last executing test programs:

3.363825198s ago: executing program 0 (id=4605):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r3, &(0x7f0000000980)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x20000000)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r5, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3b80000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)={0x10, 0x13, 0x1}, 0x10}], 0x1}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x98, 0x98, 0xa, [@decl_tag={0x6, 0x0, 0x0, 0x11, 0x2}, @typedef={0x5, 0x0, 0x0, 0x8, 0x4}, @restrict={0xe}, @ptr={0xa}, @ptr={0x1, 0x0, 0x0, 0x2, 0x4}, @enum64={0x9, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x7, 0x94, 0x7}, {0x9, 0x1, 0x3}]}, @type_tag={0xf, 0x0, 0x0, 0x12, 0x4}, @int={0xc, 0x0, 0x0, 0x1, 0x0, 0x25, 0x0, 0x14, 0x5}, @struct={0x9, 0x1, 0x0, 0x4, 0x0, 0x4, [{0x2, 0x2, 0x2}]}]}, {0x0, [0x61, 0x5f, 0x30, 0x30, 0x5f, 0x30, 0x0, 0x61]}}, &(0x7f0000000100)=""/54, 0xba, 0x36, 0x0, 0x9}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)

3.236776611s ago: executing program 1 (id=4607):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d65b"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r3, 0x800442d2, &(0x7f0000000000)={0x0, 0x0}) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

2.938345903s ago: executing program 1 (id=4611):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x8312b000)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000100)={'tunl0\x00', &(0x7f0000000140)=@ethtool_regs={0x4, 0x4}})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f0000000340)={0x23, {{0x2, 0x0, @private=0xa010101}}, {{0x2, 0x0, @multicast2}}}, 0x108)

2.737768587s ago: executing program 1 (id=4613):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xf0b, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0xa}, {0x0, 0x2}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x40c0}, 0xc4) (async)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) (async)
listen(r2, 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) (async)
r4 = accept4(r2, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x0, 0x4}, &(0x7f0000000180)=0x8) (async)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) (async, rerun: 64)
r5 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00', <r6=>0x0})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x4}, 0xc) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, 0x0, &(0x7f0000000040)) (async)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYRES8=r5, @ANYRES32=r6, @ANYBLOB="20000280", @ANYRES32=r5, @ANYRES16=r0], 0x58}}, 0x40001) (async)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000080)=0x808, 0x4)
socket$netlink(0x10, 0x3, 0x4)
unshare(0x600) (async, rerun: 64)
r8 = socket$inet6(0xa, 0x3, 0x38) (async, rerun: 64)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto(r9, 0x0, 0x0, 0x20000800, 0x0, 0x0)
setsockopt$sock_int(r9, 0x1, 0xc, &(0x7f00000001c0), 0x4) (async, rerun: 32)
setsockopt$inet6_int(r8, 0x29, 0x7, &(0x7f0000000040)=0xeffe, 0x4) (async, rerun: 32)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r11=>0x0})
setsockopt$packet_add_memb(r10, 0x107, 0x1, &(0x7f0000000140)={r11, 0x1, 0x6, @remote}, 0x10) (async)
setsockopt$packet_add_memb(r10, 0x107, 0x1, &(0x7f0000000180)={r11, 0x11, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}}, 0x10)

2.379503636s ago: executing program 0 (id=4618):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001a80)=@raw={'raw\x00', 0x8, 0x3, 0x12a8, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1208, 0xffffffff, 0xffffffff, 0x1208, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x62], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {0xff}, 0x0, 0xfd}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x7fff, 0x30, 0x1}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0x0, 0xff000000], [], 'wg1\x00', 'ip6gretap0\x00', {}, {}, 0x3b, 0x0, 0x0, 0x3}, 0x0, 0x10d8, 0x1108, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz0\x00', 0x2, {0x8}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x1308)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000001980)=ANY=[@ANYRES64=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000b000000000000000000000000000000000000000000000a000000000000feffffffff7f40000200000000000008000000000000000001000000000000000a00100001"], 0xc4}}, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x4, &(0x7f0000000140)=ANY=[@ANYRES32=r1], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x18)
socket$nl_audit(0x10, 0x3, 0x9)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r6=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f00000004c0)={r6, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan0\x00'})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="28000000400007012bbd70001b69f6f471b781e1000400c2800c0001800101000000000000040002"], 0x28}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r11=>0x0})
recvmmsg(r10, &(0x7f00000017c0)=[{{&(0x7f0000000500)=@phonet, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000580)=""/62, 0x3e}], 0x1, &(0x7f0000000600)=""/33, 0x21}, 0x700000}, {{&(0x7f0000000640)=@pppol2tpv3, 0x80, &(0x7f0000000c80)=[{&(0x7f00000006c0)=""/252, 0xfc}, {&(0x7f0000000240)=""/9, 0x9}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000800)=""/120, 0x78}, {&(0x7f0000000880)=""/21, 0x15}, {&(0x7f0000000a00)=""/35, 0x23}, {&(0x7f0000000a40)=""/132, 0x84}, {&(0x7f0000000b00)=""/84, 0x54}, {&(0x7f0000000b80)=""/205, 0xcd}], 0x9, &(0x7f0000000d40)=""/251, 0xfb}, 0x1}, {{&(0x7f0000000e40)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000001380)=[{&(0x7f0000000ec0)=""/235, 0xeb}, {&(0x7f0000000fc0)=""/188, 0xbc}, {&(0x7f0000001080)=""/156, 0x9c}, {&(0x7f0000001140)=""/30, 0x1e}, {&(0x7f0000001180)=""/2, 0x2}, {&(0x7f00000011c0)=""/28, 0x1c}, {&(0x7f0000001200)=""/91, 0x5b}, {&(0x7f0000001280)=""/165, 0xa5}, {&(0x7f0000001340)=""/3, 0x3}], 0x9}, 0xb}, {{&(0x7f0000001440)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000001740)=[{&(0x7f00000014c0)=""/3, 0x3}, {&(0x7f0000001500)=""/228, 0xe4}, {&(0x7f0000001600)=""/115, 0x73}, {&(0x7f0000001680)=""/95, 0x5f}, {&(0x7f0000001700)=""/16, 0x10}], 0x5}, 0x1}], 0x4, 0x40000102, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001e00000008000300", @ANYRES32=r11, @ANYBLOB="89b1850002000000000000000000"], 0x44}}, 0x0)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f00000003c0)={'wpan1\x00'})
r13 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001e00), r12)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002600)={0x14, r13, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4004841}, 0x4)

2.33398349s ago: executing program 1 (id=4620):
syz_emit_ethernet(0x2e, &(0x7f00000001c0)=ANY=[@ANYRESDEC], 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff3, 0x2}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x197, 0x7, 0x9}}}}]}, 0x44}}, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newtclass={0x74, 0x28, 0x400, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xfff1, 0x2}, {0x0, 0x4}, {0x4}}, [@tclass_kind_options=@c_hfsc={{0x9}, {0x24, 0x2, [@TCA_HFSC_RSC={0x10, 0x1, {0x6, 0x2, 0xb3}}, @TCA_HFSC_USC={0x10, 0x3, {0x56, 0xa47, 0x9}}]}}, @TCA_RATE={0x6, 0x5, {0x81, 0x2}}, @TCA_RATE={0x6, 0x5, {0x2, 0x2}}, @TCA_RATE={0x6, 0x5, {0x5, 0xe}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}]}, 0x74}, 0x1, 0x0, 0x0, 0x8848}, 0x24000804)
r8 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r8, 0x0, 0x8, &(0x7f00000000c0)=ANY=[@ANYRESDEC], 0x1)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000200)={<r9=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r10, 0x8916, &(0x7f0000000300)={@ipv4={'\x00', '\xff\xff', @remote}, 0x2b, r9})
r11 = socket(0xa, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x4, 0x8, 0x80}, 0xc)
ioctl(r10, 0x8916, &(0x7f0000000000))
ioctl(r11, 0x8936, &(0x7f0000000000))
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x301, 0x0)
close(r12)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r13, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.000150715s ago: executing program 0 (id=4624):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400000000000000000000000a", @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)

1.875653675s ago: executing program 1 (id=4625):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x840}}, 0x20}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e20, @loopback}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f0000000240)=0x8, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x40000}, 0x1c)
sendto$inet6(r4, &(0x7f0000000440)="2fd87906c4cf471afa2f", 0xa, 0x24000000, 0x0, 0x0)
recvfrom(r4, 0x0, 0x0, 0x99bcb88de02507d2, 0x0, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000140)=0x1)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000006540000000c0a01010000000000000000010000000900020073797a32000000002800038024000080090026400000000018000b80140001800a0001006c696d697400000004fe02800900010073797a30"], 0xd8}}, 0x0)

1.685476959s ago: executing program 2 (id=4629):
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@ifindex, 0x32, 0x1, 0xc9bb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x1, 0x2, 0x0)
bind$unix(r1, 0x0, 0x0) (async)
readv(r1, &(0x7f00000005c0)=[{&(0x7f0000001080)=""/167, 0xa7}, {&(0x7f0000000040)=""/33, 0x21}, {&(0x7f00000002c0)=""/117, 0x75}, {&(0x7f0000001140)=""/132, 0x84}, {&(0x7f0000001200)=""/236, 0xec}, {&(0x7f0000000400)=""/33, 0x21}, {&(0x7f0000001300)=""/199, 0xc7}], 0x7) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) (async)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108) (async)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) (async)
close(0xffffffffffffffff) (async)
close(r3) (async)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x100, @remote}}}, 0x108) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r2}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

1.554826834s ago: executing program 3 (id=4630):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300030e0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e20ac1414bb000000000000000002000100000000000000070c00000000030005000000000002004e20ac1e01010000000000000000010014"], 0x70}, 0x1, 0x7}, 0x0)
r1 = socket$inet6(0xa, 0x800, 0x81)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r2, &(0x7f0000000180), &(0x7f00000001c0)=@udp, 0x2}, 0x20)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, <r5=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)={0x24, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r5}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b64087c6030"]}]}, 0x24}], 0x1}, 0x84)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r8, 0x107, 0x1, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@ipv4_newroute={0x1c, 0x18, 0x113, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}, 0x1c}}, 0x4000)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000200)={0x5, &(0x7f0000000000)=[{0xe3, 0x81, 0x4, 0x9}, {0x6, 0x8, 0x0, 0x5}, {0x551, 0xf2, 0x1, 0xf}, {0x2, 0xf8, 0x3, 0xbc0}, {0xb, 0x8, 0x1}]}, 0x10)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@private1, 0x4e23, 0xe4e, 0x4e22, 0x8, 0x2, 0xc0, 0xa0, 0x62, 0x0, r5}, {0x0, 0x1000, 0x2, 0x1, 0x8000000000000001, 0x4685, 0x9, 0x1}, {0x1ff, 0x0, 0x39f, 0xe8ba}, 0x2, 0x6e6bb8, 0x0, 0x0, 0x3, 0x1}, {{@in=@broadcast, 0x4d4, 0x32}, 0xa, @in=@multicast1, 0x3505, 0x0, 0x2, 0x2, 0x3, 0x80000001, 0x8d8}}, 0xe8)

1.420889932s ago: executing program 0 (id=4631):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x503, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6230}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_ROLE={0x8, 0x4, 0x1}, @IFLA_GTP_FD0={0x8, 0x1, @udp=r2}]}}}, @IFLA_ADDRESS={0xa, 0x3, @random="3a712f0756b8"}]}, 0x4c}}, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0523000000008000000ad3d11d000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="000000000200000000000000000000003fd31340e92c4bb8"], 0x48}, 0x300}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x5, 0x0, 0x0, {}, {0x77359400}, {}, 0x2, @can={{}, 0x0, 0x3, 0x0, 0x0, "3fd31340e92c4bb8"}}, 0x48}, 0x300}, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0xfffffffd}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r4, 0x28, 0x7, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea032c"], 0xfdef)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
pipe(&(0x7f0000000180)={<r6=>0xffffffffffffffff})
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x8000})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendto$inet(r8, &(0x7f0000000280)="0304170c19bb7a29", 0x8, 0x24000004, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r9, 0x65, 0x1, 0x0, 0x0)
getsockopt$CAN_RAW_FILTER(r9, 0x65, 0x1, 0x0, &(0x7f0000000400))
write$cgroup_subtree(r5, &(0x7f0000000580)=ANY=[], 0x36)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x1, 0x3c, 0xda18, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x80, 0xfffc, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "7fb303c7c34fcbb7a942a3ae3820f58a"}]}}}}}}}, 0x0)
r10 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r10, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
getsockopt$packet_buf(r10, 0x107, 0x0, &(0x7f0000000380)=""/187, &(0x7f0000000140)=0xbb)

1.419867687s ago: executing program 4 (id=4632):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x1c, r3, 0x9, 0x70bd27, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008800}, 0x40000)
sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x9, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x1}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x68}}, 0x0)

1.409115531s ago: executing program 2 (id=4633):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000010000100000000000000000000001d0a20000000000a03000000000000000000070000000900010073797a300000000044000000090a090400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000031080003400000000114000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x20008094}, 0x20000010)

1.251194406s ago: executing program 4 (id=4634):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2bfffffff}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@newtfilter={0x54, 0x2c, 0xd27, 0xffffffff, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x9}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_OPTS={0x18, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x14, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS={0x5, 0x3, 0x1}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x2}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000280)={@mcast2, <r3=>0x0}, &(0x7f00000002c0)=0x14)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000300)={'syztnl2\x00', <r4=>0x0, 0x8000, 0x40, 0x4, 0x1, {{0x3c, 0x4, 0x2, 0x0, 0xf0, 0x64, 0x0, 0x1, 0x2f, 0x0, @private=0xb, @multicast1, {[@timestamp_prespec={0x44, 0x24, 0x36, 0x3, 0xa, [{@local, 0x5}, {@multicast2, 0x3f8e2957}, {@remote, 0x41f50000}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @cipso={0x86, 0x26, 0x1, [{0x0, 0x12, "827800dd3ba4cb84be0a3b611e372163"}, {0x2, 0xe, "3671531f148b10481575164b"}]}, @ssrr={0x89, 0xf, 0x67, [@loopback, @empty, @remote]}, @end, @rr={0x7, 0x17, 0x2d, [@remote, @private=0xa010102, @local, @empty, @empty]}, @timestamp_prespec={0x44, 0x14, 0x4f, 0x3, 0x0, [{@loopback, 0xfffffffc}, {@multicast2, 0x5}]}, @noop, @timestamp_addr={0x44, 0x34, 0xa3, 0x1, 0xc, [{@broadcast, 0x193}, {@multicast1, 0x800}, {@loopback, 0x8}, {@empty, 0x5}, {@loopback, 0x81}, {@multicast2, 0xffffffff}]}, @rr={0x7, 0x13, 0x7a, [@private=0xa010102, @multicast1, @empty, @multicast1]}, @generic={0x7, 0xc, "76f6e3bc0782e52c5a0e"}]}}}}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={<r5=>0x0, @initdev, @initdev}, &(0x7f00000004c0)=0xc)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000540)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000005c0)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000640)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000006c0)=0x14)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x90, 0x10, 0x401, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x68, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x58, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2, 0x400}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffff7, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x10000, 0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x200, 0x3}}]}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r10}]}, 0x90}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000740)=0x14)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000780)={@private, @multicast1, <r12=>0x0}, &(0x7f00000007c0)=0xc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000940)={'syztnl2\x00', &(0x7f0000000800)={'ip_vti0\x00', <r13=>0x0, 0x8000, 0x7, 0x1, 0x4c3c, {{0x3a, 0x4, 0x2, 0x9, 0xe8, 0x66, 0x0, 0x0, 0x2f, 0x0, @private=0xa010100, @empty, {[@timestamp_addr={0x44, 0x14, 0x57, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffff1353}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xc}]}, @cipso={0x86, 0x3e, 0xffffffffffffffff, [{0x7, 0xa, "b164c14bf63ddc9b"}, {0x6, 0xe, "c71a5aa5a2ba6b41b8589d69"}, {0x6, 0x8, "7c8a9804bfc0"}, {0x7, 0x7, "d608ec83a7"}, {0x6, 0x6, "92471482"}, {0x1, 0x9, "22131d7e03b4b7"}, {0x2, 0x2}]}, @timestamp={0x44, 0x20, 0xc6, 0x0, 0x6, [0x7, 0x1, 0x1, 0x1, 0x4, 0xf991, 0xffffffff]}, @rr={0x7, 0x1b, 0xbc, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @broadcast, @remote]}, @noop, @timestamp_prespec={0x44, 0x44, 0xb8, 0x3, 0x2, [{@private=0xa010100, 0x5}, {@empty, 0x800}, {@private=0xa010102}, {@dev={0xac, 0x14, 0x14, 0x28}, 0x1ff}, {@remote, 0x9}, {@loopback, 0x3a3}, {@multicast1, 0x4}, {@multicast1, 0x7}]}, @end]}}}}})
r14 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000000800)={'bridge0\x00', <r16=>0x0})
sendmsg$nl_route(r14, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00q\x00\x00\a\x00\x00\x00', @ANYRES32=r16, @ANYBLOB="0c0001800800010029000400"], 0x24}}, 0x20008000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000980)={'wg0\x00', <r17=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000009c0))
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000a00)={'wg1\x00', <r18=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000ac0)={'syztnl1\x00', &(0x7f0000000a40)={'syztnl2\x00', <r19=>0x0, 0x8268baf0ec80aa0e, 0x0, 0x7, 0x9, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x40, 0x7, 0x80000000, 0x81}})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000b00)={@remote, <r20=>0x0}, &(0x7f0000000b40)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000b80)={0x11, 0x0, <r21=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000bc0)=0x14)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000e80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="58020000", @ANYRES16=0x0, @ANYBLOB="00022cbd7000fddbdf25020000001c00018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRES32=r3, @ANYBLOB="1400020076657468305f746f5f627269646765003000018008000100", @ANYRES32=r4, @ANYBLOB="1f400000000000004700", @ANYRES32=r5, @ANYBLOB="1400020076657468305f746f5f6272696467650008000300000000002800018008000100", @ANYRES32=0x0, @ANYBLOB="140002006d6163766c616e30000000000000000008000100", @ANYRES32=r6, @ANYBLOB="6c00018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000300030000000800030001000000080003000300000008000100", @ANYRES32=r10, @ANYBLOB="14000200776c616e31000000000000000000000008000100", @ANYRES32=r11, @ANYBLOB="080003000200000014000200627269646765300000000000000000001c00018008000100", @ANYRES32=r12, @ANYBLOB="080003000100000008000100", @ANYRES32=r13, @ANYBLOB="1c000180080003000100000008000100", @ANYRES32=r16, @ANYBLOB="08000300020000009c00018008000300020000001400020064766d727030000000000000000000001400020076657468315f766c616e00000000000008000300030000001400020069705f7674693000000000000000000008000100", @ANYRES32=r17, @ANYBLOB="1400020065727370616e3000000000000000000014000200697036746e6c30000000000000000000080003000100000014000200677265300000000000000000000000007000018008000100", @ANYRES32=r18, @ANYBLOB="08000100", @ANYRES32=r19, @ANYBLOB="08000100", @ANYRES32=r20, @ANYBLOB="1400020069703667726530000000000000000000080003000000000014000200766972745f7769666930000000000000140002006272696467655f736c6176655f31000008000100", @ANYRES32=r21, @ANYBLOB="0800030000000000"], 0x258}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)

1.135446385s ago: executing program 2 (id=4635):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x110, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x4e23, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@coaddr={0x14, 0xe, @in6=@remote}, @mark={0xc, 0x15, {0x35075b, 0x3b}}]}, 0x110}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket(0x22, 0x2, 0x24)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e24, 0x4f, @mcast2, 0x3}, 0x1c)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

945.293782ms ago: executing program 3 (id=4636):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000200)={'xfrm0\x00', 0xc})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0x100000001)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r1)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000540)={{{@in, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@local}}, 0xe8)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r6=>0x0})
connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10)
sendmsg$can_bcm(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r5], 0x48}, 0x1, 0x0, 0x0, 0xc044}, 0x8090)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400ed68e2fc000010f7fdb32a05fc3c02dbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000000000000000000000000b000000000000"], 0x0, 0x26, 0x0, 0x1}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x2, &(0x7f0000000300)=@raw=[@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x49, '\x00', 0x0, 0x25, r8, 0x8, &(0x7f00000005c0)={0x9, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8e}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x1e, 0x0, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r10, 0x0, 0x1}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r12 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r9, r11, 0x26, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r12, 0x4)
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)={0x38, r13, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x24, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x9, 0x1, @l2={'eth', 0x3a, '\x00'}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, r13, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xc}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x810}, 0x20000000)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x3, 0x1, 0x3, {0xa, 0x4e24, 0x3, @loopback, 0x6}}}, 0x3a)
ioctl$PPPIOCGL2TPSTATS(r3, 0x80487436, 0x0)

850.759169ms ago: executing program 3 (id=4637):
r0 = socket(0xb, 0x4, 0xfffffffc)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x10}, @op={0x18, 0x117, 0x3, 0x1}], 0x30, 0x40040}], 0x1, 0x8040)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071109800000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
sendmsg$RDMA_NLDEV_CMD_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x1401, 0x400, 0x70bd25, 0x25dfdbff}, 0x10}}, 0x0)
recvmsg(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001240)=""/47, 0x2f}], 0x1}, 0x10002)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='nv', 0x2)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x35c, 0x0)
preadv(r5, &(0x7f0000000080), 0x0, 0x3, 0x45)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040), 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000340)=@newtaction={0x70, 0x30, 0x53b, 0x70bd2a, 0x0, {}, [{0x5c, 0x1, [@m_simple={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x0, 0xffffffffffffffff}}]}, {0x14, 0x6, "bfe03adc55c504336d8907e2bf2b2f00"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x70}}, 0x0)

806.436631ms ago: executing program 0 (id=4638):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000091ff00000085000000870000001801000020786c2500000000002020207b1af8ff00000000bfa108000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x0, 0xe, 0x0, &(0x7f0000000600)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

731.531755ms ago: executing program 2 (id=4639):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='devices.list\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000200), &(0x7f0000000280)=0x4)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x1, 0x2, 0x8, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x8}, 0xe)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000000c0)={r4, 0x7}, &(0x7f0000000100)=0x8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r6, &(0x7f0000000080)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast]}, 0x40)
writev(r6, &(0x7f0000000040)=[{&(0x7f0000000000)="ad9f20d5e6c53a85dda296e98a5d4eed466d537a28", 0x15}], 0x1)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r0, @ANYRES32=r5, @ANYBLOB="89240700000000001c0012800b000100697036746e6c00000c00028008000100", @ANYRES32=r4, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000000)={0x2, 0x4e1c, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @remote, @multicast1}}}], 0x20}}], 0x54, 0x4880)

730.896016ms ago: executing program 4 (id=4640):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x163, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x2, 0x6, "13c07a", 0x12d, 0x11, 0xfd, @local, @local, {[@fragment={0x2c, 0x0, 0x4, 0x1, 0x0, 0x7, 0x65}, @srh={0x33, 0xa, 0x4, 0x5, 0x81, 0x50, 0x2, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x2b}, @dev={0xfe, 0x80, '\x00', 0x16}, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @broadcast}]}], {0x4e23, 0x4e24, 0xcd, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "7141aa6602492c80c311f54c734de630e71282e4f27cb7f95114a098a04d7b0f5acd0ee747b9e70c2087f47eb8859909e612bf5a356eb3d80b3af13c3c49af9d6687c35d000ae5d03fd19e526e3cd2110aad85a2c37707372a8b75233e0f2ec61315edcbb179f411ca7450363debab8f007528b174d868a97be9496536c6dc9ff82c028d69daaa378744cb6b4f5ed9ca9763b0172bd28177b593bc25072d23ec95f7fda80bbe0111b726ec7fce0a596da81d787eac2b459ff4c6e5c1a5"}}}}}}}, 0x0)

702.342085ms ago: executing program 3 (id=4641):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (rerun: 64)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x4d, 0x800000, 0x8, 0x5, 0x80, 0x81})
write$bt_hci(r1, &(0x7f0000000080)=ANY=[], 0x6)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r3, 0x411, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x1000}, 0x40084) (async, rerun: 32)
r4 = socket(0x40000000015, 0x5, 0x0) (rerun: 32)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) (async)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) (async)
r5 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) (async)
getsockopt(r5, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000050a0900000000000000001d020000000900010073797a30000000000900030073797a32"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000300000ab0000000020a0300000000000000000001000005990006005cadd853957f0267fa9fbda881ebfae443bb999081eda5f4f3c1f22f6680bf0ff86e1f52695152d5420b4de9001769c331497fa27e39abe73988a4b07baeafb6f21b6e182451befed07e089dc88b91cd1122eed21a8d39e897b3e101f03c9ec9086928d05ffec93d1ac7d26fa87e07d59035bf7c75843c28571fedd7afbb49a586ffc353262820f200000020000000020a05000000000000000000070000080a000600e00496bb94d60000140000001100010000000000000000000000000a"], 0xf8}, 0x1, 0x0, 0x0, 0x2000}, 0x40000)

643.582008ms ago: executing program 0 (id=4642):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r1}, 0x20)
sendmmsg$inet6(r1, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f0000000180), 0x1}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000009c0)='.', 0xc400}], 0x7}}], 0x44, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r4 = accept4$alg(r0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000004e40)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000440)=""/135, 0x87}], 0x1}, 0x6}], 0x1, 0x10000, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)="5cafbb19415082dc2d68ffed07036d0d5efb9b5b4aa4e9a4d27912e19aae487301239d3937561ccd182963aaec4f0da35db9774e343ed1481e4654a186e66f54441b06277fdce96084f808db6c16958d2e26bc2aed9ff05a186dd1275539ebe1290f9fe485bef994029e46888f17e178c7fee7c96eccf5ba47c10a0279e7ca7af27cc9916bd8c60fe999c0c2f044f8333028438bbf945070d290aa78a328d79addc16966ca29b99966324138b25de75739", 0xb1}], 0x1, 0x0, 0x0, 0x8000}], 0x1, 0x8810)

615.286329ms ago: executing program 4 (id=4643):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
socket(0x400000000010, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0}) (async)
r2 = socket$unix(0x1, 0x1, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="100100002e00090027bd70000000000004000000fa0017"], 0x110}, 0x1, 0x0, 0x0, 0x42845}, 0x84) (async)
getsockopt$sock_cred(r2, 0x1, 0x28, 0x0, &(0x7f0000000580))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x1}, 0x50) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) (async, rerun: 32)
socket$inet(0x2, 0x4000000000000001, 0x0) (async, rerun: 32)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) (async)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000) (async, rerun: 64)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r5, 0x3fcb7000)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) (async)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) (async)
r6 = socket(0x10, 0x3, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) (async)
connect$can_bcm(r6, &(0x7f0000000140)={0x1d, r1}, 0x10) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r8, {}, {0xffe0, 0xa}, {0x1, 0x4}}, [@qdisc_kind_options=@q_pie={{0x4c}, {0x34, 0x2, [@TCA_PIE_ALPHA={0x8, 0x4, 0x6}, @TCA_PIE_ECN={0x8, 0x6, 0x1}, @TCA_PIE_ECN={0x8, 0x6, 0x1}, @TCA_PIE_LIMIT={0x8, 0x2, 0x7d}, @TCA_PIE_ECN={0x8, 0x6, 0x1}, @TCA_PIE_BYTEMODE={0x8}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x55}, 0xc010)

512.815636ms ago: executing program 2 (id=4644):
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @broadcast}, {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$llc_int(r1, 0x10c, 0x4, &(0x7f0000000140), &(0x7f0000000180)=0x4)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001400000000114000000020a090100000000000000000000000014000000110001"], 0xd4}}, 0x4000010) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001400000000114000000020a090100000000000000000000000014000000110001"], 0xd4}}, 0x4000010)

239.343378ms ago: executing program 3 (id=4645):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000010000100000000000000000000001e0a20000000000a03000000000000000000070000000900010073797a300000000044000000090a090400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000031080003400000000114000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x20008094}, 0x20000010)

238.47042ms ago: executing program 4 (id=4646):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711201000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xf4, r1, 0x4, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x5}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x8}, @NL80211_ATTR_BSS_BASIC_RATES={0x18, 0x24, [{0x48}, {0x5, 0x1}, {0x6, 0x1}, {0x1, 0x1}, {0x30}, {}, {0xb}, {0x16, 0x1}, {0x18, 0x1}, {0x16}, {0x1b, 0x1}, {0x2}, {0x24}, {0x6, 0x1}, {0x7}, {0x9}, {0x18, 0x1}, {0x18, 0x1}, {0xb, 0x1}, {0x12, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0x44, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_NOLEARN={0x5, 0x1e, 0x1}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x5}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x3}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x3}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x10}, @NL80211_MESHCONF_NOLEARN={0x5, 0x1e, 0x1}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x1}, @NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x6}]}, @NL80211_ATTR_MESH_SETUP={0x20, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0x1}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x23, 0x24, [{0x1b}, {0x30}, {0x36}, {0x5}, {0x3, 0x1}, {0xc}, {0x3}, {0x48, 0x1}, {0x24, 0x1}, {0x24}, {0x36}, {0x6c, 0x1}, {0x3}, {0x36}, {0x9f, 0x1}, {0xc}, {0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x48}, {0xc}, {}, {}, {0x1, 0x1}, {0x48}, {0x1b}, {0x16, 0x1}, {0x30}, {0x4}, {0x18}, {0x4}]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BSS_BASIC_RATES={0x1c, 0x24, [{0x3}, {0x1}, {0x1, 0x1}, {0x1b}, {0xb, 0x1}, {0x6}, {0xb}, {0x48, 0x1}, {0x1, 0x1}, {0xc, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x30, 0x1}, {0x18, 0x1}, {0x12, 0x1}, {0x36}, {0x4}, {0x63}, {0x5, 0x1}, {0x60}, {0x30}, {0x12}, {0x0, 0x1}, {0x16, 0x1}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x1}, 0x40040)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711201000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x0, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xf4, r1, 0x4, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x5}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x8}, @NL80211_ATTR_BSS_BASIC_RATES={0x18, 0x24, [{0x48}, {0x5, 0x1}, {0x6, 0x1}, {0x1, 0x1}, {0x30}, {}, {0xb}, {0x16, 0x1}, {0x18, 0x1}, {0x16}, {0x1b, 0x1}, {0x2}, {0x24}, {0x6, 0x1}, {0x7}, {0x9}, {0x18, 0x1}, {0x18, 0x1}, {0xb, 0x1}, {0x12, 0x1}]}, @NL80211_ATTR_MESH_CONFIG={0x44, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_NOLEARN={0x5, 0x1e, 0x1}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x5}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x3}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x3}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x10}, @NL80211_MESHCONF_NOLEARN={0x5, 0x1e, 0x1}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x1}, @NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x6}]}, @NL80211_ATTR_MESH_SETUP={0x20, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0x1}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x23, 0x24, [{0x1b}, {0x30}, {0x36}, {0x5}, {0x3, 0x1}, {0xc}, {0x3}, {0x48, 0x1}, {0x24, 0x1}, {0x24}, {0x36}, {0x6c, 0x1}, {0x3}, {0x36}, {0x9f, 0x1}, {0xc}, {0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x48}, {0xc}, {}, {}, {0x1, 0x1}, {0x48}, {0x1b}, {0x16, 0x1}, {0x30}, {0x4}, {0x18}, {0x4}]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BSS_BASIC_RATES={0x1c, 0x24, [{0x3}, {0x1}, {0x1, 0x1}, {0x1b}, {0xb, 0x1}, {0x6}, {0xb}, {0x48, 0x1}, {0x1, 0x1}, {0xc, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x30, 0x1}, {0x18, 0x1}, {0x12, 0x1}, {0x36}, {0x4}, {0x63}, {0x5, 0x1}, {0x60}, {0x30}, {0x12}, {0x0, 0x1}, {0x16, 0x1}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x1}, 0x40040) (async)

210.016035ms ago: executing program 2 (id=4647):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x8, 0x0)
sendfile(r0, r1, 0x0, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000000800000000000000", @ANYRES32, @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000005c650045f1001900"/28], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="180000001a00fd5800006c610e2a00000a"], 0x18}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0d00000004000000040000000900000000000000", @ANYRES32=r2, @ANYBLOB="00008000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000e2966d5a15932982dbff0000000000000000004770066b32965136ab5ca5f5435a568948657191e02ec3e016aaf5f23b313628d4d5c2dcb1a1fa35cf6579857a4590eaca0cbed3e5e84e3bfe69e1843fec349d26ac3dc22e458e5302a54a55fe7f973b785efa49f384ffee948d7c3406eaad351a1a4b8f72ced976ec2f299aa3f32ced81936cc5e84549ae208bb84c60a84f4e5867c4885008274580a0f016f1370a595c02b0aeb956d0172eda2325e895fe26"], 0x48)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x1000)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x80800)
sendmmsg$alg(r8, &(0x7f0000000040), 0x0, 0x4040800)
recvmsg$can_raw(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/75, 0x4b}], 0x1}, 0x120)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r9, &(0x7f0000000300)={0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x9}}, 0x10)
sendto$inet(r9, &(0x7f0000000340)="fb", 0x1, 0x20008040, 0x0, 0x0)
ioctl$int_in(r9, 0x5421, &(0x7f0000000000)=0x1)
splice(r9, 0x0, r5, 0x0, 0x82, 0xa)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r10, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_MPATH(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010029d77000fbdbdf25160000000800030057bc59a3b412d22b15bccdea494729fd15b0a8f64997ff9caca29e67459caa070191efd3778b2ecdd94fb1a4cd7bbc923d6395554fb3830d83c393ce936bd17538a1460cf819e8dc8b438103fded8ee0bce020808e31864f6158e3937111f066be53f6596529b369979f7250f98b9fac87fbcc2c769c17341f0bfd081e9234e9207a70b546613a584844d96ce56486f4ab913193f119a2f46d86b10f1d62356e8986b06eb87d249359412646d9085656f6239bc07b8b3f94d45144d86834257d48b26f8a663682989d64745cf944793fb9a8d86bd08e21648e2d875ae72b6a4a62c40adf10882ec062c2935e3ccf153560cc36c217642bcacf4672a9b7a54b43e64b4388bed3c5c44614b54d98b1c308a90d3146d91b8beeb99b57f9050305d17b1f624f370744e64e2826681321", @ANYRES32=r12, @ANYBLOB="0a001a0008021100000100000a0006000802110000010000"], 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0xc0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="5800000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="5b1257f0bcb5021b2400128011000100e272696467655f736c617665000000000c00058005002b0001000000140003006272696467655f736c6176655f3000006e1021caa9b10be97d2c68ecedea456b36c1dbb1e1b96fd3e22b45648f22b797584b5eddbfff71b4080fd241"], 0x58}, 0x1, 0x0, 0x0, 0x20044011}, 0x40000)

129.058009ms ago: executing program 3 (id=4648):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0xfffffffd}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x1, 0x3c, 0xda18, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x80, 0xfffc, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "7fb303c7c34fcbb7a942a3ae3820f58a"}]}}}}}}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x8, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)

111.323594ms ago: executing program 4 (id=4649):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0xfffffffd}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x1, 0x3c, 0xda18, 0xb00, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x80, 0xfffc, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "7fb303c7c34fcbb7a942a3ae3820f58a"}]}}}}}}}, 0x0)

0s ago: executing program 1 (id=4650):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "01631400", "648d0000000000000000e943ff9c6b4a", '\x00', "a7ea2a9f4605bd3c"}, 0x28)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x5, @loopback={0xff000000}}, 0x1c)

kernel console output (not intermixed with test programs):

vlan4): Removing an active aggregator
[  350.677043][ T7606] bond3 (unregistering): (slave macvlan4): Releasing backup interface
[  350.694509][ T7606] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  350.706822][ T7606] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  350.716612][ T7606] bond0 (unregistering): Released all slaves
[  350.730449][ T7606] bond1 (unregistering): Released all slaves
[  350.939352][ T7606] bond2 (unregistering): Released all slaves
[  350.966483][ T5844] Bluetooth: hci4: command tx timeout
[  351.124788][ T7606] bond3 (unregistering): Released all slaves
[  351.259777][ T7606] bond4 (unregistering): (slave veth3): Releasing active interface
[  351.270206][ T7606] bond4 (unregistering): Released all slaves
[  351.418468][ T7606] bond5 (unregistering): (slave veth5): Releasing active interface
[  351.430533][ T7606] bond5 (unregistering): Released all slaves
[  351.601465][ T7606] bond6 (unregistering): Released all slaves
[  351.719352][ T7606] bond7 (unregistering): Released all slaves
[  351.733128][ T7606] bond8 (unregistering): Released all slaves
[  351.875855][ T7606] bond9 (unregistering): (slave veth11): Releasing active interface
[  351.886634][ T7606] bond9 (unregistering): Released all slaves
[  352.053592][ T7606] bond10 (unregistering): (slave veth15): Releasing active interface
[  352.067424][ T7606] bond10 (unregistering): Released all slaves
[  352.237585][ T7606] bond11 (unregistering): Released all slaves
[  352.469291][ T7606] bond12 (unregistering): Released all slaves
[  352.652646][ T7606] bond13 (unregistering): Released all slaves
[  352.839874][ T7606] bond14 (unregistering): Released all slaves
[  353.025949][ T7606] bond15 (unregistering): Released all slaves
[  353.035251][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  353.046280][ T5844] Bluetooth: hci4: command tx timeout
[  353.243939][ T7606] bond16 (unregistering): Released all slaves
[  353.450766][ T7606] bond17 (unregistering): Released all slaves
[  353.610516][ T7606] bond18 (unregistering): Released all slaves
[  353.778847][ T7606] bond19 (unregistering): (slave veth0_to_bond): Releasing active interface
[  353.791915][ T7606] bond19 (unregistering): Released all slaves
[  353.805311][T16499] wlan0 speed is unknown, defaulting to 1000
[  354.056198][ T7606] tipc: Disabling bearer <udp:syz2>
[  354.095583][ T7606] tipc: Left network mode
[  354.301333][T16571] netlink: 'syz.4.3050': attribute type 1 has an invalid length.
[  354.685711][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5020 ms
[  354.692961][T16571] 8021q: adding VLAN 0 to HW filter on device bond19
[  354.693910][    C0] lec:lec_tx_timeout: lec0
[  354.706223][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  354.718263][T16581] bond15: (slave veth0_to_bond): Releasing active interface
[  354.770744][T16581] bond19: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  355.046886][T16610] syzkaller0: entered promiscuous mode
[  355.054193][T16621] __nla_validate_parse: 4 callbacks suppressed
[  355.054214][T16621] netlink: 200 bytes leftover after parsing attributes in process `syz.1.3059'.
[  355.070408][T16610] syzkaller0: entered allmulticast mode
[  355.105211][ T5844] Bluetooth: hci4: command tx timeout
[  355.621397][T16643] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  355.768180][T16643] tipc: Disabling bearer <eth:syzkaller0>
[  355.796913][T16657] sch_fq: defrate 0 ignored.
[  355.840834][T16499] chnl_net:caif_netlink_parms(): no params data found
[  355.851699][T16659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3066'.
[  355.882579][T16661] sch_fq: defrate 0 ignored.
[  356.145579][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  356.170240][ T7606] hsr_slave_0: left promiscuous mode
[  356.176639][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  356.187715][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_1
[  356.198150][ T7606] veth0_macvtap: left allmulticast mode
[  356.806540][ T7606] team0 (unregistering): Port device team_slave_1 removed
[  356.862257][ T7606] team0 (unregistering): Port device team_slave_0 removed
[  357.192087][ T5844] Bluetooth: hci4: command tx timeout
[  357.306817][T15313] smc: removing ib device syz2
[  357.315622][T16666] syzkaller0: entered promiscuous mode
[  357.328803][T16666] syzkaller0: entered allmulticast mode
[  357.689038][T16690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3074'.
[  357.780016][T16690] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  357.869028][T16690] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  357.888879][T16690] gretap1: entered promiscuous mode
[  357.902415][T16690] gretap1: entered allmulticast mode
[  358.181450][T16499] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.207885][T16499] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.230824][T16499] bridge_slave_0: entered allmulticast mode
[  358.259661][T16499] bridge_slave_0: entered promiscuous mode
[  358.343993][T16499] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.377899][T16499] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.389506][T16499] bridge_slave_1: entered allmulticast mode
[  358.430968][T16499] bridge_slave_1: entered promiscuous mode
[  358.676209][T16731] nbd1: detected capacity change from 0 to 127
[  358.686757][T16721] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3080'.
[  358.715854][T16721] tc_dump_action: action bad kind
[  358.727834][ T5844] block nbd1: Receive control failed (result -32)
[  358.742383][T16597] block nbd1: Dead connection, failed to find a fallback
[  358.871791][T16739] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.3084'.
[  358.999018][T16499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  359.085284][T16499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.129126][T16742] syzkaller0: entered promiscuous mode
[  359.137370][T16742] syzkaller0: entered allmulticast mode
[  359.634424][T16499] team0: Port device team_slave_0 added
[  359.670380][T16499] team0: Port device team_slave_1 added
[  359.716573][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  359.724690][    C0] lec:lec_tx_timeout: lec0
[  359.734994][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  359.957871][T16767] syzkaller0: entered promiscuous mode
[  359.966706][T16767] syzkaller0: entered allmulticast mode
[  359.980025][T16499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  359.999349][T16499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  360.087765][T16499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.148146][T16499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.155287][T16499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  360.183482][T16499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  362.578817][T16499] hsr_slave_0: entered promiscuous mode
[  362.586291][T16499] hsr_slave_1: entered promiscuous mode
[  362.658952][ T7606] IPVS: stop unused estimator thread 0...
[  362.786775][T16817] syzkaller0: entered promiscuous mode
[  362.802960][T16817] syzkaller0: entered allmulticast mode
[  362.884530][T16821] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  363.107371][ T5839] IPVS: starting estimator thread 0...
[  363.175942][T16836] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3109'.
[  363.225505][T16833] IPVS: using max 31 ests per chain, 74400 per kthread
[  363.356039][T16845] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3111'.
[  363.368136][T16845] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  363.480276][T16845] ip6gre1: entered allmulticast mode
[  363.610082][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3115'.
[  363.671165][T16863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3115'.
[  363.903298][T16879] syzkaller0: entered promiscuous mode
[  363.909376][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  363.976146][T16879] syzkaller0: entered allmulticast mode
[  364.022230][T16882] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3119'.
[  364.044013][T16882] tc_dump_action: action bad kind
[  364.050380][T16890] netlink: 'syz.1.3122': attribute type 5 has an invalid length.
[  364.065635][T16890] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3122'.
[  364.397905][T16900] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3123'.
[  364.407851][T16900] bond0: Caught tx_queue_len zero misconfig
[  364.428414][T16897] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3123'.
[  364.568610][T16909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3125'.
[  364.631301][T16913] Cannot find add_set index 0 as target
[  364.698079][T16499] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  364.745520][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  364.754285][    C0] lec:lec_tx_timeout: lec0
[  364.759664][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  364.769063][T16499] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  364.820118][T16499] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  364.886724][T16499] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  364.917084][T16924] syzkaller0: entered promiscuous mode
[  364.941820][T16924] syzkaller0: entered allmulticast mode
[  365.289510][T16954] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3134'.
[  365.316622][T16957] netlink: 'syz.1.3133': attribute type 4 has an invalid length.
[  365.331100][T16954] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  365.346762][T16956] syzkaller0: entered promiscuous mode
[  365.360288][T16956] syzkaller0: entered allmulticast mode
[  365.463048][T16499] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.573330][T16499] 8021q: adding VLAN 0 to HW filter on device team0
[  365.620983][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.628624][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.700055][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.707748][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.234005][T17004] Cannot find add_set index 0 as target
[  366.247217][T17002] syzkaller0: entered promiscuous mode
[  366.268952][T17002] syzkaller0: entered allmulticast mode
[  366.429287][T17015] syzkaller1: entered promiscuous mode
[  366.435477][T17015] syzkaller1: entered allmulticast mode
[  366.460340][T17015] IPv6: NLM_F_CREATE should be specified when creating new route
[  366.478609][T16499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.668501][T17021] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  366.686464][ T5839] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  366.810419][T16499] veth0_vlan: entered promiscuous mode
[  366.871415][T16499] veth1_vlan: entered promiscuous mode
[  366.981599][T16499] veth0_macvtap: entered promiscuous mode
[  367.009331][T16499] veth1_macvtap: entered promiscuous mode
[  367.068565][T16499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  367.103735][T16499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.168248][ T8020] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.198436][ T8020] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.248440][ T8020] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.281759][ T8020] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.541753][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.571400][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.660394][T15316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.698071][T15316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.747674][ T5839] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  367.789765][T17079] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[  368.257775][T17109] netlink: 'syz.0.3169': attribute type 8 has an invalid length.
[  368.308806][T17109] syzkaller0: entered promiscuous mode
[  368.324706][T17109] syzkaller0: entered allmulticast mode
[  368.454117][T17109] __nla_validate_parse: 6 callbacks suppressed
[  368.454135][T17109] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3169'.
[  368.557340][T17109] nbd: must specify at least one socket
[  368.710119][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  368.722357][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  368.746625][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  368.758525][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  368.771886][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  368.996471][T17135] Cannot find add_set index 0 as target
[  369.010261][T17124] wlan0 speed is unknown, defaulting to 1000
[  369.445745][T17149] wireguard0: entered promiscuous mode
[  369.464087][T17149] wireguard0: entered allmulticast mode
[  369.484533][T17149] team0: Device wireguard0 is of different type
[  369.578530][T17156] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3179'.
[  369.809919][T17180] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  369.816959][T17180] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  369.835335][T17182] netlink: 'syz.4.3183': attribute type 1 has an invalid length.
[  369.893129][T17186] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  369.916316][T17182] 8021q: adding VLAN 0 to HW filter on device bond21
[  369.969006][T17190] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3184'.
[  369.986632][T17188] bond19: (slave veth0_to_bond): Releasing active interface
[  370.052360][T17188] bond21: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  370.118206][T17124] chnl_net:caif_netlink_parms(): no params data found
[  370.414322][T17214] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3188'.
[  370.432587][T17214] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3188'.
[  370.500364][T17124] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.526321][T17124] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.541792][T17124] bridge_slave_0: entered allmulticast mode
[  370.548048][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5780 ms
[  370.548074][    C0] lec:lec_tx_timeout: lec0
[  370.558898][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  370.620186][T17124] bridge_slave_0: entered promiscuous mode
[  370.704083][T17124] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.733812][T17124] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.745549][T17124] bridge_slave_1: entered allmulticast mode
[  370.757108][T17124] bridge_slave_1: entered promiscuous mode
[  370.865474][ T5837] Bluetooth: hci3: command tx timeout
[  370.902965][T17124] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  370.916835][T17248] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3196'.
[  370.943912][T17124] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  371.012217][T17124] team0: Port device team_slave_0 added
[  371.048872][T17124] team0: Port device team_slave_1 added
[  371.109710][T17124] batman_adv: batadv0: Adding interface: batadv_slave_0
[  371.120138][T17124] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  371.149343][T17124] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  371.163965][T17124] batman_adv: batadv0: Adding interface: batadv_slave_1
[  371.173435][T17124] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  371.202206][T17124] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  371.308733][T17124] hsr_slave_0: entered promiscuous mode
[  371.317415][T17124] hsr_slave_1: entered promiscuous mode
[  371.324611][T17124] debugfs: 'hsr0' already exists in 'hsr'
[  371.331870][T17124] Cannot create hsr debugfs directory
[  371.597849][T17124] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.644788][T17274] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3203'.
[  371.679534][T17276] ip6t_REJECT: ECHOREPLY is not supported
[  371.697234][T17124] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.751581][T17278] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3205'.
[  371.776224][T17278] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3205'.
[  371.787079][T17278] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3205'.
[  371.806468][T17124] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.912981][T17124] `: (slave netdevsim0): Releasing backup interface
[  371.927241][T17287] x_tables: unsorted underflow at hook 2
[  371.930233][T17124] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.031537][T17287] hsr_slave_0 (unregistering): left promiscuous mode
[  372.222196][T17124] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  372.259378][T17124] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  372.289581][T17124] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  372.351287][T17124] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  372.414446][T17310] Only authenc() type AEADs are supported by ESSIV
[  372.603173][T17124] 8021q: adding VLAN 0 to HW filter on device bond0
[  372.631725][T17124] 8021q: adding VLAN 0 to HW filter on device team0
[  372.646457][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.654101][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  372.682608][ T7606] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.690104][ T7606] bridge0: port 2(bridge_slave_1) entered forwarding state
[  372.949176][ T5837] Bluetooth: hci3: command tx timeout
[  373.154654][T17124] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.198727][T17356] bond1: option arp_interval: mode dependency failed, not supported in mode balance-tlb(5)
[  373.246790][T17356] bond1 (unregistering): Released all slaves
[  373.429792][T17124] veth0_vlan: entered promiscuous mode
[  373.450284][T17124] veth1_vlan: entered promiscuous mode
[  373.579752][T17374] syzkaller0: entered promiscuous mode
[  373.587062][T17374] syzkaller0: entered allmulticast mode
[  373.599066][T17124] veth0_macvtap: entered promiscuous mode
[  375.026586][ T5837] Bluetooth: hci3: command tx timeout
[  375.595090][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5030 ms
[  375.603759][    C0] lec:lec_tx_timeout: lec0
[  375.609008][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  375.844206][T17383] pim6reg: entered allmulticast mode
[  375.896357][T17124] veth1_macvtap: entered promiscuous mode
[  375.965309][T17124] batman_adv: batadv0: Interface activated: batadv_slave_0
[  375.992807][T17124] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.055614][ T6712] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.079296][ T6712] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.114816][ T6712] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.158127][ T6712] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.307494][ T6712] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.329154][ T6712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.417367][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.426215][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.439767][T17427] tipc: Started in network mode
[  376.445405][T17427] tipc: Node identity ac1414aa, cluster identity 4711
[  376.458623][T17427] tipc: Enabled bearer <udp:s>, priority 10
[  376.471894][T17427] __nla_validate_parse: 4 callbacks suppressed
[  376.471963][T17427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3249'.
[  376.569459][T17430] wireguard0: entered promiscuous mode
[  376.581279][T17430] wireguard0: entered allmulticast mode
[  377.105098][ T5837] Bluetooth: hci3: command tx timeout
[  377.176263][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  377.187277][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  377.196653][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  377.205562][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  377.213884][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  377.290934][T17449] wlan0 speed is unknown, defaulting to 1000
[  377.330635][T17453] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3254'.
[  377.341193][T17453] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3254'.
[  377.652782][ T1174] tipc: Node number set to 2886997162
[  377.698747][T17466] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3259'.
[  377.714207][T17467] ipt_REJECT: ECHOREPLY no longer supported.
[  377.888295][T17449] chnl_net:caif_netlink_parms(): no params data found
[  378.029860][T17480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3263'.
[  378.093123][T17449] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.127904][T17449] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.140976][T17489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3263'.
[  378.152809][T17449] bridge_slave_0: entered allmulticast mode
[  378.178745][T17449] bridge_slave_0: entered promiscuous mode
[  378.188843][T17449] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.197195][T17449] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.204683][T17449] bridge_slave_1: entered allmulticast mode
[  378.212808][T17449] bridge_slave_1: entered promiscuous mode
[  378.234478][T17489] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  378.266686][T17489] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.298045][T17489] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.310291][T17489] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.471619][T17495] netlink: 'syz.1.3267': attribute type 16 has an invalid length.
[  378.490308][T17449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.500889][T17495] netlink: 'syz.1.3267': attribute type 17 has an invalid length.
[  378.519265][T17449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.578412][T17495] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  378.739788][T17509] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3271'.
[  378.749484][T17509] openvswitch: netlink: Flow key attr not present in new flow.
[  378.922890][T17449] team0: Port device team_slave_0 added
[  378.944173][T17449] team0: Port device team_slave_1 added
[  379.084421][T17449] batman_adv: batadv0: Adding interface: batadv_slave_0
[  379.092799][T17449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  379.121479][T17449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.160061][T17449] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.185670][T17449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  379.270215][ T5844] Bluetooth: hci0: command tx timeout
[  379.280394][T17449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.293053][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  379.434267][T17449] hsr_slave_0: entered promiscuous mode
[  379.446317][T17449] hsr_slave_1: entered promiscuous mode
[  379.454822][T17449] debugfs: 'hsr0' already exists in 'hsr'
[  379.465089][T17449] Cannot create hsr debugfs directory
[  379.710573][T17559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3286'.
[  379.741215][T17559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3286'.
[  379.751661][T17561] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3287'.
[  379.964491][T17449] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  380.011419][T17574] x_tables: unsorted entry at hook 1
[  380.154598][T17449] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  380.197783][T17577] syzkaller0: entered promiscuous mode
[  380.221455][T17577] syzkaller0: entered allmulticast mode
[  380.257907][T17449] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  380.426382][T17449] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  380.614937][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  380.623024][    C0] lec:lec_tx_timeout: lec0
[  380.629215][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  380.657619][T17591] netlink: 'syz.1.3298': attribute type 46 has an invalid length.
[  380.890334][T17449] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  380.952776][T17449] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  381.033579][T17449] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  381.125285][T17449] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  381.150326][T17612] Cannot find add_set index 0 as target
[  381.187637][T17614] netlink: 'syz.0.3304': attribute type 2 has an invalid length.
[  381.205792][T17614] netlink: 'syz.0.3304': attribute type 1 has an invalid length.
[  381.513177][T17449] 8021q: adding VLAN 0 to HW filter on device bond0
[  381.708660][T17449] 8021q: adding VLAN 0 to HW filter on device team0
[  381.748125][ T1164] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.756161][ T1164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.802026][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.809760][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  381.834507][T17636] mac80211_hwsim hwsim29 þ
: renamed from wlan1 (while UP)
[  381.891876][T17638] __nla_validate_parse: 3 callbacks suppressed
[  381.891895][T17638] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3309'.
[  381.949385][T17638] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3309'.
[  381.955647][T17449] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  382.333748][T17449] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.371825][T17660] Cannot find add_set index 0 as target
[  382.510971][T17666] xt_hashlimit: size too large, truncated to 1048576
[  382.719364][T17677] syz.1.3318 uses old SIOCAX25GETINFO
[  382.971249][T17685] sctp: [Deprecated]: syz.1.3321 (pid 17685) Use of struct sctp_assoc_value in delayed_ack socket option.
[  382.971249][T17685] Use struct sctp_sack_info instead
[  383.090181][T17449] veth0_vlan: entered promiscuous mode
[  383.114087][T17449] veth1_vlan: entered promiscuous mode
[  383.180320][T17701] bridge0: entered allmulticast mode
[  383.239164][T17702] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3322'.
[  383.331157][T17449] veth0_macvtap: entered promiscuous mode
[  383.357078][T17449] veth1_macvtap: entered promiscuous mode
[  383.389973][T17449] batman_adv: batadv0: Interface activated: batadv_slave_0
[  383.413199][T17449] batman_adv: batadv0: Interface activated: batadv_slave_1
[  383.441128][ T6712] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  383.488282][ T6712] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  383.527758][ T6712] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  383.549990][T17712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3328'.
[  383.565447][ T6712] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  383.746930][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  383.837608][T17712] team0 (unregistering): Port device team_slave_0 removed
[  383.862693][T17712] team0 (unregistering): Port device team_slave_1 removed
[  383.908794][T17716] bridge3: entered promiscuous mode
[  383.914555][T17716] bridge3: entered allmulticast mode
[  383.973653][T17721] FAULT_INJECTION: forcing a failure.
[  383.973653][T17721] name failslab, interval 1, probability 0, space 0, times 0
[  384.003130][T17721] CPU: 0 UID: 0 PID: 17721 Comm: syz.3.3333 Not tainted syzkaller #0 PREEMPT(full) 
[  384.003161][T17721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  384.003178][T17721] Call Trace:
[  384.003187][T17721]  <TASK>
[  384.003196][T17721]  dump_stack_lvl+0xe8/0x150
[  384.003230][T17721]  should_fail_ex+0x414/0x560
[  384.003267][T17721]  should_failslab+0xa8/0x100
[  384.003294][T17721]  kmem_cache_alloc_noprof+0x88/0x710
[  384.003324][T17721]  ? __netlink_lookup+0xbd/0x8a0
[  384.003351][T17721]  ? skb_clone+0x212/0x3a0
[  384.003380][T17721]  skb_clone+0x212/0x3a0
[  384.003407][T17721]  __netlink_deliver_tap+0x404/0x850
[  384.003443][T17721]  ? netlink_deliver_tap+0x2e/0x1b0
[  384.003477][T17721]  netlink_deliver_tap+0x19c/0x1b0
[  384.003502][T17721]  netlink_unicast+0x7fa/0x9e0
[  384.003532][T17721]  ? __pfx_netlink_unicast+0x10/0x10
[  384.003552][T17721]  ? __alloc_skb+0x198/0x3a0
[  384.003571][T17721]  ? netlink_sendmsg+0x642/0xb30
[  384.003601][T17721]  netlink_sendmsg+0x805/0xb30
[  384.003635][T17721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  384.003667][T17721]  ? aa_sock_msg_perm+0xf1/0x1b0
[  384.003694][T17721]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  384.003712][T17721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  384.003736][T17721]  __sock_sendmsg+0x21c/0x270
[  384.003766][T17721]  ____sys_sendmsg+0x505/0x820
[  384.003794][T17721]  ? __pfx_____sys_sendmsg+0x10/0x10
[  384.003830][T17721]  ? import_iovec+0x74/0xa0
[  384.003858][T17721]  ___sys_sendmsg+0x21f/0x2a0
[  384.003883][T17721]  ? __pfx____sys_sendmsg+0x10/0x10
[  384.003942][T17721]  ? __fget_files+0x2a/0x420
[  384.003965][T17721]  ? __fget_files+0x3a0/0x420
[  384.003998][T17721]  __x64_sys_sendmsg+0x19b/0x260
[  384.004023][T17721]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  384.004056][T17721]  ? __pfx_ksys_write+0x10/0x10
[  384.004087][T17721]  do_syscall_64+0xec/0xf80
[  384.004108][T17721]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.004127][T17721]  ? trace_irq_disable+0x37/0x100
[  384.004152][T17721]  ? clear_bhb_loop+0x60/0xb0
[  384.004175][T17721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.004200][T17721] RIP: 0033:0x7f0ab6b8f749
[  384.004219][T17721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.004236][T17721] RSP: 002b:00007f0ab7975038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  384.004258][T17721] RAX: ffffffffffffffda RBX: 00007f0ab6de5fa0 RCX: 00007f0ab6b8f749
[  384.004273][T17721] RDX: 0000000000008850 RSI: 0000200000000180 RDI: 0000000000000004
[  384.004286][T17721] RBP: 00007f0ab7975090 R08: 0000000000000000 R09: 0000000000000000
[  384.004297][T17721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.004308][T17721] R13: 00007f0ab6de6038 R14: 00007f0ab6de5fa0 R15: 00007fffc38b3298
[  384.004341][T17721]  </TASK>
[  384.006489][ T6712] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.319759][ T6712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.374776][  T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.402739][  T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.474446][T17744] netlink: 'syz.3.3338': attribute type 21 has an invalid length.
[  384.721518][T17758] netlink: 'syz.3.3341': attribute type 1 has an invalid length.
[  384.774772][T17758] 8021q: adding VLAN 0 to HW filter on device bond1
[  384.805525][T17762] bond1: (slave veth5): Enslaving as an active interface with a down link
[  384.827708][T17758] bond1: (slave veth0_to_bond): making interface the new active one
[  384.846960][T17758] veth0_to_bond: entered promiscuous mode
[  384.856376][T17758] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  385.349516][T17770] syzkaller0: entered promiscuous mode
[  385.367368][T17770] syzkaller0: entered allmulticast mode
[  385.462883][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  385.487639][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  385.500912][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  385.510494][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  385.520204][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  385.560746][T17778] sctp: [Deprecated]: syz.3.3346 (pid 17778) Use of int in maxseg socket option.
[  385.560746][T17778] Use struct sctp_assoc_value instead
[  385.655179][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5020 ms
[  385.655695][T17778] xfrm1: entered allmulticast mode
[  385.663928][    C0] lec:lec_tx_timeout: lec0
[  385.676862][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  385.781476][T17775] wlan0 speed is unknown, defaulting to 1000
[  385.804009][T17786] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  385.914767][T17786] bond1: option resend_igmp: invalid value (32767)
[  385.927712][T17786] bond1: option resend_igmp: allowed values 0 - 255
[  385.941224][T17786] bond1 (unregistering): Released all slaves
[  386.030035][T17798] netlink: 'syz.4.3352': attribute type 1 has an invalid length.
[  386.193328][T17805] netlink: 'syz.1.3353': attribute type 1 has an invalid length.
[  386.248698][T17775] chnl_net:caif_netlink_parms(): no params data found
[  386.458093][T17775] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.466106][T17775] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.473653][T17775] bridge_slave_0: entered allmulticast mode
[  386.482304][T17775] bridge_slave_0: entered promiscuous mode
[  386.503135][T17775] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.511217][T17775] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.518962][T17775] bridge_slave_1: entered allmulticast mode
[  386.526646][T17775] bridge_slave_1: entered promiscuous mode
[  386.533942][T17817] syzkaller0: entered promiscuous mode
[  386.539775][T17817] syzkaller0: entered allmulticast mode
[  386.594836][T17775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.619801][T17775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.736929][T17827] veth0_to_bond: entered allmulticast mode
[  386.756791][T17775] team0: Port device team_slave_0 added
[  386.779413][T17775] team0: Port device team_slave_1 added
[  386.920994][T17775] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.953326][T17775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.988515][T17775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.996928][T17845] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  387.034349][T17841] netlink: 'syz.4.3364': attribute type 3 has an invalid length.
[  387.065920][T17837] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3363'.
[  387.076118][T17775] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.085432][T17775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  387.114273][T17775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.128052][T17848] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3364'.
[  387.137624][T17848] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3364'.
[  387.261846][T17854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3367'.
[  387.344790][T17775] hsr_slave_0: entered promiscuous mode
[  387.363230][T17775] hsr_slave_1: entered promiscuous mode
[  387.370580][T17775] debugfs: 'hsr0' already exists in 'hsr'
[  387.377568][T17775] Cannot create hsr debugfs directory
[  387.428167][T17859] syzkaller0: entered promiscuous mode
[  387.459276][T17859] syzkaller0: entered allmulticast mode
[  387.589906][ T5837] Bluetooth: hci1: command tx timeout
[  387.623158][T17873] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3373'.
[  388.181374][    T9] IPVS: starting estimator thread 0...
[  388.285799][T17898] IPVS: using max 33 ests per chain, 79200 per kthread
[  388.521921][T17918] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3382'.
[  388.574304][T17918] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3382'.
[  389.040695][T17775] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  389.098166][T17775] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  389.156290][T17775] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  389.205099][T17775] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  389.245508][T17935] syzkaller0: entered promiscuous mode
[  389.251223][T17935] syzkaller0: entered allmulticast mode
[  389.356703][T17951] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3388'.
[  389.533539][T17775] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.591040][T17775] 8021q: adding VLAN 0 to HW filter on device team0
[  389.629809][ T7606] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.637120][ T7606] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.651115][T17964] Bluetooth: MGMT ver 1.23
[  389.665883][ T5837] Bluetooth: hci1: command tx timeout
[  389.678940][T17963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3392'.
[  389.690100][ T3511] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.697361][ T3511] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.698727][T17963] netlink: 'syz.2.3392': attribute type 3 has an invalid length.
[  390.232744][T17775] 8021q: adding VLAN 0 to HW filter on device batadv0
[  390.398554][T17775] veth0_vlan: entered promiscuous mode
[  390.447407][T17775] veth1_vlan: entered promiscuous mode
[  390.564355][T17995] 8021q: adding VLAN 0 to HW filter on device bond2
[  390.588205][T17775] veth0_macvtap: entered promiscuous mode
[  390.633016][T18002] netlink: 'syz.1.3398': attribute type 2 has an invalid length.
[  390.649876][T17775] veth1_macvtap: entered promiscuous mode
[  390.684931][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  390.693182][    C0] lec:lec_tx_timeout: lec0
[  390.698474][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  390.758501][T17775] batman_adv: batadv0: Interface activated: batadv_slave_0
[  390.827244][T17775] batman_adv: batadv0: Interface activated: batadv_slave_1
[  390.840479][T18010] netlink: 'syz.3.3401': attribute type 4 has an invalid length.
[  390.872289][T18007] syzkaller0: entered promiscuous mode
[  390.880649][T18007] syzkaller0: entered allmulticast mode
[  390.901441][ T6495] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.989056][ T6495] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.000559][ T6495] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.012061][ T6495] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.158737][T15312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.175692][T15312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.238964][T15316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.248769][T15316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.471299][T18041] x_tables: unsorted underflow at hook 2
[  391.482947][T18041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3409'.
[  391.555547][T18041] hsr_slave_0 (unregistering): left promiscuous mode
[  391.748293][ T5837] Bluetooth: hci1: command tx timeout
[  392.033229][T18061] syzkaller0: entered promiscuous mode
[  392.042061][T18061] syzkaller0: entered allmulticast mode
[  392.555881][T18095] netlink: 'syz.4.3425': attribute type 11 has an invalid length.
[  392.571657][T18095] netlink: 'syz.4.3425': attribute type 11 has an invalid length.
[  392.580406][T18095] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3425'.
[  392.746678][T18107] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  392.789868][T18107] tipc: Resetting bearer <eth:syzkaller0>
[  393.212880][T18134] syzkaller0: entered promiscuous mode
[  393.227110][T18134] syzkaller0: entered allmulticast mode
[  393.578997][T18104] tipc: Disabling bearer <eth:syzkaller0>
[  393.835356][ T5837] Bluetooth: hci1: command tx timeout
[  393.869065][T18167] syzkaller0: entered promiscuous mode
[  393.878498][T18167] syzkaller0: entered allmulticast mode
[  393.981539][T18177] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3442'.
[  394.216593][T18185] IPVS: set_ctl: invalid protocol: 137 172.20.20.170:20002
[  394.647348][T18211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3454'.
[  394.656856][T18211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3454'.
[  394.741695][T18211] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3454'.
[  394.829356][T18211] gretap0: entered promiscuous mode
[  394.853818][T18218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3454'.
[  394.867616][T18218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3454'.
[  395.074794][T18226] syzkaller0: entered promiscuous mode
[  395.115328][T18226] syzkaller0: entered allmulticast mode
[  395.371730][T18237] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT
[  395.704931][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  395.713638][    C0] lec:lec_tx_timeout: lec0
[  395.720613][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  395.793440][T18248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3460'.
[  395.795238][T18247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3460'.
[  395.820389][T18254] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3463'.
[  395.850538][T18248] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  395.869675][T18257] netlink: 'syz.3.3462': attribute type 10 has an invalid length.
[  395.942447][T18257] batman_adv: batadv0: Adding interface: netdevsim0
[  395.967131][T18257] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  395.997575][T18257] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  396.171489][T15310] veth0_to_bond: left promiscuous mode
[  396.257588][T18275] veth0: entered promiscuous mode
[  397.438745][T18338] netlink: 'syz.3.3491': attribute type 21 has an invalid length.
[  397.520737][T18338] netlink: 'syz.3.3491': attribute type 4 has an invalid length.
[  397.532735][T18342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  397.548260][T18338] netlink: 'syz.3.3491': attribute type 5 has an invalid length.
[  397.696444][T18359] __nla_validate_parse: 5 callbacks suppressed
[  397.696465][T18359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3494'.
[  397.735402][T18358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3495'.
[  398.143257][T18375] wlan0 speed is unknown, defaulting to 1000
[  398.957534][T18403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3509'.
[  398.975157][T18403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3509'.
[  399.005430][T18403] netlink: 'syz.1.3509': attribute type 14 has an invalid length.
[  399.025520][T18403] netlink: 'syz.1.3509': attribute type 13 has an invalid length.
[  399.125824][T18410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3510'.
[  399.152498][T18397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3507'.
[  399.666234][ T5963] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  399.743334][T18444] netlink: 220 bytes leftover after parsing attributes in process `syz.2.3520'.
[  399.879142][T18450] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3523'.
[  399.888375][ T7606] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  399.912818][ T7606] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  399.932416][ T7606] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  399.948382][T18455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3526'.
[  399.949663][ T7606] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  399.968929][T18458] netlink: 'syz.1.3527': attribute type 24 has an invalid length.
[  400.017251][T18460] netlink: 'syz.2.3528': attribute type 1 has an invalid length.
[  400.082411][T18460] 8021q: adding VLAN 0 to HW filter on device bond2
[  400.141892][T18464] bond2: (slave veth0_to_bond): making interface the new active one
[  400.160708][T18464] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  400.175540][T18468] netlink: 'syz.3.3532': attribute type 3 has an invalid length.
[  400.183874][T18468] netlink: 'syz.3.3532': attribute type 3 has an invalid length.
[  400.334373][T18479] pim6reg8719: entered allmulticast mode
[  400.433878][T18473] wlan0 speed is unknown, defaulting to 1000
[  400.720241][ T1174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.735010][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  400.743447][    C0] lec:lec_tx_timeout: lec0
[  400.748643][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  401.279655][T18517] validate_nla: 1 callbacks suppressed
[  401.279677][T18517] netlink: 'syz.4.3544': attribute type 1 has an invalid length.
[  401.358569][T18517] 8021q: adding VLAN 0 to HW filter on device bond1
[  401.391244][T18521] Bluetooth: hci0: Opcode 0x080f failed: -22
[  401.446871][T18514] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  401.467698][T18520] veth0_to_bond: left allmulticast mode
[  401.482963][T18520] bond1: (slave veth0_to_bond): making interface the new active one
[  401.493359][T18520] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  401.539691][T18514] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3543'.
[  401.918871][T18551] netlink: 'syz.1.3557': attribute type 11 has an invalid length.
[  401.980644][T18559] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  402.613926][T18596] bond3: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  402.633103][T18596] bond3: (slave lo): Enslaving as a backup interface with an up link
[  402.646832][T18596] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  402.859125][T18611] __nla_validate_parse: 5 callbacks suppressed
[  402.859150][T18611] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3577'.
[  402.905325][T18611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3577'.
[  402.930133][T18611] netlink: 31 bytes leftover after parsing attributes in process `syz.3.3577'.
[  402.951648][T18611] netlink: 'syz.3.3577': attribute type 3 has an invalid length.
[  402.960275][T18611] netlink: 'syz.3.3577': attribute type 2 has an invalid length.
[  402.970090][T18611] netlink: 31 bytes leftover after parsing attributes in process `syz.3.3577'.
[  403.164472][T18629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3583'.
[  403.209039][T18631] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3586'.
[  403.302143][T18635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3585'.
[  403.334564][T18635] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3585'.
[  403.366282][T18635] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3585'.
[  404.156040][T18671] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3598'.
[  404.758003][T18704] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  405.399356][T18755] netlink: 'syz.4.3621': attribute type 21 has an invalid length.
[  405.754930][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  405.763488][    C0] lec:lec_tx_timeout: lec0
[  405.768527][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  406.411290][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  406.420051][T18804] batman_adv: batadv0: Removing interface: batadv_slave_0
[  406.436113][T18804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  406.462572][T18804] batman_adv: batadv0: Removing interface: batadv_slave_1
[  406.475891][T18810] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  406.527433][T18804] batman_adv: batadv0: Removing interface: netdevsim0
[  406.623456][T18820] netlink: 'syz.4.3640': attribute type 1 has an invalid length.
[  406.644399][T18820] netlink: 'syz.4.3640': attribute type 2 has an invalid length.
[  406.657769][T18820] netlink: 'syz.4.3640': attribute type 2 has an invalid length.
[  407.339234][T18873] Cannot find add_set index 0 as target
[  407.445290][ T1174] IPVS: starting estimator thread 0...
[  407.566023][T18882] IPVS: using max 33 ests per chain, 79200 per kthread
[  407.590590][T18887] netlink: 'syz.0.3657': attribute type 1 has an invalid length.
[  408.038025][T18921] Cannot find set identified by id 1 to match
[  408.318015][T18935] C: renamed from lo (while UP)
[  408.322372][T18939] __nla_validate_parse: 17 callbacks suppressed
[  408.322399][T18939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3672'.
[  408.348941][T18935] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  408.427551][T18935] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  408.584756][T18950] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  408.691309][T18950] syzkaller0: entered promiscuous mode
[  408.712399][T18950] syzkaller0: entered allmulticast mode
[  408.722102][T18950] tipc: Resetting bearer <eth:syzkaller0>
[  408.757461][T18971] netlink: 207952 bytes leftover after parsing attributes in process `syz.3.3681'.
[  408.769692][T18947] tipc: Resetting bearer <eth:syzkaller0>
[  409.261469][T18989] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3683'.
[  411.022928][T18947] tipc: Disabling bearer <eth:syzkaller0>
[  411.206037][T18999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3684'.
[  411.402120][T18986] syzkaller0: entered promiscuous mode
[  411.415341][T18986] syzkaller0: entered allmulticast mode
[  411.914921][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 6130 ms
[  411.923157][    C0] lec:lec_tx_timeout: lec0
[  411.930700][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  414.107544][T19031] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  414.447767][T19066] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3702'.
[  414.666357][T19076] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  414.710285][T19081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3708'.
[  414.866493][T19089] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3711'.
[  415.018510][T19099] netlink: 'syz.4.3715': attribute type 21 has an invalid length.
[  415.042108][T19099] IPv6: NLM_F_CREATE should be specified when creating new route
[  415.061671][T19099] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  415.069353][T19099] IPv6: NLM_F_CREATE should be set when creating new route
[  415.077467][T19099] IPv6: NLM_F_CREATE should be set when creating new route
[  415.085021][T19099] IPv6: NLM_F_CREATE should be set when creating new route
[  415.194684][T19109] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3719'.
[  415.282901][T19121] netlink: 'syz.3.3723': attribute type 4 has an invalid length.
[  415.316402][T19125] xt_hashlimit: max too large, truncated to 1048576
[  415.335906][T19123] IPVS: length: 70 != 8
[  415.354273][T19130] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  415.488084][T19135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3725'.
[  415.570240][T19140] vcan0: entered allmulticast mode
[  415.651120][T19142] nbd: socks must be embedded in a SOCK_ITEM attr
[  415.664475][T19142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3728'.
[  416.261063][T19174] netlink: 'syz.3.3738': attribute type 1 has an invalid length.
[  416.310482][T19176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3739'.
[  416.310695][T19174] 8021q: adding VLAN 0 to HW filter on device bond4
[  416.339201][T19180] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.3740'.
[  416.351074][T19178] bond4: (slave geneve2): making interface the new active one
[  416.378180][T19178] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  416.650310][T19194] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3745'.
[  416.692161][T19195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3746'.
[  416.746916][T19195] openvswitch: netlink: Geneve opt len 17 is not a multiple of 4.
[  416.856325][T19205] netlink: 'syz.0.3748': attribute type 83 has an invalid length.
[  416.986300][T19212] netlink: 'syz.1.3750': attribute type 7 has an invalid length.
[  417.435649][T19246] netlink: 'syz.0.3759': attribute type 4 has an invalid length.
[  417.508187][T19254] netlink: 'syz.0.3759': attribute type 4 has an invalid length.
[  417.643675][T19259] ieee802154 phy0 wpan0: encryption failed: -22
[  417.664904][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5730 ms
[  417.673079][    C0] lec:lec_tx_timeout: lec0
[  417.678448][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  417.752411][T19264] netlink: 'syz.4.3763': attribute type 1 has an invalid length.
[  417.808668][T19269] netlink: 'syz.0.3764': attribute type 1 has an invalid length.
[  417.855965][T19264] 8021q: adding VLAN 0 to HW filter on device bond2
[  417.909409][T19269] 8021q: adding VLAN 0 to HW filter on device bond1
[  417.924578][T19272] bond1: (slave veth0_to_bond): Releasing active interface
[  417.966915][T19272] bond2: (slave veth0_to_bond): making interface the new active one
[  417.994723][T19272] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  418.083560][T19277] veth3: entered promiscuous mode
[  418.121864][T19277] bond1: (slave veth3): Enslaving as an active interface with an up link
[  418.139739][T19288] netlink: 'syz.4.3773': attribute type 1 has an invalid length.
[  418.194762][   T30] audit: type=1107 audit(1767874455.907:5): pid=19290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Ù‹�5ž÷Œ•%èÍUýAÊ�ÃËÙ ë0ä�™l…t¿Ý•/Öÿ Ž6òŠ¨Šç›'
[  418.208304][T19279] bond1: Removing last ns target with arp_interval on
[  418.483594][T19309] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  418.584744][T19320] dvmrp0: entered allmulticast mode
[  418.970377][T19337] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.989936][T19337] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.212790][T19356] 8021q: adding VLAN 0 to HW filter on device bond5
[  419.311395][T19341] syzkaller0: entered promiscuous mode
[  419.318850][T19341] syzkaller0: entered allmulticast mode
[  419.341750][T19352] bond5: (slave veth7): Enslaving as an active interface with a down link
[  419.358911][T19361] bond1: (slave veth0_to_bond): Releasing active interface
[  419.373248][T19361] bond5: (slave veth0_to_bond): making interface the new active one
[  419.383506][T19361] veth0_to_bond: entered promiscuous mode
[  419.390536][T19361] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  419.690768][T19376] Bluetooth: MGMT ver 1.23
[  422.104637][T19393] validate_nla: 1 callbacks suppressed
[  422.104658][T19393] netlink: 'syz.1.3801': attribute type 1 has an invalid length.
[  422.158532][T19393] 8021q: adding VLAN 0 to HW filter on device bond2
[  422.184136][T19393] bond2: (slave veth0_to_bond): making interface the new active one
[  422.194766][T19393] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  422.221307][T19402] bridge2: the hash_elasticity option has been deprecated and is always 16
[  422.277113][T19406] Cannot find add_set index 0 as target
[  422.343231][T19409] syzkaller0: entered promiscuous mode
[  422.350714][T19411] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  422.371647][T19409] syzkaller0: entered allmulticast mode
[  422.659355][T19435] netlink: 'syz.4.3814': attribute type 1 has an invalid length.
[  422.679256][ T5197] udevd[5197]: worker [16597] /devices/virtual/block/nbd1 is taking a long time
[  422.688498][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  422.688534][    C0] lec:lec_tx_timeout: lec0
[  422.697427][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  422.771003][T19435] 8021q: adding VLAN 0 to HW filter on device bond3
[  422.817390][T19440] 8021q: adding VLAN 0 to HW filter on device bond3
[  422.825114][T19440] bond3: (slave vxcan5): The slave device specified does not support setting the MAC address
[  422.889190][T19440] bond3: (slave vxcan5): Error -95 calling set_mac_address
[  422.933923][T19448] __nla_validate_parse: 14 callbacks suppressed
[  422.933945][T19448] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3817'.
[  422.974776][T19443] veth3: entered promiscuous mode
[  422.994671][T19443] bond3: (slave veth3): Enslaving as an active interface with a down link
[  423.013317][T19435] vlan2: entered allmulticast mode
[  423.020249][T19435] bond3: entered allmulticast mode
[  423.293661][T19470] netlink: 'syz.4.3825': attribute type 1 has an invalid length.
[  423.304803][T19469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3824'.
[  423.317721][T19469] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3824'.
[  423.399847][T19470] bond4: (slave gretap1): making interface the new active one
[  423.409964][T19470] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  423.819665][T19502] bridge2: entered promiscuous mode
[  423.849105][T19502] bridge2: entered allmulticast mode
[  423.878875][T19503] bridge3: entered promiscuous mode
[  423.884249][T19503] bridge3: entered allmulticast mode
[  423.920165][T19513] wireguard0: entered promiscuous mode
[  423.926311][T19513] wireguard0: entered allmulticast mode
[  423.967530][T19513] team0: Device wireguard0 is of different type
[  424.117434][T19510] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  424.153676][T19526] team_slave_0: entered promiscuous mode
[  424.169785][T19526] team_slave_1: entered promiscuous mode
[  424.218306][T19526] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  424.233534][T19526] team0: Device macvtap1 is already an upper device of the team interface
[  424.247640][T19526] team_slave_0: left promiscuous mode
[  424.253144][T19526] team_slave_1: left promiscuous mode
[  424.483795][T19549] netlink: 'syz.3.3843': attribute type 178 has an invalid length.
[  424.494270][T19549] netlink: 'syz.3.3843': attribute type 4 has an invalid length.
[  424.509998][T19549] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3843'.
[  424.529114][T19551] IPVS: Unknown mcast interface: lo
[  424.661202][T19561] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3847'.
[  424.681914][T19560] delete_channel: no stack
[  424.707828][T19559] delete_channel: no stack
[  425.016999][T19582] netlink: 'syz.4.3856': attribute type 29 has an invalid length.
[  425.035308][T19582] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3856'.
[  425.248477][T19594] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3861'.
[  425.520140][T19614] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3868'.
[  425.682809][T19621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3872'.
[  425.771150][T19628] netlink: 'syz.4.3874': attribute type 1 has an invalid length.
[  425.845927][T19628] 8021q: adding VLAN 0 to HW filter on device bond5
[  425.875969][T19629] bond2: (slave veth0_to_bond): Releasing active interface
[  425.892632][T19629] bond5: (slave veth0_to_bond): making interface the new active one
[  425.949605][T19633] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3875'.
[  425.966862][T19629] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  426.127284][T19640] : entered promiscuous mode
[  426.349384][T19658] netlink: 'syz.1.3884': attribute type 30 has an invalid length.
[  426.396200][ T6712] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  426.416272][ T6712] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  426.449542][ T6712] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  426.499830][ T6712] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  426.524412][T19662] tipc: Started in network mode
[  426.530517][T19662] tipc: Node identity 728767c00934, cluster identity 4711
[  426.540282][T19662] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  426.576075][T19665] syzkaller0: entered promiscuous mode
[  426.582389][T19665] syzkaller0: entered allmulticast mode
[  426.656980][T19661] tipc: Resetting bearer <eth:syzkaller0>
[  426.690845][T19661] tipc: Disabling bearer <eth:syzkaller0>
[  426.880114][T19685] nbd: couldn't find a device at index 0
[  427.038339][T19692] netlink: 'syz.4.3894': attribute type 1 has an invalid length.
[  427.128351][T19701] ipt_REJECT: ECHOREPLY no longer supported.
[  427.171140][T19692] 8021q: adding VLAN 0 to HW filter on device bond6
[  427.218219][T19696] bond5: (slave veth0_to_bond): Releasing active interface
[  427.253559][T19696] bond6: (slave veth0_to_bond): making interface the new active one
[  427.273796][T19696] bond6: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  427.361549][T19706] xt_hashlimit: size too large, truncated to 1048576
[  427.704943][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  427.713318][    C0] lec:lec_tx_timeout: lec0
[  427.718435][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  427.727721][T19737] gtp0: entered promiscuous mode
[  427.732716][T19737] gtp0: entered allmulticast mode
[  427.974335][T19748] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  427.984589][T19753] xt_cluster: node mask cannot exceed total number of nodes
[  428.107187][T19757] __nla_validate_parse: 7 callbacks suppressed
[  428.107208][T19757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3913'.
[  428.287083][T19767] Cannot find set identified by id 1 to match
[  428.601049][T19787] bond2: invalid ARP target 0.0.0.0 specified for addition
[  428.609410][T19787] bond2: option arp_ip_target: invalid value (0)
[  428.630728][T19796] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.3920'.
[  428.646703][T19797] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3922'.
[  428.661780][T19787] bond2 (unregistering): Released all slaves
[  428.707657][T19797] bridge0: port 2(bridge_slave_1) entered disabled state
[  428.715984][T19797] bridge0: port 1(bridge_slave_0) entered disabled state
[  428.774160][T19799] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3922'.
[  428.998633][T19821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3929'.
[  429.024325][T19821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3929'.
[  429.045252][T19815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3927'.
[  429.058964][T19823] netlink: 'syz.2.3930': attribute type 4 has an invalid length.
[  429.090286][   T50] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  429.090424][T19821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3929'.
[  429.121064][   T50] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  429.121077][T19823] netlink: 240 bytes leftover after parsing attributes in process `syz.2.3930'.
[  429.165667][T19821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3929'.
[  429.203089][   T50] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  429.236589][   T50] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  429.557572][T19842] 8021q: adding VLAN 0 to HW filter on device bond3
[  429.606853][T19848] bond_slave_0: entered promiscuous mode
[  429.612845][T19848] bond_slave_1: entered promiscuous mode
[  429.663022][T19848] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  429.698698][T19848] bond3: (slave macvlan2): Enslaving as a backup interface with an up link
[  429.834442][T19863] netlink: 'syz.0.3940': attribute type 9 has an invalid length.
[  430.467010][   T13] veth0_to_bond: left promiscuous mode
[  430.687980][T19917] bridge: RTM_NEWNEIGH with invalid state 0x8
[  431.061987][T19937] syzkaller0: entered promiscuous mode
[  431.082255][T19937] syzkaller0: entered allmulticast mode
[  431.294163][T19949] syzkaller0: entered promiscuous mode
[  431.346990][T19949] syzkaller0: entered allmulticast mode
[  431.432775][T19959] ipt_REJECT: TCP_RESET invalid for non-tcp
[  431.469860][T19959] 8021q: adding VLAN 0 to HW filter on device batadv0
[  431.480433][T19959] team0: Port device batadv0 added
[  431.656769][T19971] openvswitch: netlink: Tunnel attr 44 out of range max 16
[  431.695246][T19977] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  432.510238][T20018] Cannot find set identified by id 1 to match
[  432.724939][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  432.733426][    C0] lec:lec_tx_timeout: lec0
[  432.739153][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  433.072984][T20054] syzkaller0: entered promiscuous mode
[  433.091320][T20054] syzkaller0: entered allmulticast mode
[  433.179113][ T5835] IPVS: starting estimator thread 0...
[  433.191094][T20058] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[  433.200629][T20065] Cannot find set identified by id 1 to match
[  433.272331][T20066] __nla_validate_parse: 20 callbacks suppressed
[  433.272350][T20066] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4000'.
[  433.287003][T20063] IPVS: using max 33 ests per chain, 79200 per kthread
[  433.334278][T20069] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4003'.
[  433.372427][T20072] tipc: Started in network mode
[  433.383468][T20072] tipc: Node identity 2216098d1c33, cluster identity 4711
[  433.428807][T20072] tipc: Enabled bearer <eth:xfrm0>, priority 11
[  433.531906][T20076] xt_TCPMSS: Only works on TCP SYN packets
[  433.662868][T20089] netlink: 'syz.3.4011': attribute type 1 has an invalid length.
[  433.689188][T20088] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4011'.
[  433.717425][T20091] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  433.758028][T20088] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  433.776011][T20088] 0ªî{X¹¦: entered allmulticast mode
[  433.790138][T20088] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  433.820611][T20096] Cannot find set identified by id 1 to match
[  433.945305][T20107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4012'.
[  433.989014][T20107] netlink: 'syz.2.4012': attribute type 5 has an invalid length.
[  434.033944][T20107] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4012'.
[  434.310553][T20129] netlink: 'syz.4.4022': attribute type 11 has an invalid length.
[  434.350280][T20129] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4022'.
[  434.706390][ T5844] Bluetooth: hci1: command 0x0405 tx timeout
[  435.497515][T20094] bridge2: left promiscuous mode
[  435.502747][T20094] bridge2: left allmulticast mode
[  435.512816][T20094] bridge3: left promiscuous mode
[  435.518609][T20094] bridge3: left allmulticast mode
[  435.541976][T20114] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  435.547703][T20107] geneve2: entered promiscuous mode
[  435.562508][T20107] geneve2: entered allmulticast mode
[  435.584800][ T5835] tipc: Node number set to 1042614669
[  435.618205][   T50] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.636669][   T50] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.661238][   T50] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  435.700051][   T50] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.732682][   T50] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.763494][   T50] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  435.781841][   T50] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.800335][T20149] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4028'.
[  435.826384][   T50] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.843156][   T50] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  435.864104][ T7606] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.905791][ T7606] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.925117][ T7606] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  436.152654][T20170] syzkaller0: entered promiscuous mode
[  436.162558][T20170] syzkaller0: entered allmulticast mode
[  436.278607][T20174] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  436.299285][T20174] syzkaller0: entered promiscuous mode
[  436.318745][T20174] syzkaller0: entered allmulticast mode
[  436.363938][T20174] tipc: Resetting bearer <eth:syzkaller0>
[  436.405444][T20173] tipc: Resetting bearer <eth:syzkaller0>
[  436.456203][T20173] tipc: Disabling bearer <eth:syzkaller0>
[  436.477784][T20191] netlink: 'syz.3.4040': attribute type 1 has an invalid length.
[  436.537797][T20191] 8021q: adding VLAN 0 to HW filter on device bond6
[  436.600917][T20194] bond6: (slave veth9): Enslaving as an active interface with a down link
[  436.640618][T20198] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4042'.
[  436.664470][T20191] bond5: (slave veth0_to_bond): Releasing active interface
[  436.729293][T20191] bond6: (slave veth0_to_bond): making interface the new active one
[  436.761820][T20191] veth0_to_bond: entered promiscuous mode
[  436.791775][T20191] bond6: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  436.927552][T20209] bond7: (slave bridge3): Enslaving as an active interface with an up link
[  436.943558][T20212] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  437.002072][T20215] macvlan2: entered promiscuous mode
[  437.037318][T20215] macvlan2: entered allmulticast mode
[  437.044138][T20215] bond7: entered promiscuous mode
[  437.055658][T20215] bridge3: entered promiscuous mode
[  437.062753][T20215] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  437.073247][T20215] bond7: left promiscuous mode
[  437.080620][T20215] bridge3: left promiscuous mode
[  437.728696][T20266] netlink: 'syz.2.4063': attribute type 1 has an invalid length.
[  437.754906][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  437.763129][    C0] lec:lec_tx_timeout: lec0
[  437.777447][T20272] Cannot find add_set index 0 as target
[  437.864081][T20277] bond3: (slave geneve3): making interface the new active one
[  437.878341][T20277] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  437.902252][T15312] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0
[  437.913594][T15312] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0
[  437.925855][T15312] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0
[  437.938118][T15312] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0
[  438.010653][T20283] netlink: 'syz.4.4067': attribute type 8 has an invalid length.
[  438.020620][T20283] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4067'.
[  438.070983][T20283] bond0: entered promiscuous mode
[  438.105077][T20283] bond_slave_0: entered promiscuous mode
[  438.111046][T20283] bond_slave_1: entered promiscuous mode
[  438.160107][T20283] gretap0: entered promiscuous mode
[  438.180876][T20283] veth0: entered promiscuous mode
[  438.192255][T20283] debugfs: 'hsr1' already exists in 'hsr'
[  438.199835][T20283] Cannot create hsr debugfs directory
[  438.208458][T20283] hsr1: entered promiscuous mode
[  438.214479][T20296] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4071'.
[  438.415547][T20298] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input5
[  438.636344][T20325] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4081'.
[  438.709805][T20331] netlink: 'syz.4.4082': attribute type 2 has an invalid length.
[  438.742742][T20338] vlan2: entered promiscuous mode
[  438.760760][T20338] vlan2: entered allmulticast mode
[  438.776039][T20338] hsr_slave_1: entered allmulticast mode
[  438.802943][T20338] siw: device registration error -23
[  438.812363][T20338] netlink: 'syz.0.4083': attribute type 1 has an invalid length.
[  438.812979][T20339] syzkaller0: entered promiscuous mode
[  438.824178][T20338] netlink: 228 bytes leftover after parsing attributes in process `syz.0.4083'.
[  438.837671][T20339] syzkaller0: entered allmulticast mode
[  438.968436][T20347] wlan0 speed is unknown, defaulting to 1000
[  438.982216][T20351] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4088'.
[  438.992742][T20351] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4088'.
[  439.262678][T20361] xt_policy: too many policy elements
[  439.416284][T20367] net veth1_virt_wifi .: renamed from virt_wifi0
[  439.553733][T20367] IPv6: sit2: Disabled Multicast RS
[  439.581760][T20367] sit2: entered allmulticast mode
[  439.592576][T20382] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4097'.
[  439.611765][T20388] netlink: 'syz.0.4098': attribute type 2 has an invalid length.
[  439.621419][T20389] netlink: 'syz.0.4098': attribute type 2 has an invalid length.
[  439.665800][T20388] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4098'.
[  439.695337][T20389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4098'.
[  440.209665][T20428] netlink: 'syz.3.4111': attribute type 13 has an invalid length.
[  440.275877][T20428] veth0_macvtap: left promiscuous mode
[  440.304631][T20428] macvtap0: entered allmulticast mode
[  440.316905][T20438] netlink: 'syz.4.4114': attribute type 21 has an invalid length.
[  440.325334][T20438] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4114'.
[  440.367965][T20445] netlink: 'syz.4.4114': attribute type 21 has an invalid length.
[  440.382894][T20428] macvtap0: refused to change device tx_queue_len
[  440.391893][T20445] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4114'.
[  440.408107][T20435] veth0_to_bond: entered allmulticast mode
[  440.465854][T20438] netlink: 3 bytes leftover after parsing attributes in process `syz.4.4114'.
[  440.536460][T20450] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  440.716378][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.728320][ T1301] lec:lec_start_xmit: lec0:No lecd attached
[  441.154212][T20497] tipc: Enabling of bearer <eth:xfrm0> rejected, failed to enable media
[  441.654837][T20530] xt_cluster: node mask cannot exceed total number of nodes
[  441.718549][T20533] ip6erspan0: entered promiscuous mode
[  441.736364][T20533] ip6erspan0: entered allmulticast mode
[  441.803859][T20528] bond4: ARP target 1.0.0.0 is already present
[  441.810558][T20528] bond4: option arp_ip_target: invalid value (1)
[  441.825689][T20528] bond4 (unregistering): Released all slaves
[  441.842311][T20540] validate_nla: 5 callbacks suppressed
[  441.843066][T20540] netlink: 'syz.3.4144': attribute type 1 has an invalid length.
[  441.878664][T20540] netlink: 'syz.3.4144': attribute type 2 has an invalid length.
[  441.920447][T20542] xt_l2tp: missing protocol rule (udp|l2tpip)
[  442.404794][T20566] netlink: 'syz.4.4150': attribute type 1 has an invalid length.
[  442.648694][T20566] 8021q: adding VLAN 0 to HW filter on device bond8
[  442.730077][T20581] openvswitch: netlink: Geneve opt len 17 is not a multiple of 4.
[  442.753005][T20571] bond6: (slave veth0_to_bond): Releasing active interface
[  442.790868][T20571] bond8: (slave veth0_to_bond): making interface the new active one
[  442.831056][T20571] bond8: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  443.152169][T20607] xt_ecn: cannot match TCP bits for non-tcp packets
[  443.480858][T20631] gtp0: entered promiscuous mode
[  443.486808][T20631] gtp0: entered allmulticast mode
[  443.524008][T20634] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  443.581233][T20636] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  443.591260][T20636] syzkaller0: entered promiscuous mode
[  443.598572][T20636] syzkaller0: entered allmulticast mode
[  443.613648][T20636] tipc: Resetting bearer <eth:syzkaller0>
[  443.639730][T20635] tipc: Resetting bearer <eth:syzkaller0>
[  443.661261][T20635] tipc: Disabling bearer <eth:syzkaller0>
[  443.688719][T20642] __nla_validate_parse: 14 callbacks suppressed
[  443.688742][T20642] netlink: 232 bytes leftover after parsing attributes in process `syz.3.4171'.
[  443.710926][T20642] x_tables: ip_tables: icmp match: only valid for protocol 1
[  443.780040][T20647] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4174'.
[  443.787776][T20649] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4173'.
[  444.384350][T20688] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4183'.
[  444.433285][T20689] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  444.631870][T20692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4185'.
[  444.792192][T20696] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.800022][T20696] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.912183][T20696] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  444.931685][T20696] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  445.106486][T20700] IPv6: sit2: Disabled Multicast RS
[  445.114584][ T1145] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  445.123870][ T1145] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  445.142123][ T1145] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  445.172445][ T1145] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  445.187932][ T1145] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  445.223079][ T1145] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  445.232603][ T1145] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  445.243387][ T1145] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  445.460842][T20717] tipc: Started in network mode
[  445.475783][T20717] tipc: Node identity ac14140f, cluster identity 4711
[  445.510766][T20717] tipc: New replicast peer: 255.255.255.255
[  445.526612][T20717] tipc: Enabled bearer <udp:syz2>, priority 10
[  445.548868][T20722] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4192'.
[  445.562640][T20727] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4194'.
[  445.592053][T20729] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4194'.
[  445.745653][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[  445.754287][    C0] lec:lec_tx_timeout: lec0
[  445.764236][T20724] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4193'.
[  445.825114][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  445.927436][T20744] netlink: 'syz.3.4200': attribute type 1 has an invalid length.
[  445.968807][T20744] netlink: 16179 bytes leftover after parsing attributes in process `syz.3.4200'.
[  446.018488][T20751] sctp: [Deprecated]: syz.1.4201 (pid 20751) Use of int in max_burst socket option deprecated.
[  446.018488][T20751] Use struct sctp_assoc_value instead
[  446.253912][T20769] openvswitch: netlink: Flow key attr not present in new flow.
[  446.434106][T20776] bond2: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  446.447357][T20776] bond2 (unregistering): Released all slaves
[  446.538700][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.611381][T20784] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  446.645082][ T8186] tipc: Node number set to 2886997007
[  446.727356][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.736550][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.745295][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.753472][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.762055][T20781] netlink: 'syz.0.4210': attribute type 39 has an invalid length.
[  446.868695][T20792] 8021q: adding VLAN 0 to HW filter on device bond2
[  446.916517][T20794] bond2: (slave veth7): Enslaving as an active interface with a down link
[  446.928827][T20796] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  446.974189][T20792] veth0_to_bond: left allmulticast mode
[  446.981205][T20796] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  446.993737][T20792] bond2: (slave veth0_to_bond): making interface the new active one
[  447.026344][T20792] veth0_to_bond: entered promiscuous mode
[  447.032691][T20792] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  447.073254][T20800] validate_nla: 60 callbacks suppressed
[  447.073276][T20800] netlink: 'syz.1.4216': attribute type 1 has an invalid length.
[  447.191559][T20800] 8021q: adding VLAN 0 to HW filter on device bond4
[  447.225829][T20807] bond2: (slave veth0_to_bond): Releasing active interface
[  447.263007][T20807] bond4: (slave veth0_to_bond): making interface the new active one
[  447.276429][T20807] bond4: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  447.544626][T20823] netlink: 'syz.0.4222': attribute type 21 has an invalid length.
[  447.652202][T20844] netlink: 'syz.2.4227': attribute type 1 has an invalid length.
[  447.747149][T20844] 8021q: adding VLAN 0 to HW filter on device bond4
[  447.778784][T20844] bond2: (slave veth0_to_bond): Releasing active interface
[  447.792858][T20844] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  447.892601][T20848] bond4: (slave veth1): Enslaving as an active interface with a down link
[  447.902509][T20852] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  448.055881][ T8218] veth0_to_bond: left promiscuous mode
[  448.056912][T20864] netlink: 'syz.2.4233': attribute type 4 has an invalid length.
[  448.072056][T20865] netlink: 'syz.2.4233': attribute type 4 has an invalid length.
[  448.116607][T20867] netlink: 'syz.1.4234': attribute type 1 has an invalid length.
[  448.148924][T20867] 8021q: adding VLAN 0 to HW filter on device bond5
[  448.161408][T20867] bond4: (slave veth0_to_bond): Releasing active interface
[  448.176700][T20867] bond5: (slave veth0_to_bond): making interface the new active one
[  448.186981][T20867] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  448.542862][T20889] netlink: 'syz.0.4241': attribute type 1 has an invalid length.
[  448.640852][T20889] 8021q: adding VLAN 0 to HW filter on device bond3
[  448.700016][T20903] bond2: (slave veth0_to_bond): Releasing active interface
[  448.717064][T20890] can: request_module (can-proto-0) failed.
[  448.739311][T20903] veth0_to_bond: left promiscuous mode
[  448.765982][T20903] bond3: (slave veth0_to_bond): making interface the new active one
[  448.776746][T20903] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  448.823630][T20896] bond3: (slave veth9): Enslaving as an active interface with a down link
[  448.879952][T20910] netlink: 'syz.4.4245': attribute type 1 has an invalid length.
[  448.954616][T20910] 8021q: adding VLAN 0 to HW filter on device bond9
[  448.964471][T20914] bond8: (slave veth0_to_bond): Releasing active interface
[  449.010918][T20914] bond9: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  449.164422][T20929] netlink: 'syz.2.4251': attribute type 21 has an invalid length.
[  449.195077][ T5837] Bluetooth: hci1: command 0x0405 tx timeout
[  449.280805][T20941] __nla_validate_parse: 8 callbacks suppressed
[  449.280823][T20941] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4249'.
[  449.349171][T20946] netlink: 'syz.4.4249': attribute type 4 has an invalid length.
[  449.515901][T20953] 8021q: adding VLAN 0 to HW filter on device bond6
[  449.548292][T20952] netlink: 576 bytes leftover after parsing attributes in process `syz.3.4257'.
[  449.581061][T20953] bond6: (slave veth7): Enslaving as an active interface with a down link
[  449.603255][T20953] bond5: (slave veth0_to_bond): Releasing active interface
[  449.623200][T20953] bond6: (slave veth0_to_bond): making interface the new active one
[  449.634716][T20953] veth0_to_bond: entered promiscuous mode
[  449.649511][T20953] bond6: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  449.831324][T20968] Cannot find del_set index 0 as target
[  449.837215][T20964] bond7: (slave ipvlan3): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  449.837247][T20964] bond7: (slave ipvlan3): The slave device specified does not support setting the MAC address
[  449.837262][T20964] bond7: (slave ipvlan3): Setting fail_over_mac to active for active-backup mode
[  450.108041][T20983] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4264'.
[  450.389514][T21001] 8021q: adding VLAN 0 to HW filter on device bond5
[  450.403745][T21008] bond0: entered promiscuous mode
[  450.415439][T21008] bond_slave_0: entered promiscuous mode
[  450.431842][T21008] bond_slave_1: entered promiscuous mode
[  450.456447][T21008] batadv0: entered promiscuous mode
[  450.464744][T21008] debugfs: 'hsr1' already exists in 'hsr'
[  450.472723][T21008] Cannot create hsr debugfs directory
[  450.482540][T21008] 8021q: adding VLAN 0 to HW filter on device hsr1
[  450.527129][T21009] bond5: (slave veth5): Enslaving as an active interface with a down link
[  450.561107][T21001] bond4: (slave veth0_to_bond): Releasing active interface
[  450.569814][T21001] bond4: (slave veth0_to_bond): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  450.596792][T21001] bond5: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  450.608119][T21012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4271'.
[  450.792479][T21024] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  451.189924][T21041] can: request_module (can-proto-0) failed.
[  451.195009][T21044] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4281'.
[  451.265571][ T5837] Bluetooth: hci1: command 0x0405 tx timeout
[  451.380158][T21056] netlink: 428 bytes leftover after parsing attributes in process `syz.0.4285'.
[  451.407181][T21058] 8021q: VLANs not supported on ip6_vti0
[  451.489856][   T30] audit: type=1107 audit(1767874489.207:6): pid=21062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  451.511990][T21060] 8021q: adding VLAN 0 to HW filter on device bond7
[  451.686592][T21064] bond7: (slave veth11): Enslaving as an active interface with a down link
[  451.718735][T21069] bond6: (slave veth0_to_bond): Releasing active interface
[  451.729814][T21074] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4292'.
[  451.736411][T21076] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  451.751462][T21069] bond7: (slave veth0_to_bond): making interface the new active one
[  451.776405][T21069] veth0_to_bond: entered promiscuous mode
[  451.784620][T21069] bond7: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  451.971950][T21094] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4296'.
[  452.170121][T21109] validate_nla: 10 callbacks suppressed
[  452.170143][T21109] netlink: 'syz.4.4301': attribute type 4 has an invalid length.
[  452.373012][T21121] ipt_rpfilter: unknown options
[  452.412274][T21121] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4303'.
[  452.764062][T21148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4307'.
[  453.322580][T21177] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  453.665571][ T5837] Bluetooth: hci1: command 0x0405 tx timeout
[  454.019665][T21197] erspan0: entered promiscuous mode
[  454.066706][T21197] erspan0: left promiscuous mode
[  454.258276][T21213] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  454.451827][T21203] syzkaller1: entered promiscuous mode
[  454.467938][T21203] syzkaller1: entered allmulticast mode
[  455.812808][T21300] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  455.878336][T21308] netlink: 'syz.1.4351': attribute type 1 has an invalid length.
[  455.958642][T21308] 8021q: adding VLAN 0 to HW filter on device bond8
[  455.997691][T21313] bond8: (slave veth9): Enslaving as an active interface with a down link
[  456.032815][T21308] bond6: (slave veth0_to_bond): Releasing active interface
[  456.041912][T21308] veth0_to_bond: left promiscuous mode
[  456.077732][T21308] bond8: (slave veth0_to_bond): making interface the new active one
[  456.107239][T21308] veth0_to_bond: entered promiscuous mode
[  456.113422][T21308] bond8: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  456.198030][T21320] syzkaller0: entered promiscuous mode
[  456.205127][T21320] syzkaller0: entered allmulticast mode
[  456.295362][T21325] __nla_validate_parse: 8 callbacks suppressed
[  456.295385][T21325] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4357'.
[  456.817399][T21343] Cannot find add_set index 0 as target
[  456.866111][T21346] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  456.937900][T21353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4362'.
[  457.131028][T21365] Bluetooth: hci0: Opcode 0x080f failed: -22
[  457.140205][T21365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4367'.
[  457.228897][T21368] syzkaller0: entered promiscuous mode
[  457.234511][T21368] syzkaller0: entered allmulticast mode
[  457.367198][T21373] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.4369'.
[  457.396546][T21373] netlink: 'syz.2.4369': attribute type 10 has an invalid length.
[  457.415753][T21373] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4369'.
[  457.454657][T21373] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  457.531050][T21380] ip6gretap1: entered promiscuous mode
[  457.542485][T21380] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  457.553590][T21382] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4373'.
[  457.564038][T21382] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4373'.
[  457.576156][T21382] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4373'.
[  457.586813][T21382] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4373'.
[  457.596555][T21382] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4373'.
[  457.607424][T21377] syzkaller1: entered promiscuous mode
[  457.614337][T21377] syzkaller1: entered allmulticast mode
[  457.858672][T21403] tls_set_device_offload_rx: netdev not found
[  457.931154][T21406] openvswitch: netlink: IPv4 tunnel dst address is zero
[  457.931153][T21401] block nbd2: Unsupported socket: should be TCP or UNIX.
[  458.221975][T21427] syzkaller0: entered promiscuous mode
[  458.232792][T21427] syzkaller0: entered allmulticast mode
[  458.631136][T21454] netlink: 'syz.1.4392': attribute type 1 has an invalid length.
[  458.664134][T21454] netlink: 'syz.1.4392': attribute type 4 has an invalid length.
[  459.034808][T21478] xt_CONNSECMARK: invalid mode: 0
[  459.049581][T21481] FAULT_INJECTION: forcing a failure.
[  459.049581][T21481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.083166][T21481] CPU: 0 UID: 0 PID: 21481 Comm: syz.4.4400 Not tainted syzkaller #0 PREEMPT(full) 
[  459.083195][T21481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  459.083206][T21481] Call Trace:
[  459.083215][T21481]  <TASK>
[  459.083223][T21481]  dump_stack_lvl+0xe8/0x150
[  459.083256][T21481]  should_fail_ex+0x414/0x560
[  459.083292][T21481]  _copy_from_user+0x2d/0xb0
[  459.083317][T21481]  kstrtouint_from_user+0xc4/0x170
[  459.083338][T21481]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  459.083369][T21481]  proc_fail_nth_write+0x88/0x200
[  459.083389][T21481]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  459.083411][T21481]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  459.083431][T21481]  vfs_write+0x27e/0xb30
[  459.083501][T21481]  ? __pfx_vfs_write+0x10/0x10
[  459.083521][T21481]  ? __fget_files+0x2a/0x420
[  459.083550][T21481]  ? __fget_files+0x3a0/0x420
[  459.083573][T21481]  ? __fget_files+0x2a/0x420
[  459.083602][T21481]  ksys_write+0x145/0x250
[  459.083621][T21481]  ? __pfx_ksys_write+0x10/0x10
[  459.083649][T21481]  do_syscall_64+0xec/0xf80
[  459.083668][T21481]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.083684][T21481]  ? trace_irq_disable+0x37/0x100
[  459.083705][T21481]  ? clear_bhb_loop+0x60/0xb0
[  459.083727][T21481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.083746][T21481] RIP: 0033:0x7f4b5bf8e1ff
[  459.083765][T21481] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  459.083781][T21481] RSP: 002b:00007f4b5cd48030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  459.083804][T21481] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b5bf8e1ff
[  459.083818][T21481] RDX: 0000000000000001 RSI: 00007f4b5cd480a0 RDI: 0000000000000005
[  459.083828][T21481] RBP: 00007f4b5cd48090 R08: 0000000000000000 R09: 0000000000000000
[  459.083837][T21481] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  459.083847][T21481] R13: 00007f4b5c1e6038 R14: 00007f4b5c1e5fa0 R15: 00007ffce35670c8
[  459.083878][T21481]  </TASK>
[  459.580904][T21503] netlink: 'syz.0.4406': attribute type 64 has an invalid length.
[  459.769187][T21519] sit0: entered promiscuous mode
[  459.788693][T21519] netlink: 'syz.1.4411': attribute type 1 has an invalid length.
[  459.845883][T21528] netlink: 'syz.0.4415': attribute type 8 has an invalid length.
[  460.043004][T21546] FAULT_INJECTION: forcing a failure.
[  460.043004][T21546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.057910][T21546] CPU: 0 UID: 0 PID: 21546 Comm: syz.1.4419 Not tainted syzkaller #0 PREEMPT(full) 
[  460.057935][T21546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  460.057945][T21546] Call Trace:
[  460.057953][T21546]  <TASK>
[  460.057962][T21546]  dump_stack_lvl+0xe8/0x150
[  460.057992][T21546]  should_fail_ex+0x414/0x560
[  460.058032][T21546]  _copy_to_user+0x31/0xb0
[  460.058058][T21546]  simple_read_from_buffer+0xe1/0x170
[  460.058085][T21546]  proc_fail_nth_read+0x1b3/0x220
[  460.058113][T21546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  460.058133][T21546]  ? rw_verify_area+0x2a6/0x4d0
[  460.058150][T21546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  460.058169][T21546]  vfs_read+0x200/0xa30
[  460.058185][T21546]  ? fdget_pos+0x247/0x320
[  460.058212][T21546]  ? __pfx___mutex_lock+0x10/0x10
[  460.058234][T21546]  ? __pfx_vfs_read+0x10/0x10
[  460.058249][T21546]  ? __fget_files+0x2a/0x420
[  460.058274][T21546]  ? __fget_files+0x3a0/0x420
[  460.058295][T21546]  ? __fget_files+0x2a/0x420
[  460.058327][T21546]  ksys_read+0x145/0x250
[  460.058346][T21546]  ? __pfx_ksys_read+0x10/0x10
[  460.058374][T21546]  do_syscall_64+0xec/0xf80
[  460.058395][T21546]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.058414][T21546]  ? trace_irq_disable+0x37/0x100
[  460.058439][T21546]  ? clear_bhb_loop+0x60/0xb0
[  460.058463][T21546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.058490][T21546] RIP: 0033:0x7f2336f8e15c
[  460.058508][T21546] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  460.058525][T21546] RSP: 002b:00007f2337dd7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  460.058546][T21546] RAX: ffffffffffffffda RBX: 00007f23371e6090 RCX: 00007f2336f8e15c
[  460.058560][T21546] RDX: 000000000000000f RSI: 00007f2337dd70a0 RDI: 0000000000000007
[  460.058572][T21546] RBP: 00007f2337dd7090 R08: 0000000000000000 R09: 0000000000000000
[  460.058583][T21546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.058594][T21546] R13: 00007f23371e6128 R14: 00007f23371e6090 R15: 00007ffcdf14e8d8
[  460.058627][T21546]  </TASK>
[  460.690705][T21560] nbd: must specify an index to disconnect
[  460.697765][T21561] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  460.915765][T21570] netlink: 'syz.0.4427': attribute type 1 has an invalid length.
[  461.058942][T21579] syzkaller0: entered promiscuous mode
[  461.081459][T21579] syzkaller0: entered allmulticast mode
[  461.101042][T21582] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  461.127546][T21577] ksmbd: Unknown IPC event: 3, ignore.
[  461.454414][T21599] __nla_validate_parse: 106 callbacks suppressed
[  461.454428][T21599] netlink: 576 bytes leftover after parsing attributes in process `syz.3.4432'.
[  461.772925][T21605] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4435'.
[  462.314277][T10152] lec:lec_start_xmit: lec0:No lecd attached
[  462.346425][T21610] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.377129][T21615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4439'.
[  462.394615][T21621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4439'.
[  462.452289][T21627] pim6reg: entered allmulticast mode
[  462.489206][T21625] netlink: 'syz.1.4436': attribute type 21 has an invalid length.
[  462.507594][T21625] netlink: 'syz.1.4436': attribute type 22 has an invalid length.
[  462.535246][T21625] netlink: 'syz.1.4436': attribute type 23 has an invalid length.
[  462.556899][T21625] netlink: 'syz.1.4436': attribute type 25 has an invalid length.
[  462.565735][T21625] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4436'.
[  462.584631][T21610] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.616257][T21631] netlink: 'syz.3.4442': attribute type 3 has an invalid length.
[  462.746905][T21610] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.930737][T21610] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.116128][T21663] gre0: entered promiscuous mode
[  463.116832][T21666] netlink: 'syz.2.4453': attribute type 4 has an invalid length.
[  463.121258][T21663] gre0: entered allmulticast mode
[  463.213844][T21663] syzkaller1: entered promiscuous mode
[  463.219785][T21663] syzkaller1: entered allmulticast mode
[  463.228279][  T150] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  463.237946][T21671] Cannot find add_set index 0 as target
[  463.265184][ T5837] Bluetooth: hci5: command 0x0406 tx timeout
[  463.331824][T15313] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  463.382147][T15313] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  463.401235][T15313] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  463.435224][T21677] 8021q: VLANs not supported on ipvlan1
[  463.441649][T21677] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4457'.
[  463.516429][ T6026] veth0_to_bond: left promiscuous mode
[  463.586180][T21688] netlink: 'syz.0.4462': attribute type 1 has an invalid length.
[  463.638448][T21688] 8021q: adding VLAN 0 to HW filter on device bond4
[  463.662063][T21692] bond4: (slave veth13): Enslaving as an active interface with a down link
[  463.693484][T21688] bond3: (slave veth0_to_bond): Releasing active interface
[  463.702776][T21688] bond3: (slave veth0_to_bond): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  463.725554][T21688] bond4: (slave veth0_to_bond): making interface the new active one
[  463.735499][T21688] veth0_to_bond: entered promiscuous mode
[  463.741815][T21688] bond4: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  463.931373][T21699] netlink: 'syz.4.4464': attribute type 11 has an invalid length.
[  463.973400][T21705] netlink: 'syz.2.4467': attribute type 1 has an invalid length.
[  464.123598][T21705] 8021q: adding VLAN 0 to HW filter on device bond6
[  464.193082][T21708] bond6: (slave veth7): Enslaving as an active interface with a down link
[  464.247324][T21719] bond5: (slave veth0_to_bond): Releasing active interface
[  464.263644][T21727] openvswitch: netlink: Message has 592 unknown bytes.
[  464.275227][T21727] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  464.297747][T21719] bond6: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  464.450497][T21738] netlink: 'syz.2.4478': attribute type 1 has an invalid length.
[  464.587474][T21738] 8021q: adding VLAN 0 to HW filter on device bond7
[  464.589778][T21751] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4481'.
[  464.604412][T21751] nbd: couldn't find a device at index 0
[  464.653380][T21748] bond6: (slave veth0_to_bond): Releasing active interface
[  464.673839][T21755] netlink: 'syz.4.4483': attribute type 1 has an invalid length.
[  464.681863][T21755] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4483'.
[  464.702874][T21748] bond7: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  464.729268][T21760] xt_time: invalid argument - start or stop time greater than 23:59:59
[  465.182439][T21792] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  465.434138][T21800] 8021q: adding VLAN 0 to HW filter on device bond5
[  465.519389][T21811] bond4: (slave veth0_to_bond): Releasing active interface
[  465.527506][T21811] veth0_to_bond: left promiscuous mode
[  465.537509][ T7606] nci: nci_rsp_packet: unknown rsp opcode 0xe10
[  465.563124][T21811] bond5: (slave veth0_to_bond): making interface the new active one
[  465.574237][T21811] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  465.595593][T21820] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4499'.
[  465.626151][T21819] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  465.678966][T21820] veth13: entered allmulticast mode
[  465.897321][T21828] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4503'.
[  466.588551][T21871] __nla_validate_parse: 2 callbacks suppressed
[  466.588568][T21871] netlink: 212 bytes leftover after parsing attributes in process `syz.1.4512'.
[  466.791646][T21882] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4515'.
[  466.869586][T21885] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4516'.
[  467.226539][T21911] FAULT_INJECTION: forcing a failure.
[  467.226539][T21911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  467.285375][T21911] CPU: 0 UID: 0 PID: 21911 Comm: syz.0.4525 Not tainted syzkaller #0 PREEMPT(full) 
[  467.285484][T21911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  467.285495][T21911] Call Trace:
[  467.285503][T21911]  <TASK>
[  467.285511][T21911]  dump_stack_lvl+0xe8/0x150
[  467.285542][T21911]  should_fail_ex+0x414/0x560
[  467.285574][T21911]  _copy_to_user+0x31/0xb0
[  467.285599][T21911]  simple_read_from_buffer+0xe1/0x170
[  467.285628][T21911]  proc_fail_nth_read+0x1b3/0x220
[  467.285652][T21911]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  467.285677][T21911]  ? rw_verify_area+0x2a6/0x4d0
[  467.285693][T21911]  ? tun_chr_write_iter+0xe0/0x200
[  467.285715][T21911]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  467.285734][T21911]  vfs_read+0x200/0xa30
[  467.285750][T21911]  ? fdget_pos+0x247/0x320
[  467.285775][T21911]  ? __pfx___mutex_lock+0x10/0x10
[  467.285796][T21911]  ? __pfx_vfs_read+0x10/0x10
[  467.285813][T21911]  ? __fget_files+0x2a/0x420
[  467.285840][T21911]  ? __fget_files+0x3a0/0x420
[  467.285861][T21911]  ? __fget_files+0x2a/0x420
[  467.285891][T21911]  ksys_read+0x145/0x250
[  467.285914][T21911]  ? __pfx_ksys_read+0x10/0x10
[  467.285945][T21911]  do_syscall_64+0xec/0xf80
[  467.285965][T21911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.285985][T21911]  ? trace_irq_disable+0x37/0x100
[  467.286008][T21911]  ? clear_bhb_loop+0x60/0xb0
[  467.286027][T21911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.286045][T21911] RIP: 0033:0x7f56a418e15c
[  467.286064][T21911] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  467.286082][T21911] RSP: 002b:00007f56a510d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  467.286102][T21911] RAX: ffffffffffffffda RBX: 00007f56a43e5fa0 RCX: 00007f56a418e15c
[  467.286117][T21911] RDX: 000000000000000f RSI: 00007f56a510d0a0 RDI: 0000000000000004
[  467.286129][T21911] RBP: 00007f56a510d090 R08: 0000000000000000 R09: 0000000000000000
[  467.286142][T21911] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001
[  467.286154][T21911] R13: 00007f56a43e6038 R14: 00007f56a43e5fa0 R15: 00007ffd55350448
[  467.286182][T21911]  </TASK>
[  467.585024][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5270 ms
[  467.593508][    C0] lec:lec_tx_timeout: lec0
[  467.616871][T21916] syzkaller0: entered promiscuous mode
[  467.622798][T21916] syzkaller0: entered allmulticast mode
[  467.653292][T21918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4530'.
[  467.672292][T21920] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4528'.
[  467.873042][T21934] openvswitch: netlink: Message has 4 unknown bytes.
[  467.883758][T21933] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4531'.
[  467.920713][T21934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4527'.
[  468.141376][T21928] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.149244][T21928] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.429118][T21954] netlink: 576 bytes leftover after parsing attributes in process `syz.2.4534'.
[  468.557338][T21928] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  468.806991][T21965] netlink: 576 bytes leftover after parsing attributes in process `syz.0.4535'.
[  468.892456][T21974] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4538'.
[  468.923290][T21965] tipc: Resetting bearer <eth:xfrm0>
[  469.096971][T13879] veth0_to_bond: left promiscuous mode
[  469.117634][T21983] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  469.180876][T21988] Cannot find add_set index 0 as target
[  469.470001][T22009] sctp: [Deprecated]: syz.0.4553 (pid 22009) Use of int in max_burst socket option.
[  469.470001][T22009] Use struct sctp_assoc_value instead
[  469.606086][T22014] openvswitch: netlink: EtherType 50a is less than min 600
[  469.614276][T22020] validate_nla: 4 callbacks suppressed
[  469.614296][T22020] netlink: 'syz.0.4557': attribute type 1 has an invalid length.
[  469.721516][T22020] 8021q: adding VLAN 0 to HW filter on device bond6
[  469.786407][T22027] bond5: (slave veth0_to_bond): Releasing active interface
[  469.836727][T22027] bond6: (slave veth0_to_bond): making interface the new active one
[  469.857686][T22027] bond6: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  470.016745][T22045] tipc: Started in network mode
[  470.021694][T22045] tipc: Node identity dee39f568b4b, cluster identity 4711
[  470.033899][T22045] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  470.166503][T22045] tipc: Disabling bearer <eth:syzkaller0>
[  470.747708][T22097] bridge0: port 3(batadv1) entered blocking state
[  470.754837][T22097] bridge0: port 3(batadv1) entered disabled state
[  470.770366][T22097] batadv1: entered allmulticast mode
[  470.784691][T22097] batadv1: entered promiscuous mode
[  470.845184][T22104] geneve2: left promiscuous mode
[  470.893156][T22104] ip6erspan0: left promiscuous mode
[  470.985694][  T150] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 20004 - 0
[  471.016869][  T150] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  471.041367][  T150] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 20004 - 0
[  471.058246][  T150] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  471.067973][  T150] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 20004 - 0
[  471.078287][  T150] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  471.133457][  T150] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 20004 - 0
[  471.154274][  T150] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  471.169841][T22117] syzkaller1: entered promiscuous mode
[  471.171439][T22116] x_tables: duplicate underflow at hook 1
[  471.192489][T22116] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  471.195148][T22117] syzkaller1: entered allmulticast mode
[  471.199900][T22116] IPv6: NLM_F_CREATE should be set when creating new route
[  471.213474][T22116] IPv6: NLM_F_CREATE should be set when creating new route
[  471.221374][T22116] IPv6: NLM_F_CREATE should be set when creating new route
[  471.235574][ T3600] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  471.245772][ T3600] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  471.276964][T22116] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  471.357921][T22116] 0ªî{X¹¦: left allmulticast mode
[  471.399257][T22135] netlink: 'syz.1.4590': attribute type 10 has an invalid length.
[  471.422198][T22116] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.430474][T22116] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.671249][T22116] macvtap0: left allmulticast mode
[  471.717007][T22116] gretap1: left promiscuous mode
[  471.722216][T22116] gretap1: left allmulticast mode
[  471.731747][T22116] ip6gre1: left allmulticast mode
[  471.747187][T22116] xfrm1: left allmulticast mode
[  471.795586][T22116] gtp0: left promiscuous mode
[  471.800689][T22116] gtp0: left allmulticast mode
[  471.846739][T22116] veth13: left allmulticast mode
[  472.025832][ T1164] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.054572][ T1164] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.077341][ T1164] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.107250][ T1164] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  472.260978][T22156] __nla_validate_parse: 10 callbacks suppressed
[  472.261000][T22156] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4595'.
[  472.501924][T22168] netlink: 'syz.2.4599': attribute type 26 has an invalid length.
[  472.595775][T22149] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4593'.
[  472.730599][T22184] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4603'.
[  472.754681][T22188] netlink: 'syz.4.4606': attribute type 18 has an invalid length.
[  473.020976][T22203] netlink: 'syz.4.4608': attribute type 1 has an invalid length.
[  473.109097][T22203] 8021q: adding VLAN 0 to HW filter on device bond10
[  473.258745][T22212] bond9: (slave veth0_to_bond): Releasing active interface
[  473.271640][T22216] netlink: 31 bytes leftover after parsing attributes in process `syz.3.4610'.
[  473.294455][T22212] bond10: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  473.505279][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  473.766500][T22252] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4618'.
[  473.872751][T22254] syzkaller0: entered promiscuous mode
[  473.888826][T22254] syzkaller0: entered allmulticast mode
[  474.041065][T22267] netlink: 112 bytes leftover after parsing attributes in process `syz.2.4622'.
[  474.140573][T22270] netlink: 'syz.0.4624': attribute type 1 has an invalid length.
[  474.293802][T22270] 8021q: adding VLAN 0 to HW filter on device bond7
[  474.329648][T22279] xt_TPROXY: Can be used only with -p tcp or -p udp
[  474.339517][T22276] bond6: (slave veth0_to_bond): Releasing active interface
[  474.364659][T22276] bond7: (slave veth0_to_bond): making interface the new active one
[  474.393686][T22288] syz.1.4625: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  474.396997][T22276] bond7: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  474.477052][T22288] CPU: 0 UID: 0 PID: 22288 Comm: syz.1.4625 Not tainted syzkaller #0 PREEMPT(full) 
[  474.477085][T22288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  474.477098][T22288] Call Trace:
[  474.477106][T22288]  <TASK>
[  474.477115][T22288]  dump_stack_lvl+0xe8/0x150
[  474.477148][T22288]  warn_alloc+0x214/0x310
[  474.477172][T22288]  ? stack_trace_save+0x9c/0xe0
[  474.477206][T22288]  ? __pfx_warn_alloc+0x10/0x10
[  474.477233][T22288]  ? kasan_save_track+0x4f/0x80
[  474.477258][T22288]  ? kasan_save_track+0x3e/0x80
[  474.477274][T22288]  ? __kasan_kmalloc+0x93/0xb0
[  474.477294][T22288]  ? __kmalloc_cache_noprof+0x3e2/0x700
[  474.477316][T22288]  ? xskq_create+0x56/0x170
[  474.477345][T22288]  ? xsk_setsockopt+0x4dc/0x8d0
[  474.477367][T22288]  ? do_sock_setsockopt+0x17c/0x1b0
[  474.477386][T22288]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  474.477403][T22288]  ? do_syscall_64+0xec/0xf80
[  474.477427][T22288]  __vmalloc_node_range_noprof+0x134/0x16a0
[  474.477478][T22288]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  474.477506][T22288]  ? __kasan_kmalloc+0x93/0xb0
[  474.477529][T22288]  vmalloc_user_noprof+0xad/0xf0
[  474.477548][T22288]  ? xskq_create+0xbf/0x170
[  474.477573][T22288]  xskq_create+0xbf/0x170
[  474.477599][T22288]  xsk_init_queue+0xb0/0x110
[  474.477623][T22288]  xsk_setsockopt+0x4dc/0x8d0
[  474.477646][T22288]  ? __pfx_xsk_setsockopt+0x10/0x10
[  474.477673][T22288]  ? __pfx_aa_sk_perm+0x10/0x10
[  474.477712][T22288]  ? aa_sock_opt_perm+0xff/0x1a0
[  474.477737][T22288]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  474.477753][T22288]  ? __pfx_xsk_setsockopt+0x10/0x10
[  474.477781][T22288]  do_sock_setsockopt+0x17c/0x1b0
[  474.477805][T22288]  __x64_sys_setsockopt+0x13f/0x1b0
[  474.477827][T22288]  do_syscall_64+0xec/0xf80
[  474.477847][T22288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.477868][T22288]  ? trace_irq_disable+0x37/0x100
[  474.477895][T22288]  ? clear_bhb_loop+0x60/0xb0
[  474.477917][T22288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.477935][T22288] RIP: 0033:0x7f2336f8f749
[  474.477950][T22288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.477969][T22288] RSP: 002b:00007f2337dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  474.477993][T22288] RAX: ffffffffffffffda RBX: 00007f23371e6090 RCX: 00007f2336f8f749
[  474.478009][T22288] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  474.478021][T22288] RBP: 00007f2337013f91 R08: 0000000000000004 R09: 0000000000000000
[  474.478034][T22288] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  474.478047][T22288] R13: 00007f23371e6128 R14: 00007f23371e6090 R15: 00007ffcdf14e8d8
[  474.478079][T22288]  </TASK>
[  474.478098][T22288] Mem-Info:
[  474.479868][T22283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4625'.
[  474.524480][T22288] active_anon:5836 inactive_anon:0 isolated_anon:0
[  474.524480][T22288]  active_file:3536 inactive_file:40048 isolated_file:0
[  474.524480][T22288]  unevictable:768 dirty:237 writeback:0
[  474.524480][T22288]  slab_reclaimable:13174 slab_unreclaimable:136081
[  474.524480][T22288]  mapped:29685 shmem:1374 pagetables:1753
[  474.524480][T22288]  sec_pagetables:0 bounce:0
[  474.524480][T22288]  kernel_misc_reclaimable:0
[  474.524480][T22288]  free:1270889 free_pcp:20221 free_cma:0
[  474.873625][T22288] Node 0 active_anon:23724kB inactive_anon:0kB active_file:14144kB inactive_file:159992kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:110568kB dirty:944kB writeback:0kB shmem:3956kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:18928kB pagetables:7084kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  474.952886][T22288] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8192kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  475.041777][T22288] Node 0 DMA free:11264kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  475.042481][T22314] vlan2: entered promiscuous mode
[  475.102039][T22314] bridge0: entered promiscuous mode
[  475.115829][T22288] lowmem_reserve[]: 0 2499 2501 2501 2501
[  475.120228][T22317] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4634'.
[  475.122154][T22288] Node 0 
[  475.179129][T22315] delete_channel: no stack
[  475.190389][T22288] DMA32 free:1209160kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23624kB inactive_anon:0kB active_file:14144kB inactive_file:159992kB unevictable:1536kB writepending:944kB zspages:0kB present:3129332kB managed:2559512kB mlocked:0kB bounce:0kB free_pcp:40552kB local_pcp:21380kB free_cma:0kB
[  475.297779][T22288] lowmem_reserve[]: 0 0 1 1 1
[  475.302582][T22288] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  475.382047][T22288] lowmem_reserve[]: 0 0 0 0 0
[  475.398964][T22288] Node 1 Normal free:3863824kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:38172kB local_pcp:10324kB free_cma:0kB
[  475.477166][T22288] lowmem_reserve[]: 0 0 0 0 0
[  475.482047][T22288] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 2*4096kB (M) = 11264kB
[  475.543869][T22288] Node 0 DMA32: 7340*4kB (UM) 5092*8kB (UM) 2025*16kB (UME) 26*32kB (UME) 692*64kB (UM) 1082*128kB (UME) 840*256kB (UM) 583*512kB (UME) 322*1024kB (UME) 39*2048kB (UM) 0*4096kB = 1209248kB
[  475.578517][T22340] netlink: 'syz.4.4643': attribute type 23 has an invalid length.
[  475.600673][T22288] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  475.662693][T22288] Node 1 Normal: 185*4kB (UME) 57*8kB (UME) 34*16kB (UME) 162*32kB (UME) 54*64kB (UM) 15*128kB (UME) 8*256kB (UME) 7*512kB (UM) 4*1024kB (UME) 2*2048kB (UE) 937*4096kB (UM) = 3864076kB
[  475.705123][T22288] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  475.741573][T22288] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  475.772343][T22288] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  475.826568][T22288] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  475.857674][T22288] 46203 total pagecache pages
[  475.862513][T22288] 0 pages in swap cache
[  475.878570][T22288] Free swap  = 124996kB
[  475.899234][T22288] Total swap = 124996kB
[  475.915363][T22288] 2097051 pages RAM
[  475.924209][T22288] 0 pages HighMem/MovableOnly
[  475.934343][T22288] 425083 pages reserved
[  475.943299][T22288] 0 pages cma reserved
[  475.967027][T22359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4647'.
[  476.362212][T22382] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4654'.
[  502.150987][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  502.159775][ T1301] lec:lec_start_xmit: lec0:No lecd attached
[  507.267438][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  507.585122][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5420 ms
[  507.593592][    C0] lec:lec_tx_timeout: lec0
[  509.346933][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  511.106560][   T31] INFO: task udevd:16597 blocked for more than 143 seconds.
[  511.115848][   T31]       Not tainted syzkaller #0
[  511.121334][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  511.130432][   T31] task:udevd           state:D stack:23400 pid:16597 tgid:16597 ppid:5197   task_flags:0x400140 flags:0x00080000
[  511.143662][   T31] Call Trace:
[  511.147640][   T31]  <TASK>
[  511.150773][   T31]  __schedule+0x149b/0x4fd0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  511.155972][   T31]  ? blk_mq_flush_plug_list+0x41f/0x550
[  511.162636][   T31]  ? do_raw_spin_lock+0x121/0x290
[  511.168229][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  511.174171][   T31]  ? __blk_flush_plug+0x3fc/0x4b0
[  511.179712][   T31]  ? __pfx___schedule+0x10/0x10
[  511.205180][   T31]  ? schedule+0x91/0x360
[  511.209760][   T31]  schedule+0x165/0x360
[  511.214418][   T31]  schedule_timeout+0x12b/0x270
[  511.295065][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  511.300815][   T31]  ? __pfx_process_timeout+0x10/0x10
[  511.334972][   T31]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  511.341204][   T31]  ? prepare_to_wait_event+0x437/0x480
[  511.354635][   T31]  nbd_queue_rq+0x662/0xf10
[  511.360668][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  511.366646][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  511.372864][   T31]  blk_mq_dispatch_rq_list+0x4c0/0x1900
[  511.379462][   T31]  ? sbitmap_find_bit+0x47f/0x520
[  511.384637][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  511.392077][   T31]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  511.398812][   T31]  __blk_mq_sched_dispatch_requests+0xdac/0x1570
[  511.405684][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  511.412486][   T31]  ? blk_mq_hw_queue_need_run+0x13c/0x680
[  511.420825][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  511.427006][   T31]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  511.433213][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  511.439290][   T31]  blk_mq_run_hw_queue+0x348/0x4f0
[  511.444449][   T31]  blk_mq_dispatch_list+0xd0b/0xe00
[  511.450406][   T31]  ? bdev_count_inflight+0x1cf/0x210
[  511.456158][   T31]  ? blk_mq_dispatch_list+0x1e0/0xe00
[  511.461581][   T31]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  511.469144][   T31]  ? lockdep_hardirqs_on+0x7b/0x110
[  511.474753][   T31]  ? rcu_is_watching+0x15/0xb0
[  511.480332][   T31]  blk_mq_flush_plug_list+0x469/0x550
[  511.487512][   T31]  ? blk_add_rq_to_plug+0x300/0x450
[  511.492811][   T31]  ? blk_mq_submit_bio+0xd5b/0x26b0
[  511.499416][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  511.506422][   T31]  ? blk_mq_submit_bio+0x46a/0x26b0
[  511.511684][   T31]  __blk_flush_plug+0x3d3/0x4b0
[  511.518856][   T31]  ? __pfx___blk_flush_plug+0x10/0x10
[  511.527047][   T31]  __submit_bio+0x2d0/0x5a0
[  511.532234][   T31]  ? __pfx___submit_bio+0x10/0x10
[  511.538345][   T31]  ? blk_cgroup_bio_start+0x59d/0x640
[  511.543975][   T31]  ? bio_associate_blkg+0x6d/0x230
[  511.549867][   T31]  submit_bio_noacct_nocheck+0x2eb/0xa30
[  511.555945][   T31]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  511.562620][   T31]  ? bio_alloc_bioset+0xca6/0x14e0
[  511.569011][   T31]  ? submit_bio_noacct+0xdfc/0x1b60
[  511.574634][   T31]  block_read_full_folio+0x599/0x830
[  511.581630][   T31]  ? __pfx_blkdev_get_block+0x10/0x10
[  511.588061][   T31]  filemap_read_folio+0x117/0x380
[  511.593490][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  511.600918][   T31]  ? __pfx_filemap_read_folio+0x10/0x10
[  511.607353][   T31]  ? filemap_add_folio+0x35f/0x540
[  511.612684][   T31]  do_read_cache_folio+0x358/0x590
[  511.618303][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  511.624385][   T31]  read_part_sector+0xb6/0x2b0
[  511.629778][   T31]  adfspart_check_ICS+0xa4/0xa50
[  511.635161][   T31]  ? snprintf+0xda/0x120
[  511.639442][   T31]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  511.646359][   T31]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  511.652041][   T31]  bdev_disk_changed+0x75f/0x14b0
[  511.657419][   T31]  ? __pfx_bdev_disk_changed+0x10/0x10
[  511.663196][   T31]  blkdev_get_whole+0x380/0x510
[  511.668886][   T31]  bdev_open+0x31e/0xd30
[  511.673179][   T31]  blkdev_open+0x457/0x600
[  511.678021][   T31]  ? __pfx_blkdev_open+0x10/0x10
[  511.683000][   T31]  do_dentry_open+0x7ce/0x1420
[  511.688654][   T31]  vfs_open+0x3b/0x340
[  511.692781][   T31]  ? path_openat+0x33f3/0x3dd0
[  511.697855][   T31]  path_openat+0x340e/0x3dd0
[  511.702576][   T31]  ? __pfx_stack_trace_save+0x10/0x10
[  511.708432][   T31]  ? kmem_cache_alloc_noprof+0x37d/0x710
[  511.714114][   T31]  ? getname_flags+0xb8/0x540
[  511.719657][   T31]  ? __pfx_path_openat+0x10/0x10
[  511.724637][   T31]  ? __lock_acquire+0x6b6/0x2cf0
[  511.730276][   T31]  do_filp_open+0x1fa/0x410
[  511.734814][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  511.740263][   T31]  ? _raw_spin_unlock+0x28/0x50
[  511.745485][   T31]  ? alloc_fd+0x64c/0x6c0
[  511.751284][   T31]  do_sys_openat2+0x121/0x200
[  511.756766][   T31]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  511.763043][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  511.769754][   T31]  ? rcu_is_watching+0x15/0xb0
[  511.775190][   T31]  __x64_sys_openat+0x138/0x170
[  511.780095][   T31]  do_syscall_64+0xec/0xf80
[  511.784812][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.792015][   T31]  ? trace_irq_disable+0x37/0x100
[  511.797852][   T31]  ? clear_bhb_loop+0x60/0xb0
[  511.802921][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.809658][   T31] RIP: 0033:0x7f55dd2a7407
[  511.814332][   T31] RSP: 002b:00007fffba6cb470 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  511.823568][   T31] RAX: ffffffffffffffda RBX: 00007f55dd993880 RCX: 00007f55dd2a7407
[  511.832551][   T31] RDX: 00000000000a0800 RSI: 00005581ed2814d0 RDI: ffffffffffffff9c
[  511.841257][   T31] RBP: 00005581ed280910 R08: 0000000000000000 R09: 0000000000000000
[  511.849573][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 00005581ed295830
[  511.857818][   T31] R13: 00005581ed28e190 R14: 0000000000000000 R15: 00005581ed295830
[  511.866034][   T31]  </TASK>
[  511.878760][   T31] 
[  511.878760][   T31] Showing all locks held in the system:
[  511.894959][   T31] 1 lock held by khungtaskd/31:
[  511.905154][   T31]  #0: ffffffff8df41aa0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  511.925148][   T31] 2 locks held by getty/5587:
[  511.930224][   T31]  #0: ffff888034d450a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  511.975060][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x449/0x1460
[  512.014969][   T31] 3 locks held by kworker/1:3/5835:
[  512.020726][   T31]  #0: ffff88813ff15948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  512.095360][   T31]  #1: ffffc9000412fbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  512.125286][   T31]  #2: ffffffff8df475f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2b1/0x6e0
[  512.155226][   T31] 3 locks held by kworker/1:8/8186:
[  512.160661][   T31] 3 locks held by udevd/16597:
[  512.194991][   T31]  #0: ffff888141fc7358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  512.204566][   T31]  #1: ffff888141ff7418 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  512.255344][   T31]  #2: ffff888025230180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  512.285266][   T31] 5 locks held by syz-executor/17124:
[  512.295412][   T31]  #0: ffff88804b48cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5b0
[  512.335310][   T31]  #1: ffff88804b48c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x1100
[  512.366585][   T31]  #2: ffffffff8f483948 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260
[  512.394365][   T31]  #3: ffff8880340bf338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5b0
[  512.407367][   T31]  #4: ffffffff8df475f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x36e/0x6e0
[  512.419343][   T31] 3 locks held by syz-executor/17775:
[  512.426061][   T31]  #0: ffff888042728ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5b0
[  512.438280][   T31]  #1: ffff8880427280c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x1100
[  512.448457][   T31]  #2: ffffffff8f483948 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260
[  512.459090][   T31] 
[  512.461632][   T31] =============================================
[  512.461632][   T31] 
[  512.481124][   T31] NMI backtrace for cpu 0
[  512.481144][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  512.481174][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  512.481186][   T31] Call Trace:
[  512.481194][   T31]  <TASK>
[  512.481201][   T31]  dump_stack_lvl+0xe8/0x150
[  512.481233][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  512.481261][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  512.481294][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  512.481324][   T31]  sys_info+0x135/0x170
[  512.481345][   T31]  watchdog+0xf95/0xfe0
[  512.481378][   T31]  ? watchdog+0x20a/0xfe0
[  512.481409][   T31]  kthread+0x711/0x8a0
[  512.481439][   T31]  ? __pfx_watchdog+0x10/0x10
[  512.481464][   T31]  ? __pfx_kthread+0x10/0x10
[  512.481489][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  512.481516][   T31]  ? __pfx_kthread+0x10/0x10
[  512.481541][   T31]  ret_from_fork+0x510/0xa50
[  512.481563][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  512.481580][   T31]  ? __switch_to+0xc9e/0x1480
[  512.481610][   T31]  ? __pfx_kthread+0x10/0x10
[  512.481635][   T31]  ret_from_fork_asm+0x1a/0x30
[  512.481676][   T31]  </TASK>
[  512.481683][   T31] Sending NMI from CPU 0 to CPUs 1:
[  512.611063][    C1] NMI backtrace for cpu 1
[  512.611082][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  512.611102][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  512.611113][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  512.611136][    C1] Code: 13 e3 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 c1 0e 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  512.611152][    C1] RSP: 0018:ffffc90000197e20 EFLAGS: 000002c2
[  512.611167][    C1] RAX: 0000000000184355 RBX: ffffffff819713ee RCX: 0000000080000001
[  512.611179][    C1] RDX: 0000000000000001 RSI: ffffffff8d792037 RDI: ffffffff8bc083e0
[  512.611191][    C1] RBP: ffffc90000197f10 R08: ffff8880b87336db R09: 1ffff110170e66db
[  512.611204][    C1] R10: dffffc0000000000 R11: ffffed10170e66dc R12: ffffffff8f822270
[  512.611217][    C1] R13: 1ffff110038d4b70 R14: 0000000000000001 R15: 0000000000000001
[  512.611228][    C1] FS:  0000000000000000(0000) GS:ffff888125f21000(0000) knlGS:0000000000000000
[  512.611242][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  512.611253][    C1] CR2: 000056075051e000 CR3: 000000000dd3a000 CR4: 00000000003526f0
[  512.611268][    C1] Call Trace:
[  512.611276][    C1]  <TASK>
[  512.611282][    C1]  default_idle+0x13/0x20
[  512.611302][    C1]  default_idle_call+0x73/0xb0
[  512.611331][    C1]  do_idle+0x1be/0x4d0
[  512.611353][    C1]  ? __pfx_do_idle+0x10/0x10
[  512.611373][    C1]  ? do_idle+0x4af/0x4d0
[  512.611392][    C1]  cpu_startup_entry+0x44/0x60
[  512.611410][    C1]  start_secondary+0x101/0x110
[  512.611435][    C1]  common_startup_64+0x13e/0x147
[  512.611465][    C1]  </TASK>
[  512.788294][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  512.795226][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  512.804923][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  512.815249][   T31] Call Trace:
[  512.818623][   T31]  <TASK>
[  512.821551][   T31]  vpanic+0x1e0/0x670
[  512.825842][   T31]  panic+0xb9/0xc0
[  512.829812][   T31]  ? __pfx_panic+0x10/0x10
[  512.834774][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  512.840410][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  512.846665][   T31]  watchdog+0xfdf/0xfe0
[  512.850850][   T31]  ? watchdog+0x20a/0xfe0
[  512.855635][   T31]  kthread+0x711/0x8a0
[  512.859802][   T31]  ? __pfx_watchdog+0x10/0x10
[  512.864478][   T31]  ? __pfx_kthread+0x10/0x10
[  512.869390][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  512.874738][   T31]  ? __pfx_kthread+0x10/0x10
[  512.879441][   T31]  ret_from_fork+0x510/0xa50
[  512.884038][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  512.889529][   T31]  ? __switch_to+0xc9e/0x1480
[  512.894470][   T31]  ? __pfx_kthread+0x10/0x10
[  512.899607][   T31]  ret_from_fork_asm+0x1a/0x30
[  512.904407][   T31]  </TASK>
[  512.908174][   T31] Kernel Offset: disabled
[  512.913188][   T31] Rebooting in 86400 seconds..