last executing test programs:

5.083471913s ago: executing program 2 (id=1450):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000002c40)={&(0x7f0000002bc0)=@ipv4_delrule={0x24, 0x21, 0x1, 0x70bd27, 0x25dfdbff, {0x2, 0x10, 0x80, 0x9, 0x1, 0x0, 0x0, 0x3, 0x10000}, [@FRA_SRC={0x8, 0x2, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(0x0, r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffff", @ANYRES32=r5, @ANYBLOB="010000"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xe, 0x12, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ldst={0x3, 0x1, 0x3, 0x5, 0x4, 0xffffffffffffffc0, 0x10}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x6}, @jmp={0x5, 0x0, 0xc, 0x2, 0x5, 0x8, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xae9}}, @alu={0x7, 0x0, 0x0, 0x7, 0x3, 0x18, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0xea, &(0x7f0000000c00)=""/234, 0x41000, 0x6, '\x00', r5, @sk_skb=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d40)={0x4, 0xa, 0x1, 0x800}, 0x10, 0x0, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000d80)=[{0x2, 0x1, 0x10, 0x1}, {0x1, 0x3, 0xb, 0x4}, {0x2, 0x5, 0xa, 0x3}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x5, 0x2, 0x2}, {0x3, 0x5, 0x2, 0xa}], 0x10, 0x35ed}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb904021d080000000000000000070a000a000900142603600e1208001e0000050401a8000900027c035c0461c1d67f6f94007134cf6efb8001a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c3f5aeb4edbb57a5025ccca9e008026f6e6ddba61f5fad95667e006dcdf639500bfeb789d00000000000000d5e1cace81ed6c117ab5d6d69bda4039e81f86f60f0bffece0b42a9ecbee5de6ccd40dd6e4edef3985000092954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61154c00000000006113300000000000bfa00000000000001503000008004e002d35010000000000950000bc000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4501000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a81426104000000000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546ccd3f1d5ab2af27546e7c0700000000000000b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4d08000000ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43000000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d0000000000000000b712c1e47be511fe32fbc90e2364a55e9bb609c64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd4722a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c835d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff5af657a67463d7dbf85ae9321fad16ee751cd7dde94ec97549c2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf377b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059a6cffb92e2a0cfd81434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5c4d188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a5cbb8be3f7741b18007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873d0ecdf904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566fffffffffc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054e5deb27f7922fe6c14eba96c9af409da03290e4009f872d5aaca63dbe239efb1e02dd4fc07f8c5b070e2ddeb4b5afa6df2e7e162962e334d8553cc56008ddc8277fa9e8f6684513bfa827686b6fb71259743f55f46fa7e6379312e93213faf275f0441d46bc5690181244c44bea45854ed4ccd99f3fd328110ae22ef1504ec0566652d742ed8a7e202539c6531824f7399b486fbb906a91b77f2a6ba27bf97ebc7482cea32278a7acd9f2210e6ed2defcbd112f29a92401c5a37c58835f870b056186ef3971d3d9effa5661cabc2a059689dcfb030dd4ac0fe54db67510d3e9a5d36b900000000000000000000000000000000c9e484cf5f8c0955c11b285de46871d62f9d986e73658d228225b21f694dd2dc"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

4.994855317s ago: executing program 2 (id=1451):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500030000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000004fcff", 0x58}], 0x1)

4.819632537s ago: executing program 2 (id=1452):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={0x0, 0x0, 0xc, r0}, 0x18)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xf3a, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x841, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x0, &(0x7f0000000400)}, 0x10)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @multicast})
write$tun(r3, 0x0, 0x82)
socket$inet6(0xa, 0x2, 0x3)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f00000000c0)="4b0003000000", 0x6)

2.306846375s ago: executing program 3 (id=1483):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, 0x0, &(0x7f00000000c0)=0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmsg$inet6(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x808c1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket(0x2, 0x80000, 0x3)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010c3210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa88800200000140003006d6163736563300000000000000000000a000100aa"], 0x78}}, 0x0)

2.107922007s ago: executing program 1 (id=1487):
r0 = socket$inet6(0xa, 0x3, 0x5)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x1200, 0x1}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000280)=[{0x18, 0x29, 0x4, "03"}], 0x18}}], 0x2, 0x600c802)

1.995333161s ago: executing program 1 (id=1489):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000002c40)={&(0x7f0000002bc0)=@ipv4_delrule={0x24, 0x21, 0x1, 0x70bd27, 0x25dfdbff, {0x2, 0x10, 0x80, 0x9, 0x1, 0x0, 0x0, 0x3, 0x10000}, [@FRA_SRC={0x8, 0x2, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(0x0, r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffff", @ANYRES32=r5, @ANYBLOB="010000"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xe, 0x12, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ldst={0x3, 0x1, 0x3, 0x5, 0x4, 0xffffffffffffffc0, 0x10}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x6}, @jmp={0x5, 0x0, 0xc, 0x2, 0x5, 0x8, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xae9}}, @alu={0x7, 0x0, 0x0, 0x7, 0x3, 0x18, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0xea, &(0x7f0000000c00)=""/234, 0x41000, 0x6, '\x00', r5, @sk_skb=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d40)={0x4, 0xa, 0x1, 0x800}, 0x10, 0x0, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000d80)=[{0x2, 0x1, 0x10, 0x1}, {0x1, 0x3, 0xb, 0x4}, {0x2, 0x5, 0xa, 0x3}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x5, 0x2, 0x2}, {0x3, 0x5, 0x2, 0xa}], 0x10, 0x35ed}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb904021d080000000000000000070a000a000900142603600e1208001e0000050401a8000900027c035c0461c1d67f6f94007134cf6efb8001a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c3f5aeb4edbb57a5025ccca9e008026f6e6ddba61f5fad95667e006dcdf639500bfeb789d00000000000000d5e1cace81ed6c117ab5d6d69bda4039e81f86f60f0bffece0b42a9ecbee5de6ccd40dd6e4edef3985000092954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61154c00000000006113300000000000bfa00000000000001503000008004e002d35010000000000950000bc000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4501000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a81426104000000000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546ccd3f1d5ab2af27546e7c0700000000000000b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4d08000000ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43000000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d0000000000000000b712c1e47be511fe32fbc90e2364a55e9bb609c64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd4722a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c835d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff5af657a67463d7dbf85ae9321fad16ee751cd7dde94ec97549c2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf377b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059a6cffb92e2a0cfd81434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5c4d188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a5cbb8be3f7741b18007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873d0ecdf904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566fffffffffc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054e5deb27f7922fe6c14eba96c9af409da03290e4009f872d5aaca63dbe239efb1e02dd4fc07f8c5b070e2ddeb4b5afa6df2e7e162962e334d8553cc56008ddc8277fa9e8f6684513bfa827686b6fb71259743f55f46fa7e6379312e93213faf275f0441d46bc5690181244c44bea45854ed4ccd99f3fd328110ae22ef1504ec0566652d742ed8a7e202539c6531824f7399b486fbb906a91b77f2a6ba27bf97ebc7482cea32278a7acd9f2210e6ed2defcbd112f29a92401c5a37c58835f870b056186ef3971d3d9effa5661cabc2a059689dcfb030dd4ac0fe54db67510d3e9a5d36b900000000000000000000000000000000c9e484cf5f8c0955c11b285de46871d62f9d986e73658d228225b21f694dd2dc80e96ce476496973ee14e3d4fd03507c6f7c0c8ae809ddc9a36b4f30d15d08cc8e72d750f5e529cf4cec823b923d382f3f2c42dcb4b316eba77e7f767ae17d4d3427c9379eadbd040fbbe0c6dd8100"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

1.926316845s ago: executing program 4 (id=1490):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000be7000005c000000000000001d1f2b14f07d4f07ee03f50d20153ea1d315f204f9558686474106c4a84b9d20a5d893136519458728666bc81095f5daf0493f088889048fc8715a2cb9fcb9d20447798e28987ef65b393fcc1c738e73900a86a891d0262af94d4bed8c160a1997664958bbd97b86b38bbc857dd6c6a6b7722af21a384a25f1e6e0d7faaae3a13374ee7c7057018a232e0050845cd8a3bfe9e0b5b8ae253c8d6e1a0d3962e9ec7c08c0adfee89de1b6b7874c35c4e0d34f4c928b3551dc3511708c3f3064d0449616818c37f3bbed370cd1d2b50823be7548d4cb42cd00e09935d146", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYBLOB="000000000200000000000000000a4a7ebbe700"/33], 0x48)

1.879909565s ago: executing program 3 (id=1491):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_DELCHAIN={0x44, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x18, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}]}], {0x14}}, 0x6c}, 0x1, 0x0, 0xfffffff5}, 0x0)

1.803291067s ago: executing program 1 (id=1493):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
socket$alg(0x26, 0x5, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0x0, 0x0, 0x0, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffff53, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x80}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x3c, r4, 0x509, 0x70bd2c, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40080d0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0x35, 0x0, &(0x7f0000000240)="01ff03076003008cb89e08f086dd41627aed6e503b148c127e26653490e7a8c86f5d05d001927d30f24df720a47aed1f1a1d20e812", 0x0, 0x6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2d, 0x25dfdc03, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0x2, 0xfff1}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x240410c0)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)

1.767833576s ago: executing program 4 (id=1494):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10) (async)
connect$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r2}, 0x90)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r4=>0x0}) (async)
socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f) (async, rerun: 64)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1}, 0x37) (rerun: 64)
close(r7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff}) (async)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xc, &(0x7f0000001440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}}]}, &(0x7f0000000200)='syzkaller\x00', 0x6}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r8, r11, 0x5}, 0x10) (async, rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r8}, &(0x7f0000000100), &(0x7f0000000140)=r7}, 0x20) (async, rerun: 64)
sendmsg(r9, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r12=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r12}}, 0x20}}, 0x0)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
recvmmsg(r13, 0x0, 0x0, 0x0, 0x0) (async)
r14 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$ifreq_SIOCGIFINDEX_vcan(r14, 0x8933, &(0x7f0000000100)={'vxcan0\x00'}) (async)
ioctl$PPPIOCSFLAGS1(r13, 0x40047459, &(0x7f00000000c0)=0x4320321)

1.643652775s ago: executing program 2 (id=1495):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x4e22, @multicast1}}, 0x6, 0xa7}, 0x90)
sendmmsg$sock(r2, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4b9a01fb336bef1be8a68a628452b83a7404087d4bcb64f6ecad05459d12595d5b8b2657f2f29656a15e5a18e3168946dcb5faa59f7b404bad393ba06734d170b0513aeb0d051", 0xd5}, {&(0x7f00000004c0)="62c99e05d98775ed1beb5d67431ead896f7060f03e5b8671b283168d0df1573bef271f3a22b9cac06e27c7e87b34a19188d3e10e670bc070f0d3eb88d2f891d242747e0deec4a10609b12d4058b0fbff28bb01e6e49b533b03b11288ff4da1ab3226a2e3ba5fc47969142f1a1a0ca9ba4cece2ac9a5fcd89343de7e57dfcbb6216499555bd04f2fcb91c3c6c72868a3797ec63f8138ab74b5034878812df8b0445704cb33f81bffed93c3e645a206db134f626a59f4fac53fbf23489cf2f45d05d735e64033376671da045df97bcb989bda1d17ba14afbfd19e32a8222ebf934c17fed237b86aef2e830", 0xea}, {&(0x7f00000005c0)="f2b314c96d500b66f7fd46493862d9eb11d188464208592330ac482436286448", 0x20000}], 0x3}}], 0x1, 0x0)
write(r0, &(0x7f0000000080)="29000300010003", 0x7)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x1}, {}, {0x2, 0x1}}, [@filter_kind_options=@f_fw={{0x7}, {0x20, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'veth1_to_bridge\x00'}, @TCA_FW_CLASSID={0x8, 0x1, {0xfff3, 0xb}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x893}, 0x24040084)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000001800)=ANY=[@ANYBLOB="18000000000000000000000000000000730135000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@getnexthop={0x28, 0x76, 0xb0d, 0x4000, 0x0, {0x3}, [@NHA_ID={0x8, 0x1, 0x2}, @NHA_MASTER={0x8}]}, 0x28}}, 0x0)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="012bcebd7000000000000500f628456eed8c8ccf95b63500d4983c7ed50d3114742257e4b679b4ed41502cc0b71eeda742ffcacddac98d8eeca48f9768240e610e67fd5c"], 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000001100), r8)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NET_DM_CMD_START(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
accept4$ax25(r5, &(0x7f0000000440)={{0x3, @null}, [@bcast, @rose, @null, @rose, @rose, @default, @default, @default]}, &(0x7f00000001c0)=0x48, 0x0)
sendmsg$NET_DM_CMD_START(r10, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)

1.643323932s ago: executing program 3 (id=1496):
r0 = socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @cgroup_device=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x82e00000)

1.429167962s ago: executing program 3 (id=1497):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000001980)={0x1c, 0x2, 0x3, 0x301, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x84}, 0x4000004)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x84)
connect$inet6(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000"], 0xf0}}, 0x0)
r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="336bb59fba0ca637396534b1a9c512d924072964ac80534214c7cd9409af958c478b2d46f504cc2b33a07c79e4150b8add676019759923055b7a30d42163134846039747c4da299d4397c0b3967c27195c58c835576ed561d4f033d525f090c886a1c2b6e8b691792649911974a6785725a77b2e7d8b6255afa99e35c6d91de36e3f5a9a69f7f362a4cf6162ee56193acadb573c33567a4505488fc6239f04aa0f853ac6b5c6c5cbb5c2c4cd4428f1dab631752d7fea9378d6006d05dc1d1c0cd3cd4b1da11d018f774573", 0xcb}, {&(0x7f0000000000)="d5fe3bc8edf9ac9b337e069a1439", 0xe}, {&(0x7f0000000280)="996407294e07dbd856207da94b1f326274cbd869c170a5ef4c69e083f143b06f75ddabf39e20fbecbf1dc59b773e7f13e24ec9f8e65cbf76ad6ccb69f5dfddd5b67a9c8b1638b70b098c0c5042b6cbbbd2ac02654ef50840bc50853440e66b6c011520195aa9dc941be59853d1cd353206861fc9a427d469a0a26c079e344061a8defed02ab023e57d26c2fb36b48cd1c5aa05b8881e30858de09edd52a8a9afb455c2cd3ef9bfc84a028ce9bc5f4e0f5ab7ddc41545ff04ca4d8f617ac4", 0xbe}], 0x3, &(0x7f0000000340)=[@iv={0x18}, @iv={0x28, 0x117, 0x2, 0x12, "b74f10f13d52e731c6017512c6be19992cfc"}, @iv={0xb0, 0x117, 0x2, 0x98, "93c47ab39b159c70bcb46afa7dff353c2da7856d9891c040029beebe497532d111d0db243106542acb4f092f183f27be400796daacc488ce16e5cd1758eca6d506e7ed62b5e25a8ad0c0e8f8afabf2264ab3dbc74849db838255ec7093ae004b7fefdb589fc994d7640e8d8733021878664b891043fbece5bf5496d3d472d7d1927d53dbbacdcd24b3f37a5d37e3e9f52b06347e238bf32c"}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @iv={0x1018, 0x117, 0x2, 0x1000, "ce0ca306d61db063461a86af08637cab0465f944f35604e649181850d74cae8dea5cb92d5d17c167b3338c1cb5dc43d71dc423c433610b207296555e4e2588ef6e9c47620e43f7f7ec80592492b357f823738c3f44c7634277fa4da337c8ae75aa125345d6ee0d3a3cd2d84290caee4817c0a9279e6a0207c569dbd8eb5aaaf98e506219d795c067ea15ee0c5e905d21c94f3460cfeee1df0c41e931ff4e84ddab99cc1ab1731a2ed9c819e658870aba5460ceaf18f70367d0e89a1594f825a0577ce8d921ba198dc4da9468b78e84ff420c8dcd175233980923744a243aec9b2decf4511c22f0c5dfc7a793378f9558e2c6c61866da38db75a95bce7f914d63f68e8406e489bef3c0474f2e6a231b43277b786f6fcbfd8d38fc94223a1f9c33b70ef20695360ccfa11bc51bb52641b6cda7ad3e629efd2cd3b549ad351085206b38aabc17042f4052781d7528f34c5c590f3fb469ac773859945e58f4bc647bdda0994e3a7a7bef143da4525cc0e7dffa38f3f1222897b7eaf0289b10cfc3ad1061c336105bc951161f20b99c009fa9fe589ef27b52592764b6df6d0ce7de6fd91860269e22d513a50db6fcf8be681d0aa7dda1b3443895e274ddb557143c75b5d16003eb469f88d468795a559693135ea0f11aab338bf4b2f5e0e89282dd8d2f5a4bb48c5759c972b5e7fd193b1fbab286d99a27220ade2794aa011d074f7d509171b93eb18d14a3bdf3365101e739d48a3d855164789a4b5f11e306ce31a8ca5b7e90e7d517879d7bf78008fa7432078b81c9d727b360ab5ce9923f6919bc14058a96348ea432abf6413cda9d1a5587ac82bc3c8cb19440b7ea5a34aca31b68fc1615d21a10bd53df4367bb716869e1d7e58da43e61c5082c8d7c9f0a4dd23cb3665108e48f4bea760ddd7753a6e1723425f7981b7b3be76b7e6ede24ef0e4645bbad35724a46a7bedb712064df02e26558a4ed01654d0df3b1eec5a63313305dedb390c07f7467bbb66d7f455d53355ef9ff6dee4d64f2b04164b4ff902263c1bac8b06b9b750aa1023f78f0a3a7dd63ba1aa26d37650a5ce6e64c9d18ca537fa18b0e4251e3a6417b028927c2a3dd1f4189b141185dfd3dd3872f77a23fb6bc635f3f6bf23c74dfc7c8718ace73b4572996e31a6e20aa12c61cbbf596a11ffbdd9decc8ec922852ef2021d4c2fc82da1df1716c6919dc06c5c0ce270011e40cb36645fb7f72dc8fe6547d4ff0cb96e06c85e1cfa848bae7027e8658a41f77d4dd7bc3b10e03e1cd4843a3e1c11b79e9f2c9ef06116301342442eefd74121a1cf03dfbc85cceb405e0a6622b80481e86fa2559acaba3da0616cf2e84e0bda37cb3921f69f1798ab2460daeac862d4c234e0fdb287769658f56c73c43f36db5f9950a5a363f6484126add6454a98f7b02b4351a0a92002bea0e0f26575f7cbf3e89593c7780dd73c058dfa4b4bb2371302154cf46d7335784f6d317c69c77753e232dcf50caedc67698281ec38a00e0a7d70e92ca5fa43255c85a4a4f17fdce000cb5ee3ce3e1d69110df57daaf4928f89604c0f6a61427d2540c287152138ef3945ca3ff810cd7cf3d17c2b661d59b219105cabd95cbd1ed73ec22aef8ba261571535bf85646c4b2680a79fa8aacaaf89db4a27611b95fca6088acbc9dd521048026579339bc594270fedf0852fbbf9cd82dc9ad5c9c859e5f15520546e945349bcc3f696aff831e6dd24096eec194890958d1812ef9a6172ee518fc7ec2e1b27557f46b7462e0726dcd1be32465a1dbf02e26d67227d0028148015462f0d436afeaa864503abe065c2e74065942e218e2775aa1c48ed024ae1e85d8c8eb805ee4b2154fbb3eee0ef27518741ad2d66f3d911b1db5bc9e07db4c28afe5eec29a7087792e406a453594404aeef6f561891bae2325a1ee3dbd785c7c70a502c8c983a54612d94d55a3d5de34ea153032cf7d459ebb5d7e4aab576c8e64f51791fe81d170bcf909ab99b5e576f122ad1250ab546eca1900598ace23ff0f9ca9a788968a7c8f09390c4eeb815d6fb91fb03ef6f293c1ad16c21f033e26e01a360773021d28491f392c6cf3dc6543d1ddc9b1ba7d9be8b225e6869df32ae5b665957104cd0adf840fc6ee5bd1c6d918f8acd47b645e05ce759604b55ccb8ff63f819218ecf682a4262cb1a8e374829c8076cf5b099653082a41d5d68bb354c3fcbe95aa02e04b1b4e4016315dca0c05140fcf6ebfda8cb821ce45d62fb80ce2cfcc6b7a98c85b8139cf08e440a1d23e60f077cf8b910c2e6c545444ba98aa6bb633ebe25826a40315ae969c1d1137931633ea1d53eb1e4631d24b76eda4d1618b6e56fd4d9668a924f5e2d4762f1865d5bf680c149cd0612c5f73f400348eeef0ae1e05999051abef92696926feaf58c4a23e8c578023a3310c615b14f3af824813449b99f115ce85e50036c5f588b5b5579979cddabe15f1269f59168b5dfef8f33b041676f22e76d74f9016eeb591615e3326a6431c99e3da2677078e63af39fd2dfbd3f797c128b8070395651d8bb6db59bfe29a531f2ac58cc6fbe9ba6be1b5129b9b7301528b49aea81721a1165886c8ee7c830f45c1666ffb495949cfe7c68427632b4fef98943c13f113dd7183aabc99a06e3a82513b5151e69403c21396a06177f0e146ec73b183b8c1f1ec4dce16623cfaea32d3395db422f5d9231375179c33a3a75c353fc4c18f62bea337faace7186b4b25482bd12ffc25150728702ff08642dc3aa761f3b43fef2a844f7ac9cd28bf3240e8ad0bc5e596a3b1208d26e3d3695a71f9d4e2408ffe08dfb417918a39554e9418303d6cc429eaa047b3d86bea89d4c8c18bdc85cf07ad0b10489e8f72e090f38700a67390258a5e39e9f5bea2364d56a632c6a8d47748836078f3208e94a5ae8447bb4629767f53932ade77e82cba8c4b96b9682b3eba9835927090378325263911e6a2d3fdd807acca8a95f85b071e0cb0c141c22372427cbc42e88568f9c4869d4999de81091cf215c3a990231261af02e434c568318439e2f2a9f8cbf80c88c2493c370d84eeabe379184388153973e96bbb7f2efbed32e3e4d777bf5bc82b7a16f3799b448e6fa37444af73ed84f5501012d0ce6475f79f3fbb819370498ffba6ae4ce95ae1b83b5c21f3cdc247ef7f4928d61d29bae50aab7acff1af8c43454ad0e46060934d0a15de20a2fe738afa04b49cdd8fc05fb0c0ec07baea01273580ddb95ef69eb92f4e3820c48b8085f169cc713f7d4f0178764c3ec6da7e62078dda9b83f99097a4138c12a4622a94847e803bb22b34ab2ca3ab52a641abb2ebefcff3893cb38b709786062ab29cfe89a2fd91888e3966dff031d914f4ebf93227c9d026d3ab3faab715e01d2a227d8da0dffefb0cc0f74cd5a543e3423c273bc9df1e80d3123a4b7e8d1cf91e8456366a615dd923dd7473d2f59c52cdd69fe3e5b415c8fde3b4b70a4702c6aff45c688d0706560cc8392c3c15b2e9f63ebf46a1f7a7d491780c9700b7ab63d95dbc407e5e6f3ed6a8afce9d991bdeff96814c336b1eb0413d2ffca7de1d764ee4cc0706da33a304978efaf22d4a6bc8469e5c2a01dab1e4b7308fa0472fe4f591621ae9bfcce4e2461882fd77f85304742d90b64f6315f19edd275b49b69937d35345471cd8a462aea8282f4ce161387b5ad1f143aa265273e884988d35266e03378f70bfd7a1944dfb2a000966961d3a9ca4fd33221be7c8225c9d9367266a9b1dbfdbfb4018a9332432ca46aa86cbae6938d3ca557d4f9fead6c3bdd2fd6f8dd2e0a3f41ed81809a5aadbb611422058963cd93e5e35e1cfa7ff09cb51a371d9876124a7d8870b7a9ff7a090b0fc8b3592a6016b891073ffdefcd5cd38c54ba541a37b675fd859ca5afe41f882a370611f067db66cf42d828c29e7e0213117737fec08b299199e732014d31e9e793f7a5ee2fb80757732743a033ea1a137f0bd97af6efad03e27dc57704a22da9f2d858d08c936a927c69a8175a4f044bb9bf4f376b98d6d8ccfd6a988a12b3b65257a199d162c7c3838b0b9bd074fefe0d4c2765f858d203ae6b123a9719f481f289638b76c2a1dcd404e7d496221cef116a32b06716f73a06ae84098a9dc5941a5cda3aa99777f39a841d838bfdcea0cb05f33e8b90f7c80b2fbcc8e81166413a92279c2b0977e5b8ca3793c30e2e0c3df1ee2393a6ac6ed6f48af9730e2e0458e6a0cae2af4cdac334a24560c81adda1e08c33285ff6795d16b4bb3a219b07b0172e00b8399e733eb9315d98c5ef2a128c6988a67db8f8fd1a2f65e1e8333ef08b75665a11d7b97fd522b2b5bd5e44d6d9be2ecea02d781406ba07719f18b9776b00439a615ce61b633745727f586b4fdeac60c6738757fcf75691e0ec0cf44511c4126e1d83eaecaffd25067bfa18a49f2821f7749d081d0c7aaabeb51bbb727731ea060603f05f11741c4f1a0843db18ab02177380f001359d17ac05b74d3664334e256d484643e47109ce25f769015f813eac6721be2e7516a0785a03e23880b31242b6335cef49b7f641bb63dd316e0b2ea81873912a887cd7a459678fefe7cc3df6c5c86aeb591a44c2a98094be1ab2ae8aa6a0d77df577dee9cb7077989884097fdda7db735bb410f7174162009d45384ffa272ff3c903ef1909ea112f9be0372c8c510705f78a1ff296f27a5c88f187b0d7aa486119c49cbbb0bd26f830042e45873124a801e68764451b7d63cb8547fa006ee272c1132b64faa99f7161cf043c2d32da2025b9e51ff2ff1e6b7d10949d97bf2dc22eb13a66e0638e104a8d47da0edc002f50bcae94c8c89ac75bf228d9a309e66e148878be7cb40b2c23f937a58205fd59b94ce756b051610c759baed6fc361543be7d0b2c81ec49c0b2f96291743ab5492a00e7157748112e6fe6bb7b24c9d1c801845f10464d665694f981e149f54796125d1309b14888fa12983354edffcf097f6294d2984daaf188455c35f29a4b6b9b88f3ccb87c3b8d9bc70f9a67a5b30b2024ac225d588bf438297031b7efdfea3b6cc6ed370628031dcf83ddc8fb380b80e10d2e209b5b510d53d426fdb26d7d136f3564c68e6f0774632c7e4bf08e3b5ccd10a8ff5ccb8491dc3d7188839d9bb42ebbf14424cc1bdafa7571e5263ff44f8babdd4331ef99d0e36aa665413ef2e4d166f7c5354a57de794be7f776f016e9683e4dbd724ff5c79f8c9a36992559956a0af816e803d9c894bfbb2cea02f4b05b3dc363a49672d08809cc6ad722c530e38387169a80e8e8d4f0e72e8c47c1b3d4cf9c3132ba885059ecb17f1518f33c1dd369288a188ef1a701057249f67d232a0928b10e7eed3d60bd90ad3443b38a7930caca015f0a72c6f1c367b0b8c0723bf14dd09aa4bc30ae09b5ddb4950cb3266667862a99fa0f56c188a5590a686713012054c6f60fcf5bb6499623d68115d5b3b6aeb5496613abde7ad7d53052f4e258f0d54e26f79b8de30a262773e9ff6dc427ea615d58d9ca1c3798a877669f9337b5db5544680c1216f1d2fc2c278e6f7e32cfbd8e788b58944240adb258b7819d17b4ec3d7a5bfcced3192c2f01fd60dc83592ad61b7b0f899d09191be66cc0cf05a1a65965a8ccc0ecfe070a28aea56b20b2720003836515918b88a951767b5a73ea94badb7630beffb33eaba87e52798864dbfa067a89239fcb65833d8bb4dc402d23a64c78394c930b7f93afca0a80b97a121af488dc47b9d6b27802309595b2a713c201f3e558660e1cf9e2d1595"}], 0x1150}, 0x8000)

1.347553399s ago: executing program 4 (id=1498):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$packet(0x11, 0xa, 0x300)
sendto$packet(r1, &(0x7f00000000c0), 0x0, 0x40, &(0x7f0000000040)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r2)
connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x3}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default]}, 0x48)
sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400ffff", @ANYRES16=r3, @ANYBLOB="0d03000000000000003f12"], 0x14}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b700000000040000950000000000000066"], 0x0}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x480)
r6 = socket(0x2000000015, 0x80005, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000140)={0x42}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
r8 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r8, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0xfffd}}, 0x10, 0x0}, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xfffd, 0x0, @dev={0xfe, 0x80, '\x00', 0x2d}}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00', @ANYRES16, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000000000000000005000600010000000800090001000000"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
setsockopt$packet_fanout(r6, 0x107, 0x12, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000001440)={0xa, 0x0, 0xfffffffd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c)
accept4(r0, &(0x7f0000000040)=@alg, &(0x7f00000000c0)=0x80, 0x800)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x3, @loopback, 0x5}, 0x1c)

1.201668605s ago: executing program 3 (id=1500):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0xf0b, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x5}]}}]}, 0x3c}}, 0x4000000)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x120, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000a40), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000fcdbdf25120000001800018014000200766574683000000000000000080000000800090000000000080007"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x2004c0a0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r1)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="54400001", @ANYRES16=r3, @ANYBLOB="00012abd7000fedbdf250500000008000200010000000800020001000000080002000400000020000680140004000000000000000000000000000000000108000300640101020800020000000000"], 0x54}, 0x1, 0x0, 0x0, 0x20000005}, 0x44044)

1.180318293s ago: executing program 0 (id=1501):
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00') (async)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00')
ioctl$NS_GET_NSTYPE(r0, 0x8008b705, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000080)='xfrm0\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000001061116c000000000085000000c30000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)

1.059483043s ago: executing program 4 (id=1502):
unshare(0x22020600)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="10010000", @ANYRES16, @ANYBLOB="c88845e7e05ae52d00009300000008001317"], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000015000183000000000001000000000000"], 0x14}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r8, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
sendmsg$SEG6_CMD_SETHMAC(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x2c, r8, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(r7, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)={0x3c, r8, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xe6a}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x83}]}, 0x3c}}, 0x880)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r6)
sendmsg$TIPC_CMD_GET_NETID(r6, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xba28da2abb16376d}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r9, 0x100, 0x70bd27, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8041)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r3, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)={0x68, r9, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {}, {0x4c, 0x18, {0x1000000, @link='broadcast-link\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x20000081}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
close(r3)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, 0x5, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0xc0}, 0x4048010)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', <r11=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c000000050000000b00000008000084010000000e00000005000000080000000f00000003000000000000000400000003000000200000000700000002000000050000000e000000050000000100000a00000003000000e2000000080000000000000081000000002e5f5f00c61162099635a0867d"], &(0x7f0000000280)=""/44, 0x89, 0x2c, 0x1, 0xfffffbff}, 0x28)
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0x4, 0xa}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TTL={0x5, 0x52, 0x7}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, 0x0, 0x0)

1.058888331s ago: executing program 1 (id=1503):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945d7430008", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) (fail_nth: 7)

646.170563ms ago: executing program 1 (id=1504):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000002c40)={&(0x7f0000002bc0)=@ipv4_delrule={0x24, 0x21, 0x1, 0x70bd27, 0x25dfdbff, {0x2, 0x10, 0x80, 0x9, 0x1, 0x0, 0x0, 0x3, 0x10000}, [@FRA_SRC={0x8, 0x2, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x84, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(0x0, r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffff", @ANYRES32=r5, @ANYBLOB="010000"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xe, 0x12, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @ldst={0x3, 0x1, 0x3, 0x5, 0x4, 0xffffffffffffffc0, 0x10}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x6}, @jmp={0x5, 0x0, 0xc, 0x2, 0x5, 0x8, 0x10}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xae9}}, @alu={0x7, 0x0, 0x0, 0x7, 0x3, 0x18, 0x4}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0xea, &(0x7f0000000c00)=""/234, 0x41000, 0x6, '\x00', r5, @sk_skb=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d40)={0x4, 0xa, 0x1, 0x800}, 0x10, 0x0, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000d80)=[{0x2, 0x1, 0x10, 0x1}, {0x1, 0x3, 0xb, 0x4}, {0x2, 0x5, 0xa, 0x3}, {0x3, 0x4, 0x3, 0x5}, {0x5, 0x5, 0x2, 0x2}, {0x3, 0x5, 0x2, 0xa}], 0x10, 0x35ed}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000190081054e81f782db4cb904021d080000000000000000070a000a000900142603600e1208001e0000050401a8000900027c035c0461c1d67f6f94007134cf6efb8001a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c3f5aeb4edbb57a5025ccca9e008026f6e6ddba61f5fad95667e006dcdf639500bfeb789d00000000000000d5e1cace81ed6c117ab5d6d69bda4039e81f86f60f0bffece0b42a9ecbee5de6ccd40dd6e4edef3985000092954b43370e970392", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61154c00000000006113300000000000bfa00000000000001503000008004e002d35010000000000950000bc000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4501000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a81426104000000000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546ccd3f1d5ab2af27546e7c0700000000000000b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4d08000000ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43000000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d0000000000000000b712c1e47be511fe32fbc90e2364a55e9bb609c64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd4722a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c835d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff5af657a67463d7dbf85ae9321fad16ee751cd7dde94ec97549c2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf377b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059a6cffb92e2a0cfd81434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5c4d188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a5cbb8be3f7741b18007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873d0ecdf904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566fffffffffc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054e5deb27f7922fe6c14eba96c9af409da03290e4009f872d5aaca63dbe239efb1e02dd4fc07f8c5b070e2ddeb4b5afa6df2e7e162962e334d8553cc56008ddc8277fa9e8f6684513bfa827686b6fb71259743f55f46fa7e6379312e93213faf275f0441d46bc5690181244c44bea45854ed4ccd99f3fd328110ae22ef1504ec0566652d742ed8a7e202539c6531824f7399b486fbb906a91b77f2a6ba27bf97ebc7482cea32278a7acd9f2210e6ed2defcbd112f29a92401c5a37c58835f870b056186ef3971d3d9effa5661cabc2a059689dcfb030dd4ac0fe54db67510d3e9a5d36b900000000000000000000000000000000c9e484cf5f8c0955c11b285de46871d62f9d986e73658d228225b21f694dd2dc80e96ce476496973ee14e3d4fd03507c6f7c0c8ae809ddc9a36b4f30d15d08cc8e72d750f5e529cf4cec823b923d382f3f2c42dcb4b316eba77e7f767ae17d4d3427c9379eadbd040fbbe0c6dd8100"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)

601.326044ms ago: executing program 0 (id=1505):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000cc0)=@phonet={0x23, 0x0, 0x0, 0x37}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000740)="27050200000000000600002fb96d02000008800000008100", 0x18}, {&(0x7f0000000040)="8464a024ce1d8fe2cacb67823c75bee8fe95cedd3c38bb7d9b1223b9edcece7ba7a6877d3f8041", 0x27}, {0x0}], 0x3}, 0x20000000)

551.781862ms ago: executing program 3 (id=1506):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x240241, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000000340)={r1, r1, 0x8, 0x0, 0x0, 0x82, 0x47, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
shutdown(r1, 0x1)
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000180)={@none})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="30000000000b01010000000000000000010000010b00010062eb5064676500000900024000ff"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'veth0_vlan\x00', 0x100})
openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x104402, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000000c0)={'netdevsim0\x00', @link_local})
close(r5)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
close(r0)
ioctl$sock_SIOCSIFBR(r7, 0x8941, &(0x7f0000000280)=@add_del={0x2, &(0x7f0000000240)='pimreg1\x00'})
accept4(r7, 0x0, &(0x7f00000001c0), 0x800)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), r6)

550.944154ms ago: executing program 4 (id=1507):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = epoll_create(0x2)
r1 = epoll_create1(0x0)
r2 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$tun(r3, &(0x7f0000000000)=ANY=[], 0x38)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x38, r5, 0x1, 0x70bd25, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x10000006})
epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000140))

527.908996ms ago: executing program 2 (id=1508):
r0 = socket(0x1e, 0x3, 0x5)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @private=0xa010102}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="e49c58d6dc443d756de8df716a03f70aba666eff669e3748aa9fe21b4a1d427a78e55bc77911149b6810361e0d0b30d4d5fcca1c7ca071c3ad14ffc3e9fa1b8a765e84f40d1822ca3306ba778155da7c63e81b955807a4dcc9cc6599c4d855d57b16930ecde675705b939b316e175c077da61c825892f5adfacb74e87118bb4e8609abec53debf1b80e99f266ba285946996a4fd993278787d6a4a6f675b1a32a289924bbf48216c421b93cf875b8db8b7390bc80c30ef057c7782ae4d0e43651c3e2e8ae492db6c02a5cda75507366bb649226e2960cccb56325d6bf4567879dbdbd227470c2a8803e54224a294ce03460b65c828c521001c344291", 0xfc, 0x1, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
getsockname$qrtr(r0, 0x0, &(0x7f0000000280))
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x1}, 0x1c)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x4000000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r7 = socket$kcm(0x29, 0x2, 0x0)
pipe(&(0x7f0000000480))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x5, &(0x7f0000001a40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d8195c8898645787634889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3c}, 0x94)
r9 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r9, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r7, 0x89e0, &(0x7f0000000040)={r9, r8})
setsockopt$sock_int(r9, 0x1, 0x7, &(0x7f0000000440)=0x7ff, 0x4)
r10 = socket$netlink(0x10, 0x3, 0x0)
socket(0x27, 0x5, 0x5)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000400)={0x28, r3, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x8c080)

388.325043ms ago: executing program 4 (id=1509):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000326bd7000fcdbdf25090000000c0003800800020002000000500006804000040067636d28616573290000000000000000000000000000000000000000000000001800000060bb83ff8b1a5abe5c5de5ebb088592c3acea1af60be1a3004000500040002000400020036ea69b7f0e0a573b5ca33a020100d9e32d093ce"], 0x70}, 0x1, 0x0, 0x0, 0x20008884}, 0x800)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, 0x0)

343.945963ms ago: executing program 0 (id=1510):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="7400000010000305000900000000000900000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004c0012800c0001006d6163766c616e003c00028008000100100000001c0005800a000400aaaaaaaaaaaa00000a000400aaaaaaaaaaaa000008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r2], 0x74}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

283.367795ms ago: executing program 1 (id=1511):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r1)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, r2, 0x201, 0x70bd26, 0xfffffffe, {0x3, 0x0, 0x26}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x28}, 0x8, 0x3000000000002}, 0x844)
r3 = socket$kcm(0x10, 0x2, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={&(0x7f0000000140)="482b11195f5b3ae9", 0x0, 0x0, 0x0, 0xe}, 0x38)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=0x0, @ANYBLOB="21000100", @ANYRES32=0x0, @ANYBLOB="01000300ac1e000100000000000000000000000086dd"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r2, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'pimreg0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000800)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f00000005c0), r5)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5420800050000000000900008808c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c640009801c00008006"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f0000000080)}, 0x20)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r7)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r9=>0x0})
bind$packet(r8, &(0x7f0000000300)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @remote}, 0x14)
r10 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r10, &(0x7f0000000000)={0x11, 0x0, r9, 0x1, 0x10, 0x6, @link_local}, 0x14)
connect$can_bcm(r7, &(0x7f0000000240)={0x1d, r9}, 0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8)

238.891926ms ago: executing program 2 (id=1512):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}, {0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "ac"}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_CMP_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x40050)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000140)=0x5, 0x4)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r4=>0x0})
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x9, &(0x7f0000000000)=ANY=[@ANYBLOB="1804000020756c250000000000202020611af8ff00000000bfa100000000000007010000f8ffffffb70a000008000000b70300000500001b85000000b800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', r4}, 0x94)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

151.868166ms ago: executing program 0 (id=1513):
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6803e10951cd4b347113e55eb289519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3ffffff00"}, 0xd8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff0fff00000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)

77.681398ms ago: executing program 0 (id=1514):
socket$netlink(0x10, 0x3, 0x400000000000004)

0s ago: executing program 0 (id=1515):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000010000008500000087000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f00000003c0)="c274386d178550cb864bd57221bc", 0x0, 0x1200000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018200000000000006c0000006c0000000200000000000000000000070000000000000000070000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d700000000000000000000000000000000a1d8faf5bd23dd800008"], 0x0, 0x86}, 0x28)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r3)
socket$inet(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22ff892f"], 0x140)

kernel console output (not intermixed with test programs):

