutex_lock+0x602/0x1010
[  359.846069][T10438]  ? l2cap_chan_timeout+0x63/0x360
[  359.846097][T10438]  ? __pfx___mutex_lock+0x10/0x10
[  359.846117][T10438]  ? __pfx_lock_acquire+0x10/0x10
[  359.846141][T10438]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  359.846166][T10438]  l2cap_chan_timeout+0x63/0x360
[  359.846189][T10438]  ? process_scheduled_works+0x9c6/0x18e0
[  359.846209][T10438]  process_scheduled_works+0xabe/0x18e0
[  359.846237][T10438]  ? __pfx_process_scheduled_works+0x10/0x10
[  359.846265][T10438]  ? assign_work+0x364/0x3d0
[  359.846284][T10438]  worker_thread+0x870/0xd30
[  359.846308][T10438]  ? __kthread_parkme+0x169/0x1d0
[  359.846329][T10438]  ? __pfx_worker_thread+0x10/0x10
[  359.846348][T10438]  kthread+0x7a9/0x920
[  359.846370][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846392][T10438]  ? __pfx_worker_thread+0x10/0x10
[  359.846411][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846431][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846454][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846479][T10438]  ? _raw_spin_unlock_irq+0x23/0x50
[  359.846496][T10438]  ? lockdep_hardirqs_on+0x99/0x150
[  359.846519][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846541][T10438]  ret_from_fork+0x4b/0x80
[  359.846561][T10438]  ? __pfx_kthread+0x10/0x10
[  359.846582][T10438]  ret_from_fork_asm+0x1a/0x30
[  359.846605][T10438]  </TASK>
[  359.846611][T10438] 
[  360.080842][T10438] Allocated by task 12094:
[  360.085262][T10438]  kasan_save_track+0x3f/0x80
[  360.089950][T10438]  __kasan_kmalloc+0x98/0xb0
[  360.094967][T10438]  __kmalloc_cache_noprof+0x243/0x390
[  360.100370][T10438]  l2cap_conn_add+0xa9/0x8e0
[  360.104980][T10438]  l2cap_chan_connect+0x61e/0xeb0
[  360.110011][T10438]  l2cap_sock_connect+0x620/0x950
[  360.115046][T10438]  kernel_connect+0x119/0x180
[  360.119733][T10438]  rfcomm_dlc_open+0xadc/0x10d0
[  360.124640][T10438]  rfcomm_sock_connect+0x305/0x610
[  360.129765][T10438]  __sys_connect+0x288/0x2d0
[  360.134366][T10438]  __x64_sys_connect+0x7a/0x90
[  360.139141][T10438]  do_syscall_64+0xf3/0x230
[  360.143654][T10438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.149580][T10438] 
[  360.151917][T10438] Freed by task 11977:
[  360.155986][T10438]  kasan_save_track+0x3f/0x80
[  360.160857][T10438]  kasan_save_free_info+0x40/0x50
[  360.165907][T10438]  __kasan_slab_free+0x59/0x70
[  360.170687][T10438]  kfree+0x196/0x430
[  360.174605][T10438]  hci_conn_hash_flush+0x1be/0x350
[  360.179755][T10438]  hci_dev_close_sync+0xa8b/0x1260
[  360.184902][T10438]  hci_unregister_dev+0x20b/0x510
[  360.189946][T10438]  vhci_release+0x80/0xd0
[  360.194296][T10438]  __fput+0x3e9/0x9f0
[  360.198333][T10438]  task_work_run+0x24f/0x310
[  360.202929][T10438]  do_exit+0xa2a/0x28e0
[  360.207104][T10438]  do_group_exit+0x207/0x2c0
[  360.211706][T10438]  __x64_sys_exit_group+0x3f/0x40
[  360.217351][T10438]  x64_sys_call+0x26a8/0x26b0
[  360.222132][T10438]  do_syscall_64+0xf3/0x230
[  360.226647][T10438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.232631][T10438] 
[  360.234975][T10438] The buggy address belongs to the object at ffff88802a469800
[  360.234975][T10438]  which belongs to the cache kmalloc-1k of size 1024
[  360.249148][T10438] The buggy address is located 800 bytes inside of
[  360.249148][T10438]  freed 1024-byte region [ffff88802a469800, ffff88802a469c00)
[  360.263060][T10438] 
[  360.265395][T10438] The buggy address belongs to the physical page:
[  360.271811][T10438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a468
[  360.280612][T10438] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  360.289127][T10438] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  360.296684][T10438] page_type: f5(slab)
[  360.300707][T10438] raw: 00fff00000000040 ffff88801b041dc0 ffffea0001671800 dead000000000002
[  360.309320][T10438] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  360.317923][T10438] head: 00fff00000000040 ffff88801b041dc0 ffffea0001671800 dead000000000002
[  360.326616][T10438] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  360.335300][T10438] head: 00fff00000000003 ffffea0000a91a01 ffffffffffffffff 0000000000000000
[  360.343980][T10438] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  360.352653][T10438] page dumped because: kasan: bad access detected
[  360.359078][T10438] page_owner tracks the page as allocated
[  360.364801][T10438] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5647, tgid 5647 (dhcpcd), ts 55458608870, free_ts 55456766781
[  360.385665][T10438]  post_alloc_hook+0x1f4/0x240
[  360.390475][T10438]  get_page_from_freelist+0x365c/0x37a0
[  360.396032][T10438]  __alloc_frozen_pages_noprof+0x292/0x710
[  360.401846][T10438]  alloc_pages_mpol+0x311/0x660
[  360.406719][T10438]  allocate_slab+0x8f/0x3a0
[  360.411230][T10438]  ___slab_alloc+0xc27/0x14a0
[  360.415922][T10438]  __slab_alloc+0x58/0xa0
[  360.420265][T10438]  __kmalloc_node_noprof+0x2ee/0x4d0
[  360.425563][T10438]  __kvmalloc_node_noprof+0x72/0x190
[  360.430867][T10438]  bpf_jit_binary_pack_alloc+0x167/0x340
[  360.436510][T10438]  bpf_int_jit_compile+0x908/0x1910
[  360.441726][T10438]  bpf_prog_select_runtime+0x4a3/0x810
[  360.447187][T10438]  bpf_prepare_filter+0x1288/0x1580
[  360.452397][T10438]  bpf_prog_create_from_user+0x2af/0x3e0
[  360.458045][T10438]  do_seccomp+0x90d/0xf90
[  360.462391][T10438]  __se_sys_prctl+0x387/0x40f0
[  360.467233][T10438] page last free pid 5502 tgid 5502 stack trace:
[  360.473574][T10438]  free_frozen_pages+0xe0d/0x10e0
[  360.478620][T10438]  __slab_free+0x2c2/0x380
[  360.483050][T10438]  qlist_free_all+0x9a/0x140
[  360.487649][T10438]  kasan_quarantine_reduce+0x14f/0x170
[  360.493119][T10438]  __kasan_slab_alloc+0x23/0x80
[  360.497977][T10438]  __kmalloc_node_noprof+0x23c/0x4d0
[  360.503275][T10438]  __kvmalloc_node_noprof+0x72/0x190
[  360.508575][T10438]  proc_sys_call_handler+0x45f/0x920
[  360.513877][T10438]  vfs_read+0x975/0xb40
[  360.518037][T10438]  ksys_read+0x18f/0x2b0
[  360.522288][T10438]  do_syscall_64+0xf3/0x230
[  360.526820][T10438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.532751][T10438] 
[  360.535082][T10438] Memory state around the buggy address:
[  360.540726][T10438]  ffff88802a469a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  360.548804][T10438]  ffff88802a469a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  360.556872][T10438] >ffff88802a469b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  360.564936][T10438]                                ^
[  360.570048][T10438]  ffff88802a469b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  360.578120][T10438]  ffff88802a469c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  360.586189][T10438] ==================================================================
[  360.595082][T10438] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  360.602320][T10438] CPU: 0 UID: 0 PID: 10438 Comm: kworker/0:8 Not tainted 6.14.0-rc3-syzkaller-00743-g287044abff82 #0
[  360.613211][T10438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  360.623300][T10438] Workqueue: events l2cap_chan_timeout
[  360.628792][T10438] Call Trace:
[  360.632079][T10438]  <TASK>
[  360.635016][T10438]  dump_stack_lvl+0x241/0x360
[  360.639705][T10438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  360.644936][T10438]  ? __pfx__printk+0x10/0x10
[  360.649569][T10438]  ? vscnprintf+0x5d/0x90
[  360.653920][T10438]  panic+0x349/0x880
[  360.657825][T10438]  ? check_panic_on_warn+0x21/0xb0
[  360.662952][T10438]  ? __pfx_panic+0x10/0x10
[  360.667379][T10438]  ? mark_lock+0x9a/0x360
[  360.671809][T10438]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  360.677722][T10438]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  360.683631][T10438]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  360.689969][T10438]  ? print_report+0x519/0x5b0
[  360.694660][T10438]  check_panic_on_warn+0x86/0xb0
[  360.699622][T10438]  ? __mutex_lock+0x830/0x1010
[  360.704428][T10438]  end_report+0x77/0x160
[  360.708685][T10438]  kasan_report+0x154/0x180
[  360.713222][T10438]  ? __mutex_lock+0x830/0x1010
[  360.718003][T10438]  __mutex_lock+0x830/0x1010
[  360.722785][T10438]  ? __mutex_lock+0x602/0x1010
[  360.727562][T10438]  ? l2cap_chan_timeout+0x63/0x360
[  360.732690][T10438]  ? __pfx___mutex_lock+0x10/0x10
[  360.737740][T10438]  ? __pfx_lock_acquire+0x10/0x10
[  360.742779][T10438]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  360.749120][T10438]  l2cap_chan_timeout+0x63/0x360
[  360.754077][T10438]  ? process_scheduled_works+0x9c6/0x18e0
[  360.759809][T10438]  process_scheduled_works+0xabe/0x18e0
[  360.765383][T10438]  ? __pfx_process_scheduled_works+0x10/0x10
[  360.771403][T10438]  ? assign_work+0x364/0x3d0
[  360.776039][T10438]  worker_thread+0x870/0xd30
[  360.780692][T10438]  ? __kthread_parkme+0x169/0x1d0
[  360.785751][T10438]  ? __pfx_worker_thread+0x10/0x10
[  360.790880][T10438]  kthread+0x7a9/0x920
[  360.794966][T10438]  ? __pfx_kthread+0x10/0x10
[  360.799574][T10438]  ? __pfx_worker_thread+0x10/0x10
[  360.804719][T10438]  ? __pfx_kthread+0x10/0x10
[  360.809335][T10438]  ? __pfx_kthread+0x10/0x10
[  360.813953][T10438]  ? __pfx_kthread+0x10/0x10
[  360.818563][T10438]  ? _raw_spin_unlock_irq+0x23/0x50
[  360.823772][T10438]  ? lockdep_hardirqs_on+0x99/0x150
[  360.828982][T10438]  ? __pfx_kthread+0x10/0x10
[  360.833616][T10438]  ret_from_fork+0x4b/0x80
[  360.838098][T10438]  ? __pfx_kthread+0x10/0x10
[  360.842724][T10438]  ret_from_fork_asm+0x1a/0x30
[  360.847683][T10438]  </TASK>
[  360.850987][T10438] Kernel Offset: disabled
[  360.855335][T10438] Rebooting in 86400 seconds..