.586137][ T8880] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  197.670532][ T6161] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  197.705163][ T6161] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.773049][ T6161] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  197.821129][ T6161] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.849807][ T6161] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  197.858500][ T6161] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.881331][ T6142] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  197.891235][ T6142] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.977775][ T8890] netlink: 72 bytes leftover after parsing attributes in process `syz.2.860'.
[  198.027231][ T8890] netlink: 'syz.2.860': attribute type 4 has an invalid length.
[  198.385329][ T8903] FAULT_INJECTION: forcing a failure.
[  198.385329][ T8903] name failslab, interval 1, probability 0, space 0, times 0
[  198.428735][ T8903] CPU: 0 UID: 0 PID: 8903 Comm: syz.3.868 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  198.428767][ T8903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.428779][ T8903] Call Trace:
[  198.428788][ T8903]  <TASK>
[  198.428797][ T8903]  dump_stack_lvl+0x189/0x250
[  198.428832][ T8903]  ? __pfx____ratelimit+0x10/0x10
[  198.428854][ T8903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.428884][ T8903]  ? __pfx__printk+0x10/0x10
[  198.428912][ T8903]  ? __pfx___might_resched+0x10/0x10
[  198.428947][ T8903]  should_fail_ex+0x414/0x560
[  198.428978][ T8903]  should_failslab+0xa8/0x100
[  198.429002][ T8903]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  198.429024][ T8903]  ? __get_vm_area_node+0x13f/0x300
[  198.429049][ T8903]  __get_vm_area_node+0x13f/0x300
[  198.429076][ T8903]  __vmalloc_node_range_noprof+0x301/0x12f0
[  198.429099][ T8903]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.429129][ T8903]  ? is_bpf_text_address+0x26/0x2b0
[  198.429187][ T8903]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  198.429206][ T8903]  ? __might_fault+0xb0/0x130
[  198.429224][ T8903]  ? __pfx_aa_get_newest_label+0x10/0x10
[  198.429249][ T8903]  ? _parse_integer_limit+0x1ae/0x1f0
[  198.429281][ T8903]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.429306][ T8903]  __vmalloc_noprof+0xb1/0xf0
[  198.429327][ T8903]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.429357][ T8903]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.429391][ T8903]  bpf_prog_alloc+0x3c/0x1a0
[  198.429421][ T8903]  bpf_prog_load+0x735/0x1930
[  198.429463][ T8903]  ? __pfx_bpf_prog_load+0x10/0x10
[  198.429514][ T8903]  ? bpf_lsm_bpf+0x9/0x20
[  198.429542][ T8903]  ? security_bpf+0x7e/0x300
[  198.429568][ T8903]  __sys_bpf+0x5f1/0x860
[  198.429605][ T8903]  ? __pfx___sys_bpf+0x10/0x10
[  198.429646][ T8903]  ? ksys_write+0x22a/0x250
[  198.429668][ T8903]  ? __pfx_ksys_write+0x10/0x10
[  198.429684][ T8903]  ? rcu_is_watching+0x15/0xb0
[  198.429722][ T8903]  __x64_sys_bpf+0x7c/0x90
[  198.429747][ T8903]  do_syscall_64+0xfa/0x3b0
[  198.429769][ T8903]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.429791][ T8903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.429811][ T8903]  ? clear_bhb_loop+0x60/0xb0
[  198.429835][ T8903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.429853][ T8903] RIP: 0033:0x7fee2eb8e929
[  198.429872][ T8903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.429890][ T8903] RSP: 002b:00007fee2fada038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  198.429919][ T8903] RAX: ffffffffffffffda RBX: 00007fee2edb5fa0 RCX: 00007fee2eb8e929
[  198.429933][ T8903] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  198.429946][ T8903] RBP: 00007fee2fada090 R08: 0000000000000000 R09: 0000000000000000
[  198.429958][ T8903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.429971][ T8903] R13: 0000000000000000 R14: 00007fee2edb5fa0 R15: 00007ffcbb8313d8
[  198.430004][ T8903]  </TASK>
[  198.430014][ T8903] syz.3.868: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  198.837527][ T8903] CPU: 0 UID: 0 PID: 8903 Comm: syz.3.868 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  198.837557][ T8903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.837570][ T8903] Call Trace:
[  198.837579][ T8903]  <TASK>
[  198.837587][ T8903]  dump_stack_lvl+0x189/0x250
[  198.837627][ T8903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.837656][ T8903]  ? __pfx__printk+0x10/0x10
[  198.837678][ T8903]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  198.837700][ T8903]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  198.837725][ T8903]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  198.837751][ T8903]  warn_alloc+0x214/0x310
[  198.837780][ T8903]  ? __pfx_warn_alloc+0x10/0x10
[  198.837806][ T8903]  ? __get_vm_area_node+0x13f/0x300
[  198.837831][ T8903]  ? __get_vm_area_node+0x2b5/0x300
[  198.837860][ T8903]  __vmalloc_node_range_noprof+0x326/0x12f0
[  198.837911][ T8903]  ? is_bpf_text_address+0x26/0x2b0
[  198.837968][ T8903]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  198.837988][ T8903]  ? __might_fault+0xb0/0x130
[  198.838007][ T8903]  ? __pfx_aa_get_newest_label+0x10/0x10
[  198.838032][ T8903]  ? _parse_integer_limit+0x1ae/0x1f0
[  198.838064][ T8903]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.838089][ T8903]  __vmalloc_noprof+0xb1/0xf0
[  198.838110][ T8903]  ? bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.838141][ T8903]  bpf_prog_alloc_no_stats+0x4a/0x4e0
[  198.838174][ T8903]  bpf_prog_alloc+0x3c/0x1a0
[  198.838204][ T8903]  bpf_prog_load+0x735/0x1930
[  198.838244][ T8903]  ? __pfx_bpf_prog_load+0x10/0x10
[  198.838298][ T8903]  ? bpf_lsm_bpf+0x9/0x20
[  198.838324][ T8903]  ? security_bpf+0x7e/0x300
[  198.838349][ T8903]  __sys_bpf+0x5f1/0x860
[  198.838378][ T8903]  ? __pfx___sys_bpf+0x10/0x10
[  198.838419][ T8903]  ? ksys_write+0x22a/0x250
[  198.838441][ T8903]  ? __pfx_ksys_write+0x10/0x10
[  198.838456][ T8903]  ? rcu_is_watching+0x15/0xb0
[  198.838494][ T8903]  __x64_sys_bpf+0x7c/0x90
[  198.838519][ T8903]  do_syscall_64+0xfa/0x3b0
[  198.838542][ T8903]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.838563][ T8903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.838584][ T8903]  ? clear_bhb_loop+0x60/0xb0
[  198.838607][ T8903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.838626][ T8903] RIP: 0033:0x7fee2eb8e929
[  198.838643][ T8903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.838657][ T8903] RSP: 002b:00007fee2fada038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  198.838677][ T8903] RAX: ffffffffffffffda RBX: 00007fee2edb5fa0 RCX: 00007fee2eb8e929
[  198.838692][ T8903] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  198.838705][ T8903] RBP: 00007fee2fada090 R08: 0000000000000000 R09: 0000000000000000
[  198.838717][ T8903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.838729][ T8903] R13: 0000000000000000 R14: 00007fee2edb5fa0 R15: 00007ffcbb8313d8
[  198.838762][ T8903]  </TASK>
[  198.838769][ T8903] Mem-Info:
[  199.152427][ T8903] active_anon:8264 inactive_anon:0 isolated_anon:0
[  199.152427][ T8903]  active_file:1710 inactive_file:39871 isolated_file:0
[  199.152427][ T8903]  unevictable:768 dirty:330 writeback:0
[  199.152427][ T8903]  slab_reclaimable:10639 slab_unreclaimable:107791
[  199.152427][ T8903]  mapped:31774 shmem:1349 pagetables:1266
[  199.152427][ T8903]  sec_pagetables:0 bounce:0
[  199.152427][ T8903]  kernel_misc_reclaimable:0
[  199.152427][ T8903]  free:1314697 free_pcp:18229 free_cma:0
[  199.155036][ T8913] netlink: 200 bytes leftover after parsing attributes in process `syz.2.873'.
[  199.230227][ T8903] Node 0 active_anon:33012kB inactive_anon:0kB active_file:6840kB inactive_file:159280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127052kB dirty:1320kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12532kB pagetables:4948kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  199.270997][ T8915] netlink: 28 bytes leftover after parsing attributes in process `syz.4.872'.
[  199.302272][ T8916] netlink: 20 bytes leftover after parsing attributes in process `syz.2.873'.
[  199.334789][ T8903] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  199.373324][ T8918] netlink: 'syz.1.874': attribute type 10 has an invalid length.
[  199.393142][ T8903] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  199.586150][ T8903] lowmem_reserve[]: 0 2500 2502 2502 2502
[  199.618326][ T8903] Node 0 DMA32 free:1346640kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33564kB inactive_anon:0kB active_file:6840kB inactive_file:157448kB unevictable:1536kB writepending:1220kB present:3129332kB managed:2560932kB mlocked:0kB bounce:0kB free_pcp:47760kB local_pcp:29184kB free_cma:0kB
[  199.680597][ T8903] lowmem_reserve[]: 0 0 1 1 1
[  199.685481][ T8903] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  199.797750][ T8903] lowmem_reserve[]: 0 0 0 0 0
[  199.802816][ T8903] Node 1 Normal free:3899340kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:22820kB local_pcp:12416kB free_cma:0kB
[  199.899506][ T8903] lowmem_reserve[]: 0 0 0 0 0
[  199.904307][ T8903] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  199.941216][ T8903] Node 0 DMA32: 23*4kB (U) 13*8kB (UME) 3*16kB (UM) 396*32kB (UME) 132*64kB (UM) 56*128kB (UME) 32*256kB (UME) 15*512kB (UM) 13*1024kB (UM) 3*2048kB (UM) 313*4096kB (UM) = 1345908kB
[  199.961930][ T8903] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  199.974428][ T8934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.880'.
[  200.021400][ T8903] Node 1 Normal: 195*4kB (UE) 64*8kB (UME) 50*16kB (UME) 75*32kB (UME) 23*64kB (UME) 5*128kB (UME) 6*256kB (UME) 4*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 948*4096kB (M) = 3899340kB
[  200.097143][ T8903] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  200.106846][ T8903] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  200.165907][ T8903] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  200.184261][ T8942] netlink: 16 bytes leftover after parsing attributes in process `syz.4.883'.
[  200.221073][ T8903] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  200.273236][ T8942] netlink: 16 bytes leftover after parsing attributes in process `syz.4.883'.
[  200.301914][ T8903] 42943 total pagecache pages
[  200.306939][ T8903] 0 pages in swap cache
[  200.317025][ T8903] Free swap  = 124996kB
[  200.338296][ T8948] FAULT_INJECTION: forcing a failure.
[  200.338296][ T8948] name failslab, interval 1, probability 0, space 0, times 0
[  200.338743][ T8903] Total swap = 124996kB
[  200.365563][ T8903] 2097051 pages RAM
[  200.370466][ T8903] 0 pages HighMem/MovableOnly
[  200.375246][ T8903] 424712 pages reserved
[  200.380892][ T8903] 0 pages cma reserved
[  200.388969][ T8950] netlink: 28 bytes leftover after parsing attributes in process `syz.1.885'.
[  200.398496][ T8948] CPU: 1 UID: 0 PID: 8948 Comm: syz.2.884 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  200.398525][ T8948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  200.398537][ T8948] Call Trace:
[  200.398545][ T8948]  <TASK>
[  200.398554][ T8948]  dump_stack_lvl+0x189/0x250
[  200.398588][ T8948]  ? __pfx____ratelimit+0x10/0x10
[  200.398611][ T8948]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.398641][ T8948]  ? __pfx__printk+0x10/0x10
[  200.398667][ T8948]  ? __pfx___might_resched+0x10/0x10
[  200.398696][ T8948]  ? fs_reclaim_acquire+0x7d/0x100
[  200.398726][ T8948]  should_fail_ex+0x414/0x560
[  200.398758][ T8948]  should_failslab+0xa8/0x100
[  200.398782][ T8948]  __kmalloc_noprof+0xcb/0x4f0
[  200.398800][ T8948]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  200.398847][ T8948]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  200.398887][ T8948]  genl_family_rcv_msg_doit+0xb8/0x300
[  200.398925][ T8948]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  200.398958][ T8948]  ? rcu_is_watching+0x15/0xb0
[  200.398992][ T8948]  ? apparmor_capable+0x137/0x1b0
[  200.399024][ T8948]  ? bpf_lsm_capable+0x9/0x20
[  200.399042][ T8948]  ? security_capable+0x7e/0x2e0
[  200.399075][ T8948]  genl_rcv_msg+0x60e/0x790
[  200.399113][ T8948]  ? __pfx_genl_rcv_msg+0x10/0x10
[  200.399140][ T8948]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  200.399160][ T8948]  ? __pfx_nl802154_new_interface+0x10/0x10
[  200.399179][ T8948]  ? __pfx_nl802154_post_doit+0x10/0x10
[  200.399218][ T8948]  netlink_rcv_skb+0x208/0x470
[  200.399242][ T8948]  ? __pfx_genl_rcv_msg+0x10/0x10
[  200.399272][ T8948]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  200.399318][ T8948]  ? down_read+0x1ad/0x2e0
[  200.399347][ T8948]  genl_rcv+0x28/0x40
[  200.399374][ T8948]  netlink_unicast+0x75b/0x8d0
[  200.399410][ T8948]  netlink_sendmsg+0x805/0xb30
[  200.399447][ T8948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.399476][ T8948]  ? aa_sock_msg_perm+0x94/0x160
[  200.399504][ T8948]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  200.399528][ T8948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.399553][ T8948]  __sock_sendmsg+0x219/0x270
[  200.399579][ T8948]  ____sys_sendmsg+0x505/0x830
[  200.399614][ T8948]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.399655][ T8948]  ? import_iovec+0x74/0xa0
[  200.399680][ T8948]  ___sys_sendmsg+0x21f/0x2a0
[  200.399710][ T8948]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.399785][ T8948]  ? __fget_files+0x2a/0x420
[  200.399807][ T8948]  ? __fget_files+0x3a0/0x420
[  200.399851][ T8948]  __x64_sys_sendmsg+0x19b/0x260
[  200.399883][ T8948]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  200.399921][ T8948]  ? __pfx_ksys_write+0x10/0x10
[  200.399938][ T8948]  ? rcu_is_watching+0x15/0xb0
[  200.399973][ T8948]  ? do_syscall_64+0xbe/0x3b0
[  200.400002][ T8948]  do_syscall_64+0xfa/0x3b0
[  200.400024][ T8948]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.400045][ T8948]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.400064][ T8948]  ? clear_bhb_loop+0x60/0xb0
[  200.400090][ T8948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.400108][ T8948] RIP: 0033:0x7f0aabd8e929
[  200.400127][ T8948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.400144][ T8948] RSP: 002b:00007f0aacc3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.400167][ T8948] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8e929
[  200.400182][ T8948] RDX: 000000000008c080 RSI: 0000200000001040 RDI: 0000000000000004
[  200.400195][ T8948] RBP: 00007f0aacc3f090 R08: 0000000000000000 R09: 0000000000000000
[  200.400208][ T8948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.400220][ T8948] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  200.400255][ T8948]  </TASK>
[  200.980339][ T8958] netlink: 'syz.2.887': attribute type 10 has an invalid length.
[  201.034408][ T8952] IPVS: set_ctl: invalid protocol: 51 172.20.20.187:0
[  201.082931][ T8960] ip6tnl1: entered promiscuous mode
[  201.165057][ T8960] ip6tnl1: entered allmulticast mode
[  201.199675][ T8970] netlink: 8 bytes leftover after parsing attributes in process `syz.3.889'.
[  201.230278][ T8960] team0: Device ip6tnl1 is up. Set it down before adding it as a team port
[  201.388059][ T8970] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  201.945281][ T8987] ipvlan3: entered promiscuous mode
[  201.967184][ T8987] ipvlan3: entered allmulticast mode
[  201.983170][ T8987] dummy0: entered allmulticast mode
[  202.023553][ T8992] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.096277][ T8992] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.191424][ T8992] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.270714][   T55] block nbd4: Possible stuck request ffff8880254b7000: control (read@0,1024B). Runtime 90 seconds
[  202.285378][   T55] block nbd4: Possible stuck request ffff8880254b71c0: control (read@1024,1024B). Runtime 90 seconds
[  202.297659][   T55] block nbd4: Possible stuck request ffff8880254b7380: control (read@2048,1024B). Runtime 90 seconds
[  202.309062][   T55] block nbd4: Possible stuck request ffff8880254b7540: control (read@3072,1024B). Runtime 90 seconds
[  202.337444][ T8992] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.654042][ T6142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.829407][ T6142] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.860526][ T6142] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.900963][ T6142] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.216307][ T9018] netlink: 20 bytes leftover after parsing attributes in process `syz.0.900'.
[  203.260053][ T9021] netlink: 'syz.4.902': attribute type 10 has an invalid length.
[  203.297795][ T9015] netlink: 'syz.2.898': attribute type 1 has an invalid length.
[  203.377306][ T9015] netlink: 204 bytes leftover after parsing attributes in process `syz.2.898'.
[  203.825951][ T9035] netlink: 'syz.3.905': attribute type 13 has an invalid length.
[  203.874894][ T9035] netlink: 'syz.3.905': attribute type 17 has an invalid length.
[  204.104095][ T9035] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  204.203205][ T9055] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.389060][ T9055] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.483894][ T9035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  206.218101][ T9047] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.323381][ T9047] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.368662][ T9074] netlink: 'syz.2.910': attribute type 5 has an invalid length.
[  206.404667][ T9047] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.407022][ T9074] netlink: 'syz.2.910': attribute type 10 has an invalid length.
[  206.457529][ T9074] geneve1: entered promiscuous mode
[  206.463455][ T9074] team0: Port device geneve1 added
[  206.513675][ T9047] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.716186][ T6142] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.903238][ T6142] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.930618][ T6142] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.957013][ T6142] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.061125][ T9088] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  207.099601][ T9088] CPU: 0 UID: 0 PID: 9088 Comm: syz.4.916 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  207.099635][ T9088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.099647][ T9088] Call Trace:
[  207.099656][ T9088]  <TASK>
[  207.099665][ T9088]  dump_stack_lvl+0x189/0x250
[  207.099710][ T9088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.099743][ T9088]  ? __pfx__printk+0x10/0x10
[  207.099776][ T9088]  ? kernfs_path_from_node+0x2c/0x260
[  207.099802][ T9088]  ? kernfs_path_from_node+0x2c/0x260
[  207.099823][ T9088]  ? kernfs_path_from_node+0x2c/0x260
[  207.099848][ T9088]  ? kernfs_path_from_node+0x22c/0x260
[  207.099870][ T9088]  ? kernfs_path_from_node+0x2c/0x260
[  207.099898][ T9088]  sysfs_warn_dup+0x8e/0xa0
[  207.099926][ T9088]  sysfs_do_create_link_sd+0xc0/0x110
[  207.099954][ T9088]  device_add_class_symlinks+0x1cf/0x240
[  207.099981][ T9088]  device_add+0x475/0xb50
[  207.100009][ T9088]  wiphy_register+0x1ba6/0x28d0
[  207.100057][ T9088]  ? __pfx_wiphy_register+0x10/0x10
[  207.100082][ T9088]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  207.100122][ T9088]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  207.100158][ T9088]  ieee80211_register_hw+0x33e1/0x4120
[  207.100211][ T9088]  ? ieee80211_register_hw+0x14d1/0x4120
[  207.100254][ T9088]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  207.100290][ T9088]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  207.100322][ T9088]  ? __hrtimer_setup+0x187/0x210
[  207.100352][ T9088]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  207.100385][ T9088]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  207.100446][ T9088]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  207.100468][ T9088]  ? trace_kmalloc+0x1f/0xd0
[  207.100485][ T9088]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  207.100503][ T9088]  ? kstrndup+0xbf/0x160
[  207.100539][ T9088]  hwsim_new_radio_nl+0xea4/0x1b10
[  207.100568][ T9088]  ? __pfx___nla_validate_parse+0x10/0x10
[  207.100616][ T9088]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  207.100644][ T9088]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  207.100689][ T9088]  ? __nla_parse+0x40/0x60
[  207.100723][ T9088]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  207.100775][ T9088]  genl_family_rcv_msg_doit+0x215/0x300
[  207.100817][ T9088]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  207.100866][ T9088]  ? bpf_lsm_capable+0x9/0x20
[  207.100884][ T9088]  ? security_capable+0x7e/0x2e0
[  207.100918][ T9088]  genl_rcv_msg+0x60e/0x790
[  207.100959][ T9088]  ? __pfx_genl_rcv_msg+0x10/0x10
[  207.100989][ T9088]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  207.101033][ T9088]  netlink_rcv_skb+0x208/0x470
[  207.101060][ T9088]  ? __pfx_genl_rcv_msg+0x10/0x10
[  207.101093][ T9088]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  207.101142][ T9088]  ? down_read+0x1ad/0x2e0
[  207.101173][ T9088]  genl_rcv+0x28/0x40
[  207.101201][ T9088]  netlink_unicast+0x75b/0x8d0
[  207.101240][ T9088]  netlink_sendmsg+0x805/0xb30
[  207.101279][ T9088]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.101310][ T9088]  ? aa_sock_msg_perm+0x94/0x160
[  207.101338][ T9088]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  207.101363][ T9088]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.101391][ T9088]  __sock_sendmsg+0x219/0x270
[  207.101419][ T9088]  ____sys_sendmsg+0x505/0x830
[  207.101457][ T9088]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.101499][ T9088]  ? import_iovec+0x74/0xa0
[  207.101525][ T9088]  ___sys_sendmsg+0x21f/0x2a0
[  207.101558][ T9088]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.101634][ T9088]  ? __fget_files+0x2a/0x420
[  207.101656][ T9088]  ? __fget_files+0x3a0/0x420
[  207.101695][ T9088]  __x64_sys_sendmsg+0x19b/0x260
[  207.101728][ T9088]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  207.101780][ T9088]  ? rcu_is_watching+0x15/0xb0
[  207.101819][ T9088]  ? do_syscall_64+0xbe/0x3b0
[  207.101849][ T9088]  do_syscall_64+0xfa/0x3b0
[  207.101872][ T9088]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.101895][ T9088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.101915][ T9088]  ? clear_bhb_loop+0x60/0xb0
[  207.101939][ T9088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.101957][ T9088] RIP: 0033:0x7f5da478e929
[  207.101975][ T9088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.101992][ T9088] RSP: 002b:00007f5da5659038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  207.102016][ T9088] RAX: ffffffffffffffda RBX: 00007f5da49b5fa0 RCX: 00007f5da478e929
[  207.102031][ T9088] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[  207.102044][ T9088] RBP: 00007f5da4810b39 R08: 0000000000000000 R09: 0000000000000000
[  207.102057][ T9088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  207.102070][ T9088] R13: 0000000000000000 R14: 00007f5da49b5fa0 R15: 00007ffd1df13528
[  207.102103][ T9088]  </TASK>
[  207.892834][ T9103] __nla_validate_parse: 2 callbacks suppressed
[  207.892858][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'.
[  207.908101][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'.
[  207.926165][ T9097] IPv6: addrconf: prefix option has invalid lifetime
[  207.930820][ T9103] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  207.944409][ T9103] batman_adv: batadv0: Removing interface: virt_wifi0
[  207.987786][ T9105] nbd0: detected capacity change from 0 to 63
[  207.996209][ T9109] block nbd0: NBD_DISCONNECT
[  208.002166][ T9109] block nbd0: Disconnected due to user request.
[  208.008972][ T9109] block nbd0: shutting down sockets
[  208.016244][    C0] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.025744][    C0] Buffer I/O error on dev nbd0, logical block 0, async page read
[  208.033624][    C0] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.042950][    C0] Buffer I/O error on dev nbd0, logical block 1, async page read
[  208.050898][    C0] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.060116][    C0] Buffer I/O error on dev nbd0, logical block 2, async page read
[  208.067966][    C0] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.077101][    C0] Buffer I/O error on dev nbd0, logical block 3, async page read
[  208.085159][ T8545] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.107602][ T8545] Buffer I/O error on dev nbd0, logical block 0, async page read
[  208.115555][   T49] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.137561][   T49] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  208.147994][ T8545] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.165744][ T8545] Buffer I/O error on dev nbd0, logical block 1, async page read
[  208.174361][ T8545] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.186303][ T8545] Buffer I/O error on dev nbd0, logical block 2, async page read
[  208.194933][ T8545] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.208066][ T8545] Buffer I/O error on dev nbd0, logical block 3, async page read
[  208.241609][ T8545] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.251604][ T8545] Buffer I/O error on dev nbd0, logical block 0, async page read
[  208.260096][ T8545] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  208.270018][ T8545] Buffer I/O error on dev nbd0, logical block 1, async page read
[  208.282584][ T8545] ldm_validate_partition_table(): Disk read failed.
[  208.294972][ T8545] Dev nbd0: unable to read RDB block 0
[  208.308646][ T8545]  nbd0: unable to read partition table
[  208.349204][ T8545] ldm_validate_partition_table(): Disk read failed.
[  208.381867][ T8545] Dev nbd0: unable to read RDB block 0
[  208.393525][ T6169] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.403794][ T8545]  nbd0: unable to read partition table
[  208.426377][ T6140] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.673254][   T55] block nbd3: Possible stuck request ffff888025440000: control (read@0,1024B). Runtime 30 seconds
[  208.684923][   T55] block nbd3: Possible stuck request ffff8880254401c0: control (read@1024,1024B). Runtime 30 seconds
[  208.707248][   T55] block nbd3: Possible stuck request ffff888025440380: control (read@2048,1024B). Runtime 30 seconds
[  208.719156][   T55] block nbd3: Possible stuck request ffff888025440540: control (read@3072,1024B). Runtime 30 seconds
[  208.858800][ T9127] FAULT_INJECTION: forcing a failure.
[  208.858800][ T9127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  208.872505][ T9127] CPU: 1 UID: 0 PID: 9127 Comm: syz.0.927 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  208.872533][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.872545][ T9127] Call Trace:
[  208.872553][ T9127]  <TASK>
[  208.872561][ T9127]  dump_stack_lvl+0x189/0x250
[  208.872595][ T9127]  ? __pfx____ratelimit+0x10/0x10
[  208.872618][ T9127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.872648][ T9127]  ? __pfx__printk+0x10/0x10
[  208.872672][ T9127]  ? fs_reclaim_acquire+0x7d/0x100
[  208.872703][ T9127]  should_fail_ex+0x414/0x560
[  208.872731][ T9127]  prepare_alloc_pages+0x213/0x610
[  208.872774][ T9127]  __alloc_frozen_pages_noprof+0x123/0x370
[  208.872804][ T9127]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.872849][ T9127]  alloc_pages_bulk_noprof+0x560/0x710
[  208.872881][ T9127]  ? alloc_pages_noprof+0xbe/0x190
[  208.872907][ T9127]  kasan_populate_vmalloc+0xba/0x1a0
[  208.872943][ T9127]  alloc_vmap_area+0xd51/0x1490
[  208.872981][ T9127]  ? __pfx_alloc_vmap_area+0x10/0x10
[  208.873001][ T9127]  ? __kasan_kmalloc+0x93/0xb0
[  208.873019][ T9127]  ? __kmalloc_cache_node_noprof+0x234/0x3d0
[  208.873039][ T9127]  ? __get_vm_area_node+0x13f/0x300
[  208.873059][ T9127]  ? array_map_alloc+0x276/0x6f0
[  208.873086][ T9127]  __get_vm_area_node+0x1f8/0x300
[  208.873113][ T9127]  __vmalloc_node_range_noprof+0x301/0x12f0
[  208.873133][ T9127]  ? array_map_alloc+0x276/0x6f0
[  208.873191][ T9127]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  208.873214][ T9127]  ? apparmor_capable+0x137/0x1b0
[  208.873244][ T9127]  ? bpf_lsm_capable+0x9/0x20
[  208.873259][ T9127]  ? security_capable+0x7e/0x2e0
[  208.873287][ T9127]  bpf_map_area_alloc+0x12d/0x180
[  208.873314][ T9127]  ? array_map_alloc+0x276/0x6f0
[  208.873344][ T9127]  array_map_alloc+0x276/0x6f0
[  208.873378][ T9127]  map_create+0x903/0x1150
[  208.873408][ T9127]  ? security_bpf+0x7e/0x300
[  208.873432][ T9127]  __sys_bpf+0x67e/0x860
[  208.873459][ T9127]  ? __pfx___sys_bpf+0x10/0x10
[  208.873500][ T9127]  ? ksys_write+0x22a/0x250
[  208.873521][ T9127]  ? __pfx_ksys_write+0x10/0x10
[  208.873548][ T9127]  __x64_sys_bpf+0x7c/0x90
[  208.873573][ T9127]  do_syscall_64+0xfa/0x3b0
[  208.873594][ T9127]  ? lockdep_hardirqs_on+0x9c/0x150
[  208.873615][ T9127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.873636][ T9127]  ? clear_bhb_loop+0x60/0xb0
[  208.873662][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.873680][ T9127] RIP: 0033:0x7f307f38e929
[  208.873699][ T9127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.873716][ T9127] RSP: 002b:00007f3080298038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  208.873737][ T9127] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38e929
[  208.873760][ T9127] RDX: 0000000000000050 RSI: 0000200000000040 RDI: 0000000000000000
[  208.873773][ T9127] RBP: 00007f3080298090 R08: 0000000000000000 R09: 0000000000000000
[  208.873786][ T9127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  208.873798][ T9127] R13: 0000000000000001 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  208.873828][ T9127]  </TASK>
[  209.264840][ T9125] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.444538][ T9125] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.459334][ T9139] netlink: 'syz.4.931': attribute type 10 has an invalid length.
[  209.659792][ T9140] netlink: 12 bytes leftover after parsing attributes in process `syz.1.925'.
[  209.689981][ T9125] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.826847][ T9125] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.920021][ T9151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.936'.
[  209.930115][ T9151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.936'.
[  210.992269][ T9168] netlink: 'syz.1.951': attribute type 13 has an invalid length.
[  211.000942][ T9168] netlink: 'syz.1.951': attribute type 17 has an invalid length.
[  211.104919][ T9168] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  211.146117][ T9173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.942'.
[  211.170462][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.942'.
[  211.240469][ T9173] netdevsim0: tun_chr_ioctl cmd 1074025677
[  211.246584][ T9173] netdevsim0: linktype set to 773
[  211.282313][ T9176] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.356797][ T9168] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.436339][ T9168] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  212.031017][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  212.037242][ T5834] Bluetooth: hci1: command 0x0406 tx timeout
[  212.043294][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  212.234459][ T9204] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.406543][ T9204] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.502558][ T9204] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.609618][ T9204] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.755779][ T9199] netlink: 12 bytes leftover after parsing attributes in process `syz.4.953'.
[  212.776050][ T6169] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.823806][ T6169] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.874990][ T6161] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.007595][ T9221] nbd1: detected capacity change from 0 to 63
[  213.026833][ T6142] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.035318][ T9224] block nbd1: NBD_DISCONNECT
[  213.067270][ T9224] block nbd1: Disconnected due to user request.
[  213.073621][ T9224] block nbd1: shutting down sockets
[  213.147432][    C1] blk_print_req_error: 138 callbacks suppressed
[  213.147455][    C1] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.163242][    C1] buffer_io_error: 138 callbacks suppressed
[  213.163262][    C1] Buffer I/O error on dev nbd1, logical block 0, async page read
[  213.177142][    C1] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.186302][    C1] Buffer I/O error on dev nbd1, logical block 1, async page read
[  213.194299][    C1] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.203429][    C1] Buffer I/O error on dev nbd1, logical block 2, async page read
[  213.211365][    C1] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.220570][    C1] Buffer I/O error on dev nbd1, logical block 3, async page read
[  213.247412][ T8545] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.256601][ T8545] Buffer I/O error on dev nbd1, logical block 0, async page read
[  213.285874][ T8545] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.296790][ T8545] Buffer I/O error on dev nbd1, logical block 1, async page read
[  213.306475][ T6142] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.322015][ T8545] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.341699][ T8545] Buffer I/O error on dev nbd1, logical block 2, async page read
[  213.352325][ T8545] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.364554][ T8545] Buffer I/O error on dev nbd1, logical block 3, async page read
[  213.377741][ T8545] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.387635][ T8545] Buffer I/O error on dev nbd1, logical block 0, async page read
[  213.395970][ T8545] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  213.405749][ T8545] Buffer I/O error on dev nbd1, logical block 1, async page read
[  213.424135][ T8545] ldm_validate_partition_table(): Disk read failed.
[  213.434069][ T8545] Dev nbd1: unable to read RDB block 0
[  213.443911][ T6142] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.447573][ T8545]  nbd1: unable to read partition table
[  213.502885][ T8545] ldm_validate_partition_table(): Disk read failed.
[  213.521113][ T8545] Dev nbd1: unable to read RDB block 0
[  213.536943][ T8545]  nbd1: unable to read partition table
[  213.555369][ T6142] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.626966][ T6142] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.776931][ T9238] netlink: 'syz.4.962': attribute type 10 has an invalid length.
[  214.264707][ T9254] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  214.292810][ T9254] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.405855][ T9254] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  214.447280][ T9254] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.569990][ T9254] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  214.587972][ T9254] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.963786][ T9254] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  214.977716][ T9254] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.241851][ T9279] netlink: 12 bytes leftover after parsing attributes in process `syz.2.971'.
[  215.820677][ T9293] xt_bpf: check failed: parse error
[  215.972093][ T9297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.976'.
[  216.131056][ T6169] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  216.142095][ T6169] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.510310][ T9291] batadv_slave_1: left promiscuous mode
[  216.555441][ T9305] Bluetooth: MGMT ver 1.23
[  216.629533][ T9291] bridge2: left allmulticast mode
[  216.637488][ T9291] ip6gre1: left allmulticast mode
[  216.741678][ T9308] xt_hashlimit: size too large, truncated to 1048576
[  216.749576][ T9308] xt_hashlimit: max too large, truncated to 1048576
[  216.815157][ T9304] bridge_slave_0: left allmulticast mode
[  216.834435][ T9304] bridge_slave_0: left promiscuous mode
[  216.849632][ T9304] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.860341][ T9304] bridge_slave_1: left allmulticast mode
[  216.866286][ T9304] bridge_slave_1: left promiscuous mode
[  216.875071][ T9304] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.893807][ T9304] team0: Port device team_slave_0 removed
[  216.904019][ T9304] team0: Port device team_slave_1 removed
[  216.913476][ T9304] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.922433][ T9304] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.934650][ T9304] batman_adv: batadv0: Removing interface: virt_wifi0
[  216.945385][ T6140] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.980992][ T6140] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.112307][ T6140] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.125309][ T6140] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.174705][ T6140] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  217.204568][ T6140] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.271489][ T6154] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  217.295860][ T6154] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.363990][ T9322] netlink: 'syz.2.986': attribute type 10 has an invalid length.
[  217.377229][ T6154] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  217.385447][ T6154] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.720938][ T9335] xt_hashlimit: size too large, truncated to 1048576
[  217.802673][ T9337] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  217.837553][ T2153] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  218.358526][ T9355] netlink: 'syz.2.998': attribute type 3 has an invalid length.
[  218.588327][ T5894] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  218.620478][ T9371] netlink: 'syz.0.1001': attribute type 10 has an invalid length.
[  218.694294][ T9374] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1002'.
[  218.746156][ T9374] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1002'.
[  218.772217][ T9377] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1004'.
[  218.804954][ T9378] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1002'.
[  219.173044][ T9391] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1007'.
[  219.264730][ T9397] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1009'.
[  219.501291][ T9408] netlink: 'syz.3.1012': attribute type 1 has an invalid length.
[  219.510657][ T9408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1012'.
[  219.537391][ T9408] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1012'.
[  219.560859][ T9411] netlink: 'syz.2.1015': attribute type 10 has an invalid length.
[  219.696080][ T9413] tipc: Started in network mode
[  219.701421][ T9413] tipc: Node identity ac14142a, cluster identity 4711
[  219.710122][ T9413] tipc: Enabled bearer <udp:syz2>, priority 10
[  219.931871][ T9421] xt_bpf: check failed: parse error
[  220.106425][ T9428] FAULT_INJECTION: forcing a failure.
[  220.106425][ T9428] name failslab, interval 1, probability 0, space 0, times 0
[  220.144539][ T9428] CPU: 0 UID: 0 PID: 9428 Comm: syz.2.1020 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  220.144571][ T9428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.144583][ T9428] Call Trace:
[  220.144592][ T9428]  <TASK>
[  220.144600][ T9428]  dump_stack_lvl+0x189/0x250
[  220.144635][ T9428]  ? __pfx____ratelimit+0x10/0x10
[  220.144665][ T9428]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.144694][ T9428]  ? __pfx__printk+0x10/0x10
[  220.144722][ T9428]  ? __pfx___might_resched+0x10/0x10
[  220.144749][ T9428]  ? fs_reclaim_acquire+0x7d/0x100
[  220.144778][ T9428]  should_fail_ex+0x414/0x560
[  220.144807][ T9428]  should_failslab+0xa8/0x100
[  220.144829][ T9428]  __kmalloc_cache_noprof+0x70/0x3d0
[  220.144847][ T9428]  ? rtnl_newlink+0xed/0x1c70
[  220.144868][ T9428]  ? kasan_save_free_info+0x46/0x50
[  220.144897][ T9428]  rtnl_newlink+0xed/0x1c70
[  220.144917][ T9428]  ? netlink_sendmsg+0x805/0xb30
[  220.144939][ T9428]  ? __sock_sendmsg+0x219/0x270
[  220.144959][ T9428]  ? do_syscall_64+0xfa/0x3b0
[  220.144980][ T9428]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.145003][ T9428]  ? preempt_schedule_common+0x83/0xd0
[  220.145026][ T9428]  ? __pfx_rtnl_newlink+0x10/0x10
[  220.145048][ T9428]  ? __pfx___schedule+0x10/0x10
[  220.145089][ T9428]  ? preempt_schedule+0xae/0xc0
[  220.145106][ T9428]  ? __dev_queue_xmit+0x27e/0x3a70
[  220.145125][ T9428]  ? preempt_schedule_common+0x83/0xd0
[  220.145146][ T9428]  ? preempt_schedule+0xae/0xc0
[  220.145164][ T9428]  ? __pfx_preempt_schedule+0x10/0x10
[  220.145187][ T9428]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  220.145216][ T9428]  ? preempt_schedule_thunk+0x16/0x30
[  220.145247][ T9428]  ? __local_bh_enable_ip+0x13e/0x1c0
[  220.145275][ T9428]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  220.145307][ T9428]  ? __dev_queue_xmit+0x27e/0x3a70
[  220.145339][ T9428]  ? __lock_acquire+0xab9/0xd20
[  220.145392][ T9428]  ? __pfx_rtnl_newlink+0x10/0x10
[  220.145413][ T9428]  rtnetlink_rcv_msg+0x7cf/0xb70
[  220.145441][ T9428]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  220.145462][ T9428]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  220.145493][ T9428]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  220.145528][ T9428]  netlink_rcv_skb+0x208/0x470
[  220.145548][ T9428]  ? rcu_is_watching+0x15/0xb0
[  220.145582][ T9428]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  220.145606][ T9428]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  220.145645][ T9428]  ? netlink_deliver_tap+0x2e/0x1b0
[  220.145685][ T9428]  netlink_unicast+0x75b/0x8d0
[  220.145719][ T9428]  netlink_sendmsg+0x805/0xb30
[  220.145753][ T9428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.145781][ T9428]  ? aa_sock_msg_perm+0x94/0x160
[  220.145806][ T9428]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  220.145830][ T9428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.145855][ T9428]  __sock_sendmsg+0x219/0x270
[  220.145879][ T9428]  ____sys_sendmsg+0x505/0x830
[  220.145913][ T9428]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.145951][ T9428]  ? import_iovec+0x74/0xa0
[  220.145974][ T9428]  ___sys_sendmsg+0x21f/0x2a0
[  220.146004][ T9428]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.146074][ T9428]  ? __fget_files+0x2a/0x420
[  220.146094][ T9428]  ? __fget_files+0x3a0/0x420
[  220.146127][ T9428]  __x64_sys_sendmsg+0x19b/0x260
[  220.146157][ T9428]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.146195][ T9428]  ? __pfx_ksys_write+0x10/0x10
[  220.146210][ T9428]  ? rcu_is_watching+0x15/0xb0
[  220.146264][ T9428]  ? do_syscall_64+0xbe/0x3b0
[  220.146291][ T9428]  do_syscall_64+0xfa/0x3b0
[  220.146311][ T9428]  ? lockdep_hardirqs_on+0x9c/0x150
[  220.146331][ T9428]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.146349][ T9428]  ? clear_bhb_loop+0x60/0xb0
[  220.146373][ T9428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.146391][ T9428] RIP: 0033:0x7f0aabd8e929
[  220.146409][ T9428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.146426][ T9428] RSP: 002b:00007f0aacc3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.146448][ T9428] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8e929
[  220.146462][ T9428] RDX: 0000000004000040 RSI: 0000200000000080 RDI: 0000000000000011
[  220.146474][ T9428] RBP: 00007f0aacc3f090 R08: 0000000000000000 R09: 0000000000000000
[  220.146486][ T9428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.146496][ T9428] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  220.146528][ T9428]  </TASK>
[  220.764070][    T9] tipc: Node number set to 2886997034
[  220.920984][ T9438] __nla_validate_parse: 1 callbacks suppressed
[  220.921005][ T9438] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1024'.
[  221.023418][ T9444] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1025'.
[  221.094235][ T9445] netlink: 'syz.4.1027': attribute type 10 has an invalid length.
[  221.341706][ T9458] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1031'.
[  221.414613][ T9456] Bluetooth: MGMT ver 1.23
[  221.608107][ T9463] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1034'.
[  221.716122][ T9468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1034'.
[  222.244901][ T9486] netlink: 'syz.4.1041': attribute type 10 has an invalid length.
[  222.371736][ T9491] netlink: 'syz.3.1043': attribute type 1 has an invalid length.
[  222.382042][ T9492] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  222.394252][ T9491] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1043'.
[  222.407336][ T9491] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1043'.
[  222.778854][ T9501] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.940891][ T9501] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.965220][ T9513] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1049'.
[  223.028431][ T9514] netlink: 'syz.1.1048': attribute type 29 has an invalid length.
[  223.084691][ T9501] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.120873][ T9514] netlink: 'syz.1.1048': attribute type 29 has an invalid length.
[  223.163083][ T9501] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.252584][ T9520] netlink: 'syz.0.1051': attribute type 29 has an invalid length.
[  223.341806][ T6142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.445966][ T6154] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.486249][ T6140] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.530857][ T6140] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.753780][ T9534] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1055'.
[  223.789378][ T9534] tipc: Started in network mode
[  223.795327][ T9534] tipc: Node identity 03000000000000000000000000000001, cluster identity 4711
[  223.837384][ T9534] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  224.512270][ T9554] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1062'.
[  224.834800][ T9558] netlink: 'syz.3.1064': attribute type 4 has an invalid length.
[  224.947927][ T9566] netlink: 'syz.2.1067': attribute type 10 has an invalid length.
[  225.465487][ T9586] netlink: 'syz.2.1074': attribute type 10 has an invalid length.
[  225.495589][ T9587] netlink: 'syz.4.1073': attribute type 10 has an invalid length.
[  225.629024][ T9590] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.801435][ T9590] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.824653][ T9597] FAULT_INJECTION: forcing a failure.
[  225.824653][ T9597] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.838717][ T9597] CPU: 0 UID: 0 PID: 9597 Comm: syz.4.1079 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  225.838747][ T9597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  225.838760][ T9597] Call Trace:
[  225.838768][ T9597]  <TASK>
[  225.838776][ T9597]  dump_stack_lvl+0x189/0x250
[  225.838811][ T9597]  ? __pfx____ratelimit+0x10/0x10
[  225.838834][ T9597]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.838863][ T9597]  ? __pfx__printk+0x10/0x10
[  225.838885][ T9597]  ? __might_fault+0xb0/0x130
[  225.838915][ T9597]  should_fail_ex+0x414/0x560
[  225.838944][ T9597]  _copy_from_user+0x2d/0xb0
[  225.838964][ T9597]  ___sys_sendmsg+0x158/0x2a0
[  225.838996][ T9597]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.839066][ T9597]  ? __fget_files+0x2a/0x420
[  225.839086][ T9597]  ? __fget_files+0x3a0/0x420
[  225.839120][ T9597]  __x64_sys_sendmsg+0x19b/0x260
[  225.839150][ T9597]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  225.839193][ T9597]  ? __pfx_ksys_write+0x10/0x10
[  225.839208][ T9597]  ? rcu_is_watching+0x15/0xb0
[  225.839244][ T9597]  ? do_syscall_64+0xbe/0x3b0
[  225.839272][ T9597]  do_syscall_64+0xfa/0x3b0
[  225.839292][ T9597]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.839313][ T9597]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.839333][ T9597]  ? clear_bhb_loop+0x60/0xb0
[  225.839357][ T9597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.839375][ T9597] RIP: 0033:0x7f5da478e929
[  225.839394][ T9597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.839413][ T9597] RSP: 002b:00007f5da5659038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.839436][ T9597] RAX: ffffffffffffffda RBX: 00007f5da49b5fa0 RCX: 00007f5da478e929
[  225.839451][ T9597] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  225.839464][ T9597] RBP: 00007f5da5659090 R08: 0000000000000000 R09: 0000000000000000
[  225.839476][ T9597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.839488][ T9597] R13: 0000000000000000 R14: 00007f5da49b5fa0 R15: 00007ffd1df13528
[  225.839523][ T9597]  </TASK>
[  226.132101][ T9590] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.176591][ T9599] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  226.186893][ T9599] CPU: 1 UID: 0 PID: 9599 Comm: syz.2.1078 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  226.186923][ T9599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.186934][ T9599] Call Trace:
[  226.186943][ T9599]  <TASK>
[  226.186952][ T9599]  dump_stack_lvl+0x189/0x250
[  226.186995][ T9599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.187032][ T9599]  ? __pfx__printk+0x10/0x10
[  226.187054][ T9599]  ? kernfs_path_from_node+0x2c/0x260
[  226.187077][ T9599]  ? kernfs_path_from_node+0x2c/0x260
[  226.187099][ T9599]  ? kernfs_path_from_node+0x2c/0x260
[  226.187124][ T9599]  ? kernfs_path_from_node+0x22c/0x260
[  226.187146][ T9599]  ? kernfs_path_from_node+0x2c/0x260
[  226.187175][ T9599]  sysfs_warn_dup+0x8e/0xa0
[  226.187199][ T9599]  sysfs_do_create_link_sd+0xc0/0x110
[  226.187225][ T9599]  device_add_class_symlinks+0x1cf/0x240
[  226.187254][ T9599]  device_add+0x475/0xb50
[  226.187281][ T9599]  wiphy_register+0x1ba6/0x28d0
[  226.187328][ T9599]  ? __pfx_wiphy_register+0x10/0x10
[  226.187350][ T9599]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  226.187386][ T9599]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  226.187419][ T9599]  ieee80211_register_hw+0x33e1/0x4120
[  226.187467][ T9599]  ? ieee80211_register_hw+0x14d1/0x4120
[  226.187506][ T9599]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  226.187549][ T9599]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  226.187581][ T9599]  ? __hrtimer_setup+0x187/0x210
[  226.187608][ T9599]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  226.187638][ T9599]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  226.187692][ T9599]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  226.187715][ T9599]  ? trace_kmalloc+0x1f/0xd0
[  226.187730][ T9599]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  226.187749][ T9599]  ? kstrndup+0xbf/0x160
[  226.187787][ T9599]  hwsim_new_radio_nl+0xea4/0x1b10
[  226.187815][ T9599]  ? __pfx___nla_validate_parse+0x10/0x10
[  226.187861][ T9599]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.187901][ T9599]  ? __nla_parse+0x40/0x60
[  226.187934][ T9599]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  226.187977][ T9599]  genl_family_rcv_msg_doit+0x215/0x300
[  226.188019][ T9599]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  226.188068][ T9599]  ? bpf_lsm_capable+0x9/0x20
[  226.188086][ T9599]  ? security_capable+0x7e/0x2e0
[  226.188121][ T9599]  genl_rcv_msg+0x60e/0x790
[  226.188160][ T9599]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.188190][ T9599]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.188234][ T9599]  netlink_rcv_skb+0x208/0x470
[  226.188261][ T9599]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.188293][ T9599]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  226.188341][ T9599]  ? down_read+0x1ad/0x2e0
[  226.188371][ T9599]  genl_rcv+0x28/0x40
[  226.188399][ T9599]  netlink_unicast+0x75b/0x8d0
[  226.188437][ T9599]  netlink_sendmsg+0x805/0xb30
[  226.188477][ T9599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.188507][ T9599]  ? aa_sock_msg_perm+0x94/0x160
[  226.188535][ T9599]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  226.188570][ T9599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.188598][ T9599]  __sock_sendmsg+0x219/0x270
[  226.188626][ T9599]  ____sys_sendmsg+0x505/0x830
[  226.188664][ T9599]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.188703][ T9599]  ? import_iovec+0x74/0xa0
[  226.188728][ T9599]  ___sys_sendmsg+0x21f/0x2a0
[  226.188761][ T9599]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.188842][ T9599]  ? __fget_files+0x2a/0x420
[  226.188863][ T9599]  ? __fget_files+0x3a0/0x420
[  226.188901][ T9599]  __x64_sys_sendmsg+0x19b/0x260
[  226.188934][ T9599]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  226.188978][ T9599]  ? rcu_is_watching+0x15/0xb0
[  226.189017][ T9599]  ? do_syscall_64+0xbe/0x3b0
[  226.189047][ T9599]  do_syscall_64+0xfa/0x3b0
[  226.189070][ T9599]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.189092][ T9599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.189112][ T9599]  ? clear_bhb_loop+0x60/0xb0
[  226.189138][ T9599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.189157][ T9599] RIP: 0033:0x7f0aabd8e929
[  226.189178][ T9599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.189196][ T9599] RSP: 002b:00007f0aacc3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.189222][ T9599] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8e929
[  226.189237][ T9599] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[  226.189250][ T9599] RBP: 00007f0aabe10b39 R08: 0000000000000000 R09: 0000000000000000
[  226.189263][ T9599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.189275][ T9599] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  226.189310][ T9599]  </TASK>
[  226.723854][ T9590] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.820212][ T9606] pim6reg: entered allmulticast mode
[  226.852313][ T9610] pim6reg: left allmulticast mode
[  226.929652][ T9614] __nla_validate_parse: 4 callbacks suppressed
[  226.929675][ T9614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1085'.
[  226.992547][ T9614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1085'.
[  227.179303][ T9616] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1085'.
[  227.282632][ T9619] netlink: 'syz.1.1086': attribute type 4 has an invalid length.
[  227.335596][ T9622] netlink: 'syz.1.1086': attribute type 4 has an invalid length.
[  227.431249][ T9619] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1086'.
[  227.500900][ T9626] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  227.539092][ T9626] macsec1: entered promiscuous mode
[  227.549274][ T9626] macsec1: entered allmulticast mode
[  227.554697][ T9626] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  227.888637][ T6142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.080571][ T6142] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.155806][ T6142] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.200205][ T6142] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.393712][ T9638] sctp: [Deprecated]: syz.4.1094 (pid 9638) Use of int in maxseg socket option.
[  228.393712][ T9638] Use struct sctp_assoc_value instead
[  228.479786][ T9638] veth0: entered promiscuous mode
[  228.529862][ T9638] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1094'.
[  228.541613][ T9639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1093'.
[  228.670357][ T9638] veth0 (unregistering): left promiscuous mode
[  228.797672][ T9650] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1097'.
[  228.969350][ T9657] netlink: 'syz.0.1099': attribute type 10 has an invalid length.
[  229.231789][ T9670] netlink: 'syz.3.1100': attribute type 1 has an invalid length.
[  229.285711][ T9671] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  229.306558][ T9671] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.338930][ T9675] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  229.366934][ T9671] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  229.382782][ T9671] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.407730][ T9675] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1103'.
[  229.463710][ T9671] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  229.489846][ T9671] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.571719][ T9671] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  229.594927][ T9671] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.832423][ T6154] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  229.834348][ T9689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1108'.
[  229.844299][ T6154] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.861925][ T6154] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  229.870784][ T6154] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.905866][ T6154] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  229.933042][ T6154] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.993231][ T6169] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.029044][ T6169] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.202295][ T9697] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  230.432822][ T9702] netlink: 'syz.1.1113': attribute type 10 has an invalid length.
[  230.442416][ T9704] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1114'.
[  230.456698][ T9697] tipc: Resetting bearer <eth:syzkaller0>
[  230.514214][ T9702] syz.1.1113 (9702) used greatest stack depth: 18344 bytes left
[  230.643592][ T9697] tipc: Resetting bearer <eth:syzkaller0>
[  230.647824][ T9708] FAULT_INJECTION: forcing a failure.
[  230.647824][ T9708] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  230.704717][ T9708] CPU: 1 UID: 0 PID: 9708 Comm: syz.4.1116 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  230.704749][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.704761][ T9708] Call Trace:
[  230.704769][ T9708]  <TASK>
[  230.704777][ T9708]  dump_stack_lvl+0x189/0x250
[  230.704813][ T9708]  ? __pfx____ratelimit+0x10/0x10
[  230.704836][ T9708]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.704865][ T9708]  ? __pfx__printk+0x10/0x10
[  230.704888][ T9708]  ? fs_reclaim_acquire+0x7d/0x100
[  230.704922][ T9708]  should_fail_ex+0x414/0x560
[  230.704954][ T9708]  prepare_alloc_pages+0x213/0x610
[  230.704987][ T9708]  __alloc_frozen_pages_noprof+0x123/0x370
[  230.705013][ T9708]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  230.705052][ T9708]  alloc_pages_bulk_noprof+0x560/0x710
[  230.705080][ T9708]  ? alloc_pages_noprof+0xbe/0x190
[  230.705103][ T9708]  kasan_populate_vmalloc+0xba/0x1a0
[  230.705135][ T9708]  alloc_vmap_area+0xd51/0x1490
[  230.705171][ T9708]  ? __pfx_alloc_vmap_area+0x10/0x10
[  230.705188][ T9708]  ? __kasan_kmalloc+0x93/0xb0
[  230.705207][ T9708]  ? __kmalloc_cache_node_noprof+0x234/0x3d0
[  230.705227][ T9708]  ? __get_vm_area_node+0x13f/0x300
[  230.705245][ T9708]  ? reuseport_array_alloc+0x98/0x130
[  230.705268][ T9708]  __get_vm_area_node+0x1f8/0x300
[  230.705294][ T9708]  __vmalloc_node_range_noprof+0x301/0x12f0
[  230.705316][ T9708]  ? reuseport_array_alloc+0x98/0x130
[  230.705358][ T9708]  ? aa_get_newest_label+0xf7/0x5d0
[  230.705386][ T9708]  ? __pfx_aa_get_newest_label+0x10/0x10
[  230.705414][ T9708]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  230.705434][ T9708]  ? rcu_is_watching+0x15/0xb0
[  230.705466][ T9708]  ? apparmor_capable+0x137/0x1b0
[  230.705501][ T9708]  bpf_map_area_alloc+0x12d/0x180
[  230.705529][ T9708]  ? reuseport_array_alloc+0x98/0x130
[  230.705558][ T9708]  reuseport_array_alloc+0x98/0x130
[  230.705584][ T9708]  map_create+0x903/0x1150
[  230.705630][ T9708]  ? security_bpf+0x7e/0x300
[  230.705655][ T9708]  __sys_bpf+0x67e/0x860
[  230.705683][ T9708]  ? __pfx___sys_bpf+0x10/0x10
[  230.705725][ T9708]  ? ksys_write+0x22a/0x250
[  230.705745][ T9708]  ? __pfx_ksys_write+0x10/0x10
[  230.705759][ T9708]  ? rcu_is_watching+0x15/0xb0
[  230.705793][ T9708]  __x64_sys_bpf+0x7c/0x90
[  230.705815][ T9708]  do_syscall_64+0xfa/0x3b0
[  230.705836][ T9708]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.705858][ T9708]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.705875][ T9708]  ? clear_bhb_loop+0x60/0xb0
[  230.705898][ T9708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.705917][ T9708] RIP: 0033:0x7f5da478e929
[  230.705936][ T9708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.705954][ T9708] RSP: 002b:00007f5da5659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  230.705976][ T9708] RAX: ffffffffffffffda RBX: 00007f5da49b5fa0 RCX: 00007f5da478e929
[  230.705991][ T9708] RDX: 0000000000000050 RSI: 0000200000000300 RDI: 0000000000000000
[  230.706004][ T9708] RBP: 00007f5da5659090 R08: 0000000000000000 R09: 0000000000000000
[  230.706016][ T9708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.706028][ T9708] R13: 0000000000000001 R14: 00007f5da49b5fa0 R15: 00007ffd1df13528
[  230.706057][ T9708]  </TASK>
[  232.349328][   T55] block nbd4: Possible stuck request ffff8880254b7000: control (read@0,1024B). Runtime 120 seconds
[  232.361880][   T55] block nbd4: Possible stuck request ffff8880254b71c0: control (read@1024,1024B). Runtime 120 seconds
[  232.373337][   T55] block nbd4: Possible stuck request ffff8880254b7380: control (read@2048,1024B). Runtime 120 seconds
[  232.384601][   T55] block nbd4: Possible stuck request ffff8880254b7540: control (read@3072,1024B). Runtime 120 seconds
[  233.420787][ T9697] tipc: Disabling bearer <eth:syzkaller0>
[  233.670956][ T9756] __nla_validate_parse: 2 callbacks suppressed
[  233.670979][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1131'.
[  233.700699][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1131'.
[  233.740735][ T9758] syzkaller0: entered promiscuous mode
[  233.746578][ T9758] syzkaller0: entered allmulticast mode
[  233.775260][ T9761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1133'.
[  234.018369][ T9766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1134'.
[  234.049649][ T9766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1134'.
[  234.070501][ T9766] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1134'.
[  234.084027][ T9771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1134'.
[  234.235109][ T9777] netlink: 'syz.4.1139': attribute type 10 has an invalid length.
[  234.310420][ T9782] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1140'.
[  234.445414][ T9785] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1144'.
[  234.683794][ T9796] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1146'.
[  234.890434][ T9810] FAULT_INJECTION: forcing a failure.
[  234.890434][ T9810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.956447][ T9810] CPU: 0 UID: 0 PID: 9810 Comm: syz.3.1150 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  234.956490][ T9810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  234.956502][ T9810] Call Trace:
[  234.956509][ T9810]  <TASK>
[  234.956517][ T9810]  dump_stack_lvl+0x189/0x250
[  234.956553][ T9810]  ? __pfx____ratelimit+0x10/0x10
[  234.956578][ T9810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.956607][ T9810]  ? __pfx__printk+0x10/0x10
[  234.956630][ T9810]  ? __might_fault+0xb0/0x130
[  234.956663][ T9810]  should_fail_ex+0x414/0x560
[  234.956694][ T9810]  _copy_from_user+0x2d/0xb0
[  234.956714][ T9810]  __sys_bind+0x199/0x3e0
[  234.956742][ T9810]  ? __pfx___sys_bind+0x10/0x10
[  234.956779][ T9810]  ? __pfx_ksys_write+0x10/0x10
[  234.956795][ T9810]  ? rcu_is_watching+0x15/0xb0
[  234.956833][ T9810]  __x64_sys_bind+0x7a/0x90
[  234.956858][ T9810]  do_syscall_64+0xfa/0x3b0
[  234.956880][ T9810]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.956909][ T9810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.956928][ T9810]  ? clear_bhb_loop+0x60/0xb0
[  234.956954][ T9810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.956973][ T9810] RIP: 0033:0x7fee2eb8e929
[  234.956990][ T9810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.957007][ T9810] RSP: 002b:00007fee2fab9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  234.957029][ T9810] RAX: ffffffffffffffda RBX: 00007fee2edb6080 RCX: 00007fee2eb8e929
[  234.957042][ T9810] RDX: 0000000000000058 RSI: 0000200000000600 RDI: 0000000000000003
[  234.957054][ T9810] RBP: 00007fee2fab9090 R08: 0000000000000000 R09: 0000000000000000
[  234.957066][ T9810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.957078][ T9810] R13: 0000000000000000 R14: 00007fee2edb6080 R15: 00007ffcbb8313d8
[  234.957109][ T9810]  </TASK>
[  236.477921][ T9856] netlink: 'syz.0.1163': attribute type 10 has an invalid length.
[  236.657380][ T9870] netlink: 'syz.2.1167': attribute type 10 has an invalid length.
[  236.962020][ T9872] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  237.350702][ T9891] FAULT_INJECTION: forcing a failure.
[  237.350702][ T9891] name failslab, interval 1, probability 0, space 0, times 0
[  237.434281][ T9891] CPU: 0 UID: 0 PID: 9891 Comm: syz.2.1177 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  237.434312][ T9891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.434323][ T9891] Call Trace:
[  237.434331][ T9891]  <TASK>
[  237.434339][ T9891]  dump_stack_lvl+0x189/0x250
[  237.434374][ T9891]  ? __pfx____ratelimit+0x10/0x10
[  237.434397][ T9891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.434437][ T9891]  ? __pfx__printk+0x10/0x10
[  237.434466][ T9891]  ? __pfx___might_resched+0x10/0x10
[  237.434500][ T9891]  should_fail_ex+0x414/0x560
[  237.434531][ T9891]  should_failslab+0xa8/0x100
[  237.434554][ T9891]  __kmalloc_node_noprof+0xd1/0x4e0
[  237.434572][ T9891]  ? crypto_create_tfm_node+0x83/0x3f0
[  237.434598][ T9891]  crypto_create_tfm_node+0x83/0x3f0
[  237.434623][ T9891]  crypto_alloc_tfm_node+0x172/0x3f0
[  237.434656][ T9891]  esp6_init_state+0x36b/0x1140
[  237.434674][ T9891]  ? __sock_sendmsg+0x219/0x270
[  237.434692][ T9891]  ? ____sys_sendmsg+0x505/0x830
[  237.434717][ T9891]  ? ___sys_sendmsg+0x21f/0x2a0
[  237.434743][ T9891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.434773][ T9891]  ? __pfx_esp6_init_state+0x10/0x10
[  237.434801][ T9891]  ? __lock_acquire+0xab9/0xd20
[  237.434856][ T9891]  ? __xfrm_init_state+0x7ef/0x13f0
[  237.434889][ T9891]  __xfrm_init_state+0xa76/0x13f0
[  237.434913][ T9891]  ? __xfrm_init_state+0x7ef/0x13f0
[  237.434944][ T9891]  xfrm_add_sa+0x2f5d/0x4050
[  237.434981][ T9891]  ? __pfx_xfrm_add_sa+0x10/0x10
[  237.435004][ T9891]  ? apparmor_capable+0x137/0x1b0
[  237.435040][ T9891]  ? __nla_parse+0x40/0x60
[  237.435073][ T9891]  xfrm_user_rcv_msg+0x7a3/0xab0
[  237.435107][ T9891]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  237.435172][ T9891]  ? __mutex_trylock_common+0x153/0x260
[  237.435197][ T9891]  ? __pfx___mutex_trylock_common+0x10/0x10
[  237.435224][ T9891]  ? rcu_is_watching+0x15/0xb0
[  237.435255][ T9891]  ? trace_contention_end+0x39/0x120
[  237.435283][ T9891]  netlink_rcv_skb+0x208/0x470
[  237.435310][ T9891]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  237.435338][ T9891]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  237.435383][ T9891]  ? netlink_deliver_tap+0x2e/0x1b0
[  237.435406][ T9891]  ? netlink_deliver_tap+0x2e/0x1b0
[  237.435443][ T9891]  xfrm_netlink_rcv+0x79/0x90
[  237.435468][ T9891]  netlink_unicast+0x75b/0x8d0
[  237.435504][ T9891]  netlink_sendmsg+0x805/0xb30
[  237.435541][ T9891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.435571][ T9891]  ? aa_sock_msg_perm+0x94/0x160
[  237.435596][ T9891]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  237.435621][ T9891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.435646][ T9891]  __sock_sendmsg+0x219/0x270
[  237.435670][ T9891]  ____sys_sendmsg+0x505/0x830
[  237.435704][ T9891]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.435742][ T9891]  ? import_iovec+0x74/0xa0
[  237.435766][ T9891]  ___sys_sendmsg+0x21f/0x2a0
[  237.435796][ T9891]  ? __pfx____sys_sendmsg+0x10/0x10
[  237.435868][ T9891]  ? __fget_files+0x2a/0x420
[  237.435888][ T9891]  ? __fget_files+0x3a0/0x420
[  237.435922][ T9891]  __x64_sys_sendmsg+0x19b/0x260
[  237.435952][ T9891]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  237.435992][ T9891]  ? __pfx_ksys_write+0x10/0x10
[  237.436007][ T9891]  ? rcu_is_watching+0x15/0xb0
[  237.436042][ T9891]  ? do_syscall_64+0xbe/0x3b0
[  237.436071][ T9891]  do_syscall_64+0xfa/0x3b0
[  237.436091][ T9891]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.436112][ T9891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.436132][ T9891]  ? clear_bhb_loop+0x60/0xb0
[  237.436157][ T9891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.436174][ T9891] RIP: 0033:0x7f0aabd8e929
[  237.436193][ T9891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.436210][ T9891] RSP: 002b:00007f0aacc3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  237.436232][ T9891] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8e929
[  237.436246][ T9891] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  237.436258][ T9891] RBP: 00007f0aacc3f090 R08: 0000000000000000 R09: 0000000000000000
[  237.436270][ T9891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.436281][ T9891] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  237.436313][ T9891]  </TASK>
[  238.105230][ T9907] netlink: 'syz.4.1183': attribute type 10 has an invalid length.
[  238.748389][   T55] block nbd3: Possible stuck request ffff888025440000: control (read@0,1024B). Runtime 60 seconds
[  238.760311][   T55] block nbd3: Possible stuck request ffff8880254401c0: control (read@1024,1024B). Runtime 60 seconds
[  238.772216][   T55] block nbd3: Possible stuck request ffff888025440380: control (read@2048,1024B). Runtime 60 seconds
[  238.783546][   T55] block nbd3: Possible stuck request ffff888025440540: control (read@3072,1024B). Runtime 60 seconds
[  238.786305][ T9932] FAULT_INJECTION: forcing a failure.
[  238.786305][ T9932] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  238.810676][ T9932] CPU: 1 UID: 0 PID: 9932 Comm: syz.4.1190 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  238.810712][ T9932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.810724][ T9932] Call Trace:
[  238.810732][ T9932]  <TASK>
[  238.810741][ T9932]  dump_stack_lvl+0x189/0x250
[  238.810780][ T9932]  ? __pfx____ratelimit+0x10/0x10
[  238.810804][ T9932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.810834][ T9932]  ? __pfx__printk+0x10/0x10
[  238.810859][ T9932]  ? fs_reclaim_acquire+0x7d/0x100
[  238.810894][ T9932]  should_fail_ex+0x414/0x560
[  238.810925][ T9932]  prepare_alloc_pages+0x213/0x610
[  238.810959][ T9932]  __alloc_frozen_pages_noprof+0x123/0x370
[  238.810990][ T9932]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  238.811026][ T9932]  ? policy_nodemask+0x27c/0x720
[  238.811045][ T9932]  ? __pfx__copy_from_iter+0x10/0x10
[  238.811079][ T9932]  alloc_pages_mpol+0x232/0x4a0
[  238.811107][ T9932]  alloc_pages_noprof+0xa9/0x190
[  238.811129][ T9932]  af_alg_sendmsg+0x133a/0x22e0
[  238.811152][ T9932]  ? __pfx___might_resched+0x10/0x10
[  238.811222][ T9932]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  238.811244][ T9932]  ? __pfx_aa_sk_perm+0x10/0x10
[  238.811264][ T9932]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  238.811299][ T9932]  ? aa_sock_msg_perm+0x94/0x160
[  238.811325][ T9932]  ? skcipher_sendmsg+0x26/0xf0
[  238.811348][ T9932]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  238.811375][ T9932]  __sock_sendmsg+0x219/0x270
[  238.811403][ T9932]  ____sys_sendmsg+0x52d/0x830
[  238.811437][ T9932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.811476][ T9932]  ? import_iovec+0x74/0xa0
[  238.811500][ T9932]  ___sys_sendmsg+0x21f/0x2a0
[  238.811531][ T9932]  ? __pfx____sys_sendmsg+0x10/0x10
[  238.811602][ T9932]  ? __fget_files+0x2a/0x420
[  238.811622][ T9932]  ? __fget_files+0x3a0/0x420
[  238.811656][ T9932]  __sys_sendmmsg+0x227/0x430
[  238.811692][ T9932]  ? __pfx___sys_sendmmsg+0x10/0x10
[  238.811716][ T9932]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  238.811772][ T9932]  ? ksys_write+0x22a/0x250
[  238.811794][ T9932]  ? __pfx_ksys_write+0x10/0x10
[  238.811808][ T9932]  ? rcu_is_watching+0x15/0xb0
[  238.811847][ T9932]  __x64_sys_sendmmsg+0xa0/0xc0
[  238.811878][ T9932]  do_syscall_64+0xfa/0x3b0
[  238.811899][ T9932]  ? lockdep_hardirqs_on+0x9c/0x150
[  238.811920][ T9932]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.811939][ T9932]  ? clear_bhb_loop+0x60/0xb0
[  238.811965][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.811984][ T9932] RIP: 0033:0x7f5da478e929
[  238.812003][ T9932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.812020][ T9932] RSP: 002b:00007f5da5659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  238.812043][ T9932] RAX: ffffffffffffffda RBX: 00007f5da49b5fa0 RCX: 00007f5da478e929
[  238.812058][ T9932] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  238.812070][ T9932] RBP: 00007f5da5659090 R08: 0000000000000000 R09: 0000000000000000
[  238.812082][ T9932] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000002
[  238.812094][ T9932] R13: 0000000000000000 R14: 00007f5da49b5fa0 R15: 00007ffd1df13528
[  238.812127][ T9932]  </TASK>
[  239.428963][ T9934] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  239.479588][ T9935] sch_fq: defrate 1 ignored.
[  239.692507][ T9944] netlink: 'syz.4.1196': attribute type 10 has an invalid length.
[  239.713518][ T9945] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.884607][ T9945] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.056284][ T9945] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.169100][ T9945] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.300273][ T6146] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.416129][ T6146] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.453014][ T6146] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.597185][ T6146] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.703088][ T9977] __nla_validate_parse: 5 callbacks suppressed
[  240.703110][ T9977] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1204'.
[  241.183987][ T9991] syzkaller1: entered promiscuous mode
[  241.199945][ T9991] syzkaller1: entered allmulticast mode
[  241.923490][ T9969] xt_CT: No such helper "snmp"
[  241.971525][T10010] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1215'.
[  242.022640][T10007] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1225'.
[  242.282794][T10017] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1219'.
[  243.052661][T10049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1229'.
[  243.105461][T10051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1229'.
[  243.405145][T10055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1231'.
[  243.432973][T10055] geneve0: entered promiscuous mode
[  243.439319][T10055] geneve0: entered allmulticast mode
[  243.471043][ T6169] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 37449 - 0
[  243.489712][ T6169] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 37449 - 0
[  243.588452][ T6169] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 37449 - 0
[  243.625501][ T6169] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 37449 - 0
[  244.136762][T10076] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1238'.
[  244.292340][T10088] netlink: 'syz.0.1241': attribute type 4 has an invalid length.
[  244.301044][T10088] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1241'.
[  244.574892][T10074] macvlan1: left promiscuous mode
[  244.705949][T10074] bond1: left promiscuous mode
[  244.718901][T10074] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  244.726183][T10074] macsec1: left promiscuous mode
[  244.732235][T10074] macsec1: left allmulticast mode
[  244.763574][T10092] vlan2: entered allmulticast mode
[  244.769071][T10092] bridge_slave_1: entered allmulticast mode
[  244.789471][ T6142] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  244.798412][ T6161] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  244.882617][T10094] netlink: 'syz.4.1243': attribute type 10 has an invalid length.
[  244.965816][ T6161] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  244.990569][T10096] netlink: 'syz.0.1244': attribute type 10 has an invalid length.
[  245.005588][ T6161] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  245.201654][T10103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1247'.
[  245.273916][T10110] netlink: 'syz.0.1250': attribute type 23 has an invalid length.
[  245.285267][T10110] netlink: 'syz.0.1250': attribute type 2 has an invalid length.
[  245.303873][T10110] þ: entered promiscuous mode
[  245.311783][T10107] netlink: 'syz.3.1248': attribute type 39 has an invalid length.
[  245.324464][T10110] _ÐZ`Ô€@ÿÿ: entered promiscuous mode
[  245.804084][T10133] netlink: 'syz.4.1259': attribute type 4 has an invalid length.
[  245.835883][T10133] __nla_validate_parse: 2 callbacks suppressed
[  245.835903][T10133] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1259'.
[  245.861897][T10139] netlink: 'syz.2.1260': attribute type 10 has an invalid length.
[  246.068963][T10144] netlink: 'syz.4.1261': attribute type 10 has an invalid length.
[  246.233176][T10148] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1263'.
[  246.285358][T10148] team0: entered promiscuous mode
[  246.290820][T10148] team0: entered allmulticast mode
[  246.371132][T10152] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1264'.
[  246.420651][T10152] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1264'.
[  246.545001][T10155] FAULT_INJECTION: forcing a failure.
[  246.545001][T10155] name failslab, interval 1, probability 0, space 0, times 0
[  246.585727][T10155] CPU: 0 UID: 0 PID: 10155 Comm: syz.4.1265 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  246.585759][T10155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.585771][T10155] Call Trace:
[  246.585779][T10155]  <TASK>
[  246.585788][T10155]  dump_stack_lvl+0x189/0x250
[  246.585823][T10155]  ? __pfx____ratelimit+0x10/0x10
[  246.585848][T10155]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.585878][T10155]  ? __pfx__printk+0x10/0x10
[  246.585917][T10155]  should_fail_ex+0x414/0x560
[  246.585969][T10155]  should_failslab+0xa8/0x100
[  246.585994][T10155]  __kmalloc_cache_noprof+0x70/0x3d0
[  246.586013][T10155]  ? sctp_add_bind_addr+0x8c/0x370
[  246.586042][T10155]  sctp_add_bind_addr+0x8c/0x370
[  246.586069][T10155]  sctp_copy_local_addr_list+0x30b/0x4e0
[  246.586094][T10155]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  246.586116][T10155]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  246.586141][T10155]  ? sctp_v6_is_any+0x64/0x80
[  246.586166][T10155]  ? sctp_copy_one_addr+0x93/0x360
[  246.586193][T10155]  sctp_bind_addr_copy+0xb3/0x3c0
[  246.586216][T10155]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  246.586251][T10155]  sctp_connect_new_asoc+0x2e0/0x690
[  246.586282][T10155]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  246.586306][T10155]  ? __local_bh_enable_ip+0x12d/0x1c0
[  246.586352][T10155]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  246.586377][T10155]  ? security_sctp_bind_connect+0x7e/0x2e0
[  246.586403][T10155]  sctp_sendmsg+0x155c/0x2810
[  246.586443][T10155]  ? __pfx_sctp_sendmsg+0x10/0x10
[  246.586474][T10155]  ? aa_sk_perm+0x81e/0x950
[  246.586503][T10155]  ? __pfx_aa_sk_perm+0x10/0x10
[  246.586530][T10155]  ? sock_rps_record_flow+0x19/0x410
[  246.586554][T10155]  ? inet_sendmsg+0x2f4/0x370
[  246.586580][T10155]  __sock_sendmsg+0x19c/0x270
[  246.586606][T10155]  ____sys_sendmsg+0x52d/0x830
[  246.586641][T10155]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.586681][T10155]  ? import_iovec+0x74/0xa0
[  246.586705][T10155]  ___sys_sendmsg+0x21f/0x2a0
[  246.586737][T10155]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.586811][T10155]  ? __fget_files+0x2a/0x420
[  246.586831][T10155]  ? __fget_files+0x3a0/0x420
[  246.586865][T10155]  __sys_sendmmsg+0x227/0x430
[  246.586900][T10155]  ? __pfx___sys_sendmmsg+0x10/0x10
[  246.586925][T10155]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  246.586981][T10155]  ? ksys_write+0x22a/0x250
[  246.587004][T10155]  ? __pfx_ksys_write+0x10/0x10
[  246.587025][T10155]  ? rcu_is_watching+0x15/0xb0
[  246.587062][T10155]  __x64_sys_sendmmsg+0xa0/0xc0
[  246.587092][T10155]  do_syscall_64+0xfa/0x3b0
[  246.587113][T10155]  ? lockdep_hardirqs_on+0x9c/0x150
[  246.587135][T10155]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.587153][T10155]  ? clear_bhb_loop+0x60/0xb0
[  246.587178][T10155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.587196][T10155] RIP: 0033:0x7f5da478e929
[  246.587215][T10155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.587232][T10155] RSP: 002b:00007f5da5659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  246.587254][T10155] RAX: ffffffffffffffda RBX: 00007f5da49b5fa0 RCX: 00007f5da478e929
[  246.587268][T10155] RDX: 0000000000000001 RSI: 0000200000003a00 RDI: 0000000000000003
[  246.587281][T10155] RBP: 00007f5da5659090 R08: 0000000000000000 R09: 0000000000000000
[  246.587293][T10155] R10: 000000000004c040 R11: 0000000000000246 R12: 0000000000000002
[  246.587304][T10155] R13: 0000000000000000 R14: 00007f5da49b5fa0 R15: 00007ffd1df13528
[  246.587346][T10155]  </TASK>
[  246.984307][ T6140] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  246.993013][ T6161] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  247.002118][ T6161] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  247.011242][ T6161] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  247.172301][T10162] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1269'.
[  247.326258][T10173] netlink: 'syz.2.1272': attribute type 10 has an invalid length.
[  248.018795][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1282'.
[  248.160173][T10205] xt_hashlimit: size too large, truncated to 1048576
[  248.184810][T10209] FAULT_INJECTION: forcing a failure.
[  248.184810][T10209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.217627][T10209] CPU: 0 UID: 0 PID: 10209 Comm: syz.2.1286 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  248.217658][T10209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.217670][T10209] Call Trace:
[  248.217678][T10209]  <TASK>
[  248.217686][T10209]  dump_stack_lvl+0x189/0x250
[  248.217722][T10209]  ? __pfx____ratelimit+0x10/0x10
[  248.217744][T10209]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.217773][T10209]  ? __pfx__printk+0x10/0x10
[  248.217808][T10209]  should_fail_ex+0x414/0x560
[  248.217838][T10209]  _copy_to_user+0x31/0xb0
[  248.217860][T10209]  simple_read_from_buffer+0xe1/0x170
[  248.217887][T10209]  proc_fail_nth_read+0x1df/0x250
[  248.217914][T10209]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.217941][T10209]  ? rw_verify_area+0x258/0x650
[  248.217969][T10209]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.217994][T10209]  vfs_read+0x200/0x980
[  248.218030][T10209]  ? __pfx___mutex_lock+0x10/0x10
[  248.218056][T10209]  ? __pfx_vfs_read+0x10/0x10
[  248.218085][T10209]  ? __fget_files+0x2a/0x420
[  248.218111][T10209]  ? __fget_files+0x3a0/0x420
[  248.218131][T10209]  ? __fget_files+0x2a/0x420
[  248.218164][T10209]  ksys_read+0x145/0x250
[  248.218197][T10209]  ? __pfx_ksys_read+0x10/0x10
[  248.218222][T10209]  ? rcu_is_watching+0x15/0xb0
[  248.218257][T10209]  ? do_syscall_64+0xbe/0x3b0
[  248.218286][T10209]  do_syscall_64+0xfa/0x3b0
[  248.218305][T10209]  ? lockdep_hardirqs_on+0x9c/0x150
[  248.218338][T10209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.218357][T10209]  ? clear_bhb_loop+0x60/0xb0
[  248.218382][T10209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.218401][T10209] RIP: 0033:0x7f0aabd8d33c
[  248.218420][T10209] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  248.218435][T10209] RSP: 002b:00007f0aacc3f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.218457][T10209] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8d33c
[  248.218471][T10209] RDX: 000000000000000f RSI: 00007f0aacc3f0a0 RDI: 0000000000000004
[  248.218481][T10209] RBP: 00007f0aacc3f090 R08: 0000000000000000 R09: 0000000000000000
[  248.218492][T10209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.218504][T10209] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  248.218537][T10209]  </TASK>
[  248.578662][T10211] netlink: 'syz.3.1287': attribute type 1 has an invalid length.
[  248.698413][T10213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1285'.
[  248.761035][T10221] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[  249.074222][T10211] bond2: entered promiscuous mode
[  249.139332][T10211] 8021q: adding VLAN 0 to HW filter on device bond2
[  249.322171][T10213] bridge0 (unregistering): left allmulticast mode
[  250.196627][T10264] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1297'.
[  250.943822][T10286] netlink: 'syz.3.1303': attribute type 1 has an invalid length.
[  251.444450][T10301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1311'.
[  251.461566][T10300] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1310'.
[  251.505039][T10298] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.682322][T10307] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1312'.
[  251.710585][T10298] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.768967][T10315] FAULT_INJECTION: forcing a failure.
[  251.768967][T10315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.785206][T10315] CPU: 0 UID: 0 PID: 10315 Comm: syz.0.1314 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  251.785233][T10315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  251.785243][T10315] Call Trace:
[  251.785250][T10315]  <TASK>
[  251.785258][T10315]  dump_stack_lvl+0x189/0x250
[  251.785290][T10315]  ? __pfx____ratelimit+0x10/0x10
[  251.785310][T10315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.785336][T10315]  ? __pfx__printk+0x10/0x10
[  251.785368][T10315]  should_fail_ex+0x414/0x560
[  251.785395][T10315]  _copy_to_user+0x31/0xb0
[  251.785415][T10315]  simple_read_from_buffer+0xe1/0x170
[  251.785438][T10315]  proc_fail_nth_read+0x1df/0x250
[  251.785463][T10315]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  251.785486][T10315]  ? rw_verify_area+0x258/0x650
[  251.785510][T10315]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  251.785532][T10315]  vfs_read+0x200/0x980
[  251.785564][T10315]  ? __pfx___mutex_lock+0x10/0x10
[  251.785586][T10315]  ? __pfx_vfs_read+0x10/0x10
[  251.785613][T10315]  ? __fget_files+0x2a/0x420
[  251.785637][T10315]  ? __fget_files+0x3a0/0x420
[  251.785653][T10315]  ? __fget_files+0x2a/0x420
[  251.785683][T10315]  ksys_read+0x145/0x250
[  251.785711][T10315]  ? __pfx_ksys_read+0x10/0x10
[  251.785734][T10315]  ? fput+0xa0/0xd0
[  251.785759][T10315]  ? do_syscall_64+0xbe/0x3b0
[  251.785785][T10315]  do_syscall_64+0xfa/0x3b0
[  251.785804][T10315]  ? lockdep_hardirqs_on+0x9c/0x150
[  251.785823][T10315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.785840][T10315]  ? clear_bhb_loop+0x60/0xb0
[  251.785864][T10315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.785907][T10315] RIP: 0033:0x7f307f38d33c
[  251.785925][T10315] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  251.785941][T10315] RSP: 002b:00007f3080298030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  251.785962][T10315] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38d33c
[  251.785974][T10315] RDX: 000000000000000f RSI: 00007f30802980a0 RDI: 0000000000000004
[  251.785985][T10315] RBP: 00007f3080298090 R08: 0000000000000000 R09: 0000000000000000
[  251.785996][T10315] R10: 0000200000001840 R11: 0000000000000246 R12: 0000000000000001
[  251.786007][T10315] R13: 0000000000000000 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  251.786049][T10315]  </TASK>
[  252.098177][T10319] batadv_slave_0: entered promiscuous mode
[  252.170184][T10298] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.184880][T10307] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1312'.
[  252.333181][T10298] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.548887][T10334] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1321'.
[  252.597961][T10336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1321'.
[  252.654042][ T6154] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.677872][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1322'.
[  252.686753][ T6154] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.830875][ T6154] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.880934][ T6154] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.057270][T10345] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1324'.
[  253.198463][T10350] FAULT_INJECTION: forcing a failure.
[  253.198463][T10350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.241381][T10350] CPU: 1 UID: 0 PID: 10350 Comm: syz.2.1326 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  253.241413][T10350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.241425][T10350] Call Trace:
[  253.241433][T10350]  <TASK>
[  253.241441][T10350]  dump_stack_lvl+0x189/0x250
[  253.241475][T10350]  ? __pfx____ratelimit+0x10/0x10
[  253.241497][T10350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.241526][T10350]  ? __pfx__printk+0x10/0x10
[  253.241546][T10350]  ? __might_fault+0xb0/0x130
[  253.241578][T10350]  should_fail_ex+0x414/0x560
[  253.241607][T10350]  _copy_from_user+0x2d/0xb0
[  253.241627][T10350]  ___sys_recvmsg+0x12e/0x510
[  253.241663][T10350]  ? __pfx____sys_recvmsg+0x10/0x10
[  253.241728][T10350]  ? __might_fault+0xb0/0x130
[  253.241751][T10350]  do_recvmmsg+0x307/0x770
[  253.241790][T10350]  ? __pfx_do_recvmmsg+0x10/0x10
[  253.241833][T10350]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  253.241879][T10350]  __x64_sys_recvmmsg+0x190/0x240
[  253.241912][T10350]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  253.241939][T10350]  ? rcu_is_watching+0x15/0xb0
[  253.241974][T10350]  ? do_syscall_64+0xbe/0x3b0
[  253.242003][T10350]  do_syscall_64+0xfa/0x3b0
[  253.242023][T10350]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.242045][T10350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.242080][T10350]  ? clear_bhb_loop+0x60/0xb0
[  253.242105][T10350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.242123][T10350] RIP: 0033:0x7f0aabd8e929
[  253.242142][T10350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.242158][T10350] RSP: 002b:00007f0aacc3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  253.242182][T10350] RAX: ffffffffffffffda RBX: 00007f0aabfb5fa0 RCX: 00007f0aabd8e929
[  253.242195][T10350] RDX: 0000000004000169 RSI: 0000200000005000 RDI: 0000000000000003
[  253.242206][T10350] RBP: 00007f0aacc3f090 R08: 0000000000000000 R09: 0000000000000000
[  253.242219][T10350] R10: 0000000000000060 R11: 0000000000000246 R12: 0000000000000002
[  253.242230][T10350] R13: 0000000000000000 R14: 00007f0aabfb5fa0 R15: 00007ffdbe26e048
[  253.242264][T10350]  </TASK>
[  253.469171][T10355] dvmrp1: entered allmulticast mode
[  254.043474][T10382] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  254.058951][T10382] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.127708][T10382] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  254.138622][T10382] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.263851][T10382] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  254.275167][T10382] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.399731][T10382] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  254.410573][T10382] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.458964][T10400] FAULT_INJECTION: forcing a failure.
[  254.458964][T10400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.472278][T10400] CPU: 0 UID: 0 PID: 10400 Comm: syz.0.1341 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  254.472306][T10400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.472318][T10400] Call Trace:
[  254.472326][T10400]  <TASK>
[  254.472335][T10400]  dump_stack_lvl+0x189/0x250
[  254.472371][T10400]  ? __pfx____ratelimit+0x10/0x10
[  254.472394][T10400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.472423][T10400]  ? __pfx__printk+0x10/0x10
[  254.472461][T10400]  should_fail_ex+0x414/0x560
[  254.472492][T10400]  _copy_to_user+0x31/0xb0
[  254.472515][T10400]  simple_read_from_buffer+0xe1/0x170
[  254.472543][T10400]  proc_fail_nth_read+0x1df/0x250
[  254.472570][T10400]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.472598][T10400]  ? rw_verify_area+0x258/0x650
[  254.472626][T10400]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.472652][T10400]  vfs_read+0x200/0x980
[  254.472688][T10400]  ? __pfx___mutex_lock+0x10/0x10
[  254.472713][T10400]  ? __pfx_vfs_read+0x10/0x10
[  254.472745][T10400]  ? __fget_files+0x2a/0x420
[  254.472772][T10400]  ? __fget_files+0x3a0/0x420
[  254.472792][T10400]  ? __fget_files+0x2a/0x420
[  254.472825][T10400]  ksys_read+0x145/0x250
[  254.472858][T10400]  ? __pfx_ksys_read+0x10/0x10
[  254.472884][T10400]  ? rcu_is_watching+0x15/0xb0
[  254.472920][T10400]  ? do_syscall_64+0xbe/0x3b0
[  254.472949][T10400]  do_syscall_64+0xfa/0x3b0
[  254.472970][T10400]  ? lockdep_hardirqs_on+0x9c/0x150
[  254.473000][T10400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.473020][T10400]  ? clear_bhb_loop+0x60/0xb0
[  254.473046][T10400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.473064][T10400] RIP: 0033:0x7f307f38d33c
[  254.473082][T10400] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  254.473099][T10400] RSP: 002b:00007f3080298030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  254.473122][T10400] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38d33c
[  254.473136][T10400] RDX: 000000000000000f RSI: 00007f30802980a0 RDI: 0000000000000005
[  254.473148][T10400] RBP: 00007f3080298090 R08: 0000000000000000 R09: 0000000000000000
[  254.473159][T10400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.473171][T10400] R13: 0000000000000000 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  254.473205][T10400]  </TASK>
[  254.823382][ T6161] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  254.831750][ T6161] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.841231][ T6161] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  254.849662][ T6161] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.858346][ T6154] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  254.899430][ T6154] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.915978][ T6154] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  254.942786][ T6154] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.995788][T10404] bridge3: entered allmulticast mode
[  255.125240][T10411] netlink: 'syz.1.1346': attribute type 1 has an invalid length.
[  255.166713][T10413] netlink: 'syz.4.1347': attribute type 1 has an invalid length.
[  255.205677][T10413] netlink: 'syz.4.1347': attribute type 11 has an invalid length.
[  255.216802][T10413] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1347'.
[  255.231172][T10411] bond3: entered promiscuous mode
[  255.238776][T10411] 8021q: adding VLAN 0 to HW filter on device bond3
[  255.282640][T10421] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1350'.
[  255.369205][T10424] netlink: 'syz.4.1351': attribute type 3 has an invalid length.
[  255.463730][T10427] netlink: 'syz.4.1351': attribute type 1 has an invalid length.
[  255.483730][T10427] xt_policy: too many policy elements
[  255.765554][T10440] netlink: 'syz.1.1356': attribute type 10 has an invalid length.
[  255.841192][T10442] lo speed is unknown, defaulting to 1000
[  255.879360][T10442] lo speed is unknown, defaulting to 1000
[  255.910058][T10442] lo speed is unknown, defaulting to 1000
[  255.943512][T10442] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  255.979290][T10448] netlink: 'syz.4.1357': attribute type 32 has an invalid length.
[  256.037874][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.039163][T10442] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  256.169460][T10442] lo speed is unknown, defaulting to 1000
[  256.189688][T10442] lo speed is unknown, defaulting to 1000
[  256.202977][T10442] lo speed is unknown, defaulting to 1000
[  256.211704][T10457] netlink: 'syz.0.1361': attribute type 15 has an invalid length.
[  256.215906][T10442] lo speed is unknown, defaulting to 1000
[  256.220422][T10453] netlink: 'syz.1.1360': attribute type 4 has an invalid length.
[  256.233961][T10457] netlink: 'syz.0.1361': attribute type 18 has an invalid length.
[  256.243218][T10442] lo speed is unknown, defaulting to 1000
[  256.520310][T10471] __nla_validate_parse: 8 callbacks suppressed
[  256.520333][T10471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1367'.
[  256.542015][T10473] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1366'.
[  256.907674][T10479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1370'.
[  257.248183][T10492] netlink: 'syz.0.1375': attribute type 13 has an invalid length.
[  257.335505][T10498] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1376'.
[  257.423198][T10501] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1379'.
[  257.565093][   T49] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  257.591938][   T49] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 37449 - 0
[  257.627412][ T6161] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  257.655204][ T6161] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 37449 - 0
[  257.748793][ T6161] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  257.776701][ T6161] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 37449 - 0
[  257.806359][ T6161] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  257.827547][ T6161] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 37449 - 0
[  257.889028][T10517] bond0: entered promiscuous mode
[  257.918701][T10519] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1384'.
[  257.976613][T10519] macsec2: entered allmulticast mode
[  257.988974][T10519] dummy0: entered allmulticast mode
[  258.018654][T10523] netlink: 'syz.2.1384': attribute type 33 has an invalid length.
[  258.039999][T10519] dummy0: left allmulticast mode
[  258.052594][T10523] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1384'.
[  258.093461][T10521] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1385'.
[  259.072388][T10562] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1400'.
[  259.180250][T10566] FAULT_INJECTION: forcing a failure.
[  259.180250][T10566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.237213][T10566] CPU: 1 UID: 0 PID: 10566 Comm: syz.0.1401 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  259.237244][T10566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.237256][T10566] Call Trace:
[  259.237265][T10566]  <TASK>
[  259.237273][T10566]  dump_stack_lvl+0x189/0x250
[  259.237308][T10566]  ? __pfx____ratelimit+0x10/0x10
[  259.237330][T10566]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.237359][T10566]  ? __pfx__printk+0x10/0x10
[  259.237396][T10566]  should_fail_ex+0x414/0x560
[  259.237428][T10566]  _copy_to_user+0x31/0xb0
[  259.237450][T10566]  simple_read_from_buffer+0xe1/0x170
[  259.237476][T10566]  proc_fail_nth_read+0x1df/0x250
[  259.237504][T10566]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  259.237529][T10566]  ? rw_verify_area+0x258/0x650
[  259.237557][T10566]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  259.237581][T10566]  vfs_read+0x200/0x980
[  259.237614][T10566]  ? __pfx___mutex_lock+0x10/0x10
[  259.237639][T10566]  ? __pfx_vfs_read+0x10/0x10
[  259.237667][T10566]  ? __fget_files+0x2a/0x420
[  259.237693][T10566]  ? __fget_files+0x3a0/0x420
[  259.237711][T10566]  ? __fget_files+0x2a/0x420
[  259.237742][T10566]  ksys_read+0x145/0x250
[  259.237772][T10566]  ? __pfx_ksys_read+0x10/0x10
[  259.237796][T10566]  ? rcu_is_watching+0x15/0xb0
[  259.237832][T10566]  ? do_syscall_64+0xbe/0x3b0
[  259.237861][T10566]  do_syscall_64+0xfa/0x3b0
[  259.237883][T10566]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.237905][T10566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.237924][T10566]  ? clear_bhb_loop+0x60/0xb0
[  259.237948][T10566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.237967][T10566] RIP: 0033:0x7f307f38d33c
[  259.237985][T10566] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  259.238003][T10566] RSP: 002b:00007f3080298030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  259.238027][T10566] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38d33c
[  259.238041][T10566] RDX: 000000000000000f RSI: 00007f30802980a0 RDI: 0000000000000009
[  259.238054][T10566] RBP: 00007f3080298090 R08: 0000000000000000 R09: 0000000000000000
[  259.238065][T10566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.238077][T10566] R13: 0000000000000000 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  259.238113][T10566]  </TASK>
[  259.632374][T10576] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1407'.
[  259.798194][T10582] FAULT_INJECTION: forcing a failure.
[  259.798194][T10582] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  259.812997][T10582] CPU: 0 UID: 0 PID: 10582 Comm: syz.3.1408 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  259.813029][T10582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.813041][T10582] Call Trace:
[  259.813050][T10582]  <TASK>
[  259.813058][T10582]  dump_stack_lvl+0x189/0x250
[  259.813093][T10582]  ? __pfx____ratelimit+0x10/0x10
[  259.813117][T10582]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.813147][T10582]  ? __pfx__printk+0x10/0x10
[  259.813170][T10582]  ? fs_reclaim_acquire+0x7d/0x100
[  259.813203][T10582]  should_fail_ex+0x414/0x560
[  259.813235][T10582]  prepare_alloc_pages+0x213/0x610
[  259.813268][T10582]  __alloc_frozen_pages_noprof+0x123/0x370
[  259.813300][T10582]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  259.813323][T10582]  ? __lock_acquire+0xab9/0xd20
[  259.813360][T10582]  ? policy_nodemask+0x27c/0x720
[  259.813386][T10582]  alloc_pages_mpol+0x232/0x4a0
[  259.813415][T10582]  alloc_pages_noprof+0xa9/0x190
[  259.813438][T10582]  __pud_alloc+0x3a/0x260
[  259.813473][T10582]  __handle_mm_fault+0x3573/0x5620
[  259.813507][T10582]  ? mt_find+0x15c/0x5f0
[  259.813536][T10582]  ? mt_find+0x46f/0x5f0
[  259.813566][T10582]  ? __pfx___handle_mm_fault+0x10/0x10
[  259.813620][T10582]  ? find_vma+0xe7/0x160
[  259.813637][T10582]  ? __pfx_find_vma+0x10/0x10
[  259.813659][T10582]  handle_mm_fault+0x40a/0x8e0
[  259.813701][T10582]  do_user_addr_fault+0x764/0x1390
[  259.813746][T10582]  exc_page_fault+0x76/0xf0
[  259.813771][T10582]  asm_exc_page_fault+0x26/0x30
[  259.813790][T10582] RIP: 0010:__put_user_4+0xd/0x20
[  259.813813][T10582] Code: 66 89 01 31 c9 0f 01 ca e9 40 3b 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 17 3b 03 00 90 90 90 90 90 90 90 90 90 90
[  259.813831][T10582] RSP: 0018:ffffc9000474fc18 EFLAGS: 00050206
[  259.813851][T10582] RAX: 0000000000034000 RBX: 0000000000000000 RCX: 0000200000000000
[  259.813865][T10582] RDX: 0000000000000000 RSI: ffffffff8db73002 RDI: ffffffff8be28d40
[  259.813878][T10582] RBP: ffffc9000474fcb0 R08: 0000000000000000 R09: ffffffff820c48e0
[  259.813892][T10582] R10: dffffc0000000000 R11: ffffed100513e654 R12: dffffc0000000000
[  259.813906][T10582] R13: 1ffff920008e9f84 R14: 0000000000034000 R15: 0000000000034000
[  259.813937][T10582]  ? __might_fault+0xb0/0x130
[  259.813966][T10582]  rose_ioctl+0x551/0x8b0
[  259.813995][T10582]  ? __pfx_rose_ioctl+0x10/0x10
[  259.814034][T10582]  sock_do_ioctl+0xd9/0x300
[  259.814060][T10582]  ? __pfx_sock_do_ioctl+0x10/0x10
[  259.814079][T10582]  ? __lock_acquire+0xab9/0xd20
[  259.814126][T10582]  sock_ioctl+0x576/0x790
[  259.814149][T10582]  ? __pfx_sock_ioctl+0x10/0x10
[  259.814169][T10582]  ? __fget_files+0x2a/0x420
[  259.814189][T10582]  ? __fget_files+0x3a0/0x420
[  259.814209][T10582]  ? __fget_files+0x2a/0x420
[  259.814234][T10582]  ? bpf_lsm_file_ioctl+0x9/0x20
[  259.814259][T10582]  ? __pfx_sock_ioctl+0x10/0x10
[  259.814278][T10582]  __se_sys_ioctl+0xf9/0x170
[  259.814309][T10582]  do_syscall_64+0xfa/0x3b0
[  259.814331][T10582]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.814353][T10582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.814372][T10582]  ? clear_bhb_loop+0x60/0xb0
[  259.814396][T10582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.814415][T10582] RIP: 0033:0x7fee2eb8e929
[  259.814432][T10582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.814448][T10582] RSP: 002b:00007fee2fada038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.814468][T10582] RAX: ffffffffffffffda RBX: 00007fee2edb5fa0 RCX: 00007fee2eb8e929
[  259.814482][T10582] RDX: 0000200000000000 RSI: 0000000000005411 RDI: 0000000000000004
[  259.814495][T10582] RBP: 00007fee2fada090 R08: 0000000000000000 R09: 0000000000000000
[  259.814507][T10582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.814519][T10582] R13: 0000000000000000 R14: 00007fee2edb5fa0 R15: 00007ffcbb8313d8
[  259.814553][T10582]  </TASK>
[  260.314979][T10581] vlan2: entered allmulticast mode
[  260.320590][T10581] bridge_slave_0: entered allmulticast mode
[  260.410210][T10587] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  260.695405][T10599] lo speed is unknown, defaulting to 1000
[  261.754506][T10635] __nla_validate_parse: 4 callbacks suppressed
[  261.754528][T10635] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1427'.
[  261.835840][T10635] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1427'.
[  262.111686][T10652] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1433'.
[  262.280224][T10662] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1437'.
[  262.421037][T10668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1439'.
[  262.430591][   T55] block nbd4: Possible stuck request ffff8880254b7000: control (read@0,1024B). Runtime 150 seconds
[  262.441853][   T55] block nbd4: Possible stuck request ffff8880254b71c0: control (read@1024,1024B). Runtime 150 seconds
[  262.453443][   T55] block nbd4: Possible stuck request ffff8880254b7380: control (read@2048,1024B). Runtime 150 seconds
[  262.457272][T10668] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1439'.
[  262.464684][   T55] block nbd4: Possible stuck request ffff8880254b7540: control (read@3072,1024B). Runtime 150 seconds
[  262.662260][T10676] netlink: 'syz.2.1442': attribute type 1 has an invalid length.
[  262.690617][T10676] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1442'.
[  263.168214][T10693] lo speed is unknown, defaulting to 1000
[  263.251410][T10697] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.341455][T10697] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.366760][T10704] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1450'.
[  263.402975][T10695] lo speed is unknown, defaulting to 1000
[  263.800025][T10716] syzkaller1: entered promiscuous mode
[  263.813686][T10716] syzkaller1: entered allmulticast mode
[  264.009138][T10723] netlink: 'syz.3.1454': attribute type 10 has an invalid length.
[  264.038556][T10723] team0: Device hsr_slave_0 failed to register rx_handler
[  264.053292][T10726] geneve1: entered promiscuous mode
[  264.060650][T10726] geneve1: entered allmulticast mode
[  264.082588][T10723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1454'.
[  264.111312][T10723] veth1_macvtap: left promiscuous mode
[  264.419272][T10738] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1461'.
[  264.503998][T10744] FAULT_INJECTION: forcing a failure.
[  264.503998][T10744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.540491][T10742] netlink: 'syz.1.1462': attribute type 21 has an invalid length.
[  264.558103][T10742] netlink: 'syz.1.1462': attribute type 4 has an invalid length.
[  264.578648][T10744] CPU: 0 UID: 0 PID: 10744 Comm: syz.0.1464 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  264.578676][T10744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.578688][T10744] Call Trace:
[  264.578696][T10744]  <TASK>
[  264.578705][T10744]  dump_stack_lvl+0x189/0x250
[  264.578741][T10744]  ? __pfx____ratelimit+0x10/0x10
[  264.578764][T10744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.578794][T10744]  ? __pfx__printk+0x10/0x10
[  264.578815][T10744]  ? __might_fault+0xb0/0x130
[  264.578848][T10744]  should_fail_ex+0x414/0x560
[  264.578878][T10744]  _copy_from_user+0x2d/0xb0
[  264.578899][T10744]  do_ipv6_setsockopt+0x32d/0x2fb0
[  264.578933][T10744]  ? aa_label_sk_perm+0x413/0x560
[  264.578958][T10744]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  264.578987][T10744]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  264.579033][T10744]  ? __pfx___might_resched+0x10/0x10
[  264.579064][T10744]  ? rcu_read_lock_any_held+0xb3/0x120
[  264.579084][T10744]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  264.579107][T10744]  ? vfs_write+0x8d8/0xa90
[  264.579142][T10744]  ? aa_sk_perm+0x81e/0x950
[  264.579170][T10744]  ? __pfx_aa_sk_perm+0x10/0x10
[  264.579190][T10744]  ? __lock_acquire+0xab9/0xd20
[  264.579238][T10744]  ipv6_setsockopt+0x59/0x170
[  264.579264][T10744]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  264.579291][T10744]  do_sock_setsockopt+0x257/0x3e0
[  264.579322][T10744]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  264.579355][T10744]  ? __fget_files+0x2a/0x420
[  264.579387][T10744]  __x64_sys_setsockopt+0x18b/0x220
[  264.579421][T10744]  do_syscall_64+0xfa/0x3b0
[  264.579446][T10744]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.579465][T10744]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  264.579484][T10744]  ? clear_bhb_loop+0x60/0xb0
[  264.579508][T10744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.579527][T10744] RIP: 0033:0x7f307f38e929
[  264.579545][T10744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.579563][T10744] RSP: 002b:00007f3080298038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  264.579585][T10744] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38e929
[  264.579599][T10744] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000004
[  264.579611][T10744] RBP: 00007f3080298090 R08: 0000000000000020 R09: 0000000000000000
[  264.579623][T10744] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  264.579635][T10744] R13: 0000000000000000 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  264.579668][T10744]  </TASK>
[  264.627441][T10742] netlink: 'syz.1.1462': attribute type 3 has an invalid length.
[  264.812281][T10758] netlink: 'syz.0.1467': attribute type 10 has an invalid length.
[  265.369517][T10775] netlink: 'syz.4.1473': attribute type 10 has an invalid length.
[  265.412440][T10775] veth0_vlan: left promiscuous mode
[  265.439269][T10775] veth0_vlan: entered promiscuous mode
[  265.470584][T10775] team0: Device veth0_vlan failed to register rx_handler
[  266.724195][T10825] FAULT_INJECTION: forcing a failure.
[  266.724195][T10825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.742943][T10825] CPU: 1 UID: 0 PID: 10825 Comm: syz.0.1492 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  266.742974][T10825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.742985][T10825] Call Trace:
[  266.742994][T10825]  <TASK>
[  266.743003][T10825]  dump_stack_lvl+0x189/0x250
[  266.743039][T10825]  ? __pfx____ratelimit+0x10/0x10
[  266.743063][T10825]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.743102][T10825]  ? __pfx__printk+0x10/0x10
[  266.743125][T10825]  ? __might_fault+0xb0/0x130
[  266.743159][T10825]  should_fail_ex+0x414/0x560
[  266.743189][T10825]  _copy_from_user+0x2d/0xb0
[  266.743210][T10825]  ___sys_recvmsg+0x12e/0x510
[  266.743246][T10825]  ? __pfx____sys_recvmsg+0x10/0x10
[  266.743310][T10825]  ? __might_fault+0xb0/0x130
[  266.743331][T10825]  do_recvmmsg+0x307/0x770
[  266.743369][T10825]  ? __pfx_do_recvmmsg+0x10/0x10
[  266.743411][T10825]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  266.743454][T10825]  __x64_sys_recvmmsg+0x190/0x240
[  266.743485][T10825]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  266.743512][T10825]  ? rcu_is_watching+0x15/0xb0
[  266.743547][T10825]  ? do_syscall_64+0xbe/0x3b0
[  266.743575][T10825]  do_syscall_64+0xfa/0x3b0
[  266.743596][T10825]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.743617][T10825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.743637][T10825]  ? clear_bhb_loop+0x60/0xb0
[  266.743661][T10825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.743680][T10825] RIP: 0033:0x7f307f38e929
[  266.743699][T10825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.743717][T10825] RSP: 002b:00007f3080298038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  266.743740][T10825] RAX: ffffffffffffffda RBX: 00007f307f5b5fa0 RCX: 00007f307f38e929
[  266.743755][T10825] RDX: 0000000004000169 RSI: 0000200000005000 RDI: 0000000000000003
[  266.743768][T10825] RBP: 00007f3080298090 R08: 0000000000000000 R09: 0000000000000000
[  266.743781][T10825] R10: 0000000000000060 R11: 0000000000000246 R12: 0000000000000002
[  266.743793][T10825] R13: 0000000000000000 R14: 00007f307f5b5fa0 R15: 00007ffd5e28b4c8
[  266.743827][T10825]  </TASK>
[  267.424683][T10857] FAULT_INJECTION: forcing a failure.
[  267.424683][T10857] name failslab, interval 1, probability 0, space 0, times 0
[  267.448423][T10857] CPU: 0 UID: 0 PID: 10857 Comm: syz.1.1503 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  267.448454][T10857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.448466][T10857] Call Trace:
[  267.448474][T10857]  <TASK>
[  267.448483][T10857]  dump_stack_lvl+0x189/0x250
[  267.448516][T10857]  ? __pfx____ratelimit+0x10/0x10
[  267.448540][T10857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.448567][T10857]  ? __pfx__printk+0x10/0x10
[  267.448593][T10857]  ? __pfx___might_resched+0x10/0x10
[  267.448621][T10857]  ? fs_reclaim_acquire+0x7d/0x100
[  267.448648][T10857]  should_fail_ex+0x414/0x560
[  267.448677][T10857]  ? page_pool_create_percpu+0x32a/0xbe0
[  267.448706][T10857]  should_failslab+0xa8/0x100
[  267.448729][T10857]  __kvmalloc_node_noprof+0x161/0x5f0
[  267.448750][T10857]  ? page_pool_create_percpu+0x32a/0xbe0
[  267.448784][T10857]  page_pool_create_percpu+0x32a/0xbe0
[  267.448814][T10857]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  267.448843][T10857]  bpf_test_run_xdp_live+0x1ca/0x1b10
[  267.448873][T10857]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  267.448903][T10857]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  267.448936][T10857]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  267.448958][T10857]  ? 0xffffffffa02057c0
[  267.448976][T10857]  ? 0xffffffffa02057c0
[  267.449037][T10857]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  267.449068][T10857]  ? _copy_from_user+0x94/0xb0
[  267.449093][T10857]  ? bpf_test_init+0x133/0x170
[  267.449112][T10857]  ? xdp_convert_md_to_buff+0x5b/0x330
[  267.449135][T10857]  bpf_prog_test_run_xdp+0x713/0x1000
[  267.449174][T10857]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  267.449203][T10857]  ? __fget_files+0x2a/0x420
[  267.449227][T10857]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  267.449248][T10857]  bpf_prog_test_run+0x2c7/0x340
[  267.449277][T10857]  __sys_bpf+0x4a4/0x860
[  267.449302][T10857]  ? __pfx___sys_bpf+0x10/0x10
[  267.449339][T10857]  ? ksys_write+0x22a/0x250
[  267.449358][T10857]  ? __pfx_ksys_write+0x10/0x10
[  267.449371][T10857]  ? rcu_is_watching+0x15/0xb0
[  267.449407][T10857]  __x64_sys_bpf+0x7c/0x90
[  267.449429][T10857]  do_syscall_64+0xfa/0x3b0
[  267.449450][T10857]  ? lockdep_hardirqs_on+0x9c/0x150
[  267.449470][T10857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.449487][T10857]  ? clear_bhb_loop+0x60/0xb0
[  267.449509][T10857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.449532][T10857] RIP: 0033:0x7fd23cb8e929
[  267.449547][T10857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.449563][T10857] RSP: 002b:00007fd23d94d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  267.449584][T10857] RAX: ffffffffffffffda RBX: 00007fd23cdb5fa0 RCX: 00007fd23cb8e929
[  267.449598][T10857] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  267.449610][T10857] RBP: 00007fd23d94d090 R08: 0000000000000000 R09: 0000000000000000
[  267.449621][T10857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.449632][T10857] R13: 0000000000000000 R14: 00007fd23cdb5fa0 R15: 00007ffc72cd83d8
[  267.449663][T10857]  </TASK>
[  267.449984][T10857] page_pool_create_percpu() gave up with errno -12
[  267.995245][T10869] __nla_validate_parse: 8 callbacks suppressed
[  267.995268][T10869] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1504'.
[  268.011223][T10873] netlink: 'syz.3.1506': attribute type 2 has an invalid length.
[  268.082047][T10873] syzkaller0: entered promiscuous mode
[  268.090131][T10873] syzkaller0: entered allmulticast mode
[  268.279786][T10884] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1511'.
[  268.827871][   T55] block nbd3: Possible stuck request ffff888025440000: control (read@0,1024B). Runtime 90 seconds
[  268.838682][   T55] block nbd3: Possible stuck request ffff8880254401c0: control (read@1024,1024B). Runtime 90 seconds
[  268.850023][   T55] block nbd3: Possible stuck request ffff888025440380: control (read@2048,1024B). Runtime 90 seconds
[  268.861746][   T55] block nbd3: Possible stuck request ffff888025440540: control (read@3072,1024B). Runtime 90 seconds
[  270.664064][T10884] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1511'.
[  270.665213][ T6142] ------------[ cut here ]------------
[  270.678983][ T6142] WARNING: CPU: 0 PID: 6142 at net/ipv6/ip6mr.c:2376 ip6_mr_output+0xe0b/0x1040
[  270.688183][ T6142] Modules linked in:
[  270.692379][ T6142] CPU: 0 UID: 0 PID: 6142 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  270.704780][ T6142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  270.714991][ T6142] Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
[  270.722155][ T6142] RIP: 0010:ip6_mr_output+0xe0b/0x1040
[  270.727848][ T6142] Code: f7 49 bd 00 00 00 00 00 fc ff df 48 8b 74 24 38 45 31 f6 31 ff ba 02 00 00 00 e8 80 18 1b ff e9 a7 fd ff ff e8 f6 cb 94 f7 90 <0f> 0b 90 e9 c7 f3 ff ff e8 e8 cb 94 f7 90 0f 0b 90 43 80 3c 2e 00
[  270.747860][ T6142] RSP: 0018:ffffc9000b28f3e0 EFLAGS: 00010293
[  270.754164][ T6142] RAX: ffffffff8a2b827a RBX: 0000000000000000 RCX: ffff88802a198000
[  270.762236][ T6142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  270.770494][ T6142] RBP: ffffc9000b28f658 R08: ffffc9000b28f5c7 R09: 0000000000000000
[  270.778542][ T6142] R10: ffffc9000b28f570 R11: fffff52001651eb9 R12: 1ffff92001651e8c
[  270.787188][ T6142] R13: dffffc0000000000 R14: ffffc9000b28f570 R15: ffff888051147dc0
[  270.795194][ T6142] FS:  0000000000000000(0000) GS:ffff888125c48000(0000) knlGS:0000000000000000
[  270.804343][ T6142] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  270.810973][ T6142] CR2: 00007fee2f8e7d60 CR3: 0000000076096000 CR4: 00000000003526f0
[  270.819019][ T6142] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  270.827162][ T6142] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  270.835137][ T6142] Call Trace:
[  270.838486][ T6142]  <TASK>
[  270.841431][ T6142]  ? __pfx_ip6t_do_table+0x10/0x10
[  270.846551][ T6142]  ? __pfx_ip6_mr_output+0x10/0x10
[  270.851842][ T6142]  ? __ip6_local_out+0x609/0x870
[  270.856900][ T6142]  ? __ip6_local_out+0x82c/0x870
[  270.861880][ T6142]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  270.867314][ T6142]  ? __ip6_local_out+0x609/0x870
[  270.872446][ T6142]  ? __lock_acquire+0xab9/0xd20
[  270.877373][ T6142]  ? udp6_set_csum+0x995/0xee0
[  270.882425][ T6142]  ? skb_dst+0x4f/0xd0
[  270.886518][ T6142]  ? dst_output+0x177/0x1c0
[  270.891151][ T6142]  udp_tunnel6_xmit_skb+0x640/0xad0
[  270.896406][ T6142]  send6+0x5ac/0x8d0
[  270.900470][ T6142]  ? send6+0x220/0x8d0
[  270.904849][ T6142]  ? __pfx_send6+0x10/0x10
[  270.909702][ T6142]  ? wg_socket_send_buffer_to_peer+0x13b/0x1c0
[  270.916176][ T6142]  wg_socket_send_skb_to_peer+0x111/0x1d0
[  270.922041][ T6142]  wg_packet_handshake_send_worker+0x1db/0x320
[  270.928285][ T6142]  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
[  270.935003][ T6142]  ? _raw_spin_unlock_irq+0x23/0x50
[  270.940288][ T6142]  ? process_scheduled_works+0x9ef/0x17b0
[  270.946060][ T6142]  ? process_scheduled_works+0x9ef/0x17b0
[  270.951852][ T6142]  process_scheduled_works+0xae1/0x17b0
[  270.957620][ T6142]  ? __pfx_process_scheduled_works+0x10/0x10
[  270.963752][ T6142]  worker_thread+0x8a0/0xda0
[  270.968546][ T6142]  kthread+0x70e/0x8a0
[  270.973002][ T6142]  ? __pfx_worker_thread+0x10/0x10
[  270.978209][ T6142]  ? __pfx_kthread+0x10/0x10
[  270.982962][ T6142]  ? _raw_spin_unlock_irq+0x23/0x50
[  270.988258][ T6142]  ? lockdep_hardirqs_on+0x9c/0x150
[  270.993490][ T6142]  ? __pfx_kthread+0x10/0x10
[  270.998158][ T6142]  ret_from_fork+0x3fc/0x770
[  271.002787][ T6142]  ? __pfx_ret_from_fork+0x10/0x10
[  271.007984][ T6142]  ? __switch_to_asm+0x39/0x70
[  271.012776][ T6142]  ? __switch_to_asm+0x33/0x70
[  271.017594][ T6142]  ? __pfx_kthread+0x10/0x10
[  271.022210][ T6142]  ret_from_fork_asm+0x1a/0x30
[  271.027065][ T6142]  </TASK>
[  271.030121][ T6142] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  271.037444][ T6142] CPU: 0 UID: 0 PID: 6142 Comm: kworker/u8:12 Not tainted 6.16.0-rc3-syzkaller-00837-g28aa52b6189f #0 PREEMPT(full) 
[  271.049838][ T6142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.059929][ T6142] Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
[  271.066899][ T6142] Call Trace:
[  271.070182][ T6142]  <TASK>
[  271.073299][ T6142]  dump_stack_lvl+0x99/0x250
[  271.077918][ T6142]  ? __asan_memcpy+0x40/0x70
[  271.082538][ T6142]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.087743][ T6142]  ? __pfx__printk+0x10/0x10
[  271.092364][ T6142]  panic+0x2db/0x790
[  271.096300][ T6142]  ? __pfx_panic+0x10/0x10
[  271.100746][ T6142]  ? show_trace_log_lvl+0x4fb/0x550
[  271.105964][ T6142]  ? ret_from_fork_asm+0x1a/0x30
[  271.110911][ T6142]  __warn+0x31b/0x4b0
[  271.114907][ T6142]  ? ip6_mr_output+0xe0b/0x1040
[  271.119813][ T6142]  ? ip6_mr_output+0xe0b/0x1040
[  271.124689][ T6142]  report_bug+0x2be/0x4f0
[  271.129058][ T6142]  ? ip6_mr_output+0xe0b/0x1040
[  271.133959][ T6142]  ? ip6_mr_output+0xe0b/0x1040
[  271.138954][ T6142]  ? ip6_mr_output+0xe0d/0x1040
[  271.143823][ T6142]  handle_bug+0x84/0x160
[  271.148092][ T6142]  exc_invalid_op+0x1a/0x50
[  271.152725][ T6142]  asm_exc_invalid_op+0x1a/0x20
[  271.157577][ T6142] RIP: 0010:ip6_mr_output+0xe0b/0x1040
[  271.163244][ T6142] Code: f7 49 bd 00 00 00 00 00 fc ff df 48 8b 74 24 38 45 31 f6 31 ff ba 02 00 00 00 e8 80 18 1b ff e9 a7 fd ff ff e8 f6 cb 94 f7 90 <0f> 0b 90 e9 c7 f3 ff ff e8 e8 cb 94 f7 90 0f 0b 90 43 80 3c 2e 00
[  271.183301][ T6142] RSP: 0018:ffffc9000b28f3e0 EFLAGS: 00010293
[  271.189515][ T6142] RAX: ffffffff8a2b827a RBX: 0000000000000000 RCX: ffff88802a198000
[  271.197517][ T6142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  271.205507][ T6142] RBP: ffffc9000b28f658 R08: ffffc9000b28f5c7 R09: 0000000000000000
[  271.213487][ T6142] R10: ffffc9000b28f570 R11: fffff52001651eb9 R12: 1ffff92001651e8c
[  271.221805][ T6142] R13: dffffc0000000000 R14: ffffc9000b28f570 R15: ffff888051147dc0
[  271.229795][ T6142]  ? ip6_mr_output+0xe0a/0x1040
[  271.234952][ T6142]  ? __pfx_ip6t_do_table+0x10/0x10
[  271.240117][ T6142]  ? __pfx_ip6_mr_output+0x10/0x10
[  271.245366][ T6142]  ? __ip6_local_out+0x609/0x870
[  271.250333][ T6142]  ? __ip6_local_out+0x82c/0x870
[  271.255283][ T6142]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  271.260765][ T6142]  ? __ip6_local_out+0x609/0x870
[  271.266261][ T6142]  ? __lock_acquire+0xab9/0xd20
[  271.271153][ T6142]  ? udp6_set_csum+0x995/0xee0
[  271.275949][ T6142]  ? skb_dst+0x4f/0xd0
[  271.280077][ T6142]  ? dst_output+0x177/0x1c0
[  271.284783][ T6142]  udp_tunnel6_xmit_skb+0x640/0xad0
[  271.290059][ T6142]  send6+0x5ac/0x8d0
[  271.294023][ T6142]  ? send6+0x220/0x8d0
[  271.298133][ T6142]  ? __pfx_send6+0x10/0x10
[  271.302602][ T6142]  ? wg_socket_send_buffer_to_peer+0x13b/0x1c0
[  271.308781][ T6142]  wg_socket_send_skb_to_peer+0x111/0x1d0
[  271.314526][ T6142]  wg_packet_handshake_send_worker+0x1db/0x320
[  271.320690][ T6142]  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
[  271.327385][ T6142]  ? _raw_spin_unlock_irq+0x23/0x50
[  271.332771][ T6142]  ? process_scheduled_works+0x9ef/0x17b0
[  271.338532][ T6142]  ? process_scheduled_works+0x9ef/0x17b0
[  271.344548][ T6142]  process_scheduled_works+0xae1/0x17b0
[  271.350120][ T6142]  ? __pfx_process_scheduled_works+0x10/0x10
[  271.356198][ T6142]  worker_thread+0x8a0/0xda0
[  271.361002][ T6142]  kthread+0x70e/0x8a0
[  271.365102][ T6142]  ? __pfx_worker_thread+0x10/0x10
[  271.370357][ T6142]  ? __pfx_kthread+0x10/0x10
[  271.375470][ T6142]  ? _raw_spin_unlock_irq+0x23/0x50
[  271.380685][ T6142]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.385965][ T6142]  ? __pfx_kthread+0x10/0x10
[  271.390562][ T6142]  ret_from_fork+0x3fc/0x770
[  271.395407][ T6142]  ? __pfx_ret_from_fork+0x10/0x10
[  271.400571][ T6142]  ? __switch_to_asm+0x39/0x70
[  271.405338][ T6142]  ? __switch_to_asm+0x33/0x70
[  271.410118][ T6142]  ? __pfx_kthread+0x10/0x10
[  271.414945][ T6142]  ret_from_fork_asm+0x1a/0x30
[  271.419839][ T6142]  </TASK>
[  271.423271][ T6142] Kernel Offset: disabled
[  271.427615][ T6142] Rebooting in 86400 seconds